1 # Grant access to Qualcomm MSM Interface (QMI) radio sockets 2 qmux_socket(rild) 3 4 allow rild per_mgr_service:service_manager find; 5 6 hwbinder_use(rild) 7 add_hwservice(rild, vnd_qcril_audio_hwservice) 8 9 vndbinder_use(rild) 10 binder_call(rild, per_mgr) 11 12 # callback into telephony app 13 binder_call(rild, platform_app); 14 15 allow rild netmgrd_socket:dir search; 16 unix_socket_connect(rild, netmgrd, netmgrd) 17 18 r_dir_file(rild, sysfs_type) 19 20 allow rild time:unix_stream_socket connectto; 21 # smlog_dump 22 allow rild smlog_dump_exec:file rx_file_perms; 23 24 allowxperm rild self:udp_socket ioctl priv_sock_ioctls; 25 allow rild self:socket ioctl; 26 allowxperm rild self:socket ioctl msm_sock_ipc_ioctls; 27 userdebug_or_eng(` 28 allow rild diag_device:chr_file rw_file_perms; 29 ') 30 dontaudit rild diag_device:chr_file rw_file_perms; 31 32 # rild needs 'lock' and 'ioctl' for /vendor/qcril.db 33 allow rild vendor_file:file { lock ioctl }; 34 35 # TODO(b/36644492): Remove data_between_core_and_vendor_violators once 36 # rild no longer directly accesses the radio app's data type. 37 typeattribute rild data_between_core_and_vendor_violators; 38 # allow rild to access radio data file 39 allow rild radio_data_file:dir rw_dir_perms; 40 allow rild radio_data_file:file create_file_perms; 41 42 # In order to be able to use system() 43 typeattribute rild vendor_executes_system_violators; 44 allow rild shell_exec:file rx_file_perms; 45 allow rild vendor_shell_exec:file rx_file_perms; 46 47 # TODO(b/36613472): Remove this once system_server, mediaserver, bluetooth, and radio no longer 48 # communicate with rild over sockets. 49 typeattribute rild socket_between_core_and_vendor_violators; 50 51 # Allow vendor native process to read the proc file of xy_qtaguid 52 allow rild proc_qtaguid_stat:file r_file_perms; 53
