From 3fef26f444329c497b40b6cc16d9b261b37765ba Mon Sep 17 00:00:00 2001 From: Hariprasad Jayakumar Date: Tue, 28 Jan 2014 12:03:20 -0800 Subject: [PATCH] SEAndroid: Add Atfwd daemon related policies Add ATFWD daemon context and 'allow' policies in order for its full functionality. Change-Id: I9dcfdb94f6502a510331b3f11e8b4ecfe56a5931 --- Android.mk | 1 + atfwd.te | 24 ++++++++++++++++++++++++ file_contexts | 3 +++ 3 files changed, 28 insertions(+) create mode 100644 atfwd.te diff --git a/Android.mk b/Android.mk index 836b0128..a1a217d5 100644 --- a/Android.mk +++ b/Android.mk @@ -14,6 +14,7 @@ BOARD_SEPOLICY_UNION := \ adbd.te \ qmuxd.te \ netmgrd.te \ + atfwd.te \ smd_test.te \ qmi_ping.te \ qmi_test_service.te \ diff --git a/atfwd.te b/atfwd.te new file mode 100644 index 00000000..ad7ce489 --- /dev/null +++ b/atfwd.te @@ -0,0 +1,24 @@ +type atfwd, domain; +type atfwd_exec, exec_type, file_type; + +# Started by init +init_daemon_domain(atfwd) + +#============= atfwd ============== +#Set CTL property +allow atfwd ctl_default_prop:property_service set; + +#Allow logging +allow atfwd diag_device:chr_file { read write open }; + +# Talks to init via the property socket. +unix_socket_connect(atfwd, property, init); + +# Creates/Talks to qmuxd via the qmux_radio socket. +unix_socket_connect(atfwd, qmux_radio, qmuxd); +allow atfwd qmux_radio_socket:sock_file create; +allow atfwd qmux_radio_socket:dir { write search add_name }; + +#Allow IPC binding with ServiceManager & System apps +allow atfwd servicemanager:binder call; +allow atfwd system_app:binder call; diff --git a/file_contexts b/file_contexts index dfb919a3..77de8355 100644 --- a/file_contexts +++ b/file_contexts @@ -30,6 +30,9 @@ /system/bin/qmuxd u:object_r:qmuxd_exec:s0 /dev/kgsl-3d0 u:object_r:gpu_device:s0 +#Context for ATFWD daemon +/system/bin/ATFWD-daemon u:object_r:atfwd_exec:s0 + /dev/smd.* u:object_r:smd_device:s0 /system/bin/irsc_util u:object_r:irsc_util_exec:s0 # Persist filesystem