4d4fd451a6
06-25 21:59:57.532 3922 3922 I auditd : type=1400 audit(0.0:11):
avc: denied { sendto } for comm="loc_mq_clnt"
path="/dev/socket/location/mq/LOWI-SERVER"
scontext=u:r:vendor_location:s0 tcontext=u:r:lowi_server:s0
tclass=unix_dgram_socket permissive=0
06-29 04:30:11.188 8182 8182 I auditd : type=1400 audit(0.0:1517):
avc: denied { sendto } for comm="loc_mq_clnt"
path="/dev/socket/location/mq/7b2e9924f8-LC"
scontext=u:r:vendor_location:s0 tcontext=u:r:hal_wifi_ext:s0
tclass=unix_dgram_socket permissive=0
Bug: 237467750
Test: avc error is gone
Change-Id: Ic4ff2bdf30b042c08c38b134c6af086d7033511f
20 lines
822 B
Plaintext
20 lines
822 B
Plaintext
# loc_launcher service
|
|
# which launches various other services supporting Wifi-RTT (LOWI) vendor_location
|
|
type vendor_location, domain;
|
|
type vendor_location_exec, exec_type, vendor_file_type, file_type;
|
|
init_daemon_domain(vendor_location)
|
|
|
|
# execute permission for vendor_location daemons in /vendor/bin/
|
|
domain_auto_trans(vendor_location, lowi_server_exec, lowi_server)
|
|
|
|
# /dev/socket/vendor_location
|
|
allow vendor_location vendor_location_socket:{sock_file lnk_file} create_file_perms;
|
|
allow vendor_location vendor_location_socket:dir rw_dir_perms;
|
|
|
|
# /sys/devices/soc0/soc_id
|
|
allow vendor_location vendor_location_sysfs:file create_file_perms;
|
|
|
|
# /dev/socket/location/mq/*
|
|
allow vendor_location lowi_server:unix_dgram_socket {sendto read write};
|
|
allow vendor_location hal_wifi_ext:unix_dgram_socket {sendto read write};
|