NekoSakura/Android_Device_Mediatek_Sepolicy_Vndr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Android_Device_Mediatek_Sep.../modem/volte_imcb.te

62 lines
2.0 KiB
Plaintext
Raw Permalink Blame History

# ==============================================
# Policy File of /system/bin/volte_imcb Executable File
# ==============================================
# Type Declaration
# ==============================================
type volte_imcb, domain, mtkimsmddomain;
type volte_imcb_exec, exec_type, file_type, vendor_file_type;
type volte_imsa_socket, file_type;
type volte_imsvt_socket, file_type;
# ==============================================
# Common SEPolicy Rule
# ==============================================
#permissive volte_imcb;
init_daemon_domain(volte_imcb)
net_domain(volte_imcb)
# Date : WK14.42
# Operation : Migration
# Purpose : for VoLTE L early bring up and first call
allow volte_imcb node:tcp_socket node_bind;
allow volte_imcb port:tcp_socket name_bind;
allow volte_imcb self:tcp_socket { bind create setopt accept listen };
allow volte_imcb self:tcp_socket { read getattr };
allow volte_imcb self:tcp_socket write;
allow volte_imcb self:capability { setuid setgid };
# Date : 2015/8/5
# Operation : M Migration
# Purpose : For imcb connect to ua by local socket
unix_socket_connect(volte_imcb, volte_ua, volte_ua)
allow volte_imcb volte_imcb_socket:sock_file write;
allow volte_imcb volte_ut_socket:sock_file write;
# Dtae : WK15.42
# Operation : ViLTE Migration
# Purpose : For open socket device to vtservice connect
# Date : 2016/12/14
# Purpose : TRM
set_prop(volte_imcb, vendor_mtk_md_volte_prop)
# to NETD
allow volte_imcb netd:unix_stream_socket connectto;
allow volte_imcb netd_socket:sock_file write;
allow netd volte_imcb:fd use;
allow netd volte_imcb:tcp_socket { read write setopt getopt };
allow netd volte_imcb:udp_socket {read write setopt getopt};
# Date : 2020/02/24
# Purpose : pttyims
allow volte_imcb mtk_radio_device:dir w_dir_perms;
allow volte_imcb mtk_radio_device:lnk_file create_file_perms;
allow volte_imcb devpts:chr_file setattr;
allow volte_imcb self:capability2 wake_alarm;
allow volte_imcb sysfs_ccci:dir search;
allow volte_imcb sysfs_ccci:file r_file_perms;
allow volte_imcb ccci_device:chr_file rw_file_perms;
Reference in New Issue View Git Blame Copy Permalink