Skip to content
Snippets Groups Projects
Commit 4eb63113 authored by Stephen Smalley's avatar Stephen Smalley Committed by dcashman
Browse files

Allow wpa to perform binder IPC to keystore.


Addresses denials such as:
 avc:  denied  { call } for  pid=2275 comm="wpa_supplicant" scontext=u:r:wpa:s0 tcontext=u:r:servicemanager:s0 tclass=binder

Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>

(cherry picked from commit 867e398d)

Change-Id: Ie941b07e351bf89aa0afd5ee88cd01f6da5e6788
parent 6ae2d6e2
No related branches found
No related tags found
No related merge requests found
...@@ -15,6 +15,9 @@ allow wpa wifi_data_file:file create_file_perms; ...@@ -15,6 +15,9 @@ allow wpa wifi_data_file:file create_file_perms;
unix_socket_send(wpa, system_wpa, system_server) unix_socket_send(wpa, system_wpa, system_server)
allow wpa random_device:chr_file r_file_perms; allow wpa random_device:chr_file r_file_perms;
binder_use(wpa)
binder_call(wpa, keystore)
# Create a socket for receiving info from wpa # Create a socket for receiving info from wpa
type_transition wpa wifi_data_file:sock_file wpa_socket; type_transition wpa wifi_data_file:sock_file wpa_socket;
allow wpa wpa_socket:dir { rw_dir_perms setattr }; allow wpa wpa_socket:dir { rw_dir_perms setattr };
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment