From e815923b0d31cab8b16dd75f270da077f2efa678 Mon Sep 17 00:00:00 2001 From: Pawit Pornkitprasan Date: Thu, 27 Nov 2014 20:18:18 +0700 Subject: [PATCH] vendor: add policies for netd Required due to CAF's abc9c0f4fe574ee9847f118e5d2ae8c530bac650 in system/netd Fixes showing how many devices are connected to the tethered hotspot Change-Id: I1d83f7ac0b28efa6973e0baf429de2a398c471e3 --- sepolicy/hostapd.te | 1 + sepolicy/netd.te | 4 ++++ sepolicy/sepolicy.mk | 1 + sepolicy/system.te | 3 +++ 4 files changed, 9 insertions(+) create mode 100644 sepolicy/hostapd.te diff --git a/sepolicy/hostapd.te b/sepolicy/hostapd.te new file mode 100644 index 00000000..8a70f14b --- /dev/null +++ b/sepolicy/hostapd.te @@ -0,0 +1 @@ +allow hostapd netd:unix_dgram_socket sendto; diff --git a/sepolicy/netd.te b/sepolicy/netd.te index 4ad0b3ed..9a0de3f3 100644 --- a/sepolicy/netd.te +++ b/sepolicy/netd.te @@ -2,3 +2,7 @@ allow netd self:capability { setuid sys_module setgid }; allow netd self:packet_socket create_socket_perms; allow netd radio_data_file:dir rw_dir_perms; allow netd radio_data_file:file create_file_perms; +allow netd wpa_socket:dir rw_dir_perms; +allow netd wpa_socket:sock_file create_file_perms; +allow netd system_wpa_socket:sock_file create_file_perms; +allow netd hostapd:unix_dgram_socket sendto; diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk index 04fcac71..a08e74a3 100644 --- a/sepolicy/sepolicy.mk +++ b/sepolicy/sepolicy.mk @@ -15,6 +15,7 @@ BOARD_SEPOLICY_UNION += \ service_contexts \ auditd.te \ healthd.te \ + hostapd.te \ installd.te \ netd.te \ property.te \ diff --git a/sepolicy/system.te b/sepolicy/system.te index 02d9e095..ca07e6fb 100644 --- a/sepolicy/system.te +++ b/sepolicy/system.te @@ -3,3 +3,6 @@ allow system_server dalvikcache_data_file:file write; # allow adb related properties to be set allow system_server adbtcp_prop:property_service set; + +allow system_server dhcp_data_file:dir r_dir_perms; +allow system_server dhcp_data_file:file r_file_perms;