1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
|
# ==============================================
# MTK Policy Rule
# ============
# Purpose : allow to access kpd driver file
allow radio sysfs_keypad_file:dir { r_dir_perms };
allow radio sysfs_keypad_file:file { w_file_perms };
# Date : WK15.34 2015/08/21
# Operation : IT
# Purpose : for engineermode WFD IOT property
allow radio surfaceflinger:fifo_file { rw_file_perms };
# Date : 2016/06/11
# Operation : IT
# Purpose : for engineermode Usb PHY Tuning
allow radio debugfs_usb20_phy:file { read open getattr };
allow radio debugfs_usb20_phy:dir search;
# Date : WK14.38 2016/06/28
# Operation : Migration
# Purpose : for engineermode
allow radio mt_otg_test_device:chr_file { read write ioctl open };
allow radio mtgpio_device:chr_file { read ioctl open };
allow radio stpbt_device:chr_file { read write open };
allow radio stpant_device:chr_file { read write open };
allow radio bt_int_adp_socket:sock_file write;
allow radio mt6605_device:chr_file { read write ioctl open getattr };
allow radio nfc_socket:dir { write add_name remove_name search };
allow radio system_prop:property_service set;
# Date : WK14.38 2016/06/28
# Operation : Migration
# Purpose : for engineermode
allow radio em_svr:unix_stream_socket connectto;
# Date : WK15.25 2016/06/28
# Operation :N Migration
# Purpose : for engineermode WiFi test mode
# todo: in the feature Google maybe forbid this option,we should use other way
allowxperm radio self:udp_socket ioctl { SIOCIWFIRSTPRIV-SIOCIWFIRSTPRIV_09 SIOCIWFIRSTPRIV_0B SIOCSIWESSID SIOCSIWMODE };
# Date : 2014/12/13
# Operation : IT
# Purpose : for bluetooth relayer mode
allow radio block_device:dir search;
allow radio ttyGS_device:chr_file { open read write ioctl };
# Date : 2016/07/05
# Purpose :
# Write IMEI - presanity item write imei should read the file on storage
# Swift APK integration - access TTL scripts and logs on external storage
# eng mode camera - save iamges files and log files on external storage
# eng mode ygps - save location information on external storage
allow radio media_rw_data_file:dir { create_dir_perms };
allow radio media_rw_data_file:file { create_file_perms };
# Date : 2016/08/02
# Purpose :
# Swift APK integration - access ccci dir/file
allow radio ccci_fsd:dir { r_dir_perms };
# Date : 2016/07/25
# Operation : Bluetooth access NVRAM fail in Engineer Mode
# Purpose : for Bluetooth read NVRAM data
allow radio nvdata_file:dir search;
allow radio nvdata_file:file rw_file_perms;
#Date : 2016/11/08
#Operation: IT
#Purpose: for EM set persist.net.auto.tethering
set_prop(radio, mtk_em_net_auto_tethering_prop)
# Date : WK17.03
# Operation : O Migration
# Purpose : HIDL for rilproxy
binder_call(radio, hal_telephony)
# Date : WK17.15
# Operation : O Migration
# Purpose : for YGPS execution
allow radio hal_graphics_composer_default:fd use;
#Dat: 2017/02/14
#Purpose: allow get telephony Sensitive property
get_prop(radio, mtk_telephony_sensitive_prop)
# Date : WK17.26
# Operation : O Migration
# Purpose : HIDL for imsa
binder_call(radio, mtk_hal_imsa)
# Date : WK1727 2017/07/04
# Operation : IT
# Purpose : Allow to use HAL imsa
hal_client_domain(radio, hal_imsa)
#Dat: 2017/06/29
#Purpose: For audio parameter tuning
#allow radio hal_audio_hwservice:hwservice_manager find;
binder_call(radio,mtk_hal_audio)
# TODO : Will move to plat_private when SEPolicy split done
# Date : WK1727 2017/07/19
# Operation : Migration
# Purpose : Allow EM set usb property
set_prop(radio, system_radio_prop)
#Dat: 2017/07/20
#Purpose: NFC EM
allow radio hal_nfc_hwservice:hwservice_manager find;
binder_call(radio, hal_nfc)
binder_call(hal_nfc, radio)
hwbinder_use(radio);
#hal_client_domain(radio, hal_nfc)
typeattribute radio halclientdomain;
typeattribute radio hal_nfc_client;
allow radio nfc_socket:sock_file { create write unlink setattr };
set_prop(radio, system_prop)
# Date : WK1734 2017/08/23
# Purpose : Allow EM use power HAL
allow radio mtk_hal_power_hwservice:hwservice_manager find;
binder_call(radio, mtk_hal_power)
# Date : 2017/10/31
# Purpose: Policy for EM to set wcn coredump property
get_prop(radio, wmt_prop)
# Date : WK18.16
# Operation: P migration
# Purpose: Allow radio to get tel_switch_prop
get_prop(radio, tel_switch_prop)
# Date : 2018/05/03
# Operation: P migration
# Purpose: allow EM to set modem reset delay property
get_prop(radio, mtk_debug_md_reset_prop)
# Date : 2018/06/01
# Operation : P migration
# Purpose : For EM access battery info
allow radio sysfs_batteryinfo:dir search;
#allow radio sysfs_batteryinfo:file { read write getattr open create};
allow radio sysfs_vbus:file { read getattr open };
allow radio sysfs_battery_consumption:file r_file_perms;
allow radio sysfs_power_on_vol:file r_file_perms;
allow radio sysfs_power_off_vol:file r_file_perms;
allow radio sysfs_fg_disable:file w_file_perms;
allow radio sysfs_dis_nafg:file w_file_perms;
# Date : 2018/06/15
# Purpose : Allow EM access touchscreen settings
allow radio sysfs_tpd_debug:dir { search read open };
allow radio sysfs_tpd_setting:dir { search read open };
# Date : 2018/06/15
# Purpose : mtk EM PMU reading/setting
allow radio sysfs_pmu:dir { search };
allow radio sysfs_pmu:file { read };
allow radio sysfs_pmu:lnk_file { read };
# Date : 2018/06/15
# Purpose : mtk EM Power debug_log setting
allow radio sysfs_spm:dir { search };
# Date : 2018/06/15
# Purpose: Allow EM detect Audio headset status
allow radio sysfs_headset:file { read open };
# Date : 2018/06/26
# Operation : IT
# Purpose : Allow to use HAL em
hal_client_domain(radio, mtk_hal_em)
# Date : 2018/07/03
# Purpose : Allow sim system to set prop
set_prop(radio, vendor_sim_system_prop)
# Date : 2018/07/03
# Purpose : Allow Mwi to get vendor default properties (ro.vendor.*)
get_prop(radio, vendor_default_prop)
# Operation : DEBUG
# Purpose : Allow to use mtk_bgdata_disabled
set_prop(radio, mtk_bgdata_disabled)
# Date : 2018/07/03
# Operation : DEBUG
# Purpose : Allow to use mtk_telecom_vibrate
set_prop(radio, mtk_telecom_vibrate)
# Date : 2018/07/03
# Operation : DEBUG
# Purpose : Allow to use mtk_gprs_attach_type
set_prop(radio, mtk_gprs_attach_type)
# Date : 2018/07/12
# Purpose : Allow EM to use Lbs Hidl
binder_call(radio, lbs_hidl_service)
allow radio mtk_hal_lbs_hwservice:hwservice_manager find;
# Date : 2018/08/12
# Purpose : Allow EM to set poweroffmd property
set_prop(radio, mtk_power_off_md_type)
get_prop(radio, persist_mtk_aee_prop);
# Date : 2018/08/31
# Purpose : Allow EM to set sys property
set_prop(radio, mtk_em_sys_prop)
# Date : 2018/11/01
# Purpose : mtk EM c2k bypass read usb file
allow radio sys_usb_rawbulk:file { r_file_perms };
allow radio sys_usb_rawbulk:dir { r_dir_perms };
#Date : 2018/11/02
# Operation : Allow radio persist_xcap_rawurl_prop:property_service set;
# Purpose : for set telephony xcap use raw url property in IMS SS
set_prop(radio, persist_xcap_rawurl_prop)
# Date : 2019/05/08
# Operation : label aee_aed sockets
# Purpose : Engineering mode need access for aee commmand
allow radio aee_aed:unix_stream_socket connectto;
# Date : 2019/05/23
# Operation : Get subpimc reigster status
# Purpose : Engineering mode need get subpimic register status
allow radio debugfs_regmap:dir { search };
# Date : 2018/09/29
# Purpose : Allow get USB Current Speed in Engineer Mode
get_prop(radio, vendor_usb_prop);
|
