1 files changed, 38 insertions, 0 deletions

diff --git a/prebuilts/api/32.0/private/automotive_display_service.te b/prebuilts/api/32.0/private/automotive_display_service.te
new file mode 100644
index 000000000..d757a52e7
--- /dev/null
+++ b/prebuilts/api/32.0/private/automotive_display_service.te
@@ -0,0 +1,38 @@
+# Display proxy service for Automotive
+type automotive_display_service, domain, coredomain;
+type automotive_display_service_exec, system_file_type, exec_type, file_type;
+
+typeattribute automotive_display_service automotive_display_service_server;
+
+# Allow to add a display service to the manager
+add_hwservice(automotive_display_service, fwk_automotive_display_hwservice);
+
+# Allow init to launch automotive display service
+init_daemon_domain(automotive_display_service)
+
+# Allow to use Binder IPC for SurfaceFlinger.
+binder_use(automotive_display_service)
+
+# Allow to use HwBinder IPC for HAL implementations.
+hwbinder_use(automotive_display_service)
+hal_client_domain(automotive_display_service, hal_graphics_composer)
+hal_client_domain(automotive_display_service, hal_graphics_allocator)
+
+# Allow to read the target property.
+get_prop(automotive_display_service, hwservicemanager_prop)
+
+# Allow to find SurfaceFlinger.
+allow automotive_display_service surfaceflinger_service:service_manager find;
+
+# Allow client domain to do binder IPC to serverdomain.
+binder_call(automotive_display_service, surfaceflinger)
+
+# Allow to use a graphics mapper
+allow automotive_display_service hal_graphics_mapper_hwservice:hwservice_manager find;
+
+# Allow to use hidl token service
+allow automotive_display_service hidl_token_hwservice:hwservice_manager find;
+
+# Allow to access EGL files
+allow automotive_display_service gpu_device:chr_file rw_file_perms;
+allow automotive_display_service gpu_device:dir search;