blob: 2507aab98c35d71edc2196bdad826c187c0aefc3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
# ==============================================
# MTK Policy Rule
# ==============================================
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission to access nfc_socket.
allow nfc nfc_socket:dir { write remove_name add_name search };
allow nfc nfc_socket:sock_file { write create setattr unlink };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission to access custom file.
allow nfc custom_file:dir getattr;
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission to access mt6605_device ( nfc device node ) .
allow nfc mt6605_device:chr_file { read write getattr open ioctl };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission to access nfc data file.
allow nfc nfc_data_file:dir { write remove_name add_name search create setattr };
allow nfc nfc_data_file:file { read getattr open rename write ioctl setattr create unlink };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission to access SD card for debug purpose.
allow nfc sdcard_internal:dir { write remove_name search create add_name };
allow nfc sdcard_internal:file { read write getattr open rename create };
allow nfc sdcard_external:dir { write add_name search };
allow nfc sdcard_external:file { read write getattr open create };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission for update screen (activity,dialog,animation, ex: Nfc Beam)
allow nfc guiext-server:binder call;
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : Set NFC permission for WFD
allow nfc surfaceflinger:dir search;
allow nfc surfaceflinger:file { read getattr open };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : For Mdlogger
allow nfc node:tcp_socket node_bind;
allow nfc port:tcp_socket name_bind;
allow nfc self:tcp_socket { setopt read bind create accept write getattr connect getopt listen };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : For Gallery3d
#allow nfc init:binder { transfer };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : For NFC-JNI
allow nfc zygote:unix_stream_socket { getopt getattr };
# ==============================================
# Date : 2014/10/15
# Operation : Refine
# Purpose : For VPN
allow nfc init:unix_stream_socket { write read setopt };
# ==============================================
# Date : 2015/03/11
# Operation : SQC
# Purpose : For platform_app_tmpfs
allow nfc platform_app_tmpfs:file write;
# allow nfc init_tmpfs:file read;
# allow nfc adbd:unix_stream_socket setopt;
# allow nfc dumpstate:fd use;
# allow nfc dumpstate:unix_stream_socket { read write getopt getattr };
# Date : WK1546
# Operation : Migration
# Purpose: Allow nfc to read binder from surfaceflinger
allow nfc surfaceflinger:fifo_file {read write};
# ==============================================
# Date : 2015/10/16
# Operation : SQC
# Purpose : NFC plays sound which uses DrmServer
#============= drmserver ==============
allow drmserver nfc:dir search;
# ==============================================
# Date : 2015/10/16
# Operation : SQC
# Purpose : Allow NFC to use system service
#============= nfc ==============
allow nfc program_binary_service:service_manager find;
|
