new file mode 100644
@@ -0,0 +1,35 @@
+From 11a838ec4c51c62b265f653e4aedf22ed032d2ce Mon Sep 17 00:00:00 2001
+From: Jaihind Yadav <jaihindy@qti.qualcomm.com>
+Date: Thu, 21 May 2026 08:47:33 +0000
+Subject: [PATCH] policy/modules/system/init: allow ModemManager to send DBus
+ messages to initrc_t.
+
+Add modemmanager_dbus_chat(initrc_t) to permit wireplumber
+to communicate with ModemManager over D-Bus.
+
+Upstream-Status: Backport [5684dae89f8d69717a17664193d3686fdf57fb6b]
+
+Signed-off-by: Jaihind Yadav <jaihindy@qti.qualcomm.com>
+---
+ policy/modules/system/init.te | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
+index 15bffd9cf..491f04c48 100644
+--- a/policy/modules/system/init.te
++++ b/policy/modules/system/init.te
+@@ -1334,6 +1334,11 @@ optional_policy(`
+ networkmanager_dbus_chat(initrc_t)
+ ')
+
++ optional_policy(`
++ # Needed by wireplumber to interact with ModemManager over D-Bus
++ modemmanager_dbus_chat(initrc_t)
++ ')
++
+ optional_policy(`
+ policykit_dbus_chat(initrc_t)
+ ')
+--
+2.43.0
+
@@ -74,6 +74,7 @@ SRC_URI += " \
file://0056-policy-modules-system-setrans-allow-setrans_t-use-fd.patch \
file://0057-policy-modules-system-systemd-make-_systemd_t-MLS-tr.patch \
file://0058-policy-modules-system-logging-make-syslogd_runtime_t.patch \
+ file://0059-policy-modules-system-init-allow-ModemManager-to-sen.patch \
"
S = "${UNPACKDIR}/refpolicy"
Backport upstream change to fix wireplumber interaction with ModemManager via D-Bus. Upstream-Status: Backport [5684dae89f8d69717a17664193d3686fdf57fb6b] Signed-off-by: Jaihind Yadav <jaihindy@qti.qualcomm.com> --- ...ystem-init-allow-ModemManager-to-sen.patch | 35 +++++++++++++++++++ .../refpolicy/refpolicy_common.inc | 1 + 2 files changed, 36 insertions(+) create mode 100644 recipes-security/refpolicy/refpolicy/0059-policy-modules-system-init-allow-ModemManager-to-sen.patch