3 files changed, 36 insertions, 0 deletions

diff --git a/common/file.te b/common/file.te
index be55eee8..7af3c98c 100644
--- a/common/file.te
+++ b/common/file.te
@@ -100,3 +100,6 @@ type display_config, file_type, data_file_type;
 # IPA file types
 type ipacm_socket, file_type;
 type ipacm_data_file, file_type;
+
+#Define the files written during the operation of mmi
+type mmi_data_file, file_type, data_file_type;
diff --git a/common/file_contexts b/common/file_contexts
index db692247..6c52af05 100755
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -97,6 +97,7 @@
 /system/bin/drmdiagapp                          u:object_r:diag_exec:s0
 /system/bin/irsc_util                           u:object_r:irsc_util_exec:s0
 /system/bin/mm-pp-daemon                        u:object_r:mm-pp-daemon_exec:s0
+/system/bin/mmi                                 u:object_r:mmi_exec:s0
 /system/bin/mpdecision                          u:object_r:mpdecision_exec:s0
 /system/bin/perfd                               u:object_r:perfd_exec:s0
 /system/bin/msm_irqbalance                      u:object_r:msm_irqbalanced_exec:s0
@@ -209,6 +210,7 @@
 /data/dpm(/.*)?                                                     u:object_r:dpmd_data_file:s0
 /data/data/app_ms(/.*)?                                             u:object_r:data_drm_file:s0
 /data/misc/location(/.*)?                                           u:object_r:location_data_file:s0
+/data/FTM_AP(/.*)?                                                  u:object_r:mmi_data_file:s0
 
 ###################################
 # persist files
diff --git a/common/mmi.te b/common/mmi.te
new file mode 100644
index 00000000..1f58af17
--- /dev/null
+++ b/common/mmi.te
@@ -0,0 +1,31 @@
+#integrated process
+type mmi, domain;
+type mmi_exec, exec_type, file_type;
+
+#started by init
+init_daemon_domain(mmi)
+
+#self capability
+allow mmi self:capability { sys_nice dac_override };
+allow mmi self:capability2 block_suspend;
+
+#For various devices
+allow mmi graphics_device:chr_file rw_file_perms;
+allow mmi input_device:chr_file r_file_perms;
+allow mmi input_device:dir r_file_perms;
+allow mmi nfc_device:chr_file rw_file_perms;
+allow mmi shell_exec:file rx_file_perms;
+allow mmi sysfs_wake_lock:file rw_file_perms;
+
+#FTM_AP folder permissions
+allow mmi mmi_data_file:dir rw_dir_perms;
+allow mmi mmi_data_file:file rw_file_perms;
+
+#socket
+unix_socket_connect(mmi, property, init)
+
+#allow mmi set system prop
+allow mmi powerctl_prop:property_service set;
+
+#allow mmi operation on MISC partition
+allow mmi misc_partition:blk_file w_file_perms;