# only HALs responsible for network hardware should have privileged
# network capabilities
neverallow {
  halserverdomain
  -hal_bluetooth_server
  -hal_wifi_server
  -hal_wifi_supplicant_server
  -rild
} self:capability { net_admin net_raw };

# Unless a HAL's job is to manage network hardware, it should not be
# using network sockets.
neverallow {
  halserverdomain
  -hal_gnss # TODO b/36085168 b/35757613
  -hal_wifi_server
  -hal_wifi_supplicant_server
  -rild
} domain:{ tcp_socket udp_socket rawip_socket } *;