wifi_perf_diag - Add new properties and sepolicy to support am: a0659023d7

Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/18914067

Change-Id: Iba9847c7cc69f05a6d379b52d5c6469eeaac7a74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

3 files changed, 26 insertions, 12 deletions

diff --git a/logger_app/logger_app.te b/logger_app/logger_app.te
index 942daba..1ab7e68 100644
--- a/logger_app/logger_app.te
+++ b/logger_app/logger_app.te
@@ -11,4 +11,5 @@ userdebug_or_eng(`
   allow logger_app wifi_logging_data_file:dir create_dir_perms;
   allow logger_app wifi_logging_data_file:file create_file_perms;
   set_prop(logger_app, vendor_wlan_logging_prop)
+  set_prop(logger_app, vendor_wifi_perf_diag_prop)
 ')
diff --git a/wifi_perf_diag/property_contexts b/wifi_perf_diag/property_contexts
index 9ddc687..a737dba 100644
--- a/wifi_perf_diag/property_contexts
+++ b/wifi_perf_diag/property_contexts
@@ -1,4 +1,6 @@
 persist.vendor.wifi.perf_diag.period              u:object_r:vendor_wifi_perf_diag_prop:s0
 persist.vendor.wifi.perf_diag.file                u:object_r:vendor_wifi_perf_diag_prop:s0
 persist.vendor.wifi.perf_diag.netperf             u:object_r:vendor_wifi_perf_diag_prop:s0
+persist.vendor.wifi.perf_diag.pid                 u:object_r:vendor_wifi_perf_diag_prop:s0
+persist.vendor.wifi.perf_diag.mode                u:object_r:vendor_wifi_perf_diag_prop:s0
 vendor.wifi.perf_diag.start                       u:object_r:vendor_wifi_perf_diag_prop:s0
diff --git a/wifi_perf_diag/wifi_perf_diag.te b/wifi_perf_diag/wifi_perf_diag.te
index 32254cd..b1f1e68 100644
--- a/wifi_perf_diag/wifi_perf_diag.te
+++ b/wifi_perf_diag/wifi_perf_diag.te
@@ -7,23 +7,34 @@ init_daemon_domain(wifi_perf_diag)
 net_domain(wifi_perf_diag)
 
 #vendor
-allow wifi_perf_diag properties_device:dir r_dir_perms;
-allow wifi_perf_diag device:dir write;
-allow wifi_perf_diag vendor_file:file execute_no_trans;
-allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans;
+allow wifi_perf_diag wifi_logging_data_file:dir create_dir_perms;
+allow wifi_perf_diag wifi_logging_data_file:file create_file_perms;
 allow wifi_perf_diag vendor_shell_exec:file execute_no_trans;
-#system proc
-allow wifi_perf_diag proc_net:file r_file_perms;
-allow wifi_perf_diag proc_stat:file r_file_perms;
-allow wifi_perf_diag proc_interrupts:file r_file_perms;
-allow wifi_perf_diag proc_timer:file r_file_perms;
+allow wifi_perf_diag wifi_perf_diag_exec:file execute_no_trans;
+allow wifi_perf_diag self:capability net_admin;
 allow wifi_perf_diag self:udp_socket ioctl;
-allow wifi_perf_diag self:capability { net_admin net_raw };
+allowxperm wifi_perf_diag self:udp_socket ioctl { SIOCETHTOOL SIOCDEVPRIVATE };
+
+#factors
+allow wifi_perf_diag device:dir rw_dir_perms;
 allow wifi_perf_diag device:file rw_file_perms;
 allow wifi_perf_diag init:dir search;
 allow wifi_perf_diag init:file r_file_perms;
+allow wifi_perf_diag kernel:dir search;
 allow wifi_perf_diag kernel:file r_file_perms;
-#perfetto
-allow wifi_perf_diag traced_consumer_socket:sock_file write;
+allow wifi_perf_diag logd:dir search;
+allow wifi_perf_diag logd:file r_file_perms;
+allow wifi_perf_diag netd:dir search;
+allow wifi_perf_diag netd:file r_file_perms;
+allow wifi_perf_diag proc_interrupts:file r_file_perms;
+allow wifi_perf_diag proc_net:file r_file_perms;
+allow wifi_perf_diag proc_stat:file r_file_perms;
+allow wifi_perf_diag proc_timer:file r_file_perms;
+allow wifi_perf_diag properties_device:dir r_file_perms;
+allow wifi_perf_diag vendor_file:file execute_no_trans;
+allow wifi_perf_diag vendor_file:dir r_dir_perms;
+allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans;
+#property
 get_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop)
+set_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop)
 ')