1# rild - radio interface layer daemon
2type rild, domain;
3hal_server_domain(rild, hal_telephony)
4
5net_domain(rild)
6allowxperm rild self:udp_socket ioctl priv_sock_ioctls;
7
8allow rild self:netlink_route_socket nlmsg_write;
9allow rild kernel:system module_request;
10allow rild self:capability { setpcap setgid setuid net_admin net_raw };
11allow rild alarm_device:chr_file rw_file_perms;
12allow rild cgroup:dir create_dir_perms;
13allow rild cgroup:{ file lnk_file } r_file_perms;
14allow rild radio_device:chr_file rw_file_perms;
15allow rild radio_device:blk_file r_file_perms;
16allow rild mtd_device:dir search;
17allow rild efs_file:dir create_dir_perms;
18allow rild efs_file:file create_file_perms;
19allow rild shell_exec:file rx_file_perms;
20allow rild bluetooth_efs_file:file r_file_perms;
21allow rild bluetooth_efs_file:dir r_dir_perms;
22allow rild sdcard_type:dir r_dir_perms;
23
24# property service
25set_prop(rild, radio_prop)
26
27allow rild tty_device:chr_file rw_file_perms;
28
29# Allow rild to create and use netlink sockets.
30allow rild self:netlink_socket create_socket_perms_no_ioctl;
31allow rild self:netlink_generic_socket create_socket_perms_no_ioctl;
32allow rild self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
33
34# Access to wake locks
35wakelock_use(rild)
36
37r_dir_file(rild, proc)
38r_dir_file(rild, proc_net)
39r_dir_file(rild, sysfs_type)
40r_dir_file(rild, system_file)
41
42# granting the ioctl permission for rild should be device specific
43allow rild self:socket create_socket_perms_no_ioctl;
44
45