diff options
author | Roshan Pius <rpius@google.com> | 2017-03-07 17:29:06 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-03-07 17:29:06 +0000 |
commit | 41fe064e5bbd3c117643a03fa8fb834fb9e27808 (patch) | |
tree | e347f38ad8a850f78fe2638b96e17fb6e3f82d38 /sepolicy | |
parent | 26dbdecb4ee2b567f3a45dff954a242765f362db (diff) | |
parent | cfbd6b4d1df3d992f0da34aefc2a50a4a610e669 (diff) | |
download | bullhead-41fe064e5bbd3c117643a03fa8fb834fb9e27808.tar.gz |
hal_wifi: Allow wifi hal to access LOWI server
am: cfbd6b4d1d
Change-Id: Idf5a1d772427b4f42598831ebae18c6f1d95d979
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/hal_wifi.te | 5 | ||||
-rw-r--r-- | sepolicy/location.te | 2 | ||||
-rw-r--r-- | sepolicy/system_server.te | 6 |
3 files changed, 6 insertions, 7 deletions
diff --git a/sepolicy/hal_wifi.te b/sepolicy/hal_wifi.te new file mode 100644 index 0000000..339379c --- /dev/null +++ b/sepolicy/hal_wifi.te @@ -0,0 +1,5 @@ +# Allow wifi hal access to LOWI +allow hal_wifi location:unix_stream_socket connectto; +allow hal_wifi location_data_file:{ file fifo_file } create_file_perms; +allow hal_wifi location_data_file:dir rw_dir_perms; +allow hal_wifi location_data_file:sock_file create_file_perms; diff --git a/sepolicy/location.te b/sepolicy/location.te index 04880d1..210a03c 100644 --- a/sepolicy/location.te +++ b/sepolicy/location.te @@ -9,7 +9,7 @@ binder_call(location, per_mgr) binder_call(location, system_server) qmux_socket(location) -allow location system_server:unix_stream_socket { read write }; +allow location hal_wifi:unix_stream_socket { read write }; allow location location_data_file:dir rw_dir_perms; allow location location_data_file:file create_file_perms; diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te index d1346ad..46366ee 100644 --- a/sepolicy/system_server.te +++ b/sepolicy/system_server.te @@ -19,12 +19,6 @@ allow system_server uhid_device:chr_file rw_file_perms; allow system_server persist_file:dir search; allow system_server persist_sensortool_file:file r_file_perms; -# For location -allow system_server location:unix_stream_socket connectto; -allow system_server location_data_file:{ file fifo_file } create_file_perms; -allow system_server location_data_file:dir rw_dir_perms; -allow system_server location_data_file:sock_file create_file_perms; - # talk to perfd allow system_server perfd_data_file:dir search; allow system_server perfd_data_file:sock_file write; |