Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8a611aeffefe4865c75665f9ea768bafaac3b7a1
device_google_wahoo/sepolicy/hal_wifi_default.te
Jeff Vander Stoep b779833c27 Annotate core components that access vendor data types 
A neverallow asserts that core domains may not access data types
specified in vendor policy. Some violations occured due to policy
granted to both HALs and HAL clients. Some of these violations could
be fixed by modifying the policy such that if a HAL no longer runs in
passthrough mode, then only apply permissions to the HAL itself and
not to clients.

For domains that still violate the neverallow rule, grant a temporary
exemption with TODOs and bugs assigned for the remaining work.

Bug: 34980020
Test: Build and boot Muskie. Make phone call, watch youtube video.
      No new denials observed.

Change-Id: I27ec9cdd04d8f5d5524b5b0bcb8c88f9edcc72fb
2017-03-30 21:32:47 -07:00

11 lines
438 B
Plaintext
Raw Blame History

# Allow wifi hal access to LOWI
allow hal_wifi_default location:unix_stream_socket connectto;
allow hal_wifi_default location_data_file:sock_file write;
# write to files owned by location daemon
allow hal_wifi_default location_data_file:dir create_dir_perms;
allow hal_wifi_default location_data_file:{ file fifo_file } create_file_perms;
# Allow wifi hal to read debug info from the driver.
r_dir_file(hal_wifi_default, proc_wifi_dbg)
Reference in New Issue View Git Blame Copy Permalink