134 lines
4.5 KiB
Plaintext
134 lines
4.5 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ============
|
|
|
|
allow radio custom_file:dir getattr;
|
|
#violate never allow rule
|
|
#allow radio device:chr_file { read write ioctl open getattr };
|
|
allow radio dm_agent_binder:binder call;
|
|
allow radio rild2_socket:sock_file write;
|
|
allow radio rild3_socket:sock_file write;
|
|
allow radio rild4_socket:sock_file write;
|
|
allow radio rild_via_socket:sock_file write;
|
|
allow radio rild_md2_socket:sock_file write;
|
|
allow radio sdcard_internal:dir { write create add_name };
|
|
allow radio sdcard_internal:file { read write getattr open create };
|
|
##violate never allow rule
|
|
#allow radio sysfs:file write;
|
|
##violate never allow rule
|
|
#allow radio system_data_file:file append;
|
|
allow radio zygote:unix_stream_socket { getopt getattr };
|
|
|
|
# Date : WK14.36
|
|
# Operation : Migration
|
|
# Purpose : for mtkrild and viarild
|
|
allow radio mtkrild:unix_stream_socket connectto;
|
|
allow radio mtkrildmd2:unix_stream_socket connectto;
|
|
allow radio statusd:unix_stream_socket connectto;
|
|
|
|
# Date : WK14.38 2014/09/16
|
|
# Operation : Migration
|
|
# Purpose : for engineermode
|
|
allow radio mediatek_prop:property_service set;
|
|
allow radio em_svr:unix_stream_socket connectto;
|
|
allow radio mt_otg_test_device:chr_file { read write ioctl open };
|
|
allow radio mtgpio_device:chr_file { read ioctl open };
|
|
allow radio platformblk_device:dir search;
|
|
allow radio stpbt_device:chr_file { read write open };
|
|
allow radio stpant_device:chr_file { read write open };
|
|
allow radio bt_int_adp_socket:sock_file write;
|
|
allow radio mtkbt:unix_dgram_socket sendto;
|
|
allow radio guiext-server:binder { transfer call };
|
|
allow radio persist_ril_prop:property_service set;
|
|
allow radio mt6605_device:chr_file { read write ioctl open getattr };
|
|
allow radio nfc_socket:dir { write add_name remove_name search };
|
|
allow radio nfc_socket:sock_file { create write unlink setattr };
|
|
allow radio system_prop:property_service set;
|
|
|
|
# Date: wk14.40
|
|
# Operation : SQC
|
|
# Purpose : [ALPS01756200] wwop boot up fail
|
|
allow radio custom_file:dir { search getattr open read };
|
|
allow radio custom_file:file { read open getattr};
|
|
|
|
# C2K System Property
|
|
allow radio cdma_prop:property_service set;
|
|
|
|
# Date : 2014/10/13
|
|
# Operation : IT
|
|
# Purpose : mtk_agpsd establishes the local socket as agpsd for all A-GPS
|
|
# application to do something with mtk_agpsd
|
|
unix_socket_connect(radio, agpsd, mtk_agpsd)
|
|
|
|
# Date : 2014/10/14
|
|
# Operation : IT
|
|
# Purpose : for IMSA connect to volte_imsa1 provided by imcb process
|
|
unix_socket_connect(radio, volte_imsa1, volte_imcb)
|
|
|
|
# Date : 2014/10/16
|
|
# Operation : IT
|
|
# Purpose : for TTLIA apk connect to rild_atci by mtkrild process
|
|
allow radio rild_atci_socket:sock_file write;
|
|
|
|
# Date : 2014/10/17
|
|
# Operation : IT
|
|
# Purpose : Talks to ril-3gddaemon via the rild-dongle socket.
|
|
unix_socket_connect(radio, rild-dongle, ril-3gddaemon)
|
|
|
|
# Date : 2014/10/20
|
|
# Operation : IT
|
|
# Purpose : enable ATCId in engineer mode.
|
|
allow radio ctl_atcid-daemon-u_prop:property_service set;
|
|
allow radio ctl_atci_service_prop:property_service set;
|
|
allow radio persist_service_atci_prop:property_service set;
|
|
|
|
# Date : 2014/11/05
|
|
# Operation : IT
|
|
# Purpose : for IMS_RILA connect to rild_ims provided by mtkrild process
|
|
unix_socket_connect(radio, rild_ims, mtkrild)
|
|
|
|
# Purpose : allow to access kpd driver file
|
|
allow radio sysfs_keypad_file:dir { open write };
|
|
allow radio sysfs_keypad_file:file { open write };
|
|
|
|
# Date : 2014/12/13
|
|
# Operation : IT
|
|
# Purpose : for bluetooth relayer mode
|
|
allow radio block_device:dir search;
|
|
allow radio ttyGS_device:chr_file { open read write ioctl };
|
|
|
|
# Date : 2014/12/26
|
|
# Operation : IT
|
|
# Purpose : for engineermode sensor can work normal
|
|
allow radio als_ps_device:chr_file { read open ioctl };
|
|
|
|
# Date : 2015/01/20
|
|
# Operation : IT
|
|
# Purpose : for engineermode Usb PHY Tuning
|
|
allow radio debugfs:file { read getattr };
|
|
|
|
# Date : 2015/01/21
|
|
# Operation : IT
|
|
# Purpose : C2K rild
|
|
allow radio rild_atci_md2_socket:sock_file write;
|
|
allow radio rild_atci_c2k_socket:sock_file write;
|
|
|
|
# Date : WK15.05 2015/01/26
|
|
# Operation : IT
|
|
# Purpose : for engineermode camera
|
|
allow radio debug_prop:property_service set;
|
|
|
|
# Date : 2015/04/11
|
|
# Operation : VT development
|
|
# Purpose : for VT usage
|
|
allow radio vtservice:binder call;
|
|
allow radio vtservice:binder transfer;
|
|
allow vtservice self:capability dac_override;
|
|
allow vtservice soc_vt_svc_socket:sock_file write;
|
|
allow vtservice soc_vt_tcv_socket:sock_file write;
|
|
allow vtservice platform_app:binder call;
|
|
allow vtservice system_server:binder call;
|
|
allow vtservice fuse:dir write;
|
|
allow vtservice surfaceflinger:fd use;
|
|
allow vtservice tmpfs:lnk_file read;
|