Wifi: Add sepolicy files for hal_wifi_ext service

This commit adds the sepolicy related files for hal_wifi_ext service. avc msg: avc: denied { set } for property=vendor.wlan.firmware.version pid=682 uid=1010 gid=1010 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=1' avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c143,c258,c512,c768 tclass=binder permissive=1 Bug: 205073038 Test: Check no avc_deny on hal_wifi_ext Change-Id: I5d9b59c56b723174543c0308dd6b0235e998e76c Signed-off-by: Roger Wang <wangroger@google.com>
2021-11-05 16:02:30 +08:00 · 2021-11-05 16:02:30 +08:00 · 5f1a03bf0e
commit 5f1a03bf0e
parent 0060a1335c
2 changed files with 5 additions and 2 deletions
--- a/tracking_denials/hal_wifi_ext.te
+++ b/tracking_denials/hal_wifi_ext.te
@ -1,2 +0,0 @@
-# b/205073038
-dontaudit hal_wifi_ext vendor_wifi_version:property_service { set };
--- a/whitechapel_pro/hal_wifi_ext.te
+++ b/whitechapel_pro/hal_wifi_ext.te
@ -0,0 +1,5 @@
+# Allow wifi_ext to report callbacks to gril-service app
+binder_call(hal_wifi_ext, grilservice_app)
+
+# Write wlan driver/fw version into property
+set_prop(hal_wifi_ext, vendor_wifi_version)