NIO: run ModemManager only with explicitly whitelisted devicesaleksander/wip-metric

author: Aleksander Morgado <aleksander@aleksander.es> 2017-12-08 16:25:23 +0100
committer: Aleksander Morgado <aleksander@aleksander.es> 2017-12-08 16:25:23 +0100
commit: b4c49f273127e9bbe6f5a3fe39b1648c451c743d (patch)
tree: d654a2f320bab48240f23c195359355654f46187
parent: 6fc3498cfc9607a94d3bdfc45ebc2ddd58ce721d (diff)
download: ModemManager-aleksander/wip-metric.tar.gz
2 files changed, 4 insertions, 1 deletions
diff --git a/data/ModemManager.service.in b/data/ModemManager.service.in
index 0f65e425d..bbc406fc3 100644
--- a/data/ModemManager.service.in
+++ b/data/ModemManager.service.in
@@ -4,7 +4,7 @@ Description=Modem Manager
 [Service]
 Type=dbus
 BusName=org.freedesktop.ModemManager1
-ExecStart=@sbindir@/ModemManager
+ExecStart=@sbindir@/ModemManager --filter-policy=WHITELIST-ONLY
 StandardError=null
 Restart=on-abort
 CapabilityBoundingSet=CAP_SYS_ADMIN
diff --git a/src/78-mm-nio.rules b/src/78-mm-nio.rules
index 9b64e8db6..ce448788f 100644
--- a/src/78-mm-nio.rules
+++ b/src/78-mm-nio.rules
@@ -4,4 +4,7 @@ ACTION!="add|change|move", GOTO="mm_nio_rules_end"
 # Modem is named 'toby'
 DEVPATH=="/devices/soc0/soc/2100000.aips-bus/2184200.usb/ci_hdrc.1/usb2/2-1", ENV{ID_MM_PHYSDEV_UID}="toby"
 
+# Modem is explicitly whitelisted in ModemManager
+DEVPATH=="/devices/soc0/soc/2100000.aips-bus/2184200.usb/ci_hdrc.1/usb2/2-1", ENV{ID_MM_DEVICE_PROCESS}="1"
+
 LABEL="mm_nio_rules_end"
author	Aleksander Morgado <aleksander@aleksander.es>	2017-12-08 16:25:23 +0100
committer	Aleksander Morgado <aleksander@aleksander.es>	2017-12-08 16:25:23 +0100
commit	b4c49f273127e9bbe6f5a3fe39b1648c451c743d (patch)
tree	d654a2f320bab48240f23c195359355654f46187
parent	6fc3498cfc9607a94d3bdfc45ebc2ddd58ce721d (diff)
download	ModemManager-aleksander/wip-metric.tar.gz