From 39d37460e00490ba0f44f77f27f66a012c10df6f Mon Sep 17 00:00:00 2001 From: codeworkx Date: Sun, 7 Jan 2018 12:12:17 +0100 Subject: msm8996: selinux: label wcnss_filter and fix denial Change-Id: Ic41316e00c52672a6f8ff245fdba844fd9546ea7 Signed-off-by: Davide Garberi --- sepolicy/bluetooth.te | 1 + sepolicy/file_contexts | 1 + sepolicy/hal_bluetooth_default.te | 1 + 3 files changed, 3 insertions(+) create mode 100644 sepolicy/bluetooth.te (limited to 'sepolicy') diff --git a/sepolicy/bluetooth.te b/sepolicy/bluetooth.te new file mode 100644 index 0000000..0f173e1 --- /dev/null +++ b/sepolicy/bluetooth.te @@ -0,0 +1 @@ +allow bluetooth wcnss_filter:unix_stream_socket { connectto }; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 1b368ba..bc44d4c 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -31,6 +31,7 @@ /system/bin/port-bridge u:object_r:port-bridge_exec:s0 /system/bin/time_daemon u:object_r:time_daemon_exec:s0 /system/bin/cnss-daemon u:object_r:wcnss_service_exec:s0 +/system/bin/wcnss_filter u:object_r:wcnss_filter_exec:s0 # modemst1 /dev/block/mmcblk0p37 u:object_r:modem_efs_partition_device:s0 diff --git a/sepolicy/hal_bluetooth_default.te b/sepolicy/hal_bluetooth_default.te index e60f709..d7266e1 100644 --- a/sepolicy/hal_bluetooth_default.te +++ b/sepolicy/hal_bluetooth_default.te @@ -1,2 +1,3 @@ allow hal_bluetooth_default bluetooth_data_file:dir search; allow hal_bluetooth_default bluetooth_data_file:file { append getattr open read write }; +allow hal_bluetooth_default wcnss_filter:unix_stream_socket { connectto }; -- cgit v1.2.3