1# ============================================== 2# MTK Policy Rule 3# ============================================== 4 5typeattribute system_app mlstrustedsubject; 6 7# Date : 2017/07/21 8# Purpose :[CdsInfo] read/ write WI-FI MAC address by NVRAM API 9# Package Name: com.mediatek.connectivity 10hal_client_domain(system_app, hal_nvramagent); 11 12hal_client_domain(system_app, mtk_hal_lbs) 13 14#Dat: 2017/02/14 15#Purpose: allow set telephony Sensitive property 16get_prop(system_app, vendor_mtk_telephony_sensitive_prop) 17 18 19# Date : WK17.12 20# Operation : MT6799 SQC 21# Purpose : Change thermal config 22get_prop(system_app, vendor_mtk_thermal_config_prop) 23 24# Date : 2017/11/07 25# Operation : Migration 26# Purpose : CAT need copy exception db file from data folder 27# Package: CAT tool 28allow system_app aee_exp_data_file:file r_file_perms; 29allow system_app aee_exp_data_file:dir r_dir_perms; 30 31# Date: 2019/06/14 32# Operation : Migration 33# Purpose : system_app need vendor_default_prop 34# GOOGLE: Commented out for b/169606103 35#get_prop(system_app, vendor_default_prop) 36 37# Date: 2019/07/16 38# Operation : Migration 39# Purpose : system_app need use hdmi service and create socktet 40allow system_app mtk_hal_hdmi_hwservice:hwservice_manager find; 41allow system_app mtk_hal_hdmi:binder call; 42allow system_app self:netlink_kobject_uevent_socket {read bind create setopt }; 43# system_app need to read from sysfs /sys/class/switch/hdmi/state 44r_dir_file(system_app, sysfs_switch); 45 46# Date: 2020/06/08 47# Purpose: Allow system app to access mtk jpeg 48allow system_app proc_mtk_jpeg:file rw_file_perms; 49allowxperm system_app proc_mtk_jpeg:file ioctl { 50 JPG_BRIDGE_DEC_IO_LOCK 51 JPG_BRIDGE_DEC_IO_WAIT 52 JPG_BRIDGE_DEC_IO_UNLOCK 53}; 54 55# Date: 2020/06/29 56# Purpose: Allow system app to access mtk fpsgo 57allow system_app sysfs_fpsgo:dir search; 58allow system_app sysfs_fpsgo:file r_file_perms; 59 60# Date 2021/03/29 61# Purpose: To support System navigation selection 62allow system_app mtk_cmdq_device:chr_file read; 63allow system_app mtk_cmdq_device:chr_file open; 64allow system_app mtk_cmdq_device:chr_file ioctl; 65allow system_app mtk_mdp_sync:chr_file read; 66allow system_app mtk_mdp_sync:chr_file open; 67allow system_app mtk_mdp_sync:chr_file ioctl; 68