google-gs201/android_device_google_lynx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add sepolicy rules for hal_wifi_default am: b2c724f0ed

Browse Source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20194047

Change-Id: Ic9d33b41d0c656219248274c43799fd96c179730
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Hsiu-Chang Chen
2022-10-17 08:45:12 +00:00
committed by Automerger Merge Worker
parent f068419777 b2c724f0ed
commit 32cd0dbba0
3 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
vendor/hal_wifi_default.te vendored Normal file
View File

@@ -0,0 +1,19 @@
allow hal_wifi_default vendor_wlan_device:chr_file w_file_perms;
allow hal_wifi_default vendor_wifi_vendor_data_file:dir rw_dir_perms;
# write to files owned by location daemon
allow hal_wifi_default vendor_location_socket:dir rw_dir_perms;
allow hal_wifi_default vendor_location_socket:{sock_file lnk_file} create_file_perms;
allow hal_wifi_default vendor_location:unix_dgram_socket sendto;
allow hal_wifi_default lowi_server:unix_dgram_socket sendto;
# Connect to vendor_location via vendor_location socket.
unix_socket_connect(hal_wifi, vendor_location, vendor_location)
allow hal_wifi_default vendor_wifihal_socket:dir rw_dir_perms;
allow hal_wifi_default vendor_wifihal_socket:sock_file create_file_perms;
# allow hal_wifi to write into /proc/debugdriver/driverdump
r_dir_file(hal_wifi_default, vendor_proc_wifi_dbg);
# Write wlan driver/fw version into property
set_prop(hal_wifi_default, vendor_wifi_version)

1
vendor/lowi_server.te vendored
View File

@@ -28,6 +28,7 @@ allow lowi_server hal_wifi_supplicant_default:unix_dgram_socket sendto;
allow lowi_server vendor_wifihal_socket:dir rw_dir_perms;
allow lowi_server vendor_wifihal_socket:sock_file create_file_perms;
allow lowi_server vendor_wifihal_socket:unix_dgram_socket sendto;
unix_socket_send(lowi_server, vendor_wifihal, hal_wifi_default);
unix_socket_send(lowi_server, vendor_wifihal, hal_wifi_ext);
# /dev/socket/vendor_location

1
vendor/vendor_location.te vendored
View File

@@ -16,4 +16,5 @@ allow vendor_location vendor_location_sysfs:file create_file_perms;
# /dev/socket/location/mq/*
allow vendor_location lowi_server:unix_dgram_socket {sendto read write};
allow vendor_location hal_wifi_default:unix_dgram_socket {sendto read write};
allow vendor_location hal_wifi_ext:unix_dgram_socket {sendto read write};