type hal_fod_kona, coredomain, domain;
hal_server_domain(hal_fod_kona, hal_lineage_fod)

type hal_fod_kona_exec, system_file_type, exec_type, file_type;
init_daemon_domain(hal_fod_kona)

# Allow access to the HALs
hal_client_domain(hal_fod_kona, hal_fingerprint)

# Allow binder communication with hal_display_default
binder_call(hal_fod_kona, hal_display_default)

# Allow binder communication with hal_fingerprint
binder_call(hal_fod_kona, hal_fingerprint)

# Allow hal_fod_kona to hal_display_hwservice
allow hal_fod_kona hal_display_hwservice:hwservice_manager find;

# Allow hal_fod_kona to hal_fingerprint_hwservice
allow hal_fod_kona hal_fingerprint_hwservice:hwservice_manager find;

# Allow hal_fod_kona to read and write to sysfs_fod
allow hal_fod_kona sysfs_fod:file rw_file_perms;