blob: 7b97354235d93968ac2f8415e03a9488e6ed49a1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
# ==============================================
# MTK Policy Rule
# ==============================================
# permissive platform_app;
# Date : 2014/07/22
# Operation : Migration
# Purpose : mtk_agpsd establishes the local socket as agpsd for all A-GPS
# application to do something with mtk_agpsd
unix_socket_connect(platform_app, agpsd, mtk_agpsd);
# Date : 2014/08/21
# Operation : Migration
# Purpose : FMRadio enable driver access permission for fmradio hardware device
# Package: com.mediatek.fmradio
allow platform_app fm_device:chr_file rw_file_perms;
# Date: 2014/08/22
# Operation: Migration
# Purpose: enable drawing picture/texture in OpenGl environment for gallery3d
# Package: com.android.gallery3d
allow platform_app init:binder transfer;
# add debugfs policy for MMProfile
allow platform_app debugfs:file { read ioctl };
# Date: 2014/09/05
# Operation: FullUT
# Purpose: [SystemUI] [Bind to guiext-server for updating view][path:hardware/gui_ext/]
# Package: com.android.systemui
allow platform_app guiext-server:binder { transfer call };
# Date : 2014/09/11
# Operation : Migration
# Purpose : MTKLogger need setup local socket with netdiag
# Package: com.mediatek.mtklogger
allow platform_app netdiag_socket:sock_file write;
# Date : 2014/09/11
# Operation : Migration
# Purpose : MTKLogger need setup local socket with netdiag
# Package: com.mediatek.mtklogger
allow platform_app netdiag:unix_stream_socket connectto;
# Date : 2014/09/11
# Operation : Migration
# Purpose : MTKLogger need setup local socket with mobile_log_d
# Package: com.mediatek.mtklogger
allow platform_app mobile_log_d:unix_stream_socket connectto;
# Date : 2014/09/11
# Operation : Migration
# Purpose : MTKLogger need setup local socket with mdlogger
# Package: com.mediatek.mtklogger
allow platform_app mdlogger:unix_stream_socket connectto;
# Date : 2014/09/18
# Operation : Migration
# Purpose : MTKLogger need setup local socket with emdlogger
# Package: com.mediatek.mtklogger
allow platform_app emdlogger:unix_stream_socket connectto;
# Date : 2014/09/23
# Operation : Migration
# Purpose : camera process need to read cpu temperature from /proc/mtktz/mtktscpu path
# Package: com.android.gallery3d
allow platform_app proc_mtktz:dir search;
allow platform_app proc_mtktz:file read;
# Date : 2014/09/26
# Operation : Migration
# Purpose : camera app need to r/w camera_isp_device file for lomo effect
# Package: com.android.gallery3d
allow platform_app camera_isp_device:chr_file rw_file_perms;
# Date : 2014/10/17
# Operation : Migration
# Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device
# Package: com.mediatek.mtklogger
allow platform_app ttySDIO_device:chr_file rw_file_perms;
# Date : 2014/10/21
# Operation : SQC
# Purpose : [ALPS01772746] Permission denied for backup App data
# Package: com.mediatek.backuprestore
unix_socket_connect(platform_app, backuprestore, br_app_data_service);
# Date : 2014/10/23
# Operation : Migration
# Purpose : stress suspend resume test
# Package: Suspend Resume
allow platform_app mtk_kpd_device:chr_file rw_file_perms;
# Date : 2014/10/27
# Operation : SQC
# Purpose : [ALPS01785313] Permission denied for dump hprof
# Package: com.android.gallery3d
allow platform_app anr_data_file:file rw_file_perms;
# Date : 2014/10/28
# Operation : hs_xiangxu
# Purpose : [ALPS01782971]Settings need read&write to system_app_data_file
# Package: com.android.settings
allow platform_app system_app_data_file:file {read write};
# Date : 2014/10/28
# Operation : Migration
# Purpose : [VoiceWakeup][allow VoiceCommand to do something with vow device]
# Package: com.mediatek.voicecommand
allow platform_app vow_device:chr_file rw_file_perms;
# Date : WK14.46
# Operation : Migration
# Purpose : for MTK Emulator HW GPU
allow platform_app qemu_pipe_device:chr_file rw_file_perms;
# Date : 2014/11/14
# Operation: SQC
# Purpose: [ALPS01824827][SystemUI] [RenderThread][open device file failed]
# Package: com.android.systemui
allow platform_app proc_secmem:file r_file_perms;
# Date : 2014/11/14
# Operation : Migration
# Purpose : MTKLogger need update md config file in data for mode changed
# Package: com.mediatek.mtklogger
allow platform_app mdlog_data_file:file rw_file_perms;
allow platform_app mdlog_data_file:dir rw_dir_perms;
# Date : 2014/11/17
# Operation : Migration
# Purpose : Gallery needs to access video codec to encode motion track video
# Package: com.android.gallery3d
allow platform_app Vcodec_device:chr_file { read write ioctl open };
# Date : 2014/11/17
# Operation : Migration
# Purpose : AALTool to access /dev/als_ps for light sensor calibration
# Package: com.mediatek.aaltool
allow platform_app als_ps_device:chr_file { read open ioctl };
# Date : 2014/11/19
# Operation : Migration
# Purpose : FileManager can access attribute of file execute
# Package: com.mediatek.filemanager
allow platform_app fuse:file execute;
# Date : 2014/11/21
# Operation : Migration
# Purpose : Gallery needs to search radio data when send mms
# Package: com.android.gallery3d
allow platform_app radio_data_file:dir search;
# Date : 2014/12/07
# Operation : Migration
# Purpose : MTKLogger need setup local socket with cmddumper
# Package: com.mediatek.mtklogger
allow platform_app init:unix_stream_socket connectto;
allow platform_app cmddumper:unix_stream_socket connectto;
# Date : 2014/12/30
# Operation : TUI Migration
# Purpose : TUI service need to access tui device driver
# Package: com.trustonic.tuiservice.TuiService
allow platform_app mobicore_tui_device:chr_file { read open ioctl };
# Date : 2015/01/13
# Operation : New feature for GPS Log
# Purpose : MTKLogger need setup local socket with mnld
# Package: com.mediatek.mtklogger
allow platform_app mnld:unix_stream_socket connectto;
# silead
allow platform_app silead_fp_dev_device:chr_file {open read write ioctl};
allow platform_app init_tmpfs:file {open read write};
allow platform_app tmpfs:dir {mounton read write};
allow platform_app init_tmpfs:file getattr;
|
