# ==============================================
# Policy File of /vendor/bin/bip_ap Executable File

# ==============================================
# Common SEPolicy Rule
# ==============================================

type bip_ap, domain, mtkimsmddomain;
type bip_ap_exec, exec_type, file_type, vendor_file_type;

init_daemon_domain(bip_ap)
net_domain(bip_ap)

# Date : WK14.42
# Operation : Migration
# Purpose : for bip_ap send RTP/RTCP
allow bip_ap self:udp_socket create_socket_perms;
allow bip_ap node:udp_socket node_bind;
allow bip_ap port:udp_socket name_bind;
allow bip_ap fwmarkd_socket:sock_file write;
allow bip_ap self:tcp_socket create_stream_socket_perms;
allow bip_ap port:tcp_socket name_connect;
allow bip_ap self:netlink_route_socket read;

# Purpose : for access ccci device
allow bip_ap ccci_device:chr_file rw_file_perms;

# Purpose : for raw socket
allow bip_ap self:rawip_socket { create write bind setopt read getattr};
allow bip_ap node:rawip_socket node_bind;

allow bip_ap netd:unix_stream_socket connectto;
allow bip_ap netd_socket:sock_file write;