[GitHub/LineageOS/android_device_samsung_universal7580-common.git] / sepolicy / gpsd.te

type gpsd, domain;
type gpsd_exec, exec_type, file_type, vendor_file_type;

init_daemon_domain(gpsd)

# Automatically label files created in /data/system/gps as gps_data_file
file_type_auto_trans(gpsd, system_data_file, gps_data_file)

# Allow rild and netd to connect to gpsd
unix_socket_connect(gpsd, property, rild)
unix_socket_connect(gpsd, property, netd)

allow gpsd system_server:unix_stream_socket rw_socket_perms;

binder_call(gpsd, system_server)
binder_call(gpsd, system_suspend_server)
hwbinder_use(gpsd)

allow gpsd system_suspend_hwservice:hwservice_manager { find };

# Sockets
type_transition gpsd gps_data_file:sock_file gps_socket;

allow gpsd dnsproxyd_socket:sock_file write;
allow gpsd fwmarkd_socket:sock_file write;
allow gpsd gps_socket:sock_file create_file_perms;
allow gpsd self:udp_socket create_socket_perms;

# sysfs_gps
allow gpsd sysfs_gps:dir search;
allow gpsd sysfs_gps:lnk_file read;
allow gpsd sysfs_gps:file rw_file_perms;

# /dev/ttySAC3
allow gpsd gps_device:chr_file { setattr rw_file_perms };
allow gpsd gps_data_file:dir rw_dir_perms;
allow gpsd gps_data_file:fifo_file create_file_perms;

allow gpsd sysfs_wake_lock:file rw_file_perms;

allow gpsd sensorservice_service:service_manager find;

# /dev/umts_boot0
allow gpsd mif_device:chr_file r_file_perms;

# TCP sockets
allow gpsd port:tcp_socket { name_connect name_bind };
allow gpsd self:tcp_socket create_socket_perms;
allow gpsd node:tcp_socket node_bind;

# sec sysfs files
#allow gpsd sysfs_sec:dir search;

# hwservicemanager ready prop
allow gpsd hwservicemanager:binder call;
allow gpsd hwservicemanager_prop:file { open read getattr};
Commit	Line	Data
c1a50488	1	type gpsd, domain;
b739e47b	2	type gpsd_exec, exec_type, file_type, vendor_file_type;
c1a50488	3
ee133eb7	4	init_daemon_domain(gpsd)
c1a50488 DW	5
	6	# Automatically label files created in /data/system/gps as gps_data_file
	7	file_type_auto_trans(gpsd, system_data_file, gps_data_file)
	8
	9	# Allow rild and netd to connect to gpsd
	10	unix_socket_connect(gpsd, property, rild)
	11	unix_socket_connect(gpsd, property, netd)
	12
ee133eb7	13	allow gpsd system_server:unix_stream_socket rw_socket_perms;
c1a50488 DW	14
c1a50488 DW	15	binder_call(gpsd, system_server)
201f6ab6 DW	16	binder_call(gpsd, system_suspend_server)
	17	hwbinder_use(gpsd)
	18
	19	allow gpsd system_suspend_hwservice:hwservice_manager { find };
c1a50488 DW	20
	21	# Sockets
	22	type_transition gpsd gps_data_file:sock_file gps_socket;
	23
	24	allow gpsd dnsproxyd_socket:sock_file write;
	25	allow gpsd fwmarkd_socket:sock_file write;
	26	allow gpsd gps_socket:sock_file create_file_perms;
ee133eb7	27	allow gpsd self:udp_socket create_socket_perms;
c1a50488 DW	28
c1a50488 DW	29	# sysfs_gps
9f9188f1	30	allow gpsd sysfs_gps:dir search;
c63278d0	31	allow gpsd sysfs_gps:lnk_file read;
ee133eb7	32	allow gpsd sysfs_gps:file rw_file_perms;
c1a50488 DW	33
c1a50488 DW	34	# /dev/ttySAC3
ee133eb7 JA	35	allow gpsd gps_device:chr_file { setattr rw_file_perms };
	36	allow gpsd gps_data_file:dir rw_dir_perms;
	37	allow gpsd gps_data_file:fifo_file create_file_perms;
c1a50488 DW	38
	39	allow gpsd sysfs_wake_lock:file rw_file_perms;
	40
ee133eb7	41	allow gpsd sensorservice_service:service_manager find;
c1a50488 DW	42
	43	# /dev/umts_boot0
	44	allow gpsd mif_device:chr_file r_file_perms;
	45
	46	# TCP sockets
	47	allow gpsd port:tcp_socket { name_connect name_bind };
ee133eb7	48	allow gpsd self:tcp_socket create_socket_perms;
c1a50488	49	allow gpsd node:tcp_socket node_bind;
c63278d0 DW	50
	51	# sec sysfs files
	52	#allow gpsd sysfs_sec:dir search;
1d6bb0a1 DW	53
	54	# hwservicemanager ready prop
	55	allow gpsd hwservicemanager:binder call;
	56	allow gpsd hwservicemanager_prop:file { open read getattr};