From f7727ace663ac830b303e2fb2ae6c61dd5152db5 Mon Sep 17 00:00:00 2001
From: Gregory Montoir <gmontoir@google.com>
Date: Mon, 6 Sep 2021 09:25:13 +0800
Subject: [PATCH] Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6}

File accesses go through com.android.ddmlib.SyncService for CTS
ListeningPortsTest.

Bug: 201645790
Test: atest ListeningPortsTest
Ignore-AOSP-First: Fix already in AOSP
Change-Id: I0c66fb5e35cda3b1799cf003402e454d7a951e96
---
 prebuilts/api/29.0/private/adbd.te | 3 +++
 private/adbd.te                    | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/prebuilts/api/29.0/private/adbd.te b/prebuilts/api/29.0/private/adbd.te
index 2fa4af637..d0dd155f7 100644
--- a/prebuilts/api/29.0/private/adbd.te
+++ b/prebuilts/api/29.0/private/adbd.te
@@ -148,6 +148,9 @@ allow adbd sepolicy_file:file r_file_perms;
 # Allow pulling config.gz for CTS purposes
 allow adbd config_gz:file r_file_perms;
 
+# For CTS listening ports test.
+allow adbd proc_net_tcp_udp:file r_file_perms;
+
 allow adbd gpu_service:service_manager find;
 allow adbd surfaceflinger_service:service_manager find;
 allow adbd bootchart_data_file:dir search;
diff --git a/private/adbd.te b/private/adbd.te
index 2fa4af637..d0dd155f7 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -148,6 +148,9 @@ allow adbd sepolicy_file:file r_file_perms;
 # Allow pulling config.gz for CTS purposes
 allow adbd config_gz:file r_file_perms;
 
+# For CTS listening ports test.
+allow adbd proc_net_tcp_udp:file r_file_perms;
+
 allow adbd gpu_service:service_manager find;
 allow adbd surfaceflinger_service:service_manager find;
 allow adbd bootchart_data_file:dir search;