• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# wificond
2type wificond, domain;
3type wificond_exec, system_file_type, exec_type, file_type;
4
5binder_use(wificond)
6binder_call(wificond, system_server)
7binder_call(wificond, keystore)
8
9add_service(wificond, wifinl80211_service)
10hal_client_domain(wificond, hal_nlinterceptor)
11
12# create sockets to set interfaces up and down
13allow wificond self:udp_socket create_socket_perms;
14# setting interface state up/down is a privileged ioctl
15allowxperm wificond self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR };
16allow wificond self:global_capability_class_set { net_admin net_raw };
17# allow wificond to speak to nl80211 in the kernel
18allow wificond self:netlink_socket create_socket_perms_no_ioctl;
19# newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets
20allow wificond self:netlink_generic_socket create_socket_perms_no_ioctl;
21
22r_dir_file(wificond, proc_net_type)
23
24# allow wificond to check permission for dumping logs
25allow wificond permission_service:service_manager find;
26
27# dumpstate support
28allow wificond dumpstate:fd use;
29allow wificond dumpstate:fifo_file write;
30
31#### Offer the Wifi Keystore HwBinder service ###
32hwbinder_use(wificond)
33typeattribute wificond wifi_keystore_service_server;
34add_hwservice(wificond, system_wifi_keystore_hwservice)
35
36# Allow keystore binder access to serve the HwBinder service.
37allow wificond keystore_service:service_manager find;
38allow wificond keystore:keystore_key get;
39
40# Allow keystore2 binder access to serve the HwBinder service.
41allow wificond wifi_key:keystore2_key {
42    get_info
43    use
44};
45