1type wifi_sniffer, domain; 2type wifi_sniffer_exec, exec_type, vendor_file_type, file_type; 3 4userdebug_or_eng(` 5 # make transition from init to its domain 6 init_daemon_domain(wifi_sniffer) 7 net_domain(wifi_sniffer) 8 9# configurate con mode 10 allow wifi_sniffer self:capability { net_admin net_raw }; 11 allow wifi_sniffer sysfs_wifi_conmode:file rw_file_perms; 12 13# interface up 14 allowxperm wifi_sniffer self:udp_socket ioctl SIOCSIFFLAGS; 15 allow wifi_sniffer self:netlink_generic_socket create_socket_perms; 16 allowxperm wifi_sniffer self:netlink_generic_socket ioctl { 0x8910 0x8946 }; 17 18# tcpdump 19 allow wifi_sniffer self:packet_socket create_socket_perms; 20 allowxperm wifi_sniffer self:packet_socket ioctl { 0x8933 0x8927 }; 21 allow wifi_sniffer self:unix_dgram_socket ioctl; 22 allowxperm wifi_sniffer self:unix_dgram_socket ioctl 0x8946; 23 allow wifi_sniffer sysfs_net:dir search; 24 allow wifi_sniffer sysfs_net:file r_file_perms; 25 allow wifi_sniffer tcpdump_exec:file rx_file_perms; 26 allow wifi_sniffer wifi_logging_data_file:file create_file_perms; 27 allow wifi_sniffer wifi_logging_data_file:dir create_dir_perms; 28 29 get_prop(wifi_sniffer, vendor_wifi_sniffer_prop) 30') 31