1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
# ==============================================================================
# Type Declaration
# ==============================================================================
type mtk_hal_power, domain;
type mtk_hal_power_exec, exec_type, file_type, vendor_file_type;
# hwbinder access
init_daemon_domain(mtk_hal_power)
hwbinder_use(mtk_hal_power);
get_prop(mtk_hal_power, hwservicemanager_prop)
allow mtk_hal_power hal_power_hwservice:hwservice_manager { add find };
allow mtk_hal_power hidl_base_hwservice:hwservice_manager add;
add_hwservice(mtk_hal_power, mtk_hal_power_hwservice)
allow hal_power_client mtk_hal_power_hwservice:hwservice_manager find;
hal_server_domain(mtk_hal_power, hal_power);
hal_server_domain(mtk_hal_power, hal_wifi);
# sysfs
allow mtk_hal_power sysfs_devices_system_cpu:file rw_file_perms;
# debugfs
allow mtk_hal_power debugfs_ged:dir r_dir_perms;
allow mtk_hal_power debugfs_ged:file rw_file_perms;
# proc_thermal
allow mtk_hal_power proc_thermal:file w_file_perms;
# proc info
allow mtk_hal_power mtk_hal_audio:dir r_dir_perms;
# Date : 2017/10/02
# Operation: SQC
# Purpose : Allow powerHAL to access perfmgr
allow mtk_hal_power proc_perfmgr:dir r_dir_perms;
allow mtk_hal_power proc_perfmgr:file rw_file_perms;
allowxperm mtk_hal_power proc_perfmgr:file ioctl PERFMGR_FPSGO_TOUCH;
# Date : 2017/10/11
# Operation: SQC
# Purpose : Allow powerHAL to access powerhal folder
allow mtk_hal_power sdcard_type:dir create_dir_perms;
allow mtk_hal_power sdcard_type:file create_file_perms;
allow mtk_hal_power eemcs_device:chr_file rw_file_perms;
allow mtk_hal_power mnt_user_file:dir create_dir_perms;
allow mtk_hal_power mtk_powerhal_data_file:dir {create_dir_perms rw_dir_perms};
allow mtk_hal_power mtk_powerhal_data_file:file {create_file_perms rw_file_perms};
allow mtk_hal_power mtk_powerhal_data_file:sock_file {create_file_perms rw_file_perms};
#camera contorl cpu
allow mtk_hal_power mtk_hal_camera:dir r_dir_perms;
allow mtk_hal_power mtk_hal_camera:file r_file_perms;
# Date : 2017/10/24
# Operation: SQC
# Purpose : Allow powerHAL to access thermal
allow mtk_hal_power proc_thermal:dir r_dir_perms;
allow mtk_hal_power debugfs_fpsgo:dir r_dir_perms;
allow mtk_hal_power debugfs_fpsgo:file rw_file_perms;
# Date : 2017/12/19
# Operation: SQC
# Purpose : Allow powerHAL to access wlan
allow mtk_hal_power proc_net:file w_file_perms;
# Date : 2017/12/21
# Operation: SQC
# Purpose : Allow powerHAL to access mediacodec
allow mtk_hal_power mediacodec:dir r_dir_perms;
allow mtk_hal_power mediacodec:file r_file_perms;
set_prop(mtk_hal_power, mtk_thermal_config_prop)
# Date : 2018/03/16
# Operation: SQC
# Purpose : Allow powerHAL to access /d/mtkfb
allow mtk_hal_power debugfs_fb:dir r_dir_perms;
allow mtk_hal_power debugfs_fb:file rw_file_perms;
# Date : 2018/06/26
# Operation: Thermal change policy in perfservice
allow mtk_hal_power proc_thermal:file r_file_perms;
allow mtk_hal_power thermal_manager_data_file:file create_file_perms;
allow mtk_hal_power thermal_manager_data_file:dir { rw_dir_perms setattr };
allow mtk_hal_power thermalloadalgod:unix_stream_socket connectto;
allow mtk_hal_power proc_mtkcooler:dir r_dir_perms;
allow mtk_hal_power proc_mtkcooler:file rw_file_perms;
allow mtk_hal_power proc_mtktz:dir r_dir_perms;
allow mtk_hal_power proc_mtktz:file rw_file_perms;
# Date : 2019/05/08
# Operation: SQC
# Purpose : Allow powerHAL to access /proc/[pid]
allow mtk_hal_power system_server:dir r_dir_perms;
allow mtk_hal_power system_server:file r_file_perms;
# Date : 2019/07/11
# Operation: mt6779 SQC
# Purpose : Allow powerHAL to VPU, RILD
allow mtk_hal_power debugfs_vpu_power:dir r_dir_perms;
allow mtk_hal_power debugfs_vpu_power:file rw_file_perms;
allow mtk_hal_power debugfs_mdla_power:dir r_dir_perms;
allow mtk_hal_power debugfs_mdla_power:file rw_file_perms;
allow mtk_hal_power rild_oem_socket:sock_file write;
allow mtk_hal_power rild:unix_stream_socket connectto;
# Date : 2019/05/22
# Operation: SQC
# Purpose : Allow powerHAL to access block read ahead
allow mtk_hal_power sysfs_dm:dir r_dir_perms;
allow mtk_hal_power sysfs_dm:file rw_file_perms;
allow mtk_hal_power sysfs_mmcblk:dir r_dir_perms;
allow mtk_hal_power sysfs_mmcblk:file rw_file_perms;
allow mtk_hal_power debugfs_eara_thermal:dir search;
allow mtk_hal_power debugfs_eara_thermal:file { getattr open write read };
# Date : 2019/05/22
# Operation: SQC
# Purpose : Allow powerHAL to access prop
set_prop(mtk_hal_power, mtk_powerhal_prop)
# Date : 2019/05/29
# Operation: SQC
# Purpose : Allow powerHAL to access wifi driver
allow mtk_hal_power self:udp_socket create;
allow mtk_hal_power kernel:system module_request;
allow mtk_hal_power self:capability sys_module;
allowxperm mtk_hal_power self:udp_socket ioctl priv_sock_ioctls;
# Date : W19.20
# Operation : MTK power hal migration
# Purpose : MTK power hal interface permission
set_prop(mtk_hal_power, mtk_powerhal_prop)
# Date : 2019/09/05
# Operation: SQC
# Purpose : Add procfs, sysfs policy
allow mtk_hal_power proc_ppm:dir r_dir_perms;
allow mtk_hal_power proc_ppm:file rw_file_perms;
allow mtk_hal_power proc_cpufreq:dir r_dir_perms;
allow mtk_hal_power proc_cpufreq:file rw_file_perms;
allow mtk_hal_power proc_hps:dir r_dir_perms;
allow mtk_hal_power proc_hps:file rw_file_perms;
allow mtk_hal_power proc_cm_mgr:dir r_dir_perms;
allow mtk_hal_power proc_cm_mgr:file rw_file_perms;
allow mtk_hal_power sysfs_ged:dir r_dir_perms;
allow mtk_hal_power sysfs_ged:file rw_file_perms;
allow mtk_hal_power sysfs_fbt_cpu:dir r_dir_perms;
allow mtk_hal_power sysfs_fbt_cpu:file rw_file_perms;
allow mtk_hal_power sysfs_fbt_fteh:dir r_dir_perms;
allow mtk_hal_power sysfs_fbt_fteh:file rw_file_perms;
|
