android_device_mediatek_sep.../prebuilts/api/26.0/plat_private/ppp.te

# ==============================================
# MTK Policy Rule
# ==============================================


# Date : WK14.34
# Operation : Migration
# Purpose: for VPN

allow ppp init:unix_stream_socket connectto;
allow ppp property_socket:sock_file write;

# Date : WK14.37
# Operation : Migration
# Purpose: for PPPOE Test 

allow ppp devpts:chr_file { read write ioctl open setattr };
#allow ppp self:capability { setuid net_raw setgid dac_override };
### TBD, neverallowxperm on line 177 of system/sepolicy/public/domain.te
#allow ppp self:packet_socket { write ioctl setopt read bind create };
allow ppp shell_exec:file { read execute open execute_no_trans };


# Date : WK14.37
# Operation : Migration
# Purpose: for PPPOE Test: Property permission

allow ppp net_radio_prop:property_service set;
allow ppp system_prop:property_service set; 


# Date : WK14.38
# Operation : Migration
# Purpose: for PPPOE Test 

allow ppp ppp_exec:file execute_no_trans;

# Date : WK14.53
# Operation : check in 
# Purpose: for warning kernel API 
allow ppp mtp:file read;
import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee 2020-01-18 09:29:32 +08:00			`# ==============================================`
			`# MTK Policy Rule`
			`# ==============================================`



			`# Date : WK14.34`
			`# Operation : Migration`
			`# Purpose: for VPN`

			`allow ppp init:unix_stream_socket connectto;`
			`allow ppp property_socket:sock_file write;`

			`# Date : WK14.37`
			`# Operation : Migration`
			`# Purpose: for PPPOE Test`

			`allow ppp devpts:chr_file { read write ioctl open setattr };`
[ALPS03825066] Resolve vendor violates [Detail] Google add new neverallows rules on android P, some rule violate the rules [Solution] Remove the rules which violate google new rules MTK-Commit-Id: ff683b4eee0a6dd95ff25fbb6c7d1fc3a79c604d Change-Id: Iead494212c6adcec234eaef14c83d1f8c7a49deb CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK 2020-01-18 09:29:34 +08:00			`#allow ppp self:capability { setuid net_raw setgid dac_override };`
import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee 2020-01-18 09:29:32 +08:00			`### TBD, neverallowxperm on line 177 of system/sepolicy/public/domain.te`
			`#allow ppp self:packet_socket { write ioctl setopt read bind create };`
			`allow ppp shell_exec:file { read execute open execute_no_trans };`


			`# Date : WK14.37`
			`# Operation : Migration`
			`# Purpose: for PPPOE Test: Property permission`

			`allow ppp net_radio_prop:property_service set;`
			`allow ppp system_prop:property_service set;`


			`# Date : WK14.38`
			`# Operation : Migration`
			`# Purpose: for PPPOE Test`

			`allow ppp ppp_exec:file execute_no_trans;`

			`# Date : WK14.53`
			`# Operation : check in`
			`# Purpose: for warning kernel API`
			`allow ppp mtp:file read;`