diff options
author | Jun Yu <yujun@marvell.com> | 2015-11-05 13:56:06 -0800 |
---|---|---|
committer | Mohammed Habibulla <mohammed.s.habibulla@gmail.com> | 2015-11-05 17:32:01 -0800 |
commit | f817656608e32a5c93d92a95e54a2d6afe8c98e9 (patch) | |
tree | 93f20e3248d6b3d5f7917f78e1448973d22fcdf3 | |
parent | 3006193ba071452e0a6d468a6085bfb1916ee17a (diff) | |
download | marvell-f817656608e32a5c93d92a95e54a2d6afe8c98e9.tar.gz |
New sepolicy rules for wireless_daemon
Because the https://partner-android-review.googlesource.com/#/c/488292/ has been
landed. so i list the changes against this commitment
1) file_contexts: added socket_daemon rule
2) mwirelessd.te: added the rule for unlink action
BUG=25486837
Change-Id: I187c96011fe694a450c4ac3accdd795b41d427d6
-rw-r--r-- | peripheral/libwireless/sepolicy/file_contexts | 3 | ||||
-rw-r--r-- | peripheral/libwireless/sepolicy/mwirelessd.te | 1 |
2 files changed, 4 insertions, 0 deletions
diff --git a/peripheral/libwireless/sepolicy/file_contexts b/peripheral/libwireless/sepolicy/file_contexts index 5334e34..87f648f 100644 --- a/peripheral/libwireless/sepolicy/file_contexts +++ b/peripheral/libwireless/sepolicy/file_contexts @@ -1,2 +1,5 @@ /data/misc/wireless(/.*)? u:object_r:wireless_data_file:s0 /system/bin/wireless_daemon u:object_r:mwirelessd_exec:s0 + +# Label the socket to communicate with wireless_daemon +/data/misc/wireless/socket_daemon u:object_r:mwirelessd_socket:s0 diff --git a/peripheral/libwireless/sepolicy/mwirelessd.te b/peripheral/libwireless/sepolicy/mwirelessd.te index 2753a05..19a066e 100644 --- a/peripheral/libwireless/sepolicy/mwirelessd.te +++ b/peripheral/libwireless/sepolicy/mwirelessd.te @@ -20,5 +20,6 @@ allow mwirelessd wireless_data_file:file create_file_perms; allow mwirelessd wireless_data_file:sock_file create_file_perms; allow mwirelessd self:capability { setuid setgid sys_module }; +allow mwirelessd mwirelessd_socket:sock_file unlink; dontaudit mwirelessd property_socket:sock_file create_file_perms; |