aboutsummaryrefslogtreecommitdiff
path: root/sepolicy/drmserver.te
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy/drmserver.te')
-rw-r--r--sepolicy/drmserver.te76
1 files changed, 76 insertions, 0 deletions
diff --git a/sepolicy/drmserver.te b/sepolicy/drmserver.te
new file mode 100644
index 0000000..2403ad3
--- /dev/null
+++ b/sepolicy/drmserver.te
@@ -0,0 +1,76 @@
+# ==============================================
+# MTK Policy Rule
+# ============
+
+#Add by rui.hu
+
+# Date : WK14.30
+# Operation : DRM UT
+# Purpose : To pass DRM UT
+
+allow drmserver nvram_agent_binder:binder call;
+allow drmserver platform_app:dir search;
+allow drmserver platform_app:file { read getattr open };
+allow drmserver property_socket:sock_file write;
+allow drmserver radio_data_file:file { read getattr open };
+allow drmserver sdcard_internal:file open;
+allow drmserver tmpfs:lnk_file read;
+
+#Add by rui.hu
+# Date : WK14.36
+# Operation : DRM UT
+# Purpose : Make drmserver and binder read /proc/pid/cmdline to get process name
+#system app to drmserver
+allow drmserver system_app:dir search;
+allow drmserver system_app:file { read open getattr };
+#Mediaserver to drmserver
+allow drmserver mediaserver:dir search;
+allow drmserver mediaserver:file { read open getattr };
+
+#Add by rui.hu
+# Date : WK14.36.5
+# Operation : DRM UT
+# Purpose : Make widevine mediacodec mode work
+allow drmserver untrusted_app:dir search;
+allow drmserver untrusted_app:file { read open getattr };
+
+#Add by rui.hu
+# Date : WK14.40.1
+# Operation : DRM SQC - play OMA DRM audio file failed
+# Purpose : Make OMA DRM audio file can be played
+allow drmserver radio_data_file:dir search;
+
+#Add by rui.hu
+# Date : WK14.44.2
+# Operation : DRM SQC - view image failed
+# Purpose : To fix ALPS01790300
+allow drmserver surfaceflinger:fd use;
+
+#Add by rui.hu
+# Date : WK14.44.3
+# Operation : MTBF test fail
+# Purpose : To fix ALPS01793801
+allow drmserver mediaserver:fifo_file read;
+
+#Add by rui.hu
+# Date : WK14.46.4
+# Operation : DRM SQC - view image failed
+# Purpose : To fix ALPS01822176
+allow drmserver mediaserver:fifo_file write;
+
+# Date : WK14.52
+# Operation : WVL1 IT
+# Purpose : SVP module operates secmem driver and SVP module operate tee
+allow drmserver mobicore:unix_stream_socket connectto;
+allow drmserver mobicore_data_file:file { read getattr open lock};
+allow drmserver mobicore_data_file:dir search;
+allow drmserver mobicore_user_device:chr_file { read write ioctl open };
+allow drmserver persist_data_file:file { read getattr open };
+allow drmserver persist_data_file:dir search;
+allow drmserver proc_secmem:file { read write ioctl open };
+
+# Date : WK15.07
+# Operation : DRM SQC
+# Purpose : For gmo project, low memory kill
+allow drmserver platform_app_tmpfs:file write;
+
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-14 04:48:17 +0000