SePolicy: Define sepolicy for IMS
This policy is need to give IMS access to socket node
ims_rmt, ims_qmid and ims_datad
Change-Id: I62f351f0329b9270fb9810cb94848c9147a0df84
diff --git a/common/file.te b/common/file.te
index c443e8f..1b545c5 100755
--- a/common/file.te
+++ b/common/file.te
@@ -61,3 +61,6 @@
#mm-qcamera-daemon socket
type camera_socket, file_type;
+
+#Socket node needed by ims_data daemon
+type ims_socket, file_type;
diff --git a/common/file_contexts b/common/file_contexts
index 6cf1f36..966ac1c 100755
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -43,6 +43,9 @@
/dev/socket/thermal-send-client u:object_r:thermal_socket:s0
/dev/socket/thermal-recv-client u:object_r:thermal_socket:s0
/dev/socket/thermal-recv-passive-client u:object_r:thermal_socket:s0
+/dev/socket/ims_qmid u:object_r:ims_socket:s0
+/dev/socket/ims_datad u:object_r:ims_socket:s0
+/dev/socket/ims_rtpd u:object_r:ims_socket:s0
###################################
# System files
diff --git a/common/ims_rmt.te b/common/ims_rmt.te
new file mode 100644
index 0000000..7e98c2d
--- /dev/null
+++ b/common/ims_rmt.te
@@ -0,0 +1,10 @@
+#integrated sensor process
+type ims_rtp_daemon, domain;
+type ims_rtp_daemon_exec, exec_type, file_type;
+
+# Started by init
+init_daemon_domain(ims_rtp_daemon)
+
+allow radio ims_socket:sock_file { open read write };
+allow ims_rtp_daemon ims_socket:sock_file { open read write };
+
diff --git a/common/radio.te b/common/radio.te
index 5b4031f..8bd7e28 100644
--- a/common/radio.te
+++ b/common/radio.te
@@ -1,3 +1,4 @@
# Talks to qmuxd via the qmux_radio socket.
unix_socket_connect(radio, qmux_radio, qmuxd);
allow radio qmux_radio_socket:dir search;
+allow radio ims_socket:sock_file write;