binder_call(hal_fingerprint_default, qfp-daemon)
binder_use(hal_fingerprint_default)

# Allow hal_fingerprint_default to open firmware images
r_dir_file(hal_fingerprint_default, firmware_file)

allow hal_fingerprint_default iqfp_service:service_manager find;

allow hal_fingerprint_default fingerprintd_data_file:file create_file_perms;
allow hal_fingerprint_default fingerprintd_data_file:dir rw_dir_perms;
allow hal_fingerprint_default fpc_data_file:dir rw_dir_perms;
allow hal_fingerprint_default fpc_data_file:file create_file_perms;
allow hal_fingerprint_default fpc_data_file:sock_file { create unlink };
allow hal_fingerprint_default sysfs_fpc:dir r_dir_perms;
allow hal_fingerprint_default sysfs_fpc:file rw_file_perms;
allow hal_fingerprint_default sysmatdrv_device:chr_file w_file_perms;
allow hal_fingerprint_default tee_device:chr_file rw_file_perms;
allow hal_fingerprint_default uhid_device:chr_file rw_file_perms;

# Ignore all logging requests
dontaudit hal_fingerprint_default storage_file:dir search;