# Policy for the TimeKeep Java app. It listens to a BootReceiver
# or TIME_SET event and calculates the offset between the rtc clock
# in /sys/class/rtc0/since_epoch and the current device time and stores that
# value in /data/vendor/time/ats_2 and as persist.vendor.timeadjust.
type timekeep_app, domain;

app_domain(timekeep_app)

# Needed to get access to /data/data/com.sony.timekeep
# Only getattr and search are requested since TimeKeep does not write to its own directory
# /data/data/com.sony.timekeep only has two empty subdirs
dontaudit timekeep_app app_data_file:dir { getattr search };

allow timekeep_app activity_service:service_manager find;

# Read from /data/vendor/time/ats_2
allow timekeep_app time_data_file:dir create_dir_perms;
allow timekeep_app time_data_file:file create_file_perms;

# Read /sys/class/rtc/rtc0/since_epoch
allow timekeep_app sysfs_rtc:dir { search };
allow timekeep_app sysfs_rtc:{ file lnk_file } r_file_perms;

# Set the persist.vendor.timeadjust property
set_prop(timekeep_app, vendor_timekeep_prop)