1# ============================================== 2# Policy File of /vendor/bin/mtk_agpsd Executable File 3 4# ============================================== 5# Type Declaration 6# ============================================== 7type mtk_agpsd_exec, exec_type, file_type, vendor_file_type; 8type mtk_agpsd, domain; 9 10# ============================================== 11# MTK Policy Rule 12# ============================================== 13init_daemon_domain(mtk_agpsd) 14 15net_domain(mtk_agpsd) 16 17# Access channels to modem for E-CID, RRLP, and LPP 18allow mtk_agpsd agps_device:chr_file rw_file_perms; 19allow mtk_agpsd ttySDIO_device:chr_file { create setattr unlink rw_file_perms }; 20allow mtk_agpsd ccci_device:chr_file { create setattr unlink rw_file_perms }; 21 22# Access folders, files, and sockets in /data/agps_supl 23allow mtk_agpsd agpsd_data_file:dir create_dir_perms; 24allow mtk_agpsd agpsd_data_file:file create_file_perms; 25allow mtk_agpsd agpsd_data_file:sock_file create_file_perms; 26 27# Access file system partitions like /system, /data and SD Card 28allow mtk_agpsd sdcard_type:dir create_dir_perms; 29allow mtk_agpsd sdcard_type:file create_file_perms; 30allow mtk_agpsd eemcs_device:chr_file rw_file_perms; 31allow mtk_agpsd mnt_user_file:dir create_dir_perms; 32allow mtk_agpsd mnt_vendor_file:dir create_dir_perms; 33allow mtk_agpsd mnt_vendor_file:file create_file_perms; 34allow mtk_agpsd gps_data_file:dir create_dir_perms; 35allow mtk_agpsd gps_data_file:file create_file_perms; 36 37# Access symbolic link files like /etc and /sdcard 38allow mtk_agpsd tmpfs:lnk_file create_file_perms; 39allow mtk_agpsd mnt_user_file:lnk_file create_file_perms; 40allow mtk_agpsd storage_file:dir create_dir_perms; 41allow mtk_agpsd storage_file:file create_file_perms; 42 43# Send supl profile configuration to SLPD (to get SUPL Reference Location for HW Fused Location) 44allow mtk_agpsd slpd:unix_dgram_socket sendto; 45 46# Operators will send agps settings via OMADM. 47# Operators ask UE to save these settings into NVRAM. 48allow mtk_agpsd nvcfg_file:dir create_dir_perms; 49allow mtk_agpsd nvcfg_file:file create_file_perms; 50 51# Send GNSS assistance data and AGPS commands to MTK's GPS module 'mnld' 52allow mtk_agpsd mnld:unix_dgram_socket sendto; 53 54# Send the message to the LBS HIDL Service to forward to system partitions 55allow mtk_agpsd lbs_hidl_service:unix_dgram_socket sendto; 56 57# Send the message to the merged hal Service to forward to system partitions 58allow mtk_agpsd merged_hal_service:unix_dgram_socket sendto; 59 60# Allow send socket to fusion rild 61allow mtk_agpsd rild:unix_dgram_socket sendto; 62 63# Allow libapmonitor to read the property of hwservicemanager.ready 64get_prop(mtk_agpsd, hwservicemanager_prop) 65 66# Read the property of vendor.debug.gps.mnld.ne 67get_prop(mtk_agpsd, vendor_mtk_mnld_prop) 68 69# Read the property of ro.vendor.mtk_log_hide_gps 70get_prop(mtk_agpsd, vendor_mtk_gps_support_prop) 71 72wakelock_use(mtk_agpsd) 73