blob: c97f945ee3b8b8882410d28d5737a19a53c66dcc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# ==============================================
# Policy File of /vendor/bin/rilproxy Executable File
# ==============================================
# Type Declaration
# ==============================================
# ==============================================
# MTK Policy Rule
# ==============================================
# Access to wake locks
wakelock_use(rild)
# rild Bringup Policy
allow rild mtkrild:unix_stream_socket connectto;
allow rild self:capability setuid;
set_prop(rild, radio_prop)
set_prop(rild, vendor_mtk_ril_mux_report_case_prop)
allow rild mtk_agpsd:unix_stream_socket connectto;
allow servicemanager rild:dir search;
allow servicemanager rild:file { read open };
allow servicemanager rild:process getattr;
# Allow the socket read/write of netd for rild
allow rild netd_socket:sock_file write;
allow rild netd_socket:sock_file read;
#Date : W17.13
#Purpose: Treble SEpolicy denied clean up
get_prop(rild, hwservicemanager_prop)
#Date : W17.18
#Purpose: Treble SEpolicy denied clean up
add_hwservice(hal_telephony_server, mtk_hal_rild_hwservice)
allow hal_telephony_client mtk_hal_rild_hwservice:hwservice_manager find;
#Date : W17.21
#Purpose: Grant permission to access binder dev node
vndbinder_use(rild)
#Date : W17.20
#Purpose: allow access to audio hal
binder_call(rild, mtk_hal_audio)
hal_client_domain(rild, hal_audio)
#Date : W18.15
#Purpose: allow rild access to vendor.ril.ipo system property
set_prop(mtkrild, vendor_mtk_ril_ipo_prop)
# Date : WK18.26
# Operation: P migration
# Purpose: Allow carrier express HIDL to set vendor property
set_prop(mtkrild, vendor_mtk_cxp_vendor_prop)
allow mtkrild mnt_vendor_file:dir search;
allow mtkrild mnt_vendor_file:file create_file_perms;
allow mtkrild nvdata_file:dir create_dir_perms;
allow mtkrild nvdata_file:file create_file_perms;
# Date : WK18.31
# Operation: P migration
# Purpose: Allow supplementary service HIDL to set vendor property
set_prop(mtkrild, vendor_mtk_ss_vendor_prop)
# Date : W19.16
# Operation: Q migration
# Purpose: Allow rild access to send SUPL INIT to mnld
allow rild mnld:unix_dgram_socket sendto;
allow mtkrild mnld:unix_dgram_socket sendto;
# Date : W19.35
# Operation: Q migration
# Purpose: Fix rilproxy SeLinux warning of pre-defined socket
allow rild gsmrild_socket:sock_file write;
|
