121 lines
3.1 KiB
Plaintext
121 lines
3.1 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
type dhcp6s_exec,exec_type,file_type;
|
|
|
|
|
|
# Date : WK14.34
|
|
# Operation : Migration
|
|
# Purpose : wifi
|
|
allow netd wmtWifi_device:chr_file { write open };
|
|
|
|
allow netd kernel:system module_request;
|
|
allow netd self:capability sys_module;
|
|
allow netd self:capability fsetid;
|
|
|
|
|
|
# Date : WK14.34
|
|
# Operation : Migration
|
|
# Purpose : property_service for wifi
|
|
allow netd mtk_wifi_prop:property_service set;
|
|
|
|
|
|
# Date : WK14.34
|
|
# Operation : Migration
|
|
# Purpose : APP
|
|
allow netd platform_app:fd use;
|
|
allow netd platform_app_tmpfs:file write;
|
|
|
|
|
|
# Date : WK14.37
|
|
# Operation : Migration
|
|
# Purpose : PPPOE Test
|
|
allow netd ppp:process sigkill;
|
|
|
|
# Date : WK14.39
|
|
# Operation : Migration
|
|
# Purpose : MDLogger USB logging
|
|
allow netd mdlogger:fd use;
|
|
allow netd mdlogger:tcp_socket { read write };
|
|
allow netd mdlogger:tcp_socket { getopt setopt };
|
|
|
|
# Date : WK14.41
|
|
# Operation : Migration
|
|
# Purpose : network logging
|
|
allow netd netdiag:fd use;
|
|
allow netd netdiag:udp_socket { read write getopt setopt};
|
|
|
|
|
|
# Date : WK14.41
|
|
# Operation : Migration
|
|
# Purpose : ipv6 Tethering Test
|
|
#============= netd ==============
|
|
allow netd dhcp6s_exec:file execute;
|
|
allow netd dhcp_data_file:dir { read search write add_name remove_name };
|
|
allow netd dhcp_data_file:file { read write create open getattr unlink};
|
|
|
|
allow netd radvd_data_file:dir { read write search add_name remove_name};
|
|
allow netd radvd_data_file:file { read write create open unlink};
|
|
|
|
allow netd self:capability { setuid net_bind_service setgid };
|
|
allow netd wide_dhcpv6_data_file:dir { read search write add_name remove_name};
|
|
allow netd wide_dhcpv6_data_file:file { read write create open getattr unlink};
|
|
|
|
# Date : WK14.42
|
|
# Operation : Migration
|
|
# Purpose : for VoLTE L early bring up and first call
|
|
allow netd volte_stack:fd use;
|
|
allow netd volte_stack:tcp_socket { read write setopt getopt };
|
|
allow netd volte_stack:udp_socket { read write setopt getopt };
|
|
|
|
# Date : WK14.42
|
|
# Operation : Migration
|
|
# Purpose : ALPS01774455[Need Patch] [Sanity Fail][95E2 L][WFD][EE]EE occur when connect dongle1
|
|
allow netd device:file { open write };
|
|
|
|
|
|
# Date : WK14.44
|
|
# Operation : Migration
|
|
# Purpose : ALPS01789552
|
|
#============= netd ==============
|
|
allow netd self:capability { setuid setgid };
|
|
|
|
|
|
#============= netd ==============
|
|
allow netd isolated_app_tmpfs:file write;
|
|
|
|
# Date : W14.52
|
|
# Operation : Migration
|
|
# Purpose : add ePDG support
|
|
allow netd ipsec:fd use;
|
|
allow netd ipsec:tcp_socket { read write setopt getopt };
|
|
|
|
#============= netd ==============
|
|
allow netd untrusted_app:fd use;
|
|
allow netd untrusted_app_tmpfs:file write;
|
|
|
|
#============= netd ==============
|
|
# Date : W14.53
|
|
# Operation : Migration
|
|
# Purpose : For volte_imcb ut
|
|
allow netd volte_imcb:fd use;
|
|
allow netd volte_imcb:tcp_socket { read write };
|
|
allow netd volte_imcb:tcp_socket getopt;
|
|
allow netd volte_imcb:tcp_socket setopt;
|
|
|
|
|
|
# Date : W15.02
|
|
# Operation : SQC
|
|
# Purpose : CTS for wifi
|
|
allow netd untrusted_app:unix_stream_socket { read write getopt setopt};
|
|
|
|
allow netd isolated_app:fd use;
|
|
|
|
|
|
#============= netd ==============
|
|
allow netd radio_tmpfs:file write;
|
|
|
|
|
|
|