# ==============================================
# Common SEPolicy Rule
# ==============================================

# Date: W18.32
# Operation : dontaudit writing to timerslack_ns
dontaudit system_server appdomain:file w_file_perms;
allow system_server ota_package_file:dir getattr;

# Purpose: receive dropbox message
allow system_server crash_dump:fifo_file w_file_perms;
allow system_server crash_dump:fd use;

# Property service.
set_prop(system_server, ctl_bootanim_prop)

# Date : WK16.36
# Purpose: Allow to set property log.tag.WifiHW to control log level of WifiHW
set_prop(system_server, log_tag_prop)

# Fix bootup violation
get_prop(system_server, wifi_prop)

#Date:2019/10/09
#Operation:Q Migration
get_prop(system_server, system_mtk_debug_bq_dump_prop)

#Date:2019/10/10
#Operation:Q Migration
allow system_server mddb_filter_data_file:dir getattr;

allow system_server netdiag:fd use;

#Date :2020/10/19
#Operation : Allow system server to kill dex2oat
allow system_server dex2oat:process sigkill;

#Date:2021/9/22
# Allow system server to get pgid
allow system_server rs:process getpgid;
allow system_server webview_zygote:process getpgid;
allow system_server netd:process setsched;
allow system_server keystore:process setsched;
allow system_server audioserver_tmpfs:file write;
#Date:2021/10/13
# neverallow system server to kill process
dontaudit system_server mediaserver:process sigkill;
dontaudit system_server netd:process sigkill;
dontaudit system_server keystore:process sigkill;

#support system server domain do ioctl
allow system_server system_mtk_pmb_file:file ioctl;
allowxperm system_server system_mtk_pmb_file:file ioctl FS_IOC_MEASURE_VERITY;