type composd, domain, coredomain;
type composd_exec, system_file_type, exec_type, file_type;

# Host dynamic AIDL services
init_daemon_domain(composd)
binder_use(composd)
add_service(composd, compos_service)
add_service(composd, compos_internal_service)

# Call back into system server
binder_call(composd, system_server)

# Start a VM
virtualizationservice_use(composd)

# Access our APEX data files
allow composd apex_module_data_file:dir search;
allow composd apex_compos_data_file:dir create_dir_perms;
allow composd apex_compos_data_file:file create_file_perms;

# TODO(b/205750213): Removed these when we run odrefresh in the VM
# Run odrefresh to refresh ART artifacts, and kill it if we need to
domain_auto_trans(composd, odrefresh_exec, odrefresh)
allow composd odrefresh:process sigkill;