# ============================================== # Policy File of /vendor/bin/rilproxy Executable File # ============================================== # Type Declaration # ============================================== # ============================================== # MTK Policy Rule # ============================================== # Access to wake locks wakelock_use(rild) # rild Bringup Policy allow rild init:unix_stream_socket connectto; allow rild mtkrild:unix_stream_socket connectto; allow rild property_socket:sock_file write; allow rild self:capability setuid; allow rild radio_prop:property_service set; allow rild ril_mux_report_case_prop:property_service set; allow rild mtk_agpsd:unix_stream_socket connectto; allow servicemanager rild:dir search; allow servicemanager rild:file { read open }; allow servicemanager rild:process getattr; # Allow the socket read/write of netd for rild allow rild netd_socket:sock_file write; allow rild netd_socket:sock_file read; #Date : W17.13 #Purpose: Treble SEpolicy denied clean up get_prop(rild, hwservicemanager_prop) #Date : W17.18 #Purpose: Treble SEpolicy denied clean up add_hwservice(hal_telephony_server, mtk_hal_rild_hwservice) allow hal_telephony_client mtk_hal_rild_hwservice:hwservice_manager find; #Date : W17.21 #Purpose: Grant permission to access binder dev node vndbinder_use(rild) #Date : W17.20 #Purpose: allow access to audio hal binder_call(rild, mtk_hal_audio) hal_client_domain(rild, hal_audio) #Date : W18.15 #Purpose: allow rild access to vendor.ril.ipo system property set_prop(mtkrild, vendor_ril_ipo_prop) # Date : WK18.26 # Operation: P migration # Purpose: Allow carrier express HIDL to set vendor property set_prop(mtkrild, mtk_cxp_vendor_prop) allow mtkrild mnt_vendor_file:dir search; allow mtkrild mnt_vendor_file:file create_file_perms; allow mtkrild nvdata_file:dir create_dir_perms; allow mtkrild nvdata_file:file create_file_perms; # Date : WK18.31 # Operation: P migration # Purpose: Allow supplementary service HIDL to set vendor property set_prop(mtkrild, mtk_ss_vendor_prop) # Date : W19.16 # Operation: Q migration # Purpose: Allow rild access to send SUPL INIT to mnld allow rild mnld:unix_dgram_socket sendto; allow mtkrild mnld:unix_dgram_socket sendto; # Date : W19.35 # Operation: Q migration # Purpose: Fix rilproxy SeLinux warning of pre-defined socket allow rild gsmrild_socket:sock_file write;