| # ============================================== |
| # MTK Policy Rule |
| # ============================================== |
| |
| # GOOGLE commented out. Causes screenshots to fail. See b/169108544. |
| # typeattribute platform_app mlstrustedsubject; |
| |
| # Date : 2017/07/03 |
| # Operation : Migration |
| # Purpose : get/set agps configuration via mtk_hal_lbs |
| hal_client_domain(platform_app, mtk_hal_lbs) |
| |
| |
| # Date : 2014/08/21 |
| # Operation : Migration |
| # Purpose : FMRadio enable driver access permission for fmradio hardware device |
| # Package: com.mediatek.fmradio |
| allow platform_app fm_device:chr_file rw_file_perms; |
| |
| # Date : 2014/09/11 |
| # Operation : Migration |
| # Purpose : MTKLogger need setup local socket with native daemon:mobile_logd, |
| # netdialog,mdlogger,emdlogger,cmddumper |
| # Package: com.mediatek.mtklogger |
| allow platform_app mobile_log_d:unix_stream_socket connectto; |
| allow platform_app mdlogger:unix_stream_socket connectto; |
| allow platform_app emdlogger:unix_stream_socket connectto; |
| allow platform_app cmddumper:unix_stream_socket connectto; |
| allow platform_app connsyslogger:unix_stream_socket connectto; |
| unix_socket_connect(platform_app, netdiag, netdiag) |
| # Date: 2018/11/17 |
| # purpose: allow MTKLogger to control Bluetooth HCI log via socket |
| allow platform_app bluetooth:unix_stream_socket connectto; |
| |
| # Date : 2014/10/17 |
| # Operation : Migration |
| # Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device |
| # Package: com.mediatek.mtklogger |
| allow platform_app ttySDIO_device:chr_file rw_file_perms; |
| |
| # Date : 2014/10/17 |
| # Operation : Migration |
| # Purpose :Make MTKLogger or VIASaber apk can Access storage |
| # Package: com.mediatek.mtklogger |
| allow platform_app sdcard_type:file create_file_perms; |
| allow platform_app sdcard_type:dir create_dir_perms; |
| |
| # Date : 2014/11/12 |
| # Operation : Migration |
| # Purpose : MTKLogger need copy exception db from data folder |
| # Package: com.mediatek.mtklogger |
| allow platform_app aee_exp_data_file:file r_file_perms; |
| allow platform_app aee_exp_data_file:dir r_dir_perms; |
| |
| # Date : 2014/11/14 |
| # Operation : Migration |
| # Purpose : MTKLogger need update md config file in data for mode changed |
| # Package: com.mediatek.mtklogger |
| allow platform_app mdlog_data_file:file rw_file_perms; |
| allow platform_app mdlog_data_file:dir rw_dir_perms; |
| |
| # Date : 2015/01/13 |
| # Operation : New feature for GPS Log |
| # Purpose : MTKLogger need setup local socket with mnld |
| # Package: com.mediatek.mtklogger |
| # TODO:: MTK need to remove later |
| not_full_treble(` |
| allow platform_app mnld:unix_stream_socket connectto; |
| ') |
| |
| # Date : WK17.46 |
| # Operation : Migration |
| # Purpose : allow MTKLogger to read KE DB |
| allow platform_app aee_dumpsys_data_file:file r_file_perms; |
| |
| # Date : WK18.17 |
| # Operation : P Migration |
| # Purpose: allow platform_app to read /data/vendor/mtklog/aee_exp |
| allow platform_app aee_exp_vendor_file:dir search; |
| allow platform_app aee_exp_vendor_file:dir { read getattr open }; |
| allow platform_app aee_exp_vendor_file:file { read getattr open }; |
| |
| # Date : WK18.21 |
| # Operation : Migration |
| # Purpose : Do FM operation via mtk_hal_fm |
| hal_client_domain(platform_app, mtk_hal_fm) |
| |
| # Date: 2018/03/23 |
| # Operation : Migration |
| # Purpose : MTKLogger need connect to log hidl server |
| # Package: com.mediatek.mtklogger |
| hal_client_domain(platform_app, mtk_hal_log) |
| |
| # Date: 2019/07/04 |
| # Stage: Migration |
| # Purpose: Allow to use lomo effect |
| # Package: com.mediatek.camera |
| #allow platform_app hal_camera_hwservice:hwservice_manager find; |
| allow platform_app mtk_hal_camera:binder call; |
| allow platform_app sw_sync_device:chr_file rw_file_perms; |
| |
| # Date: 2019/07/04 |
| # Purpose: Allow platform app to use BGService HIDL and access mtk_hal_camera |
| hal_client_domain(platform_app, mtk_hal_bgs) |
| allow platform_app mtk_hal_bgs_hwservice:hwservice_manager find; |
| binder_call(platform_app, mtk_hal_bgs) |
| binder_call(mtk_hal_bgs, platform_app) |
| binder_call(platform_app, mtk_hal_camera) |
| binder_call(mtk_hal_camera, platform_app) |
| |
| # Date: 2020/06/08 |
| # Purpose: Allow platform app to access mtk jpeg |
| allow platform_app proc_mtk_jpeg:file rw_file_perms; |
| allowxperm platform_app proc_mtk_jpeg:file ioctl { |
| JPG_BRIDGE_DEC_IO_LOCK |
| JPG_BRIDGE_DEC_IO_WAIT |
| JPG_BRIDGE_DEC_IO_UNLOCK |
| }; |