bluetoothdomain.te - platform/external/sepolicy - Git at Google

 # Other domains that can create and use bluetooth sockets.
 # SELinux does not presently define a specific socket class for
 # bluetooth sockets, nor does it distinguish among the bluetooth protocols.
 # TODO: This should no longer be needed with bluedroid for bluetooth
 # but may be getting used for other non-bluetooth sockets that has no
 # specific class defined.  Consider taking to specific domains. (b/25768265)
 allow bluetoothdomain self:socket create_socket_perms;
 auditallow { bluetoothdomain -system_server } self:socket create_socket_perms;

 # Allow clients to use a socket provided by the bluetooth app.
 # TODO:  See if this is still required under bluedroid. (b/25767747)
 allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
 auditallow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
	# Other domains that can create and use bluetooth sockets.
	# SELinux does not presently define a specific socket class for
	# bluetooth sockets, nor does it distinguish among the bluetooth protocols.
	# TODO: This should no longer be needed with bluedroid for bluetooth
	# but may be getting used for other non-bluetooth sockets that has no
	# specific class defined. Consider taking to specific domains. (b/25768265)
	allow bluetoothdomain self:socket create_socket_perms;
	auditallow { bluetoothdomain -system_server } self:socket create_socket_perms;

	# Allow clients to use a socket provided by the bluetooth app.
	# TODO: See if this is still required under bluedroid. (b/25767747)
	allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
	auditallow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };