# Car watchdog server
typeattribute carwatchdogd coredomain;
typeattribute carwatchdogd mlstrustedsubject;

type carwatchdogd_exec, exec_type, file_type, system_file_type;

init_daemon_domain(carwatchdogd)
add_service(carwatchdogd, carwatchdogd_service)
binder_use(carwatchdogd)
binder_service(carwatchdogd)

# Configration to communicate with VHAL
hwbinder_use(carwatchdogd)
get_prop(carwatchdogd, hwservicemanager_prop)
hal_client_domain(carwatchdogd, hal_vehicle)

# Scan through /proc/pid for all processes
r_dir_file(carwatchdogd, domain)

# Read /proc/uid_io/stats
allow carwatchdogd proc_uid_io_stats:file r_file_perms;

# Read /proc/stat file
allow carwatchdogd proc_stat:file r_file_perms;

# Read /proc/diskstats file
allow carwatchdogd proc_diskstats:file r_file_perms;

# List HALs to get pid of vehicle HAL.
allow carwatchdogd hwservicemanager:hwservice_manager list;