android_device_mediatek_sepolicy/non_plat/system_app.te

# ==============================================
# MTK Policy Rule
# ==============================================

typeattribute system_app mlstrustedsubject;

# Date : 2017/07/21
# Purpose :[CdsInfo] read/ write WI-FI MAC address by NVRAM API
# Package Name: com.mediatek.connectivity
hal_client_domain(system_app, hal_nvramagent);

hal_client_domain(system_app, mtk_hal_lbs)

#Dat: 2017/02/14
#Purpose: allow set telephony Sensitive property
get_prop(system_app, mtk_telephony_sensitive_prop)


# Date : WK17.12
# Operation : MT6799 SQC
# Purpose : Change thermal config
allow system_app mtk_thermal_config_prop:file { getattr open read };


# Date : 2017/11/07
# Operation : Migration
# Purpose : CAT need copy exception db file from data folder
# Package: CAT tool
allow system_app aee_exp_data_file:file r_file_perms;
allow system_app aee_exp_data_file:dir r_dir_perms;
allow system_app md_monitor:unix_stream_socket connectto;

# Date : WK19.11
# Operation: Q migration
# Purpose : Allow system_app to use ioctl/ioctlcmd
allowxperm system_app proc_ged:file ioctl GED_BRIDGE_IO_LOG_BUF_GET;