• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1type mtk_hal_audio, domain;
2hal_server_domain(mtk_hal_audio, hal_audio)
3
4type mtk_hal_audio_exec, exec_type, vendor_file_type, file_type;
5init_daemon_domain(mtk_hal_audio)
6
7hal_client_domain(mtk_hal_audio, hal_allocator)
8
9hwbinder_use(mtk_hal_audio)
10wakelock_use(mtk_hal_audio);
11
12add_hwservice(mtk_hal_audio, mtk_hal_bluetooth_audio_hwservice)
13allow mtk_hal_audio ion_device:chr_file r_file_perms;
14
15allow mtk_hal_audio system_file:dir { open read };
16
17r_dir_file(mtk_hal_audio, proc)
18allow mtk_hal_audio audio_device:dir r_dir_perms;
19allow mtk_hal_audio audio_device:chr_file rw_file_perms;
20
21###
22### neverallow rules
23###
24
25# mtk_hal_audio should never execute any executable without
26# a domain transition
27neverallow mtk_hal_audio { file_type fs_type }:file execute_no_trans;
28
29# mtk_hal_audio should never need network access.
30# Disallow network sockets.
31neverallow mtk_hal_audio domain:{ udp_socket rawip_socket } *;
32neverallow mtk_hal_audio { domain userdebug_or_eng(`-su') }:tcp_socket *;
33
34# Date : WK14.32
35# Operation : Migration
36# Purpose : Set audio driver permission to access SD card for debug purpose and accss NVRam.
37allow mtk_hal_audio sdcard_type:dir { w_dir_perms create };
38allow mtk_hal_audio sdcard_type:file create;
39allow mtk_hal_audio nvram_data_file:dir w_dir_perms;
40allow mtk_hal_audio nvram_data_file:file create_file_perms;
41allow mtk_hal_audio nvram_data_file:lnk_file read;
42allow mtk_hal_audio nvdata_file:lnk_file read;
43allow mtk_hal_audio nvdata_file:dir w_dir_perms;
44allow mtk_hal_audio nvdata_file:file create_file_perms;
45allow mtk_hal_audio sdcard_type:dir remove_name;
46allow mtk_hal_audio sdcard_type:file unlink;
47
48# Date : WK14.34
49# Operation : Migration
50# Purpose : nvram access (dumchar case for nand and legacy chip)
51allow mtk_hal_audio nvram_device:chr_file rw_file_perms;
52allow mtk_hal_audio self:netlink_kobject_uevent_socket { create setopt bind };
53
54# Date : WK14.34
55# Operation : Migration
56# Purpose : Smartcard Service
57allow mtk_hal_audio self:netlink_kobject_uevent_socket read;
58
59# Date : WK14.36
60# Operation : Migration
61# Purpose : media server and bt process communication for A2DP data.and other control flow
62allow mtk_hal_audio bt_a2dp_stream_socket:sock_file write;
63allow mtk_hal_audio bt_int_adp_socket:sock_file write;
64
65# Date : WK14.36
66# Operation : Migration
67# Purpose :  access nvram, otp, ccci cdoec devices.
68allow mtk_hal_audio MtkCodecService:binder call;
69allow mtk_hal_audio ccci_device:chr_file rw_file_perms;
70allow mtk_hal_audio eemcs_device:chr_file rw_file_perms;
71allow mtk_hal_audio devmap_device:chr_file r_file_perms;
72allow mtk_hal_audio ebc_device:chr_file rw_file_perms;
73allow mtk_hal_audio nvram_device:blk_file rw_file_perms;
74
75# Date : WK14.38
76# Operation : Migration
77# Purpose : NVRam access
78allow mtk_hal_audio block_device:dir { write search };
79
80# Date : WK14.38
81# Operation : Migration
82# Purpose : FM driver access
83allow mtk_hal_audio fm_device:chr_file rw_file_perms;
84
85# Data : WK14.38
86# Operation : Migration
87# Purpose : dump for debug
88allow mtk_hal_audio sdcard_type:file append;
89
90# Data : WK14.39
91# Operation : Migration
92# Purpose : dump for debug
93set_prop(mtk_hal_audio, vendor_mtk_audiohal_prop)
94
95# Date : WK14.40
96# Operation : Migration
97# Purpose : HDMI driver access
98allow mtk_hal_audio graphics_device:chr_file rw_file_perms;
99
100# Date : WK14.40
101# Operation : Migration
102# Purpose : Smartpa
103allow mtk_hal_audio smartpa_device:chr_file rw_file_perms;
104allow mtk_hal_audio sysfs_rt_param:file rw_file_perms;
105allow mtk_hal_audio sysfs_rt_calib:file rw_file_perms;
106allow mtk_hal_audio sysfs_rt_param:dir r_dir_perms;
107allow mtk_hal_audio sysfs_rt_calib:dir r_dir_perms;
108
109# Date : WK14.41
110# Operation : Migration
111# Purpose : WFD HID Driver
112allow mtk_hal_audio uhid_device:chr_file rw_file_perms;
113
114# Date : WK14.43
115# Operation : Migration
116# Purpose : VOW
117allow mtk_hal_audio vow_device:chr_file rw_file_perms;
118
119# Date: WK14.44
120# Operation : Migration
121# Purpose : EVDO
122allow mtk_hal_audio rpc_socket:sock_file write;
123allow mtk_hal_audio ttySDIO_device:chr_file rw_file_perms;
124
125# Data: WK14.44
126# Operation : Migration
127# Purpose : for low SD card latency issue
128allow mtk_hal_audio sysfs_lowmemorykiller:file { read open };
129
130# Data: WK14.45
131# Operation : Migration
132# Purpose : for change thermal policy when needed
133allow mtk_hal_audio proc_mtkcooler:dir search;
134allow mtk_hal_audio proc_mtktz:dir search;
135allow mtk_hal_audio proc_thermal:dir search;
136allow mtk_hal_audio thermal_manager_data_file:file create_file_perms;
137allow mtk_hal_audio thermal_manager_data_file:dir { rw_dir_perms setattr };
138
139# Data : WK14.47
140# Operation : Audio playback
141# Purpose : Music as ringtone
142allow mtk_hal_audio radio:dir { search read };
143allow mtk_hal_audio radio:file r_file_perms;
144
145# Data : WK14.47
146# Operation : CTS
147# Purpose : cts search strange app
148allow mtk_hal_audio untrusted_app:dir search;
149
150# Date : WK15.03
151# Operation : Migration
152# Purpose : offloadservice
153allow mtk_hal_audio offloadservice_device:chr_file rw_file_perms;
154
155# Date : WK15.34
156# Operation : Migration
157# Purpose: for camera middleware dump image buffer to sdcard & audio frameworks dump
158allow mtk_hal_audio storage_file:dir search;
159allow mtk_hal_audio storage_file:lnk_file {read write};
160allow mtk_hal_audio mnt_user_file:dir {write read search};
161allow mtk_hal_audio mnt_user_file:lnk_file {read write};
162
163# Date : WK16.17
164# Operation : Migration
165# Purpose: read/open sysfs node
166allow mtk_hal_audio sysfs_ccci:file r_file_perms;
167allow mtk_hal_audio sysfs_ccci:dir search;
168
169# Date : WK16.18
170# Operation : Migration
171# Purpose: research root dir "/"
172allow mtk_hal_audio tmpfs:dir search;
173
174# Purpose: Dump debug info
175allow mtk_hal_audio debugfs_binder:dir search;
176allow mtk_hal_audio kmsg_device:chr_file { open write };
177allow mtk_hal_audio fuse:file rw_file_perms;
178
179# Date : WK16.27
180# Operation : Migration
181# Purpose: tunning tool update parameters
182binder_call(mtk_hal_audio,radio)
183allow mtk_hal_audio mtk_audiohal_data_file:dir create_dir_perms;
184allow mtk_hal_audio mtk_audiohal_data_file:file create_file_perms;
185
186# Date : WK16.28
187# Operation : Migration
188# Purpose: Write audio dump files to external SDCard.
189allow mtk_hal_audio sdcard_type:file { create_file_perms };
190
191# Date : WK16.33
192# Purpose: Allow to access ged for gralloc_extra functions
193allow mtk_hal_audio proc_ged:file rw_file_perms;
194
195set_prop(mtk_hal_audio, hwservicemanager_prop)
196allow mtk_hal_audio storage_file:dir search;
197
198# Fix bootup violation
199allow mtk_hal_audio fuse:dir read;
200
201# for usb phone call, allow sys_nice
202allow mtk_hal_audio self:capability sys_nice;
203
204# Date : W17.29
205# Boot for opening trace file: Permission denied (13)
206allow mtk_hal_audio debugfs_tracing:file { write open };
207
208# for usb phone call, allow sys_nice
209allow mtk_hal_audio self:capability sys_nice;
210
211# Audio Tuning Tool Android O porting
212binder_call(mtk_hal_audio,audiocmdservice_atci);
213
214
215# Add for control PowerHAL
216hal_client_domain(mtk_hal_audio, hal_power)
217
218# cm4 smartpa
219allow mtk_hal_audio audio_ipi_device:chr_file { read write ioctl open };
220allow mtk_hal_audio audio_scp_device:chr_file r_file_perms;
221
222# Date : WK18.21
223# Operation: P migration
224# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
225allow mtk_hal_audio mnt_vendor_file:dir search;
226
227# Date: 2019/06/14
228# Operation : Migration
229allow mtk_hal_audio audioserver:fifo_file w_file_perms;
230allow mtk_hal_audio sysfs_boot_mode:file r_file_perms;
231allow mtk_hal_audio sysfs_dt_firmware_android:dir search;
232
233# Date : WK18.44
234# Operation: adsp
235allow mtk_hal_audio adsp_device:file rw_file_perms;
236allow mtk_hal_audio adsp_device:chr_file rw_file_perms;
237
238# Date : 2020/3/21
239# Operation: audio dptx
240allow mtk_hal_audio dri_device:chr_file rw_file_perms;
241allow mtk_hal_audio gpu_device:dir search;
242
243allow mtk_hal_audio mtk_hal_bluetooth_audio_hwservice:hwservice_manager find;
244
245# Date : WK20.26
246allow mtk_hal_audio sysfs_dt_firmware_android:file r_file_perms;
247allow mtk_hal_audio metadata_file:dir search;
248allow mtk_hal_audio nvdata_file:dir create_dir_perms;
249
250# Date : WK20.29
251# Purpose: no trigger avc log when call nvram api
252dontaudit mtk_hal_audio gsi_metadata_file:dir search;
253
254# Date : WK20.29
255# Operation : Migration
256# Purpose : SoundTrigger Hal for tablet
257allow mtk_hal_audio adsp_misc_device:chr_file rw_file_perms;
258allow mtk_hal_audio self:netlink_kobject_uevent_socket getopt;