diff options
| -rw-r--r-- | sepolicy/hci_attach.te | 16 | ||||
| -rw-r--r-- | sepolicy/uim.te | 1 |
2 files changed, 17 insertions, 0 deletions
diff --git a/sepolicy/hci_attach.te b/sepolicy/hci_attach.te new file mode 100644 index 0000000..3d57abe --- /dev/null +++ b/sepolicy/hci_attach.te @@ -0,0 +1,16 @@ +type hci_attach, domain; +type hci_attach_exec, exec_type, file_type; + +init_daemon_domain(hci_attach) + +set_prop(hci_attach, wifi_prop) + +#============= hci_attach ============== +allow hci_attach bluetooth_data_file:dir search; +allow hci_attach bluetooth_data_file:file r_file_perms; +allow hci_attach bluetooth_prop:property_service set; +allow hci_attach hci_attach_dev:chr_file rw_file_perms; +allow hci_attach hci_attach_exec:file execute_no_trans; +allow hci_attach shell_exec:file { entrypoint getattr read }; +allow hci_attach system_file:file execute_no_trans; +allow hci_attach toolbox_exec:file rx_file_perms; diff --git a/sepolicy/uim.te b/sepolicy/uim.te index 97ce954..c452704 100644 --- a/sepolicy/uim.te +++ b/sepolicy/uim.te @@ -11,3 +11,4 @@ allow uim rootfs:lnk_file getattr; allow uim ta_data_file:dir search; allow uim bluetooth_prop:sock_file write; allow uim ta_data_file:file r_file_perms; +allow uim hci_attach_dev:chr_file ioctl; |