# bootanimation oneshot service
type bootanim, domain;
type bootanim_exec, system_file_type, exec_type, file_type;

hal_client_domain(bootanim, hal_configstore)
hal_client_domain(bootanim, hal_graphics_allocator)
hal_client_domain(bootanim, hal_graphics_composer)

binder_use(bootanim)
binder_call(bootanim, surfaceflinger)
binder_call(bootanim, audioserver)

hwbinder_use(bootanim)

allow bootanim gpu_device:chr_file rw_file_perms;
allow bootanim gpu_device:dir r_dir_perms;
allow bootanim sysfs_gpu:file r_file_perms;

# /oem access
allow bootanim oemfs:dir r_dir_perms;
# boot animations on oem are stored with specific label
allow bootanim bootanim_oem_file:file r_file_perms;

allow bootanim audio_device:dir r_dir_perms;
allow bootanim audio_device:chr_file rw_file_perms;

allow bootanim audioserver_service:service_manager find;
allow bootanim surfaceflinger_service:service_manager find;
allow bootanim surfaceflinger:unix_stream_socket { read write };

# Allow access to ion memory allocation device
allow bootanim ion_device:chr_file rw_file_perms;

# Allow access to DMA-BUF system heap
allow bootanim dmabuf_system_heap_device:chr_file r_file_perms;

allow bootanim hal_graphics_allocator:fd use;

# Fences
allow bootanim hal_graphics_composer:fd use;

# Read access to pseudo filesystems.
allow bootanim proc_meminfo:file r_file_perms;

# System file accesses.
allow bootanim system_file:dir r_dir_perms;