119 lines
4.1 KiB
Plaintext
119 lines
4.1 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
# GOOGLE commented out. Causes screenshots to fail. See b/169108544.
|
|
# typeattribute platform_app mlstrustedsubject;
|
|
|
|
# Date : 2017/07/03
|
|
# Operation : Migration
|
|
# Purpose : get/set agps configuration via mtk_hal_lbs
|
|
hal_client_domain(platform_app, mtk_hal_lbs)
|
|
|
|
|
|
# Date : 2014/08/21
|
|
# Operation : Migration
|
|
# Purpose : FMRadio enable driver access permission for fmradio hardware device
|
|
# Package: com.mediatek.fmradio
|
|
allow platform_app fm_device:chr_file rw_file_perms;
|
|
|
|
# Date : 2014/09/11
|
|
# Operation : Migration
|
|
# Purpose : MTKLogger need setup local socket with native daemon:mobile_logd,
|
|
# netdialog,mdlogger,emdlogger,cmddumper
|
|
# Package: com.mediatek.mtklogger
|
|
allow platform_app mobile_log_d:unix_stream_socket connectto;
|
|
allow platform_app mdlogger:unix_stream_socket connectto;
|
|
allow platform_app emdlogger:unix_stream_socket connectto;
|
|
allow platform_app cmddumper:unix_stream_socket connectto;
|
|
allow platform_app connsyslogger:unix_stream_socket connectto;
|
|
unix_socket_connect(platform_app, netdiag, netdiag)
|
|
# Date: 2018/11/17
|
|
# purpose: allow MTKLogger to control Bluetooth HCI log via socket
|
|
allow platform_app bluetooth:unix_stream_socket connectto;
|
|
|
|
# Date : 2014/10/17
|
|
# Operation : Migration
|
|
# Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device
|
|
# Package: com.mediatek.mtklogger
|
|
allow platform_app ttySDIO_device:chr_file rw_file_perms;
|
|
|
|
# Date : 2014/10/17
|
|
# Operation : Migration
|
|
# Purpose :Make MTKLogger or VIASaber apk can Access storage
|
|
# Package: com.mediatek.mtklogger
|
|
allow platform_app sdcard_type:file create_file_perms;
|
|
allow platform_app sdcard_type:dir create_dir_perms;
|
|
|
|
# Date : 2014/11/12
|
|
# Operation : Migration
|
|
# Purpose : MTKLogger need copy exception db from data folder
|
|
# Package: com.mediatek.mtklogger
|
|
allow platform_app aee_exp_data_file:file r_file_perms;
|
|
allow platform_app aee_exp_data_file:dir r_dir_perms;
|
|
|
|
# Date : 2014/11/14
|
|
# Operation : Migration
|
|
# Purpose : MTKLogger need update md config file in data for mode changed
|
|
# Package: com.mediatek.mtklogger
|
|
allow platform_app mdlog_data_file:file rw_file_perms;
|
|
allow platform_app mdlog_data_file:dir rw_dir_perms;
|
|
|
|
# Date : 2015/01/13
|
|
# Operation : New feature for GPS Log
|
|
# Purpose : MTKLogger need setup local socket with mnld
|
|
# Package: com.mediatek.mtklogger
|
|
# TODO:: MTK need to remove later
|
|
not_full_treble(`
|
|
allow platform_app mnld:unix_stream_socket connectto;
|
|
')
|
|
|
|
# Date : WK17.46
|
|
# Operation : Migration
|
|
# Purpose : allow MTKLogger to read KE DB
|
|
allow platform_app aee_dumpsys_data_file:file r_file_perms;
|
|
|
|
# Date : WK18.17
|
|
# Operation : P Migration
|
|
# Purpose: allow platform_app to read /data/vendor/mtklog/aee_exp
|
|
allow platform_app aee_exp_vendor_file:dir search;
|
|
allow platform_app aee_exp_vendor_file:dir { read getattr open };
|
|
allow platform_app aee_exp_vendor_file:file { read getattr open };
|
|
|
|
# Date : WK18.21
|
|
# Operation : Migration
|
|
# Purpose : Do FM operation via mtk_hal_fm
|
|
hal_client_domain(platform_app, mtk_hal_fm)
|
|
|
|
# Date: 2018/03/23
|
|
# Operation : Migration
|
|
# Purpose : MTKLogger need connect to log hidl server
|
|
# Package: com.mediatek.mtklogger
|
|
hal_client_domain(platform_app, mtk_hal_log)
|
|
|
|
# Date: 2019/07/04
|
|
# Stage: Migration
|
|
# Purpose: Allow to use lomo effect
|
|
# Package: com.mediatek.camera
|
|
#allow platform_app hal_camera_hwservice:hwservice_manager find;
|
|
allow platform_app mtk_hal_camera:binder call;
|
|
allow platform_app sw_sync_device:chr_file rw_file_perms;
|
|
|
|
# Date: 2019/07/04
|
|
# Purpose: Allow platform app to use BGService HIDL and access mtk_hal_camera
|
|
hal_client_domain(platform_app, mtk_hal_bgs)
|
|
allow platform_app mtk_hal_bgs_hwservice:hwservice_manager find;
|
|
binder_call(platform_app, mtk_hal_bgs)
|
|
binder_call(mtk_hal_bgs, platform_app)
|
|
binder_call(platform_app, mtk_hal_camera)
|
|
binder_call(mtk_hal_camera, platform_app)
|
|
|
|
# Date: 2020/06/08
|
|
# Purpose: Allow platform app to access mtk jpeg
|
|
allow platform_app proc_mtk_jpeg:file rw_file_perms;
|
|
allowxperm platform_app proc_mtk_jpeg:file ioctl {
|
|
JPG_BRIDGE_DEC_IO_LOCK
|
|
JPG_BRIDGE_DEC_IO_WAIT
|
|
JPG_BRIDGE_DEC_IO_UNLOCK
|
|
};
|