sepolicy/gpsd.te

   1 type gpsd, domain;
   2 type gpsd_exec, exec_type, file_type, vendor_file_type;
   3
   4 init_daemon_domain(gpsd)
   5
   6 # Automatically label files created in /data/system/gps as gps_data_file
   7 file_type_auto_trans(gpsd, system_data_file, gps_data_file)
   8
   9 # Allow rild and netd to connect to gpsd
  10 unix_socket_connect(gpsd, property, rild)
  11 unix_socket_connect(gpsd, property, netd)
  12
  13 allow gpsd system_server:unix_stream_socket rw_socket_perms;
  14
  15 binder_call(gpsd, system_server)
  16 binder_use(gpsd)
  17
  18 # Sockets
  19 type_transition gpsd gps_data_file:sock_file gps_socket;
  20
  21 allow gpsd dnsproxyd_socket:sock_file write;
  22 allow gpsd fwmarkd_socket:sock_file write;
  23 allow gpsd gps_socket:sock_file create_file_perms;
  24 allow gpsd self:udp_socket create_socket_perms;
  25
  26 # sysfs_gps
  27 allow gpsd sysfs_gps:dir search;
  28 allow gpsd sysfs_gps:lnk_file read;
  29 allow gpsd sysfs_gps:file rw_file_perms;
  30
  31 # /dev/ttySAC3
  32 allow gpsd gps_device:chr_file { setattr rw_file_perms };
  33 allow gpsd gps_data_file:dir rw_dir_perms;
  34 allow gpsd gps_data_file:fifo_file create_file_perms;
  35
  36 allow gpsd sysfs_wake_lock:file rw_file_perms;
  37
  38 allow gpsd sensorservice_service:service_manager find;
  39
  40 # /dev/umts_boot0
  41 allow gpsd mif_device:chr_file r_file_perms;
  42
  43 # TCP sockets
  44 allow gpsd port:tcp_socket { name_connect name_bind };
  45 allow gpsd self:tcp_socket create_socket_perms;
  46 allow gpsd node:tcp_socket node_bind;
  47
  48 # sec sysfs files
  49 #allow gpsd sysfs_sec:dir search;
  50
  51 # hwservicemanager ready prop
  52 allow gpsd hwservicemanager:binder call;
  53 allow gpsd hwservicemanager_prop:file { open read getattr};