# ============================================== # MTK Policy Rule # ============ # Purpose : allow to access kpd driver file allow radio sysfs_keypad_file:dir { r_dir_perms }; allow radio sysfs_keypad_file:file { w_file_perms }; # Date : WK15.34 2015/08/21 # Operation : IT # Purpose : for engineermode WFD IOT property allow radio surfaceflinger:fifo_file { rw_file_perms }; # Date : 2016/06/11 # Operation : IT # Purpose : for engineermode Usb PHY Tuning allow radio debugfs_usb20_phy:file { read open getattr }; allow radio debugfs_usb20_phy:dir search; # Date : WK14.38 2016/06/28 # Operation : Migration # Purpose : for engineermode allow radio mt_otg_test_device:chr_file { read write ioctl open }; allow radio mtgpio_device:chr_file { read ioctl open }; allow radio stpbt_device:chr_file { read write open }; allow radio stpant_device:chr_file { read write open }; allow radio bt_int_adp_socket:sock_file write; allow radio mt6605_device:chr_file { read write ioctl open getattr }; allow radio nfc_socket:dir { write add_name remove_name search }; allow radio system_prop:property_service set; # Date : WK14.38 2016/06/28 # Operation : Migration # Purpose : for engineermode allow radio em_svr:unix_stream_socket connectto; # Date : WK15.25 2016/06/28 # Operation :N Migration # Purpose : for engineermode WiFi test mode # todo: in the feature Google maybe forbid this option,we should use other way allowxperm radio self:udp_socket ioctl { SIOCIWFIRSTPRIV-SIOCIWFIRSTPRIV_09 SIOCIWFIRSTPRIV_0B SIOCSIWESSID SIOCSIWMODE }; # Date : 2014/12/13 # Operation : IT # Purpose : for bluetooth relayer mode allow radio block_device:dir search; allow radio ttyGS_device:chr_file { open read write ioctl }; # Date : 2016/07/05 # Purpose : # Write IMEI - presanity item write imei should read the file on storage # Swift APK integration - access TTL scripts and logs on external storage # eng mode camera - save iamges files and log files on external storage # eng mode ygps - save location information on external storage allow radio media_rw_data_file:dir { create_dir_perms }; allow radio media_rw_data_file:file { create_file_perms }; # Date : 2016/08/02 # Purpose : # Swift APK integration - access ccci dir/file allow radio ccci_fsd:dir { r_dir_perms }; # Date : 2016/07/25 # Operation : Bluetooth access NVRAM fail in Engineer Mode # Purpose : for Bluetooth read NVRAM data allow radio nvdata_file:dir search; allow radio nvdata_file:file rw_file_perms; #Date : 2016/11/08 #Operation: IT #Purpose: for EM set persist.net.auto.tethering set_prop(radio, mtk_em_net_auto_tethering_prop) # Date : WK17.03 # Operation : O Migration # Purpose : HIDL for rilproxy binder_call(radio, hal_telephony) # Date : WK17.15 # Operation : O Migration # Purpose : for YGPS execution allow radio hal_graphics_composer_default:fd use; #Dat: 2017/02/14 #Purpose: allow get telephony Sensitive property get_prop(radio, mtk_telephony_sensitive_prop) # Date : WK17.26 # Operation : O Migration # Purpose : HIDL for imsa binder_call(radio, mtk_hal_imsa) # Date : WK1727 2017/07/04 # Operation : IT # Purpose : Allow to use HAL imsa hal_client_domain(radio, hal_imsa) #Dat: 2017/06/29 #Purpose: For audio parameter tuning #allow radio hal_audio_hwservice:hwservice_manager find; binder_call(radio,mtk_hal_audio) # TODO : Will move to plat_private when SEPolicy split done # Date : WK1727 2017/07/19 # Operation : Migration # Purpose : Allow EM set usb property set_prop(radio, system_radio_prop) #Dat: 2017/07/20 #Purpose: NFC EM allow radio hal_nfc_hwservice:hwservice_manager find; binder_call(radio, hal_nfc) binder_call(hal_nfc, radio) hwbinder_use(radio); #hal_client_domain(radio, hal_nfc) typeattribute radio halclientdomain; typeattribute radio hal_nfc_client; allow radio nfc_socket:sock_file { create write unlink setattr }; set_prop(radio, system_prop) # Date : WK1734 2017/08/23 # Purpose : Allow EM use power HAL allow radio mtk_hal_power_hwservice:hwservice_manager find; binder_call(radio, mtk_hal_power) # Date : 2017/10/31 # Purpose: Policy for EM to set wcn coredump property get_prop(radio, wmt_prop) # Date : WK18.16 # Operation: P migration # Purpose: Allow radio to get tel_switch_prop get_prop(radio, tel_switch_prop) # Date : 2018/05/03 # Operation: P migration # Purpose: allow EM to set modem reset delay property get_prop(radio, mtk_debug_md_reset_prop) # Date : 2018/06/01 # Operation : P migration # Purpose : For EM access battery info allow radio sysfs_batteryinfo:dir search; #allow radio sysfs_batteryinfo:file { read write getattr open create}; allow radio sysfs_vbus:file { read getattr open }; allow radio sysfs_battery_consumption:file r_file_perms; allow radio sysfs_power_on_vol:file r_file_perms; allow radio sysfs_power_off_vol:file r_file_perms; allow radio sysfs_fg_disable:file w_file_perms; allow radio sysfs_dis_nafg:file w_file_perms; # Date : 2018/06/15 # Purpose : Allow EM access touchscreen settings allow radio sysfs_tpd_debug:dir { search read open }; allow radio sysfs_tpd_setting:dir { search read open }; # Date : 2018/06/15 # Purpose : mtk EM PMU reading/setting allow radio sysfs_pmu:dir { search }; allow radio sysfs_pmu:file { read }; allow radio sysfs_pmu:lnk_file { read }; # Date : 2018/06/15 # Purpose : mtk EM Power debug_log setting allow radio sysfs_spm:dir { search }; # Date : 2018/06/15 # Purpose: Allow EM detect Audio headset status allow radio sysfs_headset:file { read open }; # Date : 2018/06/26 # Operation : IT # Purpose : Allow to use HAL em hal_client_domain(radio, mtk_hal_em) # Date : 2018/07/03 # Purpose : Allow sim system to set prop set_prop(radio, vendor_sim_system_prop) # Date : 2018/07/03 # Purpose : Allow Mwi to get vendor default properties (ro.vendor.*) get_prop(radio, vendor_default_prop) # Operation : DEBUG # Purpose : Allow to use mtk_bgdata_disabled set_prop(radio, mtk_bgdata_disabled) # Date : 2018/07/03 # Operation : DEBUG # Purpose : Allow to use mtk_telecom_vibrate set_prop(radio, mtk_telecom_vibrate) # Date : 2018/07/03 # Operation : DEBUG # Purpose : Allow to use mtk_gprs_attach_type set_prop(radio, mtk_gprs_attach_type) # Date : 2018/07/12 # Purpose : Allow EM to use Lbs Hidl binder_call(radio, lbs_hidl_service) allow radio mtk_hal_lbs_hwservice:hwservice_manager find; # Date : 2018/08/12 # Purpose : Allow EM to set poweroffmd property set_prop(radio, mtk_power_off_md_type) get_prop(radio, persist_mtk_aee_prop); # Date : 2018/08/31 # Purpose : Allow EM to set sys property set_prop(radio, mtk_em_sys_prop) # Date : 2018/11/01 # Purpose : mtk EM c2k bypass read usb file allow radio sys_usb_rawbulk:file { r_file_perms }; allow radio sys_usb_rawbulk:dir { r_dir_perms }; #Date : 2018/11/02 # Operation : Allow radio persist_xcap_rawurl_prop:property_service set; # Purpose : for set telephony xcap use raw url property in IMS SS set_prop(radio, persist_xcap_rawurl_prop) # Date : 2019/05/08 # Operation : label aee_aed sockets # Purpose : Engineering mode need access for aee commmand allow radio aee_aed:unix_stream_socket connectto; # Date : 2019/05/23 # Operation : Get subpimc reigster status # Purpose : Engineering mode need get subpimic register status allow radio debugfs_regmap:dir { search }; # Date : 2018/09/29 # Purpose : Allow get USB Current Speed in Engineer Mode get_prop(radio, vendor_usb_prop);