From f4c42343dff47cb4a6ba20b5d41b99787fddd540 Mon Sep 17 00:00:00 2001
From: Bryan Henry <bryanhenry@google.com>
Date: Fri, 11 Aug 2017 19:12:13 -0700
Subject: [PATCH] DO NOT MERGE Allow iot_wifi domain to request the net_admin
 capability.

iot_wifi is an appdomain, like bluetooth, and currently requires the
net_admin capability so that it can use 'iw' to create a new virtual
Wifi interface. This should eventually be refactored into netd or
wificond so this can be reverted.

Bug: 64371898
Test: iot_wifi can get capability through NET_ADMIN permission.

Change-Id: I8a8a652bba5441af3aa07b8f65c014b7c3df3c42
---
 app.te      | 4 +++-
 iot_wifi.te | 4 ++++
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 iot_wifi.te

diff --git a/app.te b/app.te
index e9dd7b39a..b15c69a57 100644
--- a/app.te
+++ b/app.te
@@ -274,7 +274,8 @@ allow appdomain cache_file:dir getattr;
 
 # Superuser capabilities.
 # bluetooth requires net_admin and wake_alarm.
-neverallow { appdomain -bluetooth } self:capability *;
+# iot_wifi requires net_admin.
+neverallow { appdomain -bluetooth -iot_wifi } self:capability *;
 neverallow { appdomain -bluetooth } self:capability2 *;
 
 # Block device access.
@@ -441,6 +442,7 @@ neverallow appdomain {
 # Blacklist app domains not allowed to execute from /data
 neverallow {
   bluetooth
+  iot_wifi
   isolated_app
   nfc
   radio
diff --git a/iot_wifi.te b/iot_wifi.te
new file mode 100644
index 000000000..47b38ac36
--- /dev/null
+++ b/iot_wifi.te
@@ -0,0 +1,4 @@
+# IoTWifiService app
+# TODO(bryanhenry,b/64616008): Move this domain type into device/google/iot
+# once we no longer need to modify the self:capability neverallow
+type iot_wifi, domain;
-- 
GitLab