typeattribute servicemanager coredomain;

init_daemon_domain(servicemanager)

selinux_check_access(servicemanager)

# Note that we do not use the binder_* macros here.
# servicemanager is unique in that it only provides
# name service (aka context manager) for Binder.
# As such, it only ever receives and transfers other references
# created by other domains.  It never passes its own references
# or initiates a Binder IPC.
allow servicemanager self:binder set_context_mgr;
allow servicemanager {
  domain
  -init
  -vendor_init
}:binder transfer;

allow servicemanager service_contexts_file:file r_file_perms;

allow servicemanager vendor_service_contexts_file:file r_file_perms;

add_service(servicemanager, service_manager_service)

set_prop(servicemanager, ctl_interface_start_prop)
set_prop(servicemanager, servicemanager_prop)

# servicemanager is using bootstrap bionic
use_bootstrap_libs(servicemanager)

# servicemanager is using apex_info via libvintf
use_apex_info(servicemanager)