blob: ac3270f9a46cc536d228f7d317bd0cd73e3234a9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
# ==============================================
# Policy File of /system/bin/ppl_agent Executable File
# ==============================================
# Type Declaration
# ==============================================
type ppl_agent_exec , exec_type, file_type;
type ppl_agent ,domain;
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(ppl_agent)
# Date : 2014/09/11
# Operation : Migration
# Purpose : [Privacy protection lock][allow com.mediatek.ppl binder IPC to ppl_agent service]
# Package name : com.mediatek.ppl
binder_use(ppl_agent)
binder_service(ppl_agent)
# Date : 2014/10/16
# Operation : QC
# Purpose : [Privacy protection lock][ppl_agent call FileOp_BackupToBinRegionForDM to do nvram backup]
# Package name : com.mediatek.ppl
allow ppl_agent nvram_device:blk_file rw_file_perms;
allow ppl_agent mmcblk0_block_device:blk_file rw_file_perms;
# Date : 2014/10/24
# Operation : Migration
# Purpose : [Privacy protection lock][ppl_agent call FileOp_BackupToBinRegionForDM to do nvram backup]
# Package name : com.mediatek.ppl
allow ppl_agent block_device:dir search;
# Data : 2014/10/24
# Operation : Migration
# Purpose : [Privacy protection lock][ppl_agent need access nvram data file for backup restore function]
# Package name : com.mediatek.ppl
allow ppl_agent nvram_data_file:dir create_dir_perms;
allow ppl_agent nvram_data_file:file create_file_perms;
allow ppl_agent nvram_data_file:lnk_file read;
allow ppl_agent nvdata_file:dir create_dir_perms;
allow ppl_agent nvdata_file:file create_file_perms;
# Data : 2014/10/24
# Operation : Migration
# Purpose : [Privacy protection lock][Allow ServiceManager add this service]
# Package name : ServiceManager
allow ppl_agent ppl_agent_service:service_manager add;
# Data : 2014/10/31
# Operation : QC
# Purpose : [Privacy protection lock][ppl_agent need access nvram data file for backup restore function on MT6582]
# Package name : ServiceManager
allow ppl_agent nvram_device:chr_file { read write ioctl open };
# Data : 2015/10/09
# Operation : IT
# Purpose : [Privacy protection lock][ppl_agent need access ppl data file for backup restore function on MT6577]
# Package name : ppl_agent
allow ppl_agent ppl_block_device:blk_file { read write ioctl open };
# Data : 2015/10/16
# Operation : QC
# Purpose : [Privacy protection lock][ppl_agent need access nvcfg ext4 partiton ppl on MT6797]
# Package name : com.mediatek.ppl
allow ppl_agent nvcfg_file:dir create;
allow ppl_agent nvcfg_file:dir { search write add_name};
allow ppl_agent nvcfg_file:file create;
allow ppl_agent nvcfg_file:file { read write open getattr };
|
