Skip to content

Commit

Permalink
Merge pull request #782 from pebenito/quic_amisjain-bt-uhid
Browse files Browse the repository at this point in the history 
Sepolicy changes for bluez to access uhid
  • Loading branch information
@pebenito
pebenito authored Jun 5, 2024
2 parents d53aa53 + 2102055 commit c963ddf
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 0 deletions.
19 changes: 19 additions & 0 deletions policy/modules/kernel/devices.if
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4851,6 +4851,25 @@ interface(`dev_rw_tpm',`
rw_chr_files_pattern($1, device_t, tpm_device_t)
')

#####################
## <summary>
## Allow open/read/write uhid device
## </summary>
## <param name="domain">
## <summary>
## Domain allowed rw to uhid device
## to communicate with uhid input node
## </summary>
## </param>
#
interface(`dev_rw_uhid',`
gen_require(`
type device_t, uhid_device_t;
')

rw_chr_files_pattern($1, device_t, uhid_device_t)
')

########################################
## <summary>
## Read from pseudo random number generator devices (e.g., /dev/urandom).
Expand Down
1 change: 1 addition & 0 deletions policy/modules/services/bluetooth.te
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,7 @@ dev_rw_generic_usb_dev(bluetooth_t)
dev_read_urand(bluetooth_t)
dev_rw_input_dev(bluetooth_t)
dev_rw_wireless(bluetooth_t)
dev_rw_uhid(bluetooth_t)

domain_use_interactive_fds(bluetooth_t)
domain_dontaudit_search_all_domains_state(bluetooth_t)
Expand Down

0 comments on commit c963ddf

Please sign in to comment.