From ec6a0bfaaa01f78cd86b432504f654ba4baa28bb Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 16 Mar 2020 18:23:06 +0100
Subject: [PATCH] common: Add macloader

Change-Id: I07916e20a98c3836099e1ea8124537d7b05138b2
---
 common/vendor/file.te        |  7 +++++++
 common/vendor/file_contexts  |  4 ++++
 common/vendor/genfs_contexts |  7 +++++++
 common/vendor/macloader.te   | 28 ++++++++++++++++++++++++++++
 4 files changed, 46 insertions(+)
 create mode 100644 common/vendor/macloader.te

diff --git a/common/vendor/file.te b/common/vendor/file.te
index c3c562a..a1c4b23 100644
--- a/common/vendor/file.te
+++ b/common/vendor/file.te
@@ -1,4 +1,11 @@
 # file.te
 
+### DATA
+type conn_vendor_data_file, file_type, data_file_type;
+type wifi_vendor_data_file, file_type, data_file_type;
+
 ### SYSFS
+type sysfs_wifi, sysfs_type, r_fs_type, fs_type;
+
 type sysfs_backlight_writable, sysfs_type, rw_fs_type, fs_type;
+type sysfs_wifi_writable, sysfs_type, rw_fs_type, fs_type;
diff --git a/common/vendor/file_contexts b/common/vendor/file_contexts
index f680d56..b9df724 100644
--- a/common/vendor/file_contexts
+++ b/common/vendor/file_contexts
@@ -1,5 +1,9 @@
 # file_contexts
 
+### DATA
+/data/vendor/conn(/.*)?                      u:object_r:conn_vendor_data_file:s0
+/data/vendor/wifi(/.*)?                      u:object_r:wifi_vendor_data_file:s0
+
 ### VENDOR
 /(vendor|system/vendor)/bin/hw/android\.hardware\.light@[0-9].[0-9]-service\.samsung              u:object_r:hal_light_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.power@[0-9].[0-9]-service\.exynos               u:object_r:hal_power_default_exec:s0
diff --git a/common/vendor/genfs_contexts b/common/vendor/genfs_contexts
index 29d6330..a530de5 100644
--- a/common/vendor/genfs_contexts
+++ b/common/vendor/genfs_contexts
@@ -9,3 +9,10 @@ genfscon sysfs /devices/platform/panel@0/backlight/panel/max_brightness   u:obje
 genfscon sysfs /devices/virtual/timed_output/vibrator/intensity           u:object_r:sysfs_vibrator:s0
 genfscon sysfs /devices/virtual/timed_output/vibrator/multi_freq          u:object_r:sysfs_vibrator:s0
 genfscon sysfs /devices/virtual/timed_output/vibrator/cp_trigger_index    u:object_r:sysfs_vibrator:s0
+
+genfscon sysfs /module/dhd/parameters                                     u:object_r:sysfs_wifi_writable:s0
+
+genfscon sysfs /wifi                                                      u:object_r:sysfs_wifi:s0
+genfscon sysfs /wifi/cid                                                  u:object_r:sysfs_wifi_writable:s0
+genfscon sysfs /wifi/mac_addr                                             u:object_r:sysfs_wifi_writable:s0
+genfscon sysfs /wifi/memdump                                              u:object_r:sysfs_wifi_writable:s0
diff --git a/common/vendor/macloader.te b/common/vendor/macloader.te
new file mode 100644
index 0000000..f82a987
--- /dev/null
+++ b/common/vendor/macloader.te
@@ -0,0 +1,28 @@
+# macloader.te
+
+type macloader, domain;
+type macloader_exec, exec_type, vendor_file_type, file_type;
+
+# macloader is started by init, type transit from init domain to macloader domain
+init_daemon_domain(macloader)
+
+allow macloader self:capability { net_admin };
+
+allow macloader self:udp_socket create_socket_perms;
+allowxperm macloader self:udp_socket ioctl { 0x8913 0x8914 };
+
+# /data/vendor/conn
+allow macloader conn_vendor_data_file:dir rw_dir_perms;
+allow macloader conn_vendor_data_file:file create_file_perms;
+
+# /sys/class/net
+allow macloader sysfs_net:dir r_dir_perms;
+allow macloader sysfs_net:file r_file_perms;
+
+# /sys/module/dhd/parameters/firmware_path
+allow macloader sysfs_wifi_writable:dir r_dir_perms;
+allow macloader sysfs_wifi_writable:file rw_file_perms;
+
+# /sys/wifi
+allow macloader sysfs_wifi:dir r_dir_perms;
+allow macloader sysfs_wifi:file r_file_perms;
-- 
2.20.1