diff options
| author | Star Chang <starchang@google.com> | 2022-01-24 02:17:24 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2022-01-24 02:17:24 +0000 |
| commit | 34310a0e75eaa3c0fd8abf00a557a7e236d7b27c (patch) | |
| tree | 4f3e1ec3f0c817021e7b8da77f321e3a06bb4b2e | |
| parent | ac00f38a4dbdf5d33babab49865d0b6ccfb6ecb4 (diff) | |
| parent | 1321b5c5aa4757e00f5483f1f885fb68a0a88891 (diff) | |
| download | pixel-sepolicy-34310a0e75eaa3c0fd8abf00a557a7e236d7b27c.tar.gz | |
Merge "wifi - Add sepolicy for wifi_perf_diag"
| -rw-r--r-- | wifi_perf_diag/file_contexts | 1 | ||||
| -rw-r--r-- | wifi_perf_diag/property.te | 1 | ||||
| -rw-r--r-- | wifi_perf_diag/property_contexts | 3 | ||||
| -rw-r--r-- | wifi_perf_diag/wifi_perf_diag.te | 29 |
4 files changed, 34 insertions, 0 deletions
diff --git a/wifi_perf_diag/file_contexts b/wifi_perf_diag/file_contexts new file mode 100644 index 0000000..a599455 --- /dev/null +++ b/wifi_perf_diag/file_contexts @@ -0,0 +1 @@ +/vendor/bin/wifi_perf_diag u:object_r:wifi_perf_diag_exec:s0 diff --git a/wifi_perf_diag/property.te b/wifi_perf_diag/property.te new file mode 100644 index 0000000..2d94f77 --- /dev/null +++ b/wifi_perf_diag/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_wifi_perf_diag_prop) diff --git a/wifi_perf_diag/property_contexts b/wifi_perf_diag/property_contexts new file mode 100644 index 0000000..dea1250 --- /dev/null +++ b/wifi_perf_diag/property_contexts @@ -0,0 +1,3 @@ +persist.vendor.wifi.perf_diag.period u:object_r:vendor_wifi_perf_diag_prop:s0 +persist.vendor.wifi.perf_diag.file u:object_r:vendor_wifi_perf_diag_prop:s0 +vendor.wifi.perf_diag.start u:object_r:vendor_wifi_perf_diag_prop:s0 diff --git a/wifi_perf_diag/wifi_perf_diag.te b/wifi_perf_diag/wifi_perf_diag.te new file mode 100644 index 0000000..32254cd --- /dev/null +++ b/wifi_perf_diag/wifi_perf_diag.te @@ -0,0 +1,29 @@ +type wifi_perf_diag, domain; +type wifi_perf_diag_exec, exec_type, vendor_file_type, file_type; + +# make transition from init to its domain +userdebug_or_eng(` +init_daemon_domain(wifi_perf_diag) +net_domain(wifi_perf_diag) + +#vendor +allow wifi_perf_diag properties_device:dir r_dir_perms; +allow wifi_perf_diag device:dir write; +allow wifi_perf_diag vendor_file:file execute_no_trans; +allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans; +allow wifi_perf_diag vendor_shell_exec:file execute_no_trans; +#system proc +allow wifi_perf_diag proc_net:file r_file_perms; +allow wifi_perf_diag proc_stat:file r_file_perms; +allow wifi_perf_diag proc_interrupts:file r_file_perms; +allow wifi_perf_diag proc_timer:file r_file_perms; +allow wifi_perf_diag self:udp_socket ioctl; +allow wifi_perf_diag self:capability { net_admin net_raw }; +allow wifi_perf_diag device:file rw_file_perms; +allow wifi_perf_diag init:dir search; +allow wifi_perf_diag init:file r_file_perms; +allow wifi_perf_diag kernel:file r_file_perms; +#perfetto +allow wifi_perf_diag traced_consumer_socket:sock_file write; +get_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop) +') |