diff options
Diffstat (limited to 'selinux')
-rw-r--r-- | selinux/bluetooth.te | 2 | ||||
-rw-r--r-- | selinux/file_contexts | 2 | ||||
-rw-r--r-- | selinux/init.te | 2 | ||||
-rw-r--r-- | selinux/ueventd.te | 1 | ||||
-rw-r--r-- | selinux/wpa.te | 2 |
5 files changed, 8 insertions, 1 deletions
diff --git a/selinux/bluetooth.te b/selinux/bluetooth.te index 42c91ec..7846f67 100644 --- a/selinux/bluetooth.te +++ b/selinux/bluetooth.te @@ -2,3 +2,5 @@ allow bluetooth bluetooth_data_file:file { read open }; allow bluetooth serial_device:chr_file { read write ioctl open }; allow bluetooth wifi_data_file:file { read open }; allow bluetooth radio_device:file write; +allow bluetooth sysfs_bluetooth_writable:dir search; +allow bluetooth sysfs_bluetooth_writable:lnk_file read; diff --git a/selinux/file_contexts b/selinux/file_contexts index a0cddd3..3db1714 100644 --- a/selinux/file_contexts +++ b/selinux/file_contexts @@ -8,6 +8,8 @@ /data/.cid.info u:object_r:wifi_data_file:s0 +/sys/devices/platform/bcm4334_bluetooth(/.*)? u:object_r:sysfs_bluetooth_writable:s0 +/sys/class/rfkill(/.*)? u:object_r:sysfs_bluetooth_writable:s0 /efs/bluetooth/bt_addr u:object_r:bluetooth_data_file:s0 /dev/akm8975 u:object_r:sensors_device:s0 diff --git a/selinux/init.te b/selinux/init.te index 7abe7a5..f4b18d5 100644 --- a/selinux/init.te +++ b/selinux/init.te @@ -5,3 +5,5 @@ allow init radio_device:lnk_file relabelto; allow init sysfs:lnk_file setattr; allow init radio_device:lnk_file setattr; allow init tmpfs:lnk_file create; +allow init sysfs_bluetooth_writable:lnk_file { read getattr }; +allow init sysfs_bluetooth_writable:file getattr; diff --git a/selinux/ueventd.te b/selinux/ueventd.te index 6cc7795..da19de5 100644 --- a/selinux/ueventd.te +++ b/selinux/ueventd.te @@ -1 +1,2 @@ allow ueventd radio_device:file { getattr write open }; +allow ueventd sysfs_bluetooth_writable:file { open write }; diff --git a/selinux/wpa.te b/selinux/wpa.te index af92d77..3200133 100644 --- a/selinux/wpa.te +++ b/selinux/wpa.te @@ -1 +1 @@ -allow wpa radio_device:chr_file read; +allow wpa radio_device:chr_file { open read }; |