tequilaOS/platform_device_qcom_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Sepolicy changes to allow create socket

Browse source 
Allow hal_rcsservice to create qipcrtr_socket

Denial:

avc: denied { create } for comm="imsrcsd"
scontext=u:r:hal_rcsservice:s0 tcontext=u:r:hal_rcsservice:s0
tclass=qipcrtr_socket permissive=0

Change-Id: I2efa91e771ae5a51aa23becef72000daf6c54dc5
This commit is contained in:
Devi Sandeep Endluri V V 2019-03-13 15:43:18 +05:30 committed by Gerrit - the friendly Code Review server
parent 2be1440bc7
commit 89d738f84e
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
generic/vendor/common/hal_rcsservice.te vendored
View file

@ -31,7 +31,6 @@ type hal_rcsservice_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_rcsservice)
net_domain(hal_rcsservice)
allow hal_rcsservice self:{ qipcrtr_socket } rw_socket_perms_no_ioctl;
get_prop(hal_rcsservice, ims_prop)
set_prop(hal_rcsservice, ims_prop)
@ -46,7 +45,7 @@ get_prop(hal_rcsservice, hwservicemanager_prop)
allow hal_rcsservice sysfs_timestamp_switch:file r_file_perms;
allow hal_rcsservice sysfs_data:file r_file_perms;
allow hal_rcsservice self: { socket qipcrtr_socket } create_socket_perms_no_ioctl;
#required for socket creation
unix_socket_connect(hal_rcsservice, ims, ims)