Disallow HAL access to Bluetooth data files
Devices that store their BT MAC address in /data/misc/bluedroid/ need to find another place for that file. Bug: 36602160 Test: Restart Bluetooth, check for selinux denials/files in /data/misc Change-Id: Ib8d610f201a8c35f95b464c24857c6639205bc66
This commit is contained in:
Myles Watson
parent
15403f6cfe
commit
84edadca92
2 changed files with 0 additions and 11 deletions
|
|
@ -12,9 +12,6 @@ r_dir_file(hal_bluetooth, bluetooth_efs_file)
|
|||
|
||||
allow hal_bluetooth { uhid_device hci_attach_dev }:chr_file rw_file_perms;
|
||||
|
||||
# Access to config files to look for a Bluetooth address
|
||||
r_dir_file(hal_bluetooth, bluetooth_data_file)
|
||||
|
||||
# sysfs access.
|
||||
r_dir_file(hal_bluetooth, sysfs_type)
|
||||
allow hal_bluetooth sysfs_bluetooth_writable:file rw_file_perms;
|
||||
|
|
|
|||
8
vendor/hal_bluetooth_default.te
vendored
8
vendor/hal_bluetooth_default.te
vendored
|
|
@ -3,11 +3,3 @@ hal_server_domain(hal_bluetooth_default, hal_bluetooth)
|
|||
|
||||
type hal_bluetooth_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_bluetooth_default)
|
||||
|
||||
# Logging for backward compatibility
|
||||
allow hal_bluetooth_default bluetooth_data_file:dir ra_dir_perms;
|
||||
allow hal_bluetooth_default bluetooth_data_file:file create_file_perms;
|
||||
|
||||
# TODO (b/36602160) Remove hal_bluetooth's access to the Bluetooth app's
|
||||
# data type. Remove coredata_in_vendor_violators attribute.
|
||||
typeattribute hal_bluetooth_default coredata_in_vendor_violators;
|
||||
|
|
|
|||
Loading…
Reference in a new issue