diff options
| author | Star Chang <starchang@google.com> | 2022-07-07 06:51:32 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-07-07 06:51:32 +0000 |
| commit | 3735118a5d695d8ba9a32812eeacf9f6691d0171 (patch) | |
| tree | 6a8106a9efd51f0a019f28c914aa3970056c32ca | |
| parent | a4a548de87d7d49e96b884fce4defe5557fdc8de (diff) | |
| parent | 128a674db9514a6420b2b703a4edc65aad2b5c06 (diff) | |
| download | pixel-sepolicy-3735118a5d695d8ba9a32812eeacf9f6691d0171.tar.gz | |
wifi_sniffer: add tcpdump related sepolicy am: 128a674db9
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/19086048
Change-Id: I1fa20484f7e8046d34b31ab352cd81f76c659e79
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | wifi_sniffer/property_contexts | 3 | ||||
| -rw-r--r-- | wifi_sniffer/wifi_sniffer.te | 14 |
2 files changed, 14 insertions, 3 deletions
diff --git a/wifi_sniffer/property_contexts b/wifi_sniffer/property_contexts index 19f7e76..cb55d65 100644 --- a/wifi_sniffer/property_contexts +++ b/wifi_sniffer/property_contexts @@ -1,3 +1,2 @@ -persist.vendor.wifi.sniffer.freq u:object_r:vendor_wifi_sniffer_prop:s0 -persist.vendor.wifi.sniffer.bandwidth u:object_r:vendor_wifi_sniffer_prop:s0 +persist.vendor.wifi.sniffer. u:object_r:vendor_wifi_sniffer_prop:s0 vendor.wifi.sniffer.start u:object_r:vendor_wifi_sniffer_prop:s0 diff --git a/wifi_sniffer/wifi_sniffer.te b/wifi_sniffer/wifi_sniffer.te index 3c9ad62..977d6da 100644 --- a/wifi_sniffer/wifi_sniffer.te +++ b/wifi_sniffer/wifi_sniffer.te @@ -12,7 +12,19 @@ userdebug_or_eng(` # interface up allowxperm wifi_sniffer self:udp_socket ioctl SIOCSIFFLAGS; - allow wifi_sniffer self:netlink_generic_socket create_socket_perms_no_ioctl; + allow wifi_sniffer self:netlink_generic_socket create_socket_perms; + allowxperm wifi_sniffer self:netlink_generic_socket ioctl { 0x8910 0x8946 }; + +# tcpdump + allow wifi_sniffer self:packet_socket create_socket_perms; + allowxperm wifi_sniffer self:packet_socket ioctl { 0x8933 0x8927 }; + allow wifi_sniffer self:unix_dgram_socket ioctl; + allowxperm wifi_sniffer self:unix_dgram_socket ioctl 0x8946; + allow wifi_sniffer sysfs_net:dir search; + allow wifi_sniffer sysfs_net:file r_file_perms; + allow wifi_sniffer tcpdump_exec:file rx_file_perms; + allow wifi_sniffer wifi_logging_data_file:file create_file_perms; + allow wifi_sniffer wifi_logging_data_file:dir create_dir_perms; get_prop(wifi_sniffer, vendor_wifi_sniffer_prop) ') |