From 3123b1eef7c15dee0b0df72c6a3017f1797a278d Mon Sep 17 00:00:00 2001 From: Alex Klyubin <klyubin@google.com> Date: Mon, 6 May 2013 10:18:27 -0700 Subject: [PATCH] SELinux policy for Bluetooth properties. Properties under bluetooth. and persist.service.bdroid. are considered Bluetooth-related properties. Change-Id: Iee937d9a1184c2494deec46f9ed7090c643acda7 --- bluetooth.te | 3 +++ property.te | 1 + property_contexts | 2 ++ 3 files changed, 6 insertions(+) diff --git a/bluetooth.te b/bluetooth.te index c6ff619b9..a7b9a4eb8 100644 --- a/bluetooth.te +++ b/bluetooth.te @@ -30,5 +30,8 @@ allow bluetooth efs_file:dir search; # Talk to init over the property socket. unix_socket_connect(bluetooth, property, init) +# Property Service +allow bluetooth bluetooth_prop:property_service set; + # proc access. allow bluetooth proc_bluetooth_writable:file rw_file_perms; diff --git a/property.te b/property.te index adebc6a3b..69dff913f 100644 --- a/property.te +++ b/property.te @@ -9,3 +9,4 @@ type ctl_dumpstate_prop, property_type; type ctl_rildaemon_prop, property_type; type audio_prop, property_type; type security_prop, property_type; +type bluetooth_prop, property_type; diff --git a/property_contexts b/property_contexts index 7b0ce0437..e32cdddb7 100644 --- a/property_contexts +++ b/property_contexts @@ -23,6 +23,7 @@ sys. u:object_r:system_prop:s0 service. u:object_r:system_prop:s0 wlan. u:object_r:system_prop:s0 dhcp. u:object_r:system_prop:s0 +bluetooth. u:object_r:bluetooth_prop:s0 debug. u:object_r:shell_prop:s0 log. u:object_r:shell_prop:s0 @@ -32,6 +33,7 @@ service.adb.tcp.port u:object_r:shell_prop:s0 persist.audio. u:object_r:audio_prop:s0 persist.sys. u:object_r:system_prop:s0 persist.service. u:object_r:system_prop:s0 +persist.service.bdroid. u:object_r:bluetooth_prop:s0 persist.security. u:object_r:system_prop:s0 # mmac persistent properties -- GitLab