From c7b5ec1463661cc0724ff6ab48f041cf35358f4c Mon Sep 17 00:00:00 2001 From: Aayush Gupta Date: Sat, 2 Jan 2021 12:58:41 +0530 Subject: [PATCH] non_plat: Grant netd required permissions for mtkimsapdomain Signed-off-by: Aayush Gupta Change-Id: I75f81955f5c56d776b3fbf1c1796e9d659cb3d5a --- non_plat/netd.te | 63 ++---------------------------------------------- 1 file changed, 2 insertions(+), 61 deletions(-) diff --git a/non_plat/netd.te b/non_plat/netd.te index 1d88eb9..36eabde 100644 --- a/non_plat/netd.te +++ b/non_plat/netd.te @@ -1,61 +1,2 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - - -# Date : WK14.34 -# Operation : Migration -# Purpose : For WIFI SANITY test to set FW path(STA/P2P/AP) -# Owner: TingTing Lei -allow netd wmtWifi_device:chr_file { write open }; - -# Date : WK14.34 -# Operation : Migration -allow netd self:capability fsetid; - -# Date : WK14.34 -# Operation : Migration -# Purpose: APP -allow netd platform_app:fd use; - - -# Date : WK14.37 -# Operation : Migration -# Purpose : PPPOE Test -# Owner : lina wang -allow netd ppp:process sigkill; - -# Date : WK14.39 -# Operation : Migration -# Purpose : MDLogger USB logging -# Owner : Bo shang -allow netd mdlogger:fd use; -allow netd mdlogger:tcp_socket { read write }; -allow netd mdlogger:tcp_socket { getopt setopt }; - -# Date : WK14.41 -# Operation : Migration -# Purpose : network logging -# Owner : Bo shang -allow netd netdiag:fd use; -allow netd netdiag:udp_socket { read write getopt setopt}; - -# Date : WK14.44 -# Operation : Migration -# Purpose : ALPS01789552 -#============= netd ============== -allow netd self:capability { setuid setgid }; - - -#============= netd ============== -allow netd untrusted_app:fd use; - - -# Date : W15.02 -# Operation : SQC -# Purpose : CTS for wifi -allow netd untrusted_app:unix_stream_socket { read write getopt setopt}; -allow netd isolated_app:fd use; - -# MTK support antutu feature -get_prop(netd, mtk_antutu_prop); +allow netd mtkimsmddomain:fd use; +allow netd mtkimsmddomain:{ tcp_socket udp_socket} { read write getopt setopt };