Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / d8843d1c2e2a4d2b0112b786e0d08422d0ab5568
commitd8843d1c2e2a4d2b0112b786e0d08422d0ab5568[log] [tgz]
authorSunil Ravi <sunilravi@google.com>Thu Jan 16 10:17:20 2020 -0800
committerSunil Ravi <sunilravi@google.com>Fri Jan 17 21:14:25 2020 +0000
treee5c8c2083cb38ae7f3626ad3275ab06a7da21cf6
parentbda9c33ab1f33cdf425222e8df6418d3f157bf3e [diff]
sepolicy(wifi): Allow keystore-wificond communication

Denial log:
1. 10-30 11:02:50.279  wifi  1119  1119 W HwBinder:1119_1:
type=1400 audit(0.0:113): avc: denied { transfer } for
scontext=u:r:wificond:s0 tcontext=u:r:keystore:s0
tclass=binder permissive=0

2. 01-15 16:24:04.214 W/keystore( 1007): type=1400
audit(0.0:109): avc: denied { call } for
scontext=u:r:keystore:s0 tcontext=u:r:wificond:s0
tclass=binder permissive=0

3. 01-16 12:11:19.704 W/keystore( 1021): type=1400
audit(0.0:163): avc: denied { transfer } for
scontext=u:r:keystore:s0 tcontext=u:r:wificond:s0
tclass=binder permissive=0

Bug: 143638513
Bug: 145310496
Test: Installed CA and wifi certificates and connects
to enterprise network.
No selinux denial seen from wificond and keystore.

Change-Id: I9727add13844b1ff1875e493b777e3a294e00ffa
2 files changed
tree: e5c8c2083cb38ae7f3626ad3275ab06a7da21cf6
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. compat.mk
  15. contexts_tests.mk
  16. definitions.mk
  17. mac_permissions.mk
  18. MODULE_LICENSE_PUBLIC_DOMAIN
  19. NOTICE
  20. OWNERS
  21. policy_version.mk
  22. PREUPLOAD.cfg
  23. README
  24. seapp_contexts.mk
  25. treble_sepolicy_tests_for_release.mk