• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1type mtk_hal_audio, domain;
2hal_server_domain(mtk_hal_audio, hal_audio)
3
4type mtk_hal_audio_exec, exec_type, vendor_file_type, file_type;
5init_daemon_domain(mtk_hal_audio)
6
7hal_client_domain(mtk_hal_audio, hal_allocator)
8
9hwbinder_use(mtk_hal_audio)
10wakelock_use(mtk_hal_audio);
11
12add_hwservice(mtk_hal_audio, mtk_hal_bluetooth_audio_hwservice)
13allow mtk_hal_audio ion_device:chr_file r_file_perms;
14
15allow mtk_hal_audio system_file:dir { open read };
16
17r_dir_file(mtk_hal_audio, proc)
18allow mtk_hal_audio audio_device:dir r_dir_perms;
19allow mtk_hal_audio audio_device:chr_file rw_file_perms;
20
21###
22### neverallow rules
23###
24
25# mtk_hal_audio should never execute any executable without
26# a domain transition
27neverallow mtk_hal_audio { file_type fs_type }:file execute_no_trans;
28
29# mtk_hal_audio should never need network access.
30# Disallow network sockets.
31neverallow mtk_hal_audio domain:{ tcp_socket udp_socket rawip_socket } *;
32
33# Date : WK14.32
34# Operation : Migration
35# Purpose : Set audio driver permission to access SD card for debug purpose and accss NVRam.
36allow mtk_hal_audio sdcard_type:dir { w_dir_perms create };
37allow mtk_hal_audio sdcard_type:file create;
38allow mtk_hal_audio nvram_data_file:dir w_dir_perms;
39allow mtk_hal_audio nvram_data_file:file create_file_perms;
40allow mtk_hal_audio nvram_data_file:lnk_file read;
41allow mtk_hal_audio nvdata_file:lnk_file read;
42allow mtk_hal_audio nvdata_file:dir w_dir_perms;
43allow mtk_hal_audio nvdata_file:file create_file_perms;
44allow mtk_hal_audio sdcard_type:dir remove_name;
45allow mtk_hal_audio sdcard_type:file unlink;
46
47# Date : WK14.34
48# Operation : Migration
49# Purpose : nvram access (dumchar case for nand and legacy chip)
50allow mtk_hal_audio nvram_device:chr_file rw_file_perms;
51allow mtk_hal_audio self:netlink_kobject_uevent_socket { create setopt bind };
52
53# Date : WK14.34
54# Operation : Migration
55# Purpose : Smartcard Service
56allow mtk_hal_audio self:netlink_kobject_uevent_socket read;
57
58# Date : WK14.36
59# Operation : Migration
60# Purpose : media server and bt process communication for A2DP data.and other control flow
61allow mtk_hal_audio bt_a2dp_stream_socket:sock_file write;
62allow mtk_hal_audio bt_int_adp_socket:sock_file write;
63
64# Date : WK14.36
65# Operation : Migration
66# Purpose :  access nvram, otp, ccci cdoec devices.
67allow mtk_hal_audio MtkCodecService:binder call;
68allow mtk_hal_audio ccci_device:chr_file rw_file_perms;
69allow mtk_hal_audio eemcs_device:chr_file rw_file_perms;
70allow mtk_hal_audio devmap_device:chr_file r_file_perms;
71allow mtk_hal_audio ebc_device:chr_file rw_file_perms;
72allow mtk_hal_audio nvram_device:blk_file rw_file_perms;
73
74# Date : WK14.38
75# Operation : Migration
76# Purpose : NVRam access
77allow mtk_hal_audio block_device:dir { write search };
78
79# Date : WK14.38
80# Operation : Migration
81# Purpose : FM driver access
82allow mtk_hal_audio fm_device:chr_file rw_file_perms;
83
84# Data : WK14.38
85# Operation : Migration
86# Purpose : dump for debug
87allow mtk_hal_audio sdcard_type:file append;
88
89# Data : WK14.39
90# Operation : Migration
91# Purpose : dump for debug
92set_prop(mtk_hal_audio, vendor_mtk_audiohal_prop)
93
94# Date : WK14.40
95# Operation : Migration
96# Purpose : HDMI driver access
97allow mtk_hal_audio graphics_device:chr_file rw_file_perms;
98
99# Date : WK14.40
100# Operation : Migration
101# Purpose : Smartpa
102allow mtk_hal_audio smartpa_device:chr_file rw_file_perms;
103allow mtk_hal_audio sysfs_rt_param:file rw_file_perms;
104allow mtk_hal_audio sysfs_rt_calib:file rw_file_perms;
105allow mtk_hal_audio sysfs_rt_param:dir r_dir_perms;
106allow mtk_hal_audio sysfs_rt_calib:dir r_dir_perms;
107
108# Date : WK14.41
109# Operation : Migration
110# Purpose : WFD HID Driver
111allow mtk_hal_audio uhid_device:chr_file rw_file_perms;
112
113# Date : WK14.43
114# Operation : Migration
115# Purpose : VOW
116allow mtk_hal_audio vow_device:chr_file rw_file_perms;
117
118# Date: WK14.44
119# Operation : Migration
120# Purpose : EVDO
121allow mtk_hal_audio rpc_socket:sock_file write;
122allow mtk_hal_audio ttySDIO_device:chr_file rw_file_perms;
123
124# Data: WK14.44
125# Operation : Migration
126# Purpose : for low SD card latency issue
127allow mtk_hal_audio sysfs_lowmemorykiller:file { read open };
128
129# Data: WK14.45
130# Operation : Migration
131# Purpose : for change thermal policy when needed
132allow mtk_hal_audio proc_mtkcooler:dir search;
133allow mtk_hal_audio proc_mtktz:dir search;
134allow mtk_hal_audio proc_thermal:dir search;
135allow mtk_hal_audio thermal_manager_data_file:file create_file_perms;
136allow mtk_hal_audio thermal_manager_data_file:dir { rw_dir_perms setattr };
137
138# Data : WK14.47
139# Operation : Audio playback
140# Purpose : Music as ringtone
141allow mtk_hal_audio radio:dir { search read };
142allow mtk_hal_audio radio:file r_file_perms;
143
144# Data : WK14.47
145# Operation : CTS
146# Purpose : cts search strange app
147allow mtk_hal_audio untrusted_app:dir search;
148
149# Date : WK15.03
150# Operation : Migration
151# Purpose : offloadservice
152allow mtk_hal_audio offloadservice_device:chr_file rw_file_perms;
153
154# Date : WK15.34
155# Operation : Migration
156# Purpose: for camera middleware dump image buffer to sdcard & audio frameworks dump
157allow mtk_hal_audio storage_file:dir search;
158allow mtk_hal_audio storage_file:lnk_file {read write};
159allow mtk_hal_audio mnt_user_file:dir {write read search};
160allow mtk_hal_audio mnt_user_file:lnk_file {read write};
161
162# Date : WK16.17
163# Operation : Migration
164# Purpose: read/open sysfs node
165allow mtk_hal_audio sysfs_ccci:file r_file_perms;
166allow mtk_hal_audio sysfs_ccci:dir search;
167
168# Date : WK16.18
169# Operation : Migration
170# Purpose: research root dir "/"
171allow mtk_hal_audio tmpfs:dir search;
172
173# Purpose: Dump debug info
174allow mtk_hal_audio debugfs_binder:dir search;
175allow mtk_hal_audio kmsg_device:chr_file { open write };
176allow mtk_hal_audio fuse:file rw_file_perms;
177
178# Date : WK16.27
179# Operation : Migration
180# Purpose: tunning tool update parameters
181binder_call(mtk_hal_audio,radio)
182allow mtk_hal_audio mtk_audiohal_data_file:dir create_dir_perms;
183allow mtk_hal_audio mtk_audiohal_data_file:file create_file_perms;
184
185# Date : WK16.28
186# Operation : Migration
187# Purpose: Write audio dump files to external SDCard.
188allow mtk_hal_audio sdcard_type:file { create_file_perms };
189
190# Date : WK16.33
191# Purpose: Allow to access ged for gralloc_extra functions
192allow mtk_hal_audio proc_ged:file rw_file_perms;
193
194set_prop(mtk_hal_audio, hwservicemanager_prop)
195allow mtk_hal_audio storage_file:dir search;
196
197# Fix bootup violation
198allow mtk_hal_audio fuse:dir read;
199
200# for usb phone call, allow sys_nice
201allow mtk_hal_audio self:capability sys_nice;
202
203# Date : W17.29
204# Boot for opening trace file: Permission denied (13)
205allow mtk_hal_audio debugfs_tracing:file { write open };
206
207# for usb phone call, allow sys_nice
208allow mtk_hal_audio self:capability sys_nice;
209
210# Audio Tuning Tool Android O porting
211binder_call(mtk_hal_audio,audiocmdservice_atci);
212
213
214# Add for control PowerHAL
215hal_client_domain(mtk_hal_audio, hal_power)
216
217# cm4 smartpa
218allow mtk_hal_audio audio_ipi_device:chr_file { read write ioctl open };
219allow mtk_hal_audio audio_scp_device:chr_file r_file_perms;
220
221# Date : WK18.21
222# Operation: P migration
223# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
224allow mtk_hal_audio mnt_vendor_file:dir search;
225
226# Date: 2019/06/14
227# Operation : Migration
228allow mtk_hal_audio audioserver:fifo_file w_file_perms;
229allow mtk_hal_audio sysfs_boot_mode:file r_file_perms;
230allow mtk_hal_audio sysfs_dt_firmware_android:dir search;
231
232# Date : WK18.44
233# Operation: adsp
234allow mtk_hal_audio adsp_device:file rw_file_perms;
235allow mtk_hal_audio adsp_device:chr_file rw_file_perms;
236
237# Date : 2020/3/21
238# Operation: audio dptx
239allow mtk_hal_audio dri_device:chr_file rw_file_perms;
240allow mtk_hal_audio gpu_device:dir search;
241
242allow mtk_hal_audio mtk_hal_bluetooth_audio_hwservice:hwservice_manager find;
243
244# Date : WK20.26
245allow mtk_hal_audio sysfs_dt_firmware_android:file r_file_perms;
246allow mtk_hal_audio metadata_file:dir search;
247allow mtk_hal_audio nvdata_file:dir create_dir_perms;
248
249# Date : WK20.29
250# Purpose: no trigger avc log when call nvram api
251dontaudit mtk_hal_audio gsi_metadata_file:dir search;
252
253# Date : WK20.29
254# Operation : Migration
255# Purpose : SoundTrigger Hal for tablet
256allow mtk_hal_audio adsp_misc_device:chr_file rw_file_perms;
257allow mtk_hal_audio self:netlink_kobject_uevent_socket getopt;