tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

am 67a53232: am b1cb3205: Confine wpa_supplicant, but leave it permissive for now.

Browse source 
* commit '67a53232cec967ca53e6f7284fd582a5bdd3eb69':
  Confine wpa_supplicant, but leave it permissive for now.
This commit is contained in:
Stephen Smalley 2013-11-14 08:50:00 -08:00 committed by Android Git Automerger
commit 87d0deb3ab
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
wpa_supplicant.te
View file

@ -1,7 +1,21 @@
# wpa - wpa supplicant or equivalent
type wpa, domain;
permissive wpa;
type wpa_exec, exec_type, file_type;
init_daemon_domain(wpa)
unconfined_domain(wpa)
allow wpa kernel:system module_request;
allow wpa self:capability { setuid net_admin setgid net_raw };
allow wpa cgroup:dir create_dir_perms;
allow wpa self:netlink_route_socket *;
allow wpa self:netlink_socket *;
allow wpa self:packet_socket *;
allow wpa self:udp_socket *;
allow wpa wifi_data_file:dir create_dir_perms;
allow wpa wifi_data_file:file create_file_perms;
unix_socket_send(wpa, system_wpa, system_server)
allow wpa random_device:chr_file r_file_perms;
# Create a socket for receiving info from wpa
type_transition wpa wifi_data_file:sock_file wpa_socket;
allow wpa wpa_socket:sock_file create_file_perms;