blob: 2403ad3517937cf6957f2e51287fc9096a6afffb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# ==============================================
# MTK Policy Rule
# ============
#Add by rui.hu
# Date : WK14.30
# Operation : DRM UT
# Purpose : To pass DRM UT
allow drmserver nvram_agent_binder:binder call;
allow drmserver platform_app:dir search;
allow drmserver platform_app:file { read getattr open };
allow drmserver property_socket:sock_file write;
allow drmserver radio_data_file:file { read getattr open };
allow drmserver sdcard_internal:file open;
allow drmserver tmpfs:lnk_file read;
#Add by rui.hu
# Date : WK14.36
# Operation : DRM UT
# Purpose : Make drmserver and binder read /proc/pid/cmdline to get process name
#system app to drmserver
allow drmserver system_app:dir search;
allow drmserver system_app:file { read open getattr };
#Mediaserver to drmserver
allow drmserver mediaserver:dir search;
allow drmserver mediaserver:file { read open getattr };
#Add by rui.hu
# Date : WK14.36.5
# Operation : DRM UT
# Purpose : Make widevine mediacodec mode work
allow drmserver untrusted_app:dir search;
allow drmserver untrusted_app:file { read open getattr };
#Add by rui.hu
# Date : WK14.40.1
# Operation : DRM SQC - play OMA DRM audio file failed
# Purpose : Make OMA DRM audio file can be played
allow drmserver radio_data_file:dir search;
#Add by rui.hu
# Date : WK14.44.2
# Operation : DRM SQC - view image failed
# Purpose : To fix ALPS01790300
allow drmserver surfaceflinger:fd use;
#Add by rui.hu
# Date : WK14.44.3
# Operation : MTBF test fail
# Purpose : To fix ALPS01793801
allow drmserver mediaserver:fifo_file read;
#Add by rui.hu
# Date : WK14.46.4
# Operation : DRM SQC - view image failed
# Purpose : To fix ALPS01822176
allow drmserver mediaserver:fifo_file write;
# Date : WK14.52
# Operation : WVL1 IT
# Purpose : SVP module operates secmem driver and SVP module operate tee
allow drmserver mobicore:unix_stream_socket connectto;
allow drmserver mobicore_data_file:file { read getattr open lock};
allow drmserver mobicore_data_file:dir search;
allow drmserver mobicore_user_device:chr_file { read write ioctl open };
allow drmserver persist_data_file:file { read getattr open };
allow drmserver persist_data_file:dir search;
allow drmserver proc_secmem:file { read write ioctl open };
# Date : WK15.07
# Operation : DRM SQC
# Purpose : For gmo project, low memory kill
allow drmserver platform_app_tmpfs:file write;
|
