1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
# ==============================================
# MTK Policy Rule
# ==============================================
typeattribute platform_app mlstrustedsubject;
# Date : 2017/07/03
# Operation : Migration
# Purpose : get/set agps configuration via mtk_hal_lbs
hal_client_domain(platform_app, mtk_hal_lbs)
# Date : 2014/08/21
# Operation : Migration
# Purpose : FMRadio enable driver access permission for fmradio hardware device
# Package: com.mediatek.fmradio
allow platform_app fm_device:chr_file rw_file_perms;
# Date : 2014/09/11
# Operation : Migration
# Purpose : MTKLogger need setup local socket with native daemon:mobile_logd,
# netdialog,mdlogger,emdlogger,cmddumper
# Package: com.mediatek.mtklogger
allow platform_app mobile_log_d:unix_stream_socket connectto;
allow platform_app mdlogger:unix_stream_socket connectto;
allow platform_app emdlogger:unix_stream_socket connectto;
allow platform_app cmddumper:unix_stream_socket connectto;
allow platform_app connsyslogger:unix_stream_socket connectto;
unix_socket_connect(platform_app, netdiag, netdiag)
# Date: 2018/11/17
# purpose: allow MTKLogger to control Bluetooth HCI log via socket
allow platform_app bluetooth:unix_stream_socket connectto;
# Date : 2014/10/17
# Operation : Migration
# Purpose :Make MTKLogger or VIASaber apk can Access TTYSDIO_device
# Package: com.mediatek.mtklogger
allow platform_app ttySDIO_device:chr_file rw_file_perms;
# Date : 2014/10/17
# Operation : Migration
# Purpose :Make MTKLogger or VIASaber apk can Access storage
# Package: com.mediatek.mtklogger
allow platform_app sdcard_type:file create_file_perms;
allow platform_app sdcard_type:dir create_dir_perms;
# Date : 2014/11/12
# Operation : Migration
# Purpose : MTKLogger need copy exception db from data folder
# Package: com.mediatek.mtklogger
allow platform_app aee_exp_data_file:file r_file_perms;
allow platform_app aee_exp_data_file:dir r_dir_perms;
# Date : 2014/11/14
# Operation : Migration
# Purpose : MTKLogger need update md config file in data for mode changed
# Package: com.mediatek.mtklogger
allow platform_app mdlog_data_file:file rw_file_perms;
allow platform_app mdlog_data_file:dir rw_dir_perms;
# Date : 2015/01/13
# Operation : New feature for GPS Log
# Purpose : MTKLogger need setup local socket with mnld
# Package: com.mediatek.mtklogger
# TODO:: MTK need to remove later
not_full_treble(`
allow platform_app mnld:unix_stream_socket connectto;
')
# Date : WK17.46
# Operation : Migration
# Purpose : allow MTKLogger to read KE DB
allow platform_app aee_dumpsys_data_file:file r_file_perms;
# Date : WK18.17
# Operation : P Migration
# Purpose: allow platform_app to read /data/vendor/mtklog/aee_exp
allow platform_app aee_exp_vendor_file:dir search;
allow platform_app aee_exp_vendor_file:dir { read getattr open };
allow platform_app aee_exp_vendor_file:file { read getattr open };
# Date : WK18.21
# Operation : Migration
# Purpose : Do FM operation via mtk_hal_fm
hal_client_domain(platform_app, mtk_hal_fm)
# Date: 2018/03/23
# Operation : Migration
# Purpose : MTKLogger need connect to log hidl server
# Package: com.mediatek.mtklogger
hal_client_domain(platform_app, mtk_hal_log)
# Date: 2018/06/08
# Operation : Migration
# Purpose : MTKLogger need get netlog/mdlog/mobilelog property for property change
# Package: com.mediatek.mtklogger
# allow platform_app debug_mdlogger_prop:file r_file_perms;
# allow platform_app debug_mtklog_prop:file r_file_perms;
get_prop(platform_app, debug_mdlogger_prop)
get_prop(platform_app, debug_mtklog_prop)
get_prop(platform_app, vendor_bluetooth_prop)
get_prop(platform_app, mobile_log_prop)
get_prop(platform_app, vendor_connsysfw_prop)
# Date: 2018/11/08
# Operation : JPEG
# Purpose : JPEG need to use PQ via MMS HIDL
allow platform_app mtk_hal_mms_hwservice:hwservice_manager find;
allow platform_app mtk_hal_mms:binder call;
# Date: 2019/07/04
# Stage: Migration
# Purpose: Allow to use lomo effect
# Package: com.mediatek.camera
#allow platform_app hal_camera_hwservice:hwservice_manager find;
allow platform_app mtk_hal_camera:binder call;
allow platform_app sw_sync_device:chr_file rw_file_perms;
# Date: 2019/07/04
# Purpose: Allow platform app to use BGService HIDL and access mtk_hal_camera
hal_client_domain(platform_app, mtk_hal_bgs)
allow platform_app mtk_hal_bgs_hwservice:hwservice_manager find;
binder_call(platform_app, mtk_hal_bgs)
binder_call(mtk_hal_bgs, platform_app)
binder_call(platform_app, mtk_hal_camera)
binder_call(mtk_hal_camera, platform_app)
|
