diff options
| author | Star Chang <starchang@google.com> | 2022-01-20 04:21:18 +0000 |
|---|---|---|
| committer | Star Chang <starchang@google.com> | 2022-01-20 04:21:18 +0000 |
| commit | 1321b5c5aa4757e00f5483f1f885fb68a0a88891 (patch) | |
| tree | 2756d56cfd2382e43f0da265efe5ff7783d054c0 | |
| parent | 95955a39b041fb0ea2d10473b05f1b09017d0b72 (diff) | |
| download | pixel-sepolicy-1321b5c5aa4757e00f5483f1f885fb68a0a88891.tar.gz | |
wifi - Add sepolicy for wifi_perf_diag
wifi_perf_diag is a daemon for wifi performance diagnostic
Bug: b/213527742
Test: wifi_perf_diag is workable
Change-Id: I82939bbe44d7a512d4d019704f159cd42808e17a
| -rw-r--r-- | wifi_perf_diag/file_contexts | 1 | ||||
| -rw-r--r-- | wifi_perf_diag/property.te | 1 | ||||
| -rw-r--r-- | wifi_perf_diag/property_contexts | 3 | ||||
| -rw-r--r-- | wifi_perf_diag/wifi_perf_diag.te | 29 |
4 files changed, 34 insertions, 0 deletions
diff --git a/wifi_perf_diag/file_contexts b/wifi_perf_diag/file_contexts new file mode 100644 index 0000000..a599455 --- /dev/null +++ b/wifi_perf_diag/file_contexts @@ -0,0 +1 @@ +/vendor/bin/wifi_perf_diag u:object_r:wifi_perf_diag_exec:s0 diff --git a/wifi_perf_diag/property.te b/wifi_perf_diag/property.te new file mode 100644 index 0000000..2d94f77 --- /dev/null +++ b/wifi_perf_diag/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_wifi_perf_diag_prop) diff --git a/wifi_perf_diag/property_contexts b/wifi_perf_diag/property_contexts new file mode 100644 index 0000000..dea1250 --- /dev/null +++ b/wifi_perf_diag/property_contexts @@ -0,0 +1,3 @@ +persist.vendor.wifi.perf_diag.period u:object_r:vendor_wifi_perf_diag_prop:s0 +persist.vendor.wifi.perf_diag.file u:object_r:vendor_wifi_perf_diag_prop:s0 +vendor.wifi.perf_diag.start u:object_r:vendor_wifi_perf_diag_prop:s0 diff --git a/wifi_perf_diag/wifi_perf_diag.te b/wifi_perf_diag/wifi_perf_diag.te new file mode 100644 index 0000000..32254cd --- /dev/null +++ b/wifi_perf_diag/wifi_perf_diag.te @@ -0,0 +1,29 @@ +type wifi_perf_diag, domain; +type wifi_perf_diag_exec, exec_type, vendor_file_type, file_type; + +# make transition from init to its domain +userdebug_or_eng(` +init_daemon_domain(wifi_perf_diag) +net_domain(wifi_perf_diag) + +#vendor +allow wifi_perf_diag properties_device:dir r_dir_perms; +allow wifi_perf_diag device:dir write; +allow wifi_perf_diag vendor_file:file execute_no_trans; +allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans; +allow wifi_perf_diag vendor_shell_exec:file execute_no_trans; +#system proc +allow wifi_perf_diag proc_net:file r_file_perms; +allow wifi_perf_diag proc_stat:file r_file_perms; +allow wifi_perf_diag proc_interrupts:file r_file_perms; +allow wifi_perf_diag proc_timer:file r_file_perms; +allow wifi_perf_diag self:udp_socket ioctl; +allow wifi_perf_diag self:capability { net_admin net_raw }; +allow wifi_perf_diag device:file rw_file_perms; +allow wifi_perf_diag init:dir search; +allow wifi_perf_diag init:file r_file_perms; +allow wifi_perf_diag kernel:file r_file_perms; +#perfetto +allow wifi_perf_diag traced_consumer_socket:sock_file write; +get_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop) +') |