1# ==============================================
2# MTK Policy Rule
3# ============
4
5# Purpose : allow to access kpd driver file
6allow radio sysfs_keypad_file:dir { r_dir_perms };
7allow radio sysfs_keypad_file:file { w_file_perms };
8
9# Date : WK15.34 2015/08/21
10# Operation : IT
11# Purpose : for engineermode WFD IOT property
12allow radio surfaceflinger:fifo_file { rw_file_perms };
13
14# Date : 2016/06/11
15# Operation : IT
16# Purpose : for engineermode Usb PHY Tuning
17allow radio debugfs_usb20_phy:file { read open getattr };
18allow radio debugfs_usb20_phy:dir search;
19
20# Date : WK14.38 2016/06/28
21# Operation : Migration
22# Purpose : for engineermode
23allow radio mt_otg_test_device:chr_file { read write ioctl open };
24allow radio mtgpio_device:chr_file { read ioctl open };
25allow radio stpbt_device:chr_file { read write open };
26allow radio stpant_device:chr_file { read write open };
27allow radio bt_int_adp_socket:sock_file write;
28allow radio mt6605_device:chr_file { read write ioctl open getattr };
29allow radio nfc_socket:dir { write add_name remove_name search };
30allow radio system_prop:property_service set;
31
32# Date : WK14.38 2016/06/28
33# Operation : Migration
34# Purpose : for engineermode
35allow radio em_svr:unix_stream_socket connectto;
36
37# Date : WK15.25 2016/06/28
38# Operation :N Migration
39# Purpose : for engineermode WiFi test mode
40# todo: in the feature Google maybe forbid this option,we should use other way
41allowxperm radio self:udp_socket ioctl { SIOCIWFIRSTPRIV-SIOCIWFIRSTPRIV_09 SIOCIWFIRSTPRIV_0B SIOCSIWESSID SIOCSIWMODE };
42
43# Date : 2014/12/13
44# Operation : IT
45# Purpose : for bluetooth relayer mode
46allow radio block_device:dir search;
47allow radio ttyGS_device:chr_file { open read write ioctl };
48
49# Date : 2016/07/05
50# Purpose :
51#   Write IMEI - presanity item write imei should read the file on storage
52#   Swift APK integration - access TTL scripts and logs on external storage
53#   eng mode camera - save iamges files and log files on external storage
54#   eng mode ygps - save location information on external storage
55allow radio media_rw_data_file:dir { create_dir_perms };
56allow radio media_rw_data_file:file { create_file_perms };
57
58# Date : 2016/08/02
59# Purpose :
60#   Swift APK integration - access ccci dir/file
61allow radio ccci_fsd:dir { r_dir_perms };
62
63# Date : 2016/07/25
64# Operation : Bluetooth access NVRAM fail in Engineer Mode
65# Purpose : for Bluetooth read NVRAM data
66allow radio nvdata_file:dir search;
67allow radio nvdata_file:file rw_file_perms;
68
69#Date : 2016/11/08
70#Operation: IT
71#Purpose: for EM set persist.net.auto.tethering
72set_prop(radio, mtk_em_net_auto_tethering_prop)
73
74# Date : WK17.03
75# Operation : O Migration
76# Purpose : HIDL for rilproxy
77binder_call(radio, hal_telephony)
78
79# Date : WK17.15
80# Operation : O Migration
81# Purpose : for YGPS execution
82allow radio hal_graphics_composer_default:fd use;
83
84#Dat: 2017/02/14
85#Purpose: allow get telephony Sensitive property
86get_prop(radio, mtk_telephony_sensitive_prop)
87
88# Date : WK17.26
89# Operation : O Migration
90# Purpose : HIDL for imsa
91binder_call(radio, mtk_hal_imsa)
92
93# Date : WK1727 2017/07/04
94# Operation : IT
95# Purpose : Allow to use HAL imsa
96hal_client_domain(radio, hal_imsa)
97
98#Dat: 2017/06/29
99#Purpose: For audio parameter tuning
100#allow radio hal_audio_hwservice:hwservice_manager find;
101binder_call(radio,mtk_hal_audio)
102
103# TODO : Will move to plat_private when SEPolicy split done
104# Date : WK1727 2017/07/19
105# Operation : Migration
106# Purpose : Allow EM set usb property
107set_prop(radio, system_radio_prop)
108
109#Dat: 2017/07/20
110#Purpose: NFC EM
111allow radio hal_nfc_hwservice:hwservice_manager find;
112binder_call(radio, hal_nfc)
113binder_call(hal_nfc, radio)
114hwbinder_use(radio);
115#hal_client_domain(radio, hal_nfc)
116typeattribute radio halclientdomain;
117typeattribute radio hal_nfc_client;
118allow radio nfc_socket:sock_file { create write unlink setattr };
119set_prop(radio, system_prop)
120
121# Date : WK1734 2017/08/23
122# Purpose : Allow EM use power HAL
123allow radio mtk_hal_power_hwservice:hwservice_manager find;
124binder_call(radio, mtk_hal_power)
125
126# Date : 2017/10/31
127# Purpose: Policy for EM to set wcn coredump property
128get_prop(radio, wmt_prop)
129
130# Date : WK18.16
131# Operation: P migration
132# Purpose: Allow radio to get tel_switch_prop
133get_prop(radio, tel_switch_prop)
134
135# Date : 2018/05/03
136# Operation: P migration
137# Purpose: allow EM to set modem reset delay property
138get_prop(radio, mtk_debug_md_reset_prop)
139
140# Date : 2018/06/01
141# Operation : P migration
142# Purpose : For EM access battery info
143allow radio sysfs_batteryinfo:dir search;
144#allow radio sysfs_batteryinfo:file { read write getattr open create};
145allow radio sysfs_vbus:file { read getattr open };
146allow radio sysfs_battery_consumption:file r_file_perms;
147allow radio sysfs_power_on_vol:file r_file_perms;
148allow radio sysfs_power_off_vol:file r_file_perms;
149allow radio sysfs_fg_disable:file w_file_perms;
150allow radio sysfs_dis_nafg:file w_file_perms;
151
152# Date : 2018/06/15
153# Purpose : Allow EM access touchscreen settings
154allow radio sysfs_tpd_debug:dir { search read open };
155allow radio sysfs_tpd_setting:dir { search read open };
156
157# Date : 2018/06/15
158# Purpose : mtk EM PMU reading/setting
159allow radio sysfs_pmu:dir { search };
160allow radio sysfs_pmu:file { read };
161allow radio sysfs_pmu:lnk_file { read };
162
163# Date : 2018/06/15
164# Purpose : mtk EM Power debug_log setting
165allow radio sysfs_spm:dir { search };
166
167# Date : 2018/06/15
168# Purpose: Allow EM detect Audio headset status
169allow radio sysfs_headset:file { read open };
170
171# Date : 2018/06/26
172# Operation : IT
173# Purpose : Allow to use HAL em
174hal_client_domain(radio, mtk_hal_em)
175
176# Date : 2018/07/03
177# Purpose : Allow sim system to set prop
178set_prop(radio, vendor_sim_system_prop)
179
180# Date : 2018/07/03
181# Purpose : Allow Mwi to get vendor default properties (ro.vendor.*)
182get_prop(radio, vendor_default_prop)
183
184# Operation : DEBUG
185# Purpose : Allow to use mtk_bgdata_disabled
186set_prop(radio, mtk_bgdata_disabled)
187
188# Date : 2018/07/03
189# Operation : DEBUG
190# Purpose : Allow to use mtk_telecom_vibrate
191set_prop(radio, mtk_telecom_vibrate)
192
193# Date : 2018/07/03
194# Operation : DEBUG
195# Purpose : Allow to use mtk_gprs_attach_type
196set_prop(radio, mtk_gprs_attach_type)
197
198# Date : 2018/07/12
199# Purpose : Allow EM to use Lbs Hidl
200binder_call(radio, lbs_hidl_service)
201allow radio mtk_hal_lbs_hwservice:hwservice_manager find;
202
203# Date : 2018/08/12
204# Purpose : Allow EM to set poweroffmd property
205set_prop(radio, mtk_power_off_md_type)
206
207get_prop(radio, persist_mtk_aeev_prop);
208
209
210# Date : 2018/08/31
211# Purpose : Allow EM to set sys property
212set_prop(radio, mtk_em_sys_prop)
213
214# Date : 2018/11/01
215# Purpose : mtk EM c2k bypass read usb file
216allow radio sys_usb_rawbulk:file { r_file_perms };
217allow radio sys_usb_rawbulk:dir { r_dir_perms };
218
219#Date : 2018/11/02
220# Operation : Allow radio persist_xcap_rawurl_prop:property_service set;
221# Purpose : for set telephony xcap use raw url property in IMS SS
222set_prop(radio, persist_xcap_rawurl_prop)
223
224# Date : 2019/05/08
225# Operation : label aee_aed sockets
226# Purpose : Engineering mode need access for aee commmand
227allow radio aee_aed:unix_stream_socket connectto;
228
229# Date : 2019/05/23
230# Operation : Get subpimc reigster status
231# Purpose : Engineering mode need get subpimic register status
232allow radio debugfs_regmap:dir { search };
233
234# Date : 2018/09/29
235# Purpose : Allow get USB Current Speed in Engineer Mode
236get_prop(radio, vendor_usb_prop);