# ============================================== # MTK Policy Rule # ============================================== # GOOGLE commented out. Causes screenshots to fail. See b/169108544. # typeattribute platform_app mlstrustedsubject; # Date : 2017/07/03 # Operation : Migration # Purpose : get/set agps configuration via mtk_hal_lbs hal_client_domain(platform_app, mtk_hal_lbs) # Date : 2014/08/21 # Operation : Migration # Purpose : FMRadio enable driver access permission for fmradio hardware device # Package: com.mediatek.fmradio allow platform_app fm_device:chr_file rw_file_perms; # Date : 2014/09/11 # Operation : Migration # Purpose : MTKLogger need setup local socket with native daemon:mobile_logd, # netdialog,mdlogger,emdlogger,cmddumper # Package: com.mediatek.mtklogger allow platform_app mobile_log_d:unix_stream_socket connectto; allow platform_app mdlogger:unix_stream_socket connectto; allow platform_app emdlogger:unix_stream_socket connectto; allow platform_app cmddumper:unix_stream_socket connectto; allow platform_app connsyslogger:unix_stream_socket connectto; unix_socket_connect(platform_app, netdiag, netdiag) # Date: 2018/11/17 # purpose: allow MTKLogger to control Bluetooth HCI log via socket allow platform_app bluetooth:unix_stream_socket connectto; # Date : 2014/10/17 # Operation : Migration # Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device # Package: com.mediatek.mtklogger allow platform_app ttySDIO_device:chr_file rw_file_perms; # Date : 2014/10/17 # Operation : Migration # Purpose :Make MTKLogger or VIASaber apk can Access storage # Package: com.mediatek.mtklogger allow platform_app sdcard_type:file create_file_perms; allow platform_app sdcard_type:dir create_dir_perms; # Date : 2014/11/12 # Operation : Migration # Purpose : MTKLogger need copy exception db from data folder # Package: com.mediatek.mtklogger allow platform_app aee_exp_data_file:file r_file_perms; allow platform_app aee_exp_data_file:dir r_dir_perms; # Date : 2014/11/14 # Operation : Migration # Purpose : MTKLogger need update md config file in data for mode changed # Package: com.mediatek.mtklogger allow platform_app mdlog_data_file:file rw_file_perms; allow platform_app mdlog_data_file:dir rw_dir_perms; # Date : 2015/01/13 # Operation : New feature for GPS Log # Purpose : MTKLogger need setup local socket with mnld # Package: com.mediatek.mtklogger # TODO:: MTK need to remove later not_full_treble(` allow platform_app mnld:unix_stream_socket connectto; ') # Date : WK17.46 # Operation : Migration # Purpose : allow MTKLogger to read KE DB allow platform_app aee_dumpsys_data_file:file r_file_perms; # Date : WK18.17 # Operation : P Migration # Purpose: allow platform_app to read /data/vendor/mtklog/aee_exp allow platform_app aee_exp_vendor_file:dir search; allow platform_app aee_exp_vendor_file:dir { read getattr open }; allow platform_app aee_exp_vendor_file:file { read getattr open }; # Date : WK18.21 # Operation : Migration # Purpose : Do FM operation via mtk_hal_fm hal_client_domain(platform_app, mtk_hal_fm) # Date: 2018/03/23 # Operation : Migration # Purpose : MTKLogger need connect to log hidl server # Package: com.mediatek.mtklogger hal_client_domain(platform_app, mtk_hal_log) # Date: 2019/07/04 # Stage: Migration # Purpose: Allow to use lomo effect # Package: com.mediatek.camera #allow platform_app hal_camera_hwservice:hwservice_manager find; allow platform_app mtk_hal_camera:binder call; allow platform_app sw_sync_device:chr_file rw_file_perms; # Date: 2019/07/04 # Purpose: Allow platform app to use BGService HIDL and access mtk_hal_camera hal_client_domain(platform_app, mtk_hal_bgs) allow platform_app mtk_hal_bgs_hwservice:hwservice_manager find; binder_call(platform_app, mtk_hal_bgs) binder_call(mtk_hal_bgs, platform_app) binder_call(platform_app, mtk_hal_camera) binder_call(mtk_hal_camera, platform_app) # Date: 2020/06/08 # Purpose: Allow platform app to access mtk jpeg allow platform_app proc_mtk_jpeg:file rw_file_perms; allowxperm platform_app proc_mtk_jpeg:file ioctl { JPG_BRIDGE_DEC_IO_LOCK JPG_BRIDGE_DEC_IO_WAIT JPG_BRIDGE_DEC_IO_UNLOCK };