1 # Grant access to Qualcomm MSM Interface (QMI) radio sockets 2 qmux_socket(radio) 3 4 allow radio uce_service:service_manager { add find }; 5 6 # read access to sys/bus/esoc/devices/ directory. 7 allow radio sysfs:dir r_dir_perms; 8 9 r_dir_file(radio, sysfs_msm_subsys) 10 11 # Access to /vendor/framework/qti-vzw-ims-internal.jar for all 12 # IMS packages running with com.android.phone sharedUID 13 allow radio vendor_framework_file:dir { getattr search }; 14 allow radio vendor_framework_file:file { getattr open read }; 15 16 # TODO(b/37164021): Remove this once radio no longer communicates with ims over sockets 17 typeattribute radio socket_between_core_and_vendor_violators; 18 typeattribute ims socket_between_core_and_vendor_violators; 19 # communicate with ims 20 unix_socket_connect(radio, ims, ims) 21 22 # Allow radio to talk to rild over socket 23 unix_socket_connect(radio, rild, rild) 24 25 # access to /dev/diag on debug builds 26 userdebug_or_eng(` 27 allow radio diag_device:chr_file rw_file_perms; 28 ') 29 dontaudit radio diag_device:chr_file rw_file_perms; 30 31 # access to /dev/avtimer 32 allow radio avtimer_device:chr_file rw_file_perms; 33 34 allowxperm radio self:udp_socket ioctl priv_sock_ioctls; 35 36 # Needed for use .so files in /vendor/lib64 needed by ims which runs as com.android.phone (radio) 37 # r_dir_file(radio, vendor_file) 38 typeattribute radio system_executes_vendor_violators; 39 allow radio vendor_file:file rx_file_perms; 40 41 # read access to sys/module/diagchar/parameters/timestamp_switch 42 allow radio sysfs_timestamp_switch:file r_file_perms; 43 44 add_service(radio, qchook_service) 45
