Add permissions to allow iface up/down
I need SIOCGIFFLAGS and SIOCSIFFLAGS in order to bring up/down interfaces with AIDL CAN HAL. Bug: 260592449 Test: CAN HAL can bring up interfaces Change-Id: I67edaa857cffdf3c3fc9f3b17aad5879e09c6385
This commit is contained in:
Chris Weir
parent
c3802445d0
commit
1bcbc0b667
1 changed files with 3 additions and 1 deletions
4
vendor/hal_can_socketcan.te
vendored
4
vendor/hal_can_socketcan.te
vendored
|
|
@ -9,10 +9,12 @@ init_daemon_domain(hal_can_socketcan)
|
|||
allow hal_can_socketcan self:capability net_admin;
|
||||
allow hal_can_socketcan self:netlink_route_socket { create bind write nlmsg_write read };
|
||||
|
||||
# Calling if_nametoindex(3) to open CAN sockets
|
||||
# See man page for netdevice(7) for more info on ioctls
|
||||
allow hal_can_socketcan self:udp_socket { create ioctl };
|
||||
allowxperm hal_can_socketcan self:udp_socket ioctl {
|
||||
SIOCGIFINDEX
|
||||
SIOCGIFFLAGS
|
||||
SIOCSIFFLAGS
|
||||
};
|
||||
|
||||
# Communicating with SocketCAN interfaces and bringing them up/down
|
||||
|
|
|
|||
Loading…
Reference in a new issue