type hal_ifaa_default, domain;
hal_server_domain(hal_ifaa_default, hal_ifaa)

type hal_ifaa_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_ifaa_default)

# Allow hwbinder call from hal client to server
binder_call(hal_ifaa_client, hal_ifaa_server)

# Add hwservice related rules
add_hwservice(hal_ifaa_server, hal_ifaa_hwservice)
allow hal_ifaa_client hal_ifaa_hwservice:hwservice_manager find;

#Allow access to tee device
allow hal_ifaa_server tee_device:chr_file rw_file_perms;

#Allow access to ion device
allow hal_ifaa_server ion_device:chr_file r_file_perms;