| # ============================================== |
| # Policy File of /vendor/bin/hw/vtservice_hidl Executable File |
| |
| # ============================================== |
| # Common SEPolicy Rule |
| # ============================================== |
| type vtservice_hidl_exec, exec_type, file_type, vendor_file_type; |
| |
| init_daemon_domain(vtservice_hidl) |
| |
| unix_socket_connect(vtservice_hidl, rild_oem, mtkrild) |
| allow vtservice_hidl mtkrild:unix_stream_socket connectto; |
| |
| # Date: 2015/09/22 |
| # Purpose: for unix domain socket access /dev/socket/volte_vt |
| allow vtservice_hidl MTK_SMI_device:chr_file { read write ioctl open }; |
| allow vtservice_hidl fwmarkd_socket:sock_file write; |
| allow vtservice_hidl netd:unix_stream_socket connectto; |
| allow vtservice_hidl untrusted_app:binder call; |
| |
| # For socket path between vt_service and volte_ua |
| allow vtservice_hidl self:udp_socket { create bind connect read write setopt getattr getopt shutdown }; |
| allow vtservice_hidl node:udp_socket { node_bind }; |
| allow vtservice_hidl volte_imsvt1_socket:sock_file write; |
| |
| # 2017/07/ |
| # HiDL porting |
| # Permission to use hwbinder functionality for communication: |
| # 1. add_hwservice(server_domain, service_name) |
| add_hwservice(vtservice_hidl, mtk_hal_videotelephony_hwservice) |
| # 2. also permission to access to /dev/hwbinder |
| hwbinder_use(vtservice_hidl) |
| # 3. For binder transaction. HwBinder IPC from clients into server, and callbacks |
| binder_call(vtservice, vtservice_hidl) |
| binder_call(vtservice_hidl, vtservice) |
| |
| get_prop(vtservice_hidl, hwservicemanager_prop) |
| |
| allow vtservice_hidl debugfs_tracing:file w_file_perms; |
| allow vtservice_hidl system_file:dir r_file_perms; |
| allow vtservice_hidl rild:unix_stream_socket connectto; |
| |
| net_domain(vtservice_hidl) |
| |
| # ViLTE |
| allow vtservice_hidl mtkimsmddomain:udp_socket { setopt getattr read write }; |