Home | History | Annotate | Download | only in public 
      1 # wificond
      2 type wificond, domain;
      3 type wificond_exec, exec_type, file_type;
      4 
      5 binder_use(wificond)
      6 binder_call(wificond, system_server)
      7 
      8 add_service(wificond, wificond_service)
      9 
     10 set_prop(wificond, exported_wifi_prop)
     11 set_prop(wificond, wifi_prop)
     12 set_prop(wificond, ctl_default_prop)
     13 
     14 # create sockets to set interfaces up and down
     15 allow wificond self:udp_socket create_socket_perms;
     16 # setting interface state up/down is a privileged ioctl
     17 allowxperm wificond self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR };
     18 allow wificond self:global_capability_class_set { net_admin net_raw };
     19 # allow wificond to speak to nl80211 in the kernel
     20 allow wificond self:netlink_socket create_socket_perms_no_ioctl;
     21 # newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets
     22 allow wificond self:netlink_generic_socket create_socket_perms_no_ioctl;
     23 
     24 r_dir_file(wificond, proc_net)
     25 
     26 # allow wificond to check permission for dumping logs
     27 allow wificond permission_service:service_manager find;
     28 
     29 # dumpstate support
     30 allow wificond dumpstate:fd use;
     31 allow wificond dumpstate:fifo_file write;
     32