Evolution-x-devices/device_google_gs201
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_gs201 synced 2026-01-27 19:18:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

gs-sepolicy(uwb): Allow uwb hal permission to net_admin

Browse Source 
This was alloed under gs101-sepolicy. There is an ongoing discussion on
how to resolve this for the long term in b/190461440. But, without this
uwb functionality is broken on new devices.

Bug: 206045367
Bug: 222194886
Change-Id: I6729352f2b7bb93b01990a790e62aa69f60342fe
This commit is contained in:
Roshan Pius
2022-03-05 09:23:40 -08:00
committed by TreeHugger Robot
parent e42c7120dd
commit 5ddc8be4f4
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
tracking_denials/hal_uwb_vendor_default.te
View File

@@ -1,7 +1,6 @@
# b/204718220
dontaudit hal_uwb_vendor_default default_android_service:service_manager { add };
# b/206045367
dontaudit hal_uwb_vendor_default hal_uwb_vendor_default:capability { net_admin };
dontaudit hal_uwb_vendor_default zygote:binder { call };
dontaudit hal_uwb_vendor_default zygote:binder { transfer };
# b/208721505

2
whitechapel_pro/hal_uwb_vendor.te
View File

@@ -9,6 +9,8 @@ binder_call(hal_uwb_vendor_server, servicemanager)
# allow hal_uwb_vendor to set wpan interfaces up and down
allow hal_uwb_vendor self:udp_socket create_socket_perms;
allowxperm hal_uwb_vendor self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL };
# TODO(b/190461440): Find a long term solution for this.
allow hal_uwb_vendor self:global_capability_class_set { net_admin };
# allow hal_uwb_vendor to speak to nl802154 in the kernel
allow hal_uwb_vendor self:netlink_generic_socket create_socket_perms_no_ioctl;