drachfly
/
android10


			
				
					
						
						
							1234567891011121314151617
							# vndservicemanager - the Binder context manager for vendor processes
type vndservicemanager_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(vndservicemanager);

allow vndservicemanager self:binder set_context_mgr;

# transfer binder objects to other processes (TODO b/35870313 limit this to vendor-only)
allow vndservicemanager { domain -coredomain -init -vendor_init }:binder transfer;

allow vndservicemanager vndbinder_device:chr_file rw_file_perms;

# Read vndservice_contexts
allow vndservicemanager vndservice_contexts_file:file r_file_perms;

# Check SELinux permissions.
selinux_check_access(vndservicemanager)