diff options
author | Hsiu-Chang Chen <hsiuchangchen@google.com> | 2022-10-17 09:31:44 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-10-17 09:31:44 +0000 |
commit | 63b5468da9ac5d0c1fb5a7d4efe3c76c3ba4e68e (patch) | |
tree | de40da6710672a41e43fa1e6e9099a09af0debbb | |
parent | 852dfa55f8f2e9115812fab17846957881d52b26 (diff) | |
parent | 32cd0dbba0ea05c9430bafffb9aa4d39582b8da1 (diff) | |
download | lynx-sepolicy-63b5468da9ac5d0c1fb5a7d4efe3c76c3ba4e68e.tar.gz |
Add sepolicy rules for hal_wifi_default am: b2c724f0ed am: 32cd0dbba0
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20194047
Change-Id: I492d79005fcd85fb84f29baec08d6a95d766ea01
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
-rw-r--r-- | vendor/hal_wifi_default.te | 19 | ||||
-rw-r--r-- | vendor/lowi_server.te | 1 | ||||
-rw-r--r-- | vendor/vendor_location.te | 1 |
3 files changed, 21 insertions, 0 deletions
diff --git a/vendor/hal_wifi_default.te b/vendor/hal_wifi_default.te new file mode 100644 index 0000000..418aba5 --- /dev/null +++ b/vendor/hal_wifi_default.te @@ -0,0 +1,19 @@ +allow hal_wifi_default vendor_wlan_device:chr_file w_file_perms; +allow hal_wifi_default vendor_wifi_vendor_data_file:dir rw_dir_perms; + +# write to files owned by location daemon +allow hal_wifi_default vendor_location_socket:dir rw_dir_perms; +allow hal_wifi_default vendor_location_socket:{sock_file lnk_file} create_file_perms; +allow hal_wifi_default vendor_location:unix_dgram_socket sendto; +allow hal_wifi_default lowi_server:unix_dgram_socket sendto; + +# Connect to vendor_location via vendor_location socket. +unix_socket_connect(hal_wifi, vendor_location, vendor_location) +allow hal_wifi_default vendor_wifihal_socket:dir rw_dir_perms; +allow hal_wifi_default vendor_wifihal_socket:sock_file create_file_perms; + +# allow hal_wifi to write into /proc/debugdriver/driverdump +r_dir_file(hal_wifi_default, vendor_proc_wifi_dbg); + +# Write wlan driver/fw version into property +set_prop(hal_wifi_default, vendor_wifi_version) diff --git a/vendor/lowi_server.te b/vendor/lowi_server.te index e107cf2..21dfb81 100644 --- a/vendor/lowi_server.te +++ b/vendor/lowi_server.te @@ -28,6 +28,7 @@ allow lowi_server hal_wifi_supplicant_default:unix_dgram_socket sendto; allow lowi_server vendor_wifihal_socket:dir rw_dir_perms; allow lowi_server vendor_wifihal_socket:sock_file create_file_perms; allow lowi_server vendor_wifihal_socket:unix_dgram_socket sendto; +unix_socket_send(lowi_server, vendor_wifihal, hal_wifi_default); unix_socket_send(lowi_server, vendor_wifihal, hal_wifi_ext); # /dev/socket/vendor_location diff --git a/vendor/vendor_location.te b/vendor/vendor_location.te index 05f55a6..b41c6a8 100644 --- a/vendor/vendor_location.te +++ b/vendor/vendor_location.te @@ -16,4 +16,5 @@ allow vendor_location vendor_location_sysfs:file create_file_perms; # /dev/socket/location/mq/* allow vendor_location lowi_server:unix_dgram_socket {sendto read write}; +allow vendor_location hal_wifi_default:unix_dgram_socket {sendto read write}; allow vendor_location hal_wifi_ext:unix_dgram_socket {sendto read write}; |