Introduce Selinux policies for the mainline supplicant. Aside from binder access, supplicant requires some networking capabilities in order to work as expected. Bug: 365585450 Test: Manual test - retrieve the mainline supplicant binder in frameworks/base, and call a test method using its AIDL interface Change-Id: Id76fe09b2ecae758ed93b92d92020d45f19d2501

commit: eb5872ed2895130866a19e0ae8a30ea0dc909fe4 [log] [tgz]
author: Gabriel Biren <gbiren@google.com> Thu Aug 15 22:29:02 2024 +0000
committer: Gabriel Biren <gbiren@google.com> Mon Nov 18 20:18:40 2024 +0000
tree: 06539a3e13cde19d54bda2e6f557e9f9f4774ab1
parent: 416f81ac7d8755f8835092aef7705bead7f5220e [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 6eb5b74..044edc1 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -304,6 +304,7 @@
 binder_call(system_server, logd)
 binder_call(system_server, wificond)
 binder_call(system_server, uprobestats)
+binder_call(system_server, wifi_mainline_supplicant)
 binder_service(system_server)
 
 # Use HALs
@@ -1023,6 +1024,7 @@
 userdebug_or_eng(`
   allow system_server profcollectd_service:service_manager find;
 ')
+allow system_server wifi_mainline_supplicant_service:service_manager find;
 
 add_service(system_server, batteryproperties_service)
commit	eb5872ed2895130866a19e0ae8a30ea0dc909fe4	[log] [tgz]
author	Gabriel Biren <gbiren@google.com>	Thu Aug 15 22:29:02 2024 +0000
committer	Gabriel Biren <gbiren@google.com>	Mon Nov 18 20:18:40 2024 +0000
tree	06539a3e13cde19d54bda2e6f557e9f9f4774ab1
parent	416f81ac7d8755f8835092aef7705bead7f5220e [diff] [blame]