Add auditallow for bluetoothdomain rules
Let's see if it's safe to get rid of them. Bug: 25768265 Bug: 25767747 Change-Id: Iaf022b4dafe1cc9eab871c8d7ec5afd3cf20bf96
This commit is contained in:
parent
4fd216060c
commit
cb835a2852
2 changed files with 8 additions and 2 deletions
|
@ -3,9 +3,11 @@
|
|||
# bluetooth sockets, nor does it distinguish among the bluetooth protocols.
|
||||
# TODO: This should no longer be needed with bluedroid for bluetooth
|
||||
# but may be getting used for other non-bluetooth sockets that has no
|
||||
# specific class defined. Consider taking to specific domains.
|
||||
# specific class defined. Consider taking to specific domains. (b/25768265)
|
||||
allow bluetoothdomain self:socket create_socket_perms;
|
||||
auditallow { bluetoothdomain -system_server } self:socket create_socket_perms;
|
||||
|
||||
# Allow clients to use a socket provided by the bluetooth app.
|
||||
# TODO: See if this is still required under bluedroid.
|
||||
# TODO: See if this is still required under bluedroid. (b/25767747)
|
||||
allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
|
||||
auditallow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown };
|
||||
|
|
|
@ -65,6 +65,10 @@ allow system_server self:netlink_kobject_uevent_socket create_socket_perms;
|
|||
# Use generic netlink sockets.
|
||||
allow system_server self:netlink_socket create_socket_perms;
|
||||
|
||||
# Use generic "sockets" where the address family is not known
|
||||
# to the kernel.
|
||||
allow system_server self:socket create_socket_perms;
|
||||
|
||||
# Set and get routes directly via netlink.
|
||||
allow system_server self:netlink_route_socket nlmsg_write;
|
||||
|
||||
|
|
Loading…
Reference in a new issue