diff options
| author | codeworkx <daniel.hillenbrand@codeworkx.de> | 2018-01-07 12:12:17 +0100 |
|---|---|---|
| committer | Davide Garberi <dade.garberi@gmail.com> | 2018-01-07 17:17:05 +0100 |
| commit | 39d37460e00490ba0f44f77f27f66a012c10df6f (patch) | |
| tree | 0f4c8f909bbcc078ad24249ec0a9ca3fcf6d0d96 | |
| parent | 84dacdabe8bd5e2290fb0a045c4a247b284144fb (diff) | |
msm8996: selinux: label wcnss_filter and fix denial
Change-Id: Ic41316e00c52672a6f8ff245fdba844fd9546ea7
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
| -rwxr-xr-x | rootdir/etc/init.qcom.rc | 3 | ||||
| -rw-r--r-- | sepolicy/bluetooth.te | 1 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 1 | ||||
| -rw-r--r-- | sepolicy/hal_bluetooth_default.te | 1 |
4 files changed, 5 insertions, 1 deletions
diff --git a/rootdir/etc/init.qcom.rc b/rootdir/etc/init.qcom.rc index 3a21016..5e7120d 100755 --- a/rootdir/etc/init.qcom.rc +++ b/rootdir/etc/init.qcom.rc @@ -775,7 +775,7 @@ service start_hci_filter /system/bin/wcnss_filter class late_start user bluetooth group bluetooth diag system wakelock - seclabel u:r:bluetooth:s0 + seclabel u:r:wcnss_filter:s0 disabled on property:wc_transport.start_root=true @@ -800,6 +800,7 @@ service hci_filter_root /system/bin/wcnss_filter class late_start user bluetooth group bluetooth diag system + seclabel u:r:wcnss_filter:s0 disabled service ftmd /system/bin/logwrapper /system/bin/ftmdaemon diff --git a/sepolicy/bluetooth.te b/sepolicy/bluetooth.te new file mode 100644 index 0000000..0f173e1 --- /dev/null +++ b/sepolicy/bluetooth.te @@ -0,0 +1 @@ +allow bluetooth wcnss_filter:unix_stream_socket { connectto }; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 1b368ba..bc44d4c 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -31,6 +31,7 @@ /system/bin/port-bridge u:object_r:port-bridge_exec:s0 /system/bin/time_daemon u:object_r:time_daemon_exec:s0 /system/bin/cnss-daemon u:object_r:wcnss_service_exec:s0 +/system/bin/wcnss_filter u:object_r:wcnss_filter_exec:s0 # modemst1 /dev/block/mmcblk0p37 u:object_r:modem_efs_partition_device:s0 diff --git a/sepolicy/hal_bluetooth_default.te b/sepolicy/hal_bluetooth_default.te index e60f709..d7266e1 100644 --- a/sepolicy/hal_bluetooth_default.te +++ b/sepolicy/hal_bluetooth_default.te @@ -1,2 +1,3 @@ allow hal_bluetooth_default bluetooth_data_file:dir search; allow hal_bluetooth_default bluetooth_data_file:file { append getattr open read write }; +allow hal_bluetooth_default wcnss_filter:unix_stream_socket { connectto }; |