d7b34a48ff
* Note on cherry-pick: Some of the dependent changes are not in AOSP.
In order to keep hostapd running correctly in AOSP, I've modified this
change to only include policy additions.
Change sepolicy permissions to now classify hostapd as a HAL exposing
HIDL interface.
Sepolicy denial for accessing /data/vendor/misc/wifi/hostapd:
12-27 23:40:55.913 4952 4952 W hostapd : type=1400 audit(0.0:19): avc:
denied { write } for name="hostapd" dev="sda13" ino=4587601
scontext=u:r:hal_wifi_hostapd_default:s0
tcontext=u:object_r:system_data_file:s0 tclass=dir permissive=0
01-02 19:07:16.938 5791 5791 W hostapd : type=1400 audit(0.0:31): avc:
denied { search } for name="net" dev="sysfs" ino=30521
scontext=u:r:hal_wifi_hostapd_default:s0
tcontext=u:object_r:sysfs_net:s0 tclass=dir permissive=0
Bug: 36646171
Test: Device boots up and able to turn on SoftAp.
Change-Id: Ibacfcc938deab40096b54b8d0e608d53ca91b947
Merged-In: Ibacfcc938deab40096b54b8d0e608d53ca91b947
(cherry picked from commit 5bca3e860d
)
12 lines
550 B
Text
12 lines
550 B
Text
# hostapd or equivalent
|
|
type hal_wifi_hostapd_default, domain;
|
|
hal_server_domain(hal_wifi_hostapd_default, hal_wifi_hostapd)
|
|
type hal_wifi_hostapd_default_exec, exec_type, vendor_file_type, file_type;
|
|
init_daemon_domain(hal_wifi_hostapd_default)
|
|
|
|
net_domain(hal_wifi_hostapd_default)
|
|
|
|
# Allow hostapd to access it's data folder
|
|
allow hal_wifi_hostapd_default hostapd_data_file:dir create_dir_perms;
|
|
allow hal_wifi_hostapd_default hostapd_data_file:file create_file_perms;
|
|
allow hal_wifi_hostapd_default hostapd_data_file:sock_file create_file_perms;
|