From e815923b0d31cab8b16dd75f270da077f2efa678 Mon Sep 17 00:00:00 2001
From: Pawit Pornkitprasan
Date: Thu, 27 Nov 2014 20:18:18 +0700
Subject: [PATCH] vendor: add policies for netd
Required due to CAF's abc9c0f4fe574ee9847f118e5d2ae8c530bac650 in
system/netd
Fixes showing how many devices are connected to the tethered hotspot
Change-Id: I1d83f7ac0b28efa6973e0baf429de2a398c471e3
---
sepolicy/hostapd.te | 1 +
sepolicy/netd.te | 4 ++++
sepolicy/sepolicy.mk | 1 +
sepolicy/system.te | 3 +++
4 files changed, 9 insertions(+)
create mode 100644 sepolicy/hostapd.te
diff --git a/sepolicy/hostapd.te b/sepolicy/hostapd.te
new file mode 100644
index 00000000..8a70f14b
--- /dev/null
+++ b/sepolicy/hostapd.te
@@ -0,0 +1 @@
+allow hostapd netd:unix_dgram_socket sendto;
diff --git a/sepolicy/netd.te b/sepolicy/netd.te
index 4ad0b3ed..9a0de3f3 100644
--- a/sepolicy/netd.te
+++ b/sepolicy/netd.te
@@ -2,3 +2,7 @@ allow netd self:capability { setuid sys_module setgid };
allow netd self:packet_socket create_socket_perms;
allow netd radio_data_file:dir rw_dir_perms;
allow netd radio_data_file:file create_file_perms;
+allow netd wpa_socket:dir rw_dir_perms;
+allow netd wpa_socket:sock_file create_file_perms;
+allow netd system_wpa_socket:sock_file create_file_perms;
+allow netd hostapd:unix_dgram_socket sendto;
diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
index 04fcac71..a08e74a3 100644
--- a/sepolicy/sepolicy.mk
+++ b/sepolicy/sepolicy.mk
@@ -15,6 +15,7 @@ BOARD_SEPOLICY_UNION += \
service_contexts \
auditd.te \
healthd.te \
+ hostapd.te \
installd.te \
netd.te \
property.te \
diff --git a/sepolicy/system.te b/sepolicy/system.te
index 02d9e095..ca07e6fb 100644
--- a/sepolicy/system.te
+++ b/sepolicy/system.te
@@ -3,3 +3,6 @@ allow system_server dalvikcache_data_file:file write;
# allow adb related properties to be set
allow system_server adbtcp_prop:property_service set;
+
+allow system_server dhcp_data_file:dir r_dir_perms;
+allow system_server dhcp_data_file:file r_file_perms;