diff options
Diffstat (limited to 'sepolicy/mtkrildmd2.te')
| -rw-r--r-- | sepolicy/mtkrildmd2.te | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/sepolicy/mtkrildmd2.te b/sepolicy/mtkrildmd2.te new file mode 100644 index 0000000..030e329 --- /dev/null +++ b/sepolicy/mtkrildmd2.te @@ -0,0 +1,94 @@ +# ============================================== +# Policy File of /system/bin/mtkrildmd2 Executable File + + +# ============================================== +# Type Declaration +# ============================================== + +type mtkrildmd2_exec , exec_type, file_type; +type mtkrildmd2 ,domain; + + +# ============================================== +# MTK Policy Rule +# ============================================== + +init_daemon_domain(mtkrildmd2) +net_domain(mtkrildmd2) +allow mtkrildmd2 self:netlink_route_socket nlmsg_write; +allow mtkrildmd2 kernel:system module_request; +unix_socket_connect(mtkrildmd2, property, init) +allow mtkrildmd2 self:capability { setuid net_admin net_raw }; +allow mtkrildmd2 alarm_device:chr_file rw_file_perms; +allow mtkrildmd2 cgroup:dir create_dir_perms; +allow mtkrildmd2 radio_device:chr_file rw_file_perms; +allow mtkrildmd2 radio_device:blk_file r_file_perms; +allow mtkrildmd2 mtd_device:dir search; +allow mtkrildmd2 efs_file:dir create_dir_perms; +allow mtkrildmd2 efs_file:file create_file_perms; +allow mtkrildmd2 shell_exec:file rx_file_perms; +allow mtkrildmd2 bluetooth_efs_file:file r_file_perms; +allow mtkrildmd2 bluetooth_efs_file:dir r_dir_perms; +allow mtkrildmd2 radio_data_file:dir rw_dir_perms; +allow mtkrildmd2 radio_data_file:file create_file_perms; +allow mtkrildmd2 sdcard_type:dir r_dir_perms; +allow mtkrildmd2 system_data_file:dir r_dir_perms; +allow mtkrildmd2 system_data_file:file r_file_perms; +allow mtkrildmd2 system_file:file x_file_perms; +allow mtkrildmd2 proc:file write; +allow mtkrildmd2 proc_net:file write; +allow mtkrildmd2 eemcs_device:chr_file { read write }; +allow mtkrildmd2 eemcs_device:chr_file open; +allow mtkrildmd2 eemcs_device:chr_file ioctl; + +# property service +allow mtkrildmd2 radio_prop:property_service set; +allow mtkrildmd2 net_radio_prop:property_service set; +allow mtkrildmd2 system_radio_prop:property_service set; +allow mtkrildmd2 persist_ril_prop:property_service set; +auditallow mtkrildmd2 net_radio_prop:property_service set; +auditallow mtkrildmd2 system_radio_prop:property_service set; + +# Read/Write to uart driver (for GPS) +allow mtkrildmd2 gps_device:chr_file rw_file_perms; + +allow mtkrildmd2 tty_device:chr_file rw_file_perms; + +# Allow mtkrildmd2 to create and use netlink sockets. +allow mtkrildmd2 self:netlink_socket create_socket_perms; +allow mtkrildmd2 self:netlink_kobject_uevent_socket create_socket_perms; + +# Access to wake locks +wakelock_use(mtkrildmd2) + +allow mtkrildmd2 self:socket create_socket_perms; + +allow mtkrildmd2 Vcodec_device:chr_file { read write open }; +allow mtkrildmd2 devmap_device:chr_file { read ioctl open }; +allow mtkrildmd2 devpts:chr_file { read write open }; +allow mtkrildmd2 self:capability dac_override; + +allow mtkrildmd2 ccci_device:chr_file { read write ioctl open }; +allow mtkrildmd2 devpts:chr_file ioctl; +allow mtkrildmd2 misc_device:chr_file { read write open }; +allow mtkrildmd2 platformblk_device:blk_file { read write open }; +allow mtkrildmd2 proc_lk_env:file rw_file_perms; +allow mtkrildmd2 sysfs_vcorefs_pwrctrl:file { open write }; +allow mtkrildmd2 ril_active_md_prop:property_service set; +allow mtkrildmd2 ril_mux_report_case_prop:property_service set; +allow mtkrildmd2 ctl_muxreport-daemon_prop:property_service set; +allow mtkrildmd2 persist_service_atci_prop:property_service set; +allow mtkrildmd2 block_device:dir search; +allow mtkrildmd2 platformblk_device:dir search; +allow mtkrildmd2 emd_device:chr_file { read write open }; +allow mtkrildmd2 emd_device:chr_file ioctl; +allow mtkrildmd2 platform_app:fd use; +allow mtkrildmd2 radio:fd use; + +# For emulator +allow mtkrildmd2 qemu_pipe_device:chr_file { read write }; +allow mtkrildmd2 socket_device:sock_file write; + +allow mtkrildmd2 ttyACM_device:chr_file { read write ioctl open }; +allow mtkrildmd2 pppd_gprs_prop:property_service set; |