| Stephen Smalley | 61c80d5 | 2012-11-16 09:06:47 -0500 | [diff] [blame] | 1 | # bluetooth subsystem |
| 2 | type bluetooth, domain; |
| 3 | app_domain(bluetooth) |
| Stephen Smalley | 85708ec | 2014-02-24 10:48:03 -0500 | [diff] [blame] | 4 | net_domain(bluetooth) |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 5 | |
| 6 | # Data file accesses. |
| 7 | allow bluetooth bluetooth_data_file:dir create_dir_perms; |
| 8 | allow bluetooth bluetooth_data_file:notdevfile_class_set create_file_perms; |
| 9 | |
| Stephen Smalley | 09f6a99 | 2014-01-13 09:14:15 -0500 | [diff] [blame] | 10 | # Socket creation under /data/misc/bluedroid. |
| 11 | type_transition bluetooth bluetooth_data_file:sock_file bluetooth_socket; |
| 12 | allow bluetooth bluetooth_socket:sock_file create_file_perms; |
| 13 | |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 14 | # bluetooth factory file accesses. |
| 15 | r_dir_file(bluetooth, bluetooth_efs_file) |
| 16 | |
| 17 | # Device accesses. |
| Stephen Smalley | b3c48b6 | 2013-10-23 13:50:19 -0400 | [diff] [blame] | 18 | allow bluetooth { tun_device uhid_device hci_attach_dev }:chr_file rw_file_perms; |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 19 | |
| 20 | # Other domains that can create and use bluetooth sockets. |
| 21 | # SELinux does not presently define a specific socket class for |
| 22 | # bluetooth sockets, nor does it distinguish among the bluetooth protocols. |
| Stephen Smalley | 1601132 | 2014-02-24 15:06:11 -0500 | [diff] [blame] | 23 | # TODO: This should no longer be needed with bluedroid for bluetooth |
| 24 | # but may be getting used for other non-bluetooth sockets that has no |
| 25 | # specific class defined. Consider taking to specific domains. |
| Nick Kralevich | 46a640d | 2016-05-05 13:37:55 -0700 | [diff] [blame] | 26 | allow { bluetoothdomain -untrusted_app -isolated_app -shell } self:socket create_socket_perms; |
| 27 | neverallow { untrusted_app isolated_app shell } { untrusted_app isolated_app shell }:socket *; |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 28 | |
| 29 | # sysfs access. |
| 30 | allow bluetooth sysfs_bluetooth_writable:file rw_file_perms; |
| 31 | allow bluetooth self:capability net_admin; |
| Sharvil Nanavati | 77eb352 | 2014-06-29 10:45:03 -0700 | [diff] [blame] | 32 | allow bluetooth self:capability2 wake_alarm; |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 33 | |
| 34 | # Allow clients to use a socket provided by the bluetooth app. |
| Stephen Smalley | 1601132 | 2014-02-24 15:06:11 -0500 | [diff] [blame] | 35 | # TODO: See if this is still required under bluedroid. |
| Sérgio Faria | 536ddba | 2014-06-29 13:11:27 +0100 | [diff] [blame] | 36 | allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown }; |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 37 | |
| 38 | # tethering |
| Stephen Smalley | 1601132 | 2014-02-24 15:06:11 -0500 | [diff] [blame] | 39 | allow bluetooth self:tun_socket create_socket_perms; |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 40 | allow bluetooth efs_file:dir search; |
| 41 | |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 42 | # proc access. |
| 43 | allow bluetooth proc_bluetooth_writable:file rw_file_perms; |
| 44 | |
| Nick Kralevich | 5b38c47 | 2013-10-29 12:45:10 -0700 | [diff] [blame] | 45 | # Allow write access to bluetooth specific properties |
| William Roberts | 2f5a6a9 | 2015-05-04 18:22:45 -0700 | [diff] [blame] | 46 | set_prop(bluetooth, bluetooth_prop) |
| 47 | set_prop(bluetooth, pan_result_prop) |
| 48 | set_prop(bluetooth, ctl_dhcp_pan_prop) |
| Nick Kralevich | 5b38c47 | 2013-10-29 12:45:10 -0700 | [diff] [blame] | 49 | |
| dcashman | cd82557 | 2014-12-11 16:01:27 -0800 | [diff] [blame] | 50 | allow bluetooth bluetooth_service:service_manager find; |
| dcashman | 895a4f2 | 2015-02-11 13:25:57 -0800 | [diff] [blame] | 51 | allow bluetooth mediaserver_service:service_manager find; |
| dcashman | cd82557 | 2014-12-11 16:01:27 -0800 | [diff] [blame] | 52 | allow bluetooth radio_service:service_manager find; |
| dcashman | 41d961a | 2015-02-12 09:50:20 -0800 | [diff] [blame] | 53 | allow bluetooth surfaceflinger_service:service_manager find; |
| dcashman | d12993f | 2015-04-02 16:50:08 -0700 | [diff] [blame] | 54 | allow bluetooth app_api_service:service_manager find; |
| 55 | allow bluetooth system_api_service:service_manager find; |
| Riley Spahn | b8511e0 | 2014-07-07 13:56:27 -0700 | [diff] [blame] | 56 | |
| Casper Bonde | fcdd354 | 2015-03-19 10:56:26 +0100 | [diff] [blame] | 57 | # Bluetooth Sim Access Profile Socket to the RIL |
| 58 | unix_socket_connect(bluetooth, sap_uim, rild) |
| 59 | |
| Nick Kralevich | 9819a6c | 2014-12-19 16:43:41 -0800 | [diff] [blame] | 60 | # already open bugreport file descriptors may be shared with |
| 61 | # the bluetooth process, from a file in |
| 62 | # /data/data/com.android.shell/files/bugreports/bugreport-*. |
| 63 | allow bluetooth shell_data_file:file read; |
| 64 | |
| Stephen Smalley | d7fd22e | 2013-10-22 12:56:32 -0400 | [diff] [blame] | 65 | ### |
| 66 | ### Neverallow rules |
| 67 | ### |
| 68 | ### These are things that the bluetooth app should NEVER be able to do |
| 69 | ### |
| 70 | |
| 71 | # Superuser capabilities. |
| Sharvil Nanavati | 77eb352 | 2014-06-29 10:45:03 -0700 | [diff] [blame] | 72 | # bluetooth requires net_admin and wake_alarm. |
| Nick Kralevich | be66069 | 2014-07-04 10:12:13 -0700 | [diff] [blame] | 73 | neverallow bluetooth self:capability ~net_admin; |
| Nick Kralevich | 33a779f | 2015-10-14 15:11:35 -0700 | [diff] [blame] | 74 | neverallow bluetooth self:capability2 ~{ wake_alarm block_suspend }; |