type touchreport, domain;
type touchreport_exec, exec_type, file_type, vendor_file_type;

init_daemon_domain(touchreport)

allow touchreport input_device:chr_file rw_file_perms;
allow touchreport input_device:dir r_dir_perms;
allow touchreport proc_tp_file:file { open read write };
allow touchreport proc_tp_lockdown:file { open read write };
allow touchreport self:cap_userns sys_nice;
allow touchreport self:capability sys_nice;
allow touchreport self:tcp_socket { create getattr getopt read setopt write };
allow touchreport self:udp_socket { create getattr getopt read setopt write };
allow touchreport sysfs_touch_hostprocess:file rw_file_perms;
allow touchreport sysfs_touch_hostprocess:file { open read write };
allow touchreport sysfs_touch_suspend:file rw_file_perms;
allow touchreport sysfs_touch_suspend:file { open read write };
allow touchreport sysfs_tp_virtual_prox:file rw_file_perms;
allow touchreport sysfs_tp_virtual_prox:file { open read write };
allow touchreport touchfeature_device:chr_file rw_file_perms;
allow touchreport touchfeature_device:file { getattr map read };
allow touchreport touchreport_exec:file entrypoint;
allow touchreport uhid_device:chr_file rw_file_perms;
allow touchreport vendor_data_touchreport_file:dir { add_name read remove_name search watch write };
allow touchreport vendor_data_touchreport_file:file { create getattr open read rename setattr unlink write };
allow touchreport vendor_firmware_file:dir r_dir_perms;
allow touchreport vendor_firmware_file:dir search;
allow touchreport vendor_firmware_file:file r_file_perms;
allow touchreport vendor_sysfs_graphics:file { open read };

recovery_only(`
userdebug_or_eng(`
permissive touchreport;
')
')