type mm-pp-daemon, domain;
type mm-pp-daemon_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(mm-pp-daemon)

#Need to use fb/drm ioctls to communicate with kernel
allow mm-pp-daemon graphics_device:chr_file rw_file_perms;
allow mm-pp-daemon graphics_device:dir r_dir_perms;

# Allow reading/writing data config files
allow mm-pp-daemon display_vendor_data_file:dir create_dir_perms;
allow mm-pp-daemon display_vendor_data_file:file create_file_perms;

# Rule for IPC communication
allow mm-pp-daemon qdisplay_service:service_manager find;
vndbinder_use(mm-pp-daemon)
hwbinder_use(mm-pp-daemon)
hal_client_domain(mm-pp-daemon, hal_graphics_composer)
allow mm-pp-daemon fwk_sensor_hwservice:hwservice_manager find;
binder_call(mm-pp-daemon, system_server)

# Allow mm-pp-daemon to change the brightness
allow mm-pp-daemon sysfs_leds:dir r_dir_perms;
allow mm-pp-daemon sysfs_leds:file rw_file_perms;
allow mm-pp-daemon sysfs_leds:lnk_file read;
r_dir_file(mm-pp-daemon, sysfs_leds)
allow mm-pp-daemon sysfs_graphics:dir r_dir_perms;
allow mm-pp-daemon sysfs_graphics:file rw_file_perms;