system_server: add policy for getConnectionOwnerUid API
Bug: 9496886 Bug: 109758967 Test: atest HostsideVpnTests Change-Id: I1716d9c740b374b861e691b31ab271c681cf6bff
This commit is contained in:
Jeff Vander Stoep
parent
702fd0afac
commit
d1b14ab732
1 changed files with 3 additions and 0 deletions
|
|
@ -78,6 +78,9 @@ allow system_server self:global_capability2_class_set wake_alarm;
|
|||
# Create and share netlink_netfilter_sockets for tetheroffload.
|
||||
allow system_server self:netlink_netfilter_socket create_socket_perms_no_ioctl;
|
||||
|
||||
# Create/use netlink_tcpdiag_socket for looking up connection UIDs for VPN apps.
|
||||
allow system_server self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read };
|
||||
|
||||
# Use netlink uevent sockets.
|
||||
allow system_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue