diff options
Diffstat (limited to 'sepolicy/platform_app.te')
| -rwxr-xr-x | sepolicy/platform_app.te | 177 |
1 files changed, 177 insertions, 0 deletions
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te new file mode 100755 index 0000000..7b97354 --- /dev/null +++ b/sepolicy/platform_app.te @@ -0,0 +1,177 @@ +# ============================================== +# MTK Policy Rule +# ============================================== + +# permissive platform_app; + +# Date : 2014/07/22 +# Operation : Migration +# Purpose : mtk_agpsd establishes the local socket as agpsd for all A-GPS +# application to do something with mtk_agpsd +unix_socket_connect(platform_app, agpsd, mtk_agpsd); + +# Date : 2014/08/21 +# Operation : Migration +# Purpose : FMRadio enable driver access permission for fmradio hardware device +# Package: com.mediatek.fmradio +allow platform_app fm_device:chr_file rw_file_perms; + +# Date: 2014/08/22 +# Operation: Migration +# Purpose: enable drawing picture/texture in OpenGl environment for gallery3d +# Package: com.android.gallery3d +allow platform_app init:binder transfer; +# add debugfs policy for MMProfile +allow platform_app debugfs:file { read ioctl }; + +# Date: 2014/09/05 +# Operation: FullUT +# Purpose: [SystemUI] [Bind to guiext-server for updating view][path:hardware/gui_ext/] +# Package: com.android.systemui +allow platform_app guiext-server:binder { transfer call }; + +# Date : 2014/09/11 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with netdiag +# Package: com.mediatek.mtklogger +allow platform_app netdiag_socket:sock_file write; + +# Date : 2014/09/11 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with netdiag +# Package: com.mediatek.mtklogger +allow platform_app netdiag:unix_stream_socket connectto; + +# Date : 2014/09/11 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with mobile_log_d +# Package: com.mediatek.mtklogger +allow platform_app mobile_log_d:unix_stream_socket connectto; + +# Date : 2014/09/11 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with mdlogger +# Package: com.mediatek.mtklogger +allow platform_app mdlogger:unix_stream_socket connectto; + +# Date : 2014/09/18 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with emdlogger +# Package: com.mediatek.mtklogger +allow platform_app emdlogger:unix_stream_socket connectto; + + +# Date : 2014/09/23 +# Operation : Migration +# Purpose : camera process need to read cpu temperature from /proc/mtktz/mtktscpu path +# Package: com.android.gallery3d +allow platform_app proc_mtktz:dir search; +allow platform_app proc_mtktz:file read; + +# Date : 2014/09/26 +# Operation : Migration +# Purpose : camera app need to r/w camera_isp_device file for lomo effect +# Package: com.android.gallery3d +allow platform_app camera_isp_device:chr_file rw_file_perms; + +# Date : 2014/10/17 +# Operation : Migration +# Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device +# Package: com.mediatek.mtklogger +allow platform_app ttySDIO_device:chr_file rw_file_perms; + +# Date : 2014/10/21 +# Operation : SQC +# Purpose : [ALPS01772746] Permission denied for backup App data +# Package: com.mediatek.backuprestore +unix_socket_connect(platform_app, backuprestore, br_app_data_service); +# Date : 2014/10/23 +# Operation : Migration +# Purpose : stress suspend resume test +# Package: Suspend Resume +allow platform_app mtk_kpd_device:chr_file rw_file_perms; + +# Date : 2014/10/27 +# Operation : SQC +# Purpose : [ALPS01785313] Permission denied for dump hprof +# Package: com.android.gallery3d +allow platform_app anr_data_file:file rw_file_perms; + +# Date : 2014/10/28 +# Operation : hs_xiangxu +# Purpose : [ALPS01782971]Settings need read&write to system_app_data_file +# Package: com.android.settings +allow platform_app system_app_data_file:file {read write}; + +# Date : 2014/10/28 +# Operation : Migration +# Purpose : [VoiceWakeup][allow VoiceCommand to do something with vow device] +# Package: com.mediatek.voicecommand +allow platform_app vow_device:chr_file rw_file_perms; + +# Date : WK14.46 +# Operation : Migration +# Purpose : for MTK Emulator HW GPU +allow platform_app qemu_pipe_device:chr_file rw_file_perms; + +# Date : 2014/11/14 +# Operation: SQC +# Purpose: [ALPS01824827][SystemUI] [RenderThread][open device file failed] +# Package: com.android.systemui +allow platform_app proc_secmem:file r_file_perms; + +# Date : 2014/11/14 +# Operation : Migration +# Purpose : MTKLogger need update md config file in data for mode changed +# Package: com.mediatek.mtklogger +allow platform_app mdlog_data_file:file rw_file_perms; +allow platform_app mdlog_data_file:dir rw_dir_perms; + +# Date : 2014/11/17 +# Operation : Migration +# Purpose : Gallery needs to access video codec to encode motion track video +# Package: com.android.gallery3d +allow platform_app Vcodec_device:chr_file { read write ioctl open }; + +# Date : 2014/11/17 +# Operation : Migration +# Purpose : AALTool to access /dev/als_ps for light sensor calibration +# Package: com.mediatek.aaltool +allow platform_app als_ps_device:chr_file { read open ioctl }; + +# Date : 2014/11/19 +# Operation : Migration +# Purpose : FileManager can access attribute of file execute +# Package: com.mediatek.filemanager +allow platform_app fuse:file execute; + +# Date : 2014/11/21 +# Operation : Migration +# Purpose : Gallery needs to search radio data when send mms +# Package: com.android.gallery3d +allow platform_app radio_data_file:dir search; + +# Date : 2014/12/07 +# Operation : Migration +# Purpose : MTKLogger need setup local socket with cmddumper +# Package: com.mediatek.mtklogger +allow platform_app init:unix_stream_socket connectto; +allow platform_app cmddumper:unix_stream_socket connectto; + +# Date : 2014/12/30 +# Operation : TUI Migration +# Purpose : TUI service need to access tui device driver +# Package: com.trustonic.tuiservice.TuiService +allow platform_app mobicore_tui_device:chr_file { read open ioctl }; + +# Date : 2015/01/13 +# Operation : New feature for GPS Log +# Purpose : MTKLogger need setup local socket with mnld +# Package: com.mediatek.mtklogger +allow platform_app mnld:unix_stream_socket connectto; + +# silead +allow platform_app silead_fp_dev_device:chr_file {open read write ioctl}; +allow platform_app init_tmpfs:file {open read write}; +allow platform_app tmpfs:dir {mounton read write}; +allow platform_app init_tmpfs:file getattr; |