# Allow access to the HALs
hal_client_domain(hal_fingerprint_default, vendor_hal_perf)

# Allow binder communication with vendor_hal_perf_default
binder_call(hal_fingerprint_default, vendor_hal_perf_default)

allow hal_fingerprint_default fingerprint_data_file:dir rw_dir_perms;
allow hal_fingerprint_default fingerprint_data_file:file create_file_perms;

allow hal_fingerprint_default {
  fingerprint_device
  input_device
  tee_device
  uhid_device
}: chr_file rw_file_perms;

allow hal_fingerprint_default self:netlink_socket create_socket_perms_no_ioctl;

allow hal_fingerprint_default {
  input_device
  vendor_sysfs_graphics
  sysfs_msm_subsys
}: dir r_dir_perms;

allow hal_fingerprint_default {
  vendor_sysfs_fingerprint
  vendor_sysfs_graphics
  sysfs_msm_subsys
}: file rw_file_perms;

r_dir_file(hal_fingerprint_default, firmware_file)

get_prop(system_server, vendor_fp_prop);

set_prop(hal_fingerprint_default, vendor_fp_prop)

allow hal_fingerprint_default vendor_sysfs_spss:dir { search };
allow hal_fingerprint_default vendor_sysfs_spss:file { open read };