blob: a94eaee1338cfbc397521275f2388c8767aa3be0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
# ==============================================
# MTK Policy Rule
# ==============================================
type dhcp6s_exec,exec_type,file_type;
# Date : WK14.34
# Operation : Migration
# Purpose : wifi
allow netd wmtWifi_device:chr_file { write open };
allow netd kernel:system module_request;
allow netd self:capability sys_module;
allow netd self:capability fsetid;
# Date : WK14.34
# Operation : Migration
# Purpose : property_service for wifi
allow netd mtk_wifi_prop:property_service set;
# Date : WK14.34
# Operation : Migration
# Purpose : APP
allow netd platform_app:fd use;
allow netd platform_app_tmpfs:file write;
# Date : WK14.37
# Operation : Migration
# Purpose : PPPOE Test
allow netd ppp:process sigkill;
# Date : WK14.39
# Operation : Migration
# Purpose : MDLogger USB logging
allow netd mdlogger:fd use;
allow netd mdlogger:tcp_socket { read write };
allow netd mdlogger:tcp_socket { getopt setopt };
# Date : WK14.41
# Operation : Migration
# Purpose : network logging
allow netd netdiag:fd use;
allow netd netdiag:udp_socket { read write getopt setopt};
# Date : WK14.41
# Operation : Migration
# Purpose : ipv6 Tethering Test
#============= netd ==============
allow netd dhcp6s_exec:file execute;
allow netd dhcp_data_file:dir { read search write add_name remove_name };
allow netd dhcp_data_file:file { read write create open getattr unlink};
allow netd radvd_data_file:dir { read write search add_name remove_name};
allow netd radvd_data_file:file { read write create open unlink};
allow netd self:capability { setuid net_bind_service setgid };
allow netd wide_dhcpv6_data_file:dir { read search write add_name remove_name};
allow netd wide_dhcpv6_data_file:file { read write create open getattr unlink};
# Date : WK14.42
# Operation : Migration
# Purpose : for VoLTE L early bring up and first call
allow netd volte_stack:fd use;
allow netd volte_stack:tcp_socket { read write setopt getopt };
allow netd volte_stack:udp_socket { read write setopt getopt };
# Date : WK14.42
# Operation : Migration
# Purpose : ALPS01774455[Need Patch] [Sanity Fail][95E2 L][WFD][EE]EE occur when connect dongle1
allow netd device:file { open write };
# Date : WK14.44
# Operation : Migration
# Purpose : ALPS01789552
#============= netd ==============
allow netd self:capability { setuid setgid };
#============= netd ==============
allow netd isolated_app_tmpfs:file write;
# Date : W14.52
# Operation : Migration
# Purpose : add ePDG support
allow netd ipsec:fd use;
allow netd ipsec:tcp_socket { read write setopt getopt };
#============= netd ==============
allow netd untrusted_app:fd use;
allow netd untrusted_app_tmpfs:file write;
#============= netd ==============
# Date : W14.53
# Operation : Migration
# Purpose : For volte_imcb ut
allow netd volte_imcb:fd use;
allow netd volte_imcb:tcp_socket { read write };
allow netd volte_imcb:tcp_socket getopt;
allow netd volte_imcb:tcp_socket setopt;
# Date : W15.02
# Operation : SQC
# Purpose : CTS for wifi
allow netd untrusted_app:unix_stream_socket { read write getopt setopt};
allow netd isolated_app:fd use;
#============= netd ==============
allow netd radio_tmpfs:file write;
|
