1# rild - radio interface layer daemon 2type rild, domain; 3hal_server_domain(rild, hal_telephony) 4 5net_domain(rild) 6allowxperm rild self:udp_socket ioctl priv_sock_ioctls; 7 8allow rild self:netlink_route_socket nlmsg_write; 9allow rild kernel:system module_request; 10allow rild self:capability { setpcap setgid setuid net_admin net_raw }; 11allow rild alarm_device:chr_file rw_file_perms; 12allow rild cgroup:dir create_dir_perms; 13allow rild cgroup:{ file lnk_file } r_file_perms; 14allow rild radio_device:chr_file rw_file_perms; 15allow rild radio_device:blk_file r_file_perms; 16allow rild mtd_device:dir search; 17allow rild efs_file:dir create_dir_perms; 18allow rild efs_file:file create_file_perms; 19allow rild shell_exec:file rx_file_perms; 20allow rild bluetooth_efs_file:file r_file_perms; 21allow rild bluetooth_efs_file:dir r_dir_perms; 22allow rild sdcard_type:dir r_dir_perms; 23 24# property service 25set_prop(rild, radio_prop) 26 27allow rild tty_device:chr_file rw_file_perms; 28 29# Allow rild to create and use netlink sockets. 30allow rild self:netlink_socket create_socket_perms_no_ioctl; 31allow rild self:netlink_generic_socket create_socket_perms_no_ioctl; 32allow rild self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 33 34# Access to wake locks 35wakelock_use(rild) 36 37r_dir_file(rild, proc) 38r_dir_file(rild, proc_net) 39r_dir_file(rild, sysfs_type) 40r_dir_file(rild, system_file) 41 42# granting the ioctl permission for rild should be device specific 43allow rild self:socket create_socket_perms_no_ioctl; 44 45