summaryrefslogtreecommitdiff
path: root/policy
diff options
context:
space:
mode:
Diffstat (limited to 'policy')
-rwxr-xr-x[-rw-r--r--]policy/mobile/CMakeLists.txt (renamed from policy/CMakeLists.txt)26
-rwxr-xr-x[-rw-r--r--]policy/mobile/emul/TizenPolicy.xml (renamed from policy/eng/TizenPolicy.xml)114
-rw-r--r--policy/mobile/emul/fingerprint_list.xml (renamed from policy/eng/fingerprint_list.xml)4
-rw-r--r--policy/mobile/emul/fingerprint_list.xsd (renamed from policy/emul/fingerprint_list.xsd)0
-rwxr-xr-x[-rw-r--r--]policy/mobile/eng/TizenPolicy.xml (renamed from policy/emul/TizenPolicy.xml)114
-rw-r--r--policy/mobile/eng/fingerprint_list.xml (renamed from policy/usr/fingerprint_list.xml)4
-rw-r--r--policy/mobile/eng/fingerprint_list.xsd (renamed from policy/eng/fingerprint_list.xsd)0
-rwxr-xr-xpolicy/mobile/tools/add-fingerprint-wrt.sh (renamed from policy/tools/add-fingerprint-wrt.sh)0
-rwxr-xr-xpolicy/mobile/tools/add-fingerprint.sh (renamed from policy/tools/add-fingerprint.sh)2
-rwxr-xr-x[-rw-r--r--]policy/mobile/usr/TizenPolicy.xml (renamed from policy/usr/TizenPolicy.xml)115
-rw-r--r--policy/mobile/usr/fingerprint_list.xml (renamed from policy/emul/fingerprint_list.xml)4
-rw-r--r--policy/mobile/usr/fingerprint_list.xsd (renamed from policy/usr/fingerprint_list.xsd)0
-rw-r--r--policy/wearable/CMakeLists.txt44
-rw-r--r--policy/wearable/emul/TizenPolicy.xml928
-rw-r--r--policy/wearable/emul/fingerprint_list.xml16
-rw-r--r--policy/wearable/emul/fingerprint_list.xsd21
-rw-r--r--policy/wearable/eng/TizenPolicy.xml928
-rw-r--r--policy/wearable/eng/fingerprint_list.xml16
-rw-r--r--policy/wearable/eng/fingerprint_list.xsd21
-rwxr-xr-xpolicy/wearable/tools/add-fingerprint-wrt.sh36
-rwxr-xr-xpolicy/wearable/tools/add-fingerprint.sh32
-rw-r--r--policy/wearable/usr/TizenPolicy.xml928
-rw-r--r--policy/wearable/usr/fingerprint_list.xml16
-rw-r--r--policy/wearable/usr/fingerprint_list.xsd21
24 files changed, 3365 insertions, 25 deletions
diff --git a/policy/CMakeLists.txt b/policy/mobile/CMakeLists.txt
index d216d47..3ef0176 100644..100755
--- a/policy/CMakeLists.txt
+++ b/policy/mobile/CMakeLists.txt
@@ -1,19 +1,3 @@
-#GET_FILENAME_COMPONENT(
-# TIZEN_POLICY_XML
-# ${CMAKE_CURRENT_SOURCE_DIR}/${OPERATOR}/TizenPolicy.xml
-# REALPATH
-# )
-#GET_FILENAME_COMPONENT(
-# FINGERPRINT_LIST_XML
-# ${CMAKE_CURRENT_SOURCE_DIR}/${OPERATOR}/fingerprint_list.xml
-# REALPATH
-# )
-#GET_FILENAME_COMPONENT(
-# FINGERPRINT_LIST_XSD
-# ${CMAKE_CURRENT_SOURCE_DIR}/${OPERATOR}/fingerprint_list.xsd
-# REALPATH
-# )
-
GET_FILENAME_COMPONENT(
TIZEN_POLICY_XML
${CMAKE_CURRENT_SOURCE_DIR}/${RELMODE}/TizenPolicy.xml
@@ -30,24 +14,24 @@ GET_FILENAME_COMPONENT(
REALPATH
)
+MESSAGE("Adding ${RELMODE} specific certificate fingerprints into the fingerprint_list.xml")
-MESSAGE("Adding ${OPERATOR} specific certificate fingerprints into the fingerprint_list.xml")
EXECUTE_PROCESS(
COMMAND
${CMAKE_CURRENT_SOURCE_DIR}/tools/add-fingerprint.sh
- ${CMAKE_SOURCE_DIR}/certificates/${RELMODE}
+ ${CMAKE_SOURCE_DIR}/certificates/${PROFILE_TARGET}/${RELMODE}
${FINGERPRINT_LIST_XML}
RESULT_VARIABLE ERROR_CODE
- )
+)
IF(ERROR_CODE)
MESSAGE(FATAL_ERROR "Failed to add fingerprints!")
ENDIF()
-MESSAGE("Adding B2 ${RELMODE} certificate fingerprints into the TizenPolicy.xml")
+MESSAGE("Adding ${RELMODE} certificate fingerprints into the TizenPolicy.xml")
EXECUTE_PROCESS(
COMMAND
${CMAKE_CURRENT_SOURCE_DIR}/tools/add-fingerprint-wrt.sh
- ${CMAKE_SOURCE_DIR}/certificates/${RELMODE}
+ ${CMAKE_SOURCE_DIR}/certificates/${PROFILE_TARGET}/${RELMODE}
${TIZEN_POLICY_XML}
RESULT_VARIABLE ERROR_CODE
)
diff --git a/policy/eng/TizenPolicy.xml b/policy/mobile/emul/TizenPolicy.xml
index 0e12960..95b0c8a 100644..100755
--- a/policy/eng/TizenPolicy.xml
+++ b/policy/mobile/emul/TizenPolicy.xml
@@ -182,6 +182,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -241,6 +261,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -248,6 +279,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -424,6 +461,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -477,6 +534,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -484,6 +552,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -561,6 +635,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
<!-- access to download feature -->
<rule effect="permit">
<condition combine="or">
@@ -645,6 +725,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -698,6 +798,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -705,11 +816,12 @@
</condition>
</rule>
- <rule effect="deny" />
+ <rule effect = "deny" />
</policy>
<policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
<!-- Specific Untrusted Policy for Tizen -->
+
<rule effect="deny" />
</policy>
</policy-set>
diff --git a/policy/eng/fingerprint_list.xml b/policy/mobile/emul/fingerprint_list.xml
index d331f12..845a3d5 100644
--- a/policy/eng/fingerprint_list.xml
+++ b/policy/mobile/emul/fingerprint_list.xml
@@ -9,4 +9,8 @@
</CertificateDomain>
<CertificateDomain name="tizen-test">
</CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
</CertificateSet>
diff --git a/policy/emul/fingerprint_list.xsd b/policy/mobile/emul/fingerprint_list.xsd
index b0fab23..b0fab23 100644
--- a/policy/emul/fingerprint_list.xsd
+++ b/policy/mobile/emul/fingerprint_list.xsd
diff --git a/policy/emul/TizenPolicy.xml b/policy/mobile/eng/TizenPolicy.xml
index 0e12960..95b0c8a 100644..100755
--- a/policy/emul/TizenPolicy.xml
+++ b/policy/mobile/eng/TizenPolicy.xml
@@ -182,6 +182,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -241,6 +261,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -248,6 +279,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -424,6 +461,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -477,6 +534,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -484,6 +552,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -561,6 +635,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
<!-- access to download feature -->
<rule effect="permit">
<condition combine="or">
@@ -645,6 +725,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -698,6 +798,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -705,11 +816,12 @@
</condition>
</rule>
- <rule effect="deny" />
+ <rule effect = "deny" />
</policy>
<policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
<!-- Specific Untrusted Policy for Tizen -->
+
<rule effect="deny" />
</policy>
</policy-set>
diff --git a/policy/usr/fingerprint_list.xml b/policy/mobile/eng/fingerprint_list.xml
index d331f12..845a3d5 100644
--- a/policy/usr/fingerprint_list.xml
+++ b/policy/mobile/eng/fingerprint_list.xml
@@ -9,4 +9,8 @@
</CertificateDomain>
<CertificateDomain name="tizen-test">
</CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
</CertificateSet>
diff --git a/policy/eng/fingerprint_list.xsd b/policy/mobile/eng/fingerprint_list.xsd
index b0fab23..b0fab23 100644
--- a/policy/eng/fingerprint_list.xsd
+++ b/policy/mobile/eng/fingerprint_list.xsd
diff --git a/policy/tools/add-fingerprint-wrt.sh b/policy/mobile/tools/add-fingerprint-wrt.sh
index 7d9c340..7d9c340 100755
--- a/policy/tools/add-fingerprint-wrt.sh
+++ b/policy/mobile/tools/add-fingerprint-wrt.sh
diff --git a/policy/tools/add-fingerprint.sh b/policy/mobile/tools/add-fingerprint.sh
index fc5f9f3..94941b3 100755
--- a/policy/tools/add-fingerprint.sh
+++ b/policy/mobile/tools/add-fingerprint.sh
@@ -9,7 +9,7 @@ then
exit 2
fi
-for CATEGORY in developer public partner platform test
+for CATEGORY in developer public partner platform test verify store
do
if [ -d "$CERT_ROOT/$CATEGORY" ]
then
diff --git a/policy/usr/TizenPolicy.xml b/policy/mobile/usr/TizenPolicy.xml
index d556577..95b0c8a 100644..100755
--- a/policy/usr/TizenPolicy.xml
+++ b/policy/mobile/usr/TizenPolicy.xml
@@ -182,6 +182,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -243,10 +263,28 @@
-->
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="healthinfo" />
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -423,6 +461,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -476,6 +534,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -483,6 +552,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="personalinfo" />
+ </condition>
+ </rule>
+
<rule effect="deny" />
</policy>
@@ -560,6 +635,12 @@
</condition>
</rule>
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
<!-- access to download feature -->
<rule effect="permit">
<condition combine="or">
@@ -644,6 +725,26 @@
<rule effect="permit">
<condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
<resource-match attr="device-cap" func="equal" match="websetting" />
</condition>
</rule>
@@ -697,6 +798,17 @@
</condition>
</rule>
-->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
<rule effect="permit">
<condition combine="or">
@@ -704,11 +816,12 @@
</condition>
</rule>
- <rule effect="deny" />
+ <rule effect = "deny" />
</policy>
<policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
<!-- Specific Untrusted Policy for Tizen -->
+
<rule effect="deny" />
</policy>
</policy-set>
diff --git a/policy/emul/fingerprint_list.xml b/policy/mobile/usr/fingerprint_list.xml
index d331f12..845a3d5 100644
--- a/policy/emul/fingerprint_list.xml
+++ b/policy/mobile/usr/fingerprint_list.xml
@@ -9,4 +9,8 @@
</CertificateDomain>
<CertificateDomain name="tizen-test">
</CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
</CertificateSet>
diff --git a/policy/usr/fingerprint_list.xsd b/policy/mobile/usr/fingerprint_list.xsd
index b0fab23..b0fab23 100644
--- a/policy/usr/fingerprint_list.xsd
+++ b/policy/mobile/usr/fingerprint_list.xsd
diff --git a/policy/wearable/CMakeLists.txt b/policy/wearable/CMakeLists.txt
new file mode 100644
index 0000000..4a7afc4
--- /dev/null
+++ b/policy/wearable/CMakeLists.txt
@@ -0,0 +1,44 @@
+GET_FILENAME_COMPONENT(
+ TIZEN_POLICY_XML
+ ${CMAKE_CURRENT_SOURCE_DIR}/${RELMODE}/TizenPolicy.xml
+ REALPATH
+ )
+GET_FILENAME_COMPONENT(
+ FINGERPRINT_LIST_XML
+ ${CMAKE_CURRENT_SOURCE_DIR}/${RELMODE}/fingerprint_list.xml
+ REALPATH
+ )
+GET_FILENAME_COMPONENT(
+ FINGERPRINT_LIST_XSD
+ ${CMAKE_CURRENT_SOURCE_DIR}/${RELMODE}/fingerprint_list.xsd
+ REALPATH
+ )
+
+MESSAGE("Adding ${RELMODE} specific certificate fingerprints into the fingerprint_list.xml")
+
+EXECUTE_PROCESS(
+ COMMAND
+ ${CMAKE_CURRENT_SOURCE_DIR}/tools/add-fingerprint.sh
+ ${CMAKE_SOURCE_DIR}/certificates/${PROFILE_TARGET}/${RELMODE}
+ ${FINGERPRINT_LIST_XML}
+ RESULT_VARIABLE ERROR_CODE
+)
+IF(ERROR_CODE)
+ MESSAGE(FATAL_ERROR "Failed to add fingerprints!")
+ENDIF()
+
+MESSAGE("Adding wearable ${RELMODE} certificate fingerprints into the TizenPolicy.xml")
+EXECUTE_PROCESS(
+ COMMAND
+ ${CMAKE_CURRENT_SOURCE_DIR}/tools/add-fingerprint-wrt.sh
+ ${CMAKE_SOURCE_DIR}/certificates/${PROFILE_TARGET}/${RELMODE}
+ ${TIZEN_POLICY_XML}
+ RESULT_VARIABLE ERROR_CODE
+)
+IF(ERROR_CODE)
+ MESSAGE(FATAL_ERROR "Failed to add fingerprints!")
+ENDIF()
+
+INSTALL(FILES ${TIZEN_POLICY_XML} DESTINATION etc/ace)
+INSTALL(FILES ${FINGERPRINT_LIST_XML} DESTINATION share/wrt-engine)
+INSTALL(FILES ${FINGERPRINT_LIST_XSD} DESTINATION share/wrt-engine)
diff --git a/policy/wearable/emul/TizenPolicy.xml b/policy/wearable/emul/TizenPolicy.xml
new file mode 100644
index 0000000..8b41311
--- /dev/null
+++ b/policy/wearable/emul/TizenPolicy.xml
@@ -0,0 +1,928 @@
+<policy-set id="Tizen-Policy" combine="first-matching-target">
+ <policy id="Tizen-Policy-Plaform-API" description="Plaform API" combine="permit-overrides">
+ <target>
+ <!-- platform API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ </condition>
+ </rule>
+
+ <!-- access to bookmark -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bookmark.read" />
+ <resource-match attr="device-cap" func="equal" match="bookmark.write" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetoothmanager" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="testautomation" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="retail.display" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Partner-API" description="Partner API" combine="permit-overrides">
+ <target>
+ <!-- partner API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Public-API" description="Public API" combine="permit-overrides">
+ <target>
+ <!-- public API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
+ <!-- Specific Untrusted Policy for Tizen -->
+ <rule effect="deny" />
+ </policy>
+</policy-set>
diff --git a/policy/wearable/emul/fingerprint_list.xml b/policy/wearable/emul/fingerprint_list.xml
new file mode 100644
index 0000000..845a3d5
--- /dev/null
+++ b/policy/wearable/emul/fingerprint_list.xml
@@ -0,0 +1,16 @@
+<CertificateSet>
+ <CertificateDomain name="tizen-developer"><!-- used to verify tizen widgets -->
+ </CertificateDomain>
+ <CertificateDomain name="tizen-public">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-partner">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-platform">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-test">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
+</CertificateSet>
diff --git a/policy/wearable/emul/fingerprint_list.xsd b/policy/wearable/emul/fingerprint_list.xsd
new file mode 100644
index 0000000..b0fab23
--- /dev/null
+++ b/policy/wearable/emul/fingerprint_list.xsd
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+<xs:element name="CertificateSet" type="CertificateSetType" />
+<xs:complexType name="CertificateSetType">
+ <xs:sequence>
+ <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+</xs:complexType>
+
+<xs:element name="CertificateDomain" type="CertificateDomainType" />
+<xs:complexType name="CertificateDomainType">
+ <xs:sequence>
+ <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required" />
+</xs:complexType>
+
+<xs:element name="FingerprintSHA1" type="xs:string"/>
+
+</xs:schema>
diff --git a/policy/wearable/eng/TizenPolicy.xml b/policy/wearable/eng/TizenPolicy.xml
new file mode 100644
index 0000000..8b41311
--- /dev/null
+++ b/policy/wearable/eng/TizenPolicy.xml
@@ -0,0 +1,928 @@
+<policy-set id="Tizen-Policy" combine="first-matching-target">
+ <policy id="Tizen-Policy-Plaform-API" description="Plaform API" combine="permit-overrides">
+ <target>
+ <!-- platform API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ </condition>
+ </rule>
+
+ <!-- access to bookmark -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bookmark.read" />
+ <resource-match attr="device-cap" func="equal" match="bookmark.write" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetoothmanager" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="testautomation" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="retail.display" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Partner-API" description="Partner API" combine="permit-overrides">
+ <target>
+ <!-- partner API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Public-API" description="Public API" combine="permit-overrides">
+ <target>
+ <!-- public API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
+ <!-- Specific Untrusted Policy for Tizen -->
+ <rule effect="deny" />
+ </policy>
+</policy-set>
diff --git a/policy/wearable/eng/fingerprint_list.xml b/policy/wearable/eng/fingerprint_list.xml
new file mode 100644
index 0000000..845a3d5
--- /dev/null
+++ b/policy/wearable/eng/fingerprint_list.xml
@@ -0,0 +1,16 @@
+<CertificateSet>
+ <CertificateDomain name="tizen-developer"><!-- used to verify tizen widgets -->
+ </CertificateDomain>
+ <CertificateDomain name="tizen-public">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-partner">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-platform">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-test">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
+</CertificateSet>
diff --git a/policy/wearable/eng/fingerprint_list.xsd b/policy/wearable/eng/fingerprint_list.xsd
new file mode 100644
index 0000000..b0fab23
--- /dev/null
+++ b/policy/wearable/eng/fingerprint_list.xsd
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+<xs:element name="CertificateSet" type="CertificateSetType" />
+<xs:complexType name="CertificateSetType">
+ <xs:sequence>
+ <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+</xs:complexType>
+
+<xs:element name="CertificateDomain" type="CertificateDomainType" />
+<xs:complexType name="CertificateDomainType">
+ <xs:sequence>
+ <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required" />
+</xs:complexType>
+
+<xs:element name="FingerprintSHA1" type="xs:string"/>
+
+</xs:schema>
diff --git a/policy/wearable/tools/add-fingerprint-wrt.sh b/policy/wearable/tools/add-fingerprint-wrt.sh
new file mode 100755
index 0000000..7d9c340
--- /dev/null
+++ b/policy/wearable/tools/add-fingerprint-wrt.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+CERT_ROOT=$1
+XML_PATH=$2
+
+if [ -z "$2" ]
+then
+ echo "usage: `basename $0` certificate_root_path fingerprint_xml_path"
+ exit 2
+fi
+
+for CATEGORY in platform partner public
+do
+ if [ -d "$CERT_ROOT/$CATEGORY" ]
+ then
+ echo
+ echo " <<$CATEGORY>>"
+ for CERT_PATH in `ls $CERT_ROOT/$CATEGORY/*.pem`
+ do
+ FINGERPRINT=`/usr/bin/openssl x509 -noout -fingerprint -in $CERT_PATH | cut -d '=' -f 2`
+ echo " ${CERT_PATH##*/}:"
+ echo " $FINGERPRINT"
+ #############################################################################################################################
+ # Find "<!-- xxxxxxx API -->" and then add the fingerprint into the next line
+ #############################################################################################################################
+ # <subject><!-- xxxxxxxxx.pem -->
+ # <subject-match attr="distributor-key-root-fingerprint" func="equal">
+ # sha-1 XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
+ # </subject-match>
+ # </subject>
+ #############################################################################################################################
+ /bin/sed -i "s#<\!-- $CATEGORY API -->.*#&\n <subject><!-- ${CERT_PATH##*/} -->\n <subject-match attr=\"distributor-key-root-fingerprint\" func=\"equal\">\n sha-1 $FINGERPRINT\n </subject-match>\n </subject>#" $XML_PATH
+ done
+ fi
+done
+echo
diff --git a/policy/wearable/tools/add-fingerprint.sh b/policy/wearable/tools/add-fingerprint.sh
new file mode 100755
index 0000000..94941b3
--- /dev/null
+++ b/policy/wearable/tools/add-fingerprint.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+CERT_ROOT=$1
+XML_PATH=$2
+
+if [ -z "$2" ]
+then
+ echo "usage: `basename $0` certificate_root_path fingerprint_xml_path"
+ exit 2
+fi
+
+for CATEGORY in developer public partner platform test verify store
+do
+ if [ -d "$CERT_ROOT/$CATEGORY" ]
+ then
+ echo
+ echo " <<$CATEGORY>>"
+ for CERT_PATH in `ls $CERT_ROOT/$CATEGORY/*.pem`
+ do
+ FINGERPRINT=`/usr/bin/openssl x509 -noout -fingerprint -in $CERT_PATH | cut -d '=' -f 2`
+ echo " ${CERT_PATH##*/}:"
+ echo " $FINGERPRINT"
+ #############################################################################################################################
+ # Find "<CertificateDomain name="tizen-xxxxxxx">" and then add the fingerprint into the next line
+ #############################################################################################################################
+ # <FingerprintSHA1>XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX</FingerprintSHA1><!-- xxxxxxxxx.pem -->
+ #############################################################################################################################
+ /bin/sed -i "s#<CertificateDomain name=\"tizen-$CATEGORY\">.*#&\n <FingerprintSHA1>$FINGERPRINT</FingerprintSHA1><!-- ${CERT_PATH##*/} -->#" $XML_PATH
+ done
+ fi
+done
+echo
diff --git a/policy/wearable/usr/TizenPolicy.xml b/policy/wearable/usr/TizenPolicy.xml
new file mode 100644
index 0000000..8b41311
--- /dev/null
+++ b/policy/wearable/usr/TizenPolicy.xml
@@ -0,0 +1,928 @@
+<policy-set id="Tizen-Policy" combine="first-matching-target">
+ <policy id="Tizen-Policy-Plaform-API" description="Plaform API" combine="permit-overrides">
+ <target>
+ <!-- platform API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ </condition>
+ </rule>
+
+ <!-- access to bookmark -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bookmark.read" />
+ <resource-match attr="device-cap" func="equal" match="bookmark.write" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetoothmanager" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="testautomation" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="retail.display" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Partner-API" description="Partner API" combine="permit-overrides">
+ <target>
+ <!-- partner API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
+ <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="connection" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="medicalinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="systemmanager" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet.restricted" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Public-API" description="Public API" combine="permit-overrides">
+ <target>
+ <!-- public API -->
+ </target>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="alarm" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to calendar -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="calendar.read" />
+ <resource-match attr="device-cap" func="equal" match="calendar.write" />
+ </condition>
+ </rule>
+
+ <!-- access to call history -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="callhistory.read" />
+ <resource-match attr="device-cap" func="equal" match="callhistory.write" />
+ </condition>
+ </rule>
+
+ <!-- access to contact -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contact.read" />
+ <resource-match attr="device-cap" func="equal" match="contact.write" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="messaging.read" />
+ <resource-match attr="device-cap" func="equal" match="messaging.write" />
+ <!-- keep -->
+ <resource-match attr="device-cap" func="equal" match="messaging.send" />
+ </condition>
+ </rule>
+
+ <!-- access to NFC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="nfc.admin" />
+ <resource-match attr="device-cap" func="equal" match="nfc.tag" />
+ <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
+ <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
+ <resource-match attr="device-cap" func="equal" match="nfc.common" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="notification" />
+ </condition>
+ </rule>
+
+ <!-- access to power feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="power" />
+ </condition>
+ </rule>
+
+ <!-- access to datasync -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="datasync" />
+ </condition>
+ </rule>
+
+ <!-- access to push feature -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="push" />
+ </condition>
+ </rule>
+
+ <!-- access to system setting -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="setting" />
+ </condition>
+ </rule>
+
+ <!-- access to systeminfo -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="system.info" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="secureelement" />
+ <resource-match attr="device-cap" func="equal" match="se" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="allshare" />
+ <resource-match attr="device-cap" func="equal" match="chord" />
+ <resource-match attr="device-cap" func="equal" match="nservice" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="volume.set" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="webapis" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="websetting" />
+ </condition>
+ </rule>
+
+<!-- Belows will be removed -->
+ <!-- access to timeutil -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="time" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="log" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="account.read" />
+ <resource-match attr="device-cap" func="equal" match="account.write" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
+ </condition>
+ </rule>
+
+ <!-- access to external network -->
+ <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
+ <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ </rule>
+
+ <!-- access to external network on roaming status -->
+ <!--
+ <rule effect="permit">
+ <condition combine="and">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
+ <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
+ </condition>
+ <environment-match attr="roaming" match="true" />
+ </condition>
+ </rule>
+ -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="accessoryprotocol" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="irled" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="healthinfo" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="audio.setting" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="internet" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="location" />
+ </condition>
+ </rule>
+
+ <rule effect="deny" />
+
+ </policy>
+ <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
+ <!-- Specific Untrusted Policy for Tizen -->
+ <rule effect="deny" />
+ </policy>
+</policy-set>
diff --git a/policy/wearable/usr/fingerprint_list.xml b/policy/wearable/usr/fingerprint_list.xml
new file mode 100644
index 0000000..845a3d5
--- /dev/null
+++ b/policy/wearable/usr/fingerprint_list.xml
@@ -0,0 +1,16 @@
+<CertificateSet>
+ <CertificateDomain name="tizen-developer"><!-- used to verify tizen widgets -->
+ </CertificateDomain>
+ <CertificateDomain name="tizen-public">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-partner">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-platform">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-test">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-verify">
+ </CertificateDomain>
+ <CertificateDomain name="tizen-store">
+ </CertificateDomain>
+</CertificateSet>
diff --git a/policy/wearable/usr/fingerprint_list.xsd b/policy/wearable/usr/fingerprint_list.xsd
new file mode 100644
index 0000000..b0fab23
--- /dev/null
+++ b/policy/wearable/usr/fingerprint_list.xsd
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+<xs:element name="CertificateSet" type="CertificateSetType" />
+<xs:complexType name="CertificateSetType">
+ <xs:sequence>
+ <xs:element ref="CertificateDomain" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+</xs:complexType>
+
+<xs:element name="CertificateDomain" type="CertificateDomainType" />
+<xs:complexType name="CertificateDomainType">
+ <xs:sequence>
+ <xs:element ref="FingerprintSHA1" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required" />
+</xs:complexType>
+
+<xs:element name="FingerprintSHA1" type="xs:string"/>
+
+</xs:schema>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 22:36:28 +0000