Android_Device_Mediatek_Sepolicy_Vndr/modem/bip.te

# ==============================================
# Policy File of /system/bin/bip Executable File 

# ==============================================
# Type Declaration
# ==============================================
type bip, domain, mtkimsmddomain, netdomain;
type bip_exec, exec_type, file_type, vendor_file_type;

# ==============================================
# Common SEPolicy Rule
# ==============================================
# permissive bip;
init_daemon_domain(bip)
net_domain(bip)

# Date : WK14.42
# Operation : Migration 
# Purpose : for bip send RTP/RTCP
allow bip self:capability { net_raw setuid setgid net_admin};
allow bip self:udp_socket { create write bind read setopt ioctl getattr shutdown connect };
allow bip node:udp_socket node_bind;
allow bip port:udp_socket name_bind;
allow bip fwmarkd_socket:sock_file write;
allow bip self:tcp_socket { create setopt ioctl bind listen accept read write connect };
allow bip port:tcp_socket name_connect;
allow bip self:netlink_route_socket read;
allow bip bip_socket:sock_file write;
allow bip vendor_bip_socket:sock_file write;

#get_prop(bip, net_radio_prop)
set_prop(bip, vendor_mtk_ril_mux_report_case_prop)
set_prop(bip, vendor_mtk_ctl_muxreport-daemon_prop)

# Purpose : for access ccci device
allow bip ccci_device:chr_file { read write open ioctl };

# Purpose : for raw socket
allow bip self:rawip_socket { create write bind setopt read getattr};
allow bip node:rawip_socket {node_bind}; 

allow bip netd:unix_stream_socket connectto;
allow bip netd_socket:sock_file write;

allow netd bip:fd use;
allow netd bip:tcp_socket { read write setopt getopt };
allow netd bip:udp_socket {read write setopt getopt};