• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Policy for /system/bin/cnss-daemon
2type cnss-daemon, domain;
3type cnss-daemon_exec, exec_type, file_type;
4
5# STOPSHIP b/28340421
6# Temporarily grant this permission and log its use.
7allow cnss-daemon self:capability net_admin;
8auditallow cnss-daemon self:capability net_admin;
9
10init_daemon_domain(cnss-daemon)
11
12allow cnss-daemon self:capability { setgid setuid };
13
14# whitelist socket ioctl commands
15allow cnss-daemon self:netlink_socket create_socket_perms;
16allow cnss-daemon self:socket create_socket_perms;
17allowxperm cnss-daemon self:socket ioctl msm_sock_ipc_ioctls;
18
19allow cnss-daemon proc_net:file rw_file_perms;
20allow cnss-daemon sysfs_wifi:file write;
21allow cnss-daemon sysfs_pcie:file write;
22allow cnss-daemon sysfs_msm_core:file write;
23r_dir_file(cnss-daemon, sysfs_type)
24
25# access to /dev/diag on debug builds
26userdebug_or_eng(`
27  allow cnss-daemon diag_device:chr_file rw_file_perms;
28')
29