| type wcnss_service, domain; |
| type wcnss_service_exec, exec_type, file_type; |
| |
| init_daemon_domain(wcnss_service) |
| net_domain(wcnss_service) |
| |
| unix_socket_connect(wcnss_service, property, init) |
| allow wcnss_service wcnss_device:chr_file rw_file_perms; |
| |
| qmux_socket(wcnss_service); |
| |
| allow wcnss_service wifi_data_file:dir w_dir_perms; |
| allow wcnss_service wifi_data_file:file create_file_perms; |
| |
| allow wcnss_service system_prop:property_service set; |
| allow wcnss_service persist_file:dir r_dir_perms; |
| allow wcnss_service persist_file:file setattr; |
| qmux_socket(wcnss_service); |
| |
| allow wcnss_service self:socket create_socket_perms; |
| allow wcnss_service smem_log_device:chr_file rw_file_perms; |
| allow wcnss_service proc_net:file w_file_perms; |
| |
| # allow wpa_supplicant to send back wifi information to cnd |
| allow wcnss_service cnd:unix_dgram_socket sendto; |
| |
| allow wcnss_service self:capability { |
| setuid |
| setgid |
| dac_override |
| net_admin |
| chown |
| }; |
| |
| allow wcnss_service self:netlink_socket create_socket_perms; |
| allow wcnss_service firmware_file:dir r_dir_perms; |
| allow wcnss_service firmware_file:file r_file_perms; |
| allow wcnss_service sysfs:file w_file_perms; |
| allow wcnss_service storage_file:dir search; |
| |
| userdebug_or_eng(` |
| allow wcnss_service fuse:dir create_dir_perms; |
| allow wcnss_service fuse:file create_file_perms; |
| allow wcnss_service vfat:dir create_dir_perms; |
| allow wcnss_service vfat:file create_file_perms; |
| |
| # This is needed for ptt_socket app to write logs file collected to sdcard |
| r_dir_file(wcnss_service, storage_file) |
| r_dir_file(wcnss_service, mnt_user_file) |
| ') |