NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/wlan_assistant.te
Simfex Chiu 1c725d5df8 [ALPS03940671] Wlan: add selinux policy in wlan_assistant.te 
[Detail]
selinux policy restrict access of /mnt/vendor, application
should add policy for the path

[Solution]
add new policy for /mnt/vendor

MTK-Commit-Id: a02d937c92f815a7e8f785abee7304a2f3f12cf9

Change-Id: I3221d0bcd13374e296c8d4923b4679f4904fb71f
Signed-off-by: Simfex Chiu <simfex.chiu@mediatek.com>
CR-Id: ALPS03940671
Feature: [Module]Wi-Fi HAL
2020-01-18 09:56:20 +08:00

43 lines
1.9 KiB
Plaintext
Raw Blame History

# ==============================================
# Policy File of /vendor/bin/wlan_assistant Executable File
# ==============================================
# Type Declaration
# ==============================================
type wlan_assistant_exec , exec_type, file_type, vendor_file_type;
type wlan_assistant ,domain;
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(wlan_assistant)
# Date : WK14.34
# Operation : Migration
# Purpose : for mtk debug mechanism. agpsd_data_file, mtk_agpsd are used
# to share wifi scan results with AGPS module. netlink_socket is used to
# listen events of wlan driver. udp_socket is used to do ioctl with wlan driver
# kernel-3.18 uses netlink_socket, but kernel-4.4 uses generic netlink_socket
allow wlan_assistant agpsd_data_file:sock_file write;
allow wlan_assistant mtk_agpsd:unix_dgram_socket sendto;
allow wlan_assistant agpsd_data_file:dir search;
### TBD, neverallowxperm on line 177 of system/sepolicy/public/domain.te
#allow wlan_assistant self:netlink_socket create_socket_perms;
allow wlan_assistant self:netlink_generic_socket create_socket_perms_no_ioctl;
allow wlan_assistant self:udp_socket { create ioctl };
# Date : WK18.17
# Operation : Migration
# Purpose : To allow wlan_assistant monitor /vendor/nvdata/APCFG/APRDEB,
# /storage/sdcard0, /vendor/firmware. Which can help to check if nvram,
# driver config or firmware config file are changed, if yes, will write it
# to wlan driver in time.
# allow wlan_assistant wifi_data_file:file { read getattr open };
# allow wlan_assistant wifi_data_file:dir { read search getattr open };
allow wlan_assistant nvdata_file:dir { search read getattr open };
allow wlan_assistant nvdata_file:file { read getattr open };
allow wlan_assistant sysfs:file { open read };
allow wlan_assistant wmtWifi_device:chr_file { read write getattr open };
allow wlan_assistant mnt_vendor_file :dir search;
Reference in New Issue View Git Blame Copy Permalink