# ============================================== # MTK Policy Rule # ============================================== type dhcp6s_exec,exec_type,file_type; # Date : WK14.34 # Operation : Migration # Purpose : wifi allow netd wmtWifi_device:chr_file { write open }; allow netd kernel:system module_request; allow netd self:capability sys_module; allow netd self:capability fsetid; # Date : WK14.34 # Operation : Migration # Purpose : property_service for wifi allow netd mtk_wifi_prop:property_service set; # Date : WK14.34 # Operation : Migration # Purpose : APP allow netd platform_app:fd use; allow netd platform_app_tmpfs:file write; # Date : WK14.37 # Operation : Migration # Purpose : PPPOE Test allow netd ppp:process sigkill; # Date : WK14.39 # Operation : Migration # Purpose : MDLogger USB logging allow netd mdlogger:fd use; allow netd mdlogger:tcp_socket { read write }; allow netd mdlogger:tcp_socket { getopt setopt }; # Date : WK14.41 # Operation : Migration # Purpose : network logging allow netd netdiag:fd use; allow netd netdiag:udp_socket { read write getopt setopt}; # Date : WK14.41 # Operation : Migration # Purpose : ipv6 Tethering Test #============= netd ============== allow netd dhcp6s_exec:file execute; allow netd dhcp_data_file:dir { read search write add_name remove_name }; allow netd dhcp_data_file:file { read write create open getattr unlink}; allow netd radvd_data_file:dir { read write search add_name remove_name}; allow netd radvd_data_file:file { read write create open unlink}; allow netd self:capability { setuid net_bind_service setgid }; allow netd wide_dhcpv6_data_file:dir { read search write add_name remove_name}; allow netd wide_dhcpv6_data_file:file { read write create open getattr unlink}; # Date : WK14.42 # Operation : Migration # Purpose : for VoLTE L early bring up and first call allow netd volte_stack:fd use; allow netd volte_stack:tcp_socket { read write setopt getopt }; allow netd volte_stack:udp_socket { read write setopt getopt }; # Date : WK14.42 # Operation : Migration # Purpose : ALPS01774455[Need Patch] [Sanity Fail][95E2 L][WFD][EE]EE occur when connect dongle1 allow netd device:file { open write }; # Date : WK14.44 # Operation : Migration # Purpose : ALPS01789552 #============= netd ============== allow netd self:capability { setuid setgid }; #============= netd ============== allow netd isolated_app_tmpfs:file write; # Date : W14.52 # Operation : Migration # Purpose : add ePDG support allow netd ipsec:fd use; allow netd ipsec:tcp_socket { read write setopt getopt }; #============= netd ============== allow netd untrusted_app:fd use; allow netd untrusted_app_tmpfs:file write; #============= netd ============== # Date : W14.53 # Operation : Migration # Purpose : For volte_imcb ut allow netd volte_imcb:fd use; allow netd volte_imcb:tcp_socket { read write }; allow netd volte_imcb:tcp_socket getopt; allow netd volte_imcb:tcp_socket setopt; # Date : W15.02 # Operation : SQC # Purpose : CTS for wifi allow netd untrusted_app:unix_stream_socket { read write getopt setopt}; allow netd isolated_app:fd use; #============= netd ============== allow netd radio_tmpfs:file write; # Date : W15.28 # Operation : Migration # Purpose : add WFCA support allow netd wfca:fd use; allow netd wfca:udp_socket {read write setopt getopt}; allow netd vtservice:fd use; allow netd vtservice:udp_socket {read write setopt getopt}; #============= netd ============== allow netd volte_ua:fd use; allow netd volte_ua:udp_socket {read write setopt getopt}; # Date : W15.39 # Operation : CAT6 T-put # Purpose : CAT6 T-put #============= netd ============== allow netd servicemanager:binder call; allow netd system_server:binder call; allow netd mtk_perf_service:service_manager find; binder_use(netd)