| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute wificond coredomain; |
| 2 | |
| Inseob Kim | 3dbf3d8 | 2020-06-25 21:20:42 +0900 | [diff] [blame] | 3 | set_prop(wificond, wifi_hal_prop) |
| Inseob Kim | 55e5c9b | 2020-03-04 17:20:35 +0900 | [diff] [blame] | 4 | set_prop(wificond, wifi_prop) |
| 5 | set_prop(wificond, ctl_default_prop) |
| 6 | |
| 7 | get_prop(wificond, hwservicemanager_prop) |
| 8 | |
| Janis Danisevskis | 4678660 | 2021-06-15 08:01:16 -0700 | [diff] [blame] | 9 | allow wificond legacykeystore_service:service_manager find; |
| 10 | |
| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 11 | init_daemon_domain(wificond) |
| Inseob Kim | 75806ef | 2024-03-27 17:18:41 +0900 | [diff] [blame] | 12 | |
| 13 | binder_use(wificond) |
| 14 | binder_call(wificond, system_server) |
| 15 | binder_call(wificond, keystore) |
| 16 | |
| 17 | add_service(wificond, wifinl80211_service) |
| 18 | hal_client_domain(wificond, hal_nlinterceptor) |
| 19 | |
| 20 | # create sockets to set interfaces up and down |
| 21 | allow wificond self:udp_socket create_socket_perms; |
| 22 | # setting interface state up/down is a privileged ioctl |
| 23 | allowxperm wificond self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR }; |
| 24 | allow wificond self:global_capability_class_set { net_admin net_raw }; |
| 25 | # allow wificond to speak to nl80211 in the kernel |
| 26 | allow wificond self:netlink_socket create_socket_perms_no_ioctl; |
| 27 | # newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets |
| 28 | allow wificond self:netlink_generic_socket create_socket_perms_no_ioctl; |
| 29 | |
| 30 | r_dir_file(wificond, proc_net_type) |
| 31 | |
| 32 | # allow wificond to check permission for dumping logs |
| 33 | allow wificond permission_service:service_manager find; |
| 34 | |
| 35 | # dumpstate support |
| 36 | allow wificond dumpstate:fd use; |
| 37 | allow wificond dumpstate:fifo_file write; |
| 38 | |
| 39 | #### Offer the Wifi Keystore HwBinder service ### |
| 40 | hwbinder_use(wificond) |
| 41 | typeattribute wificond wifi_keystore_service_server; |
| 42 | add_hwservice(wificond, system_wifi_keystore_hwservice) |
| 43 | |
| 44 | # Allow keystore2 binder access to serve the HwBinder service. |
| 45 | allow wificond keystore_service:service_manager find; |
| 46 | allow wificond wifi_key:keystore2_key { |
| 47 | get_info |
| 48 | use |
| 49 | }; |