From e9bb9a4c98e848f7cc47ea8f4a73b524e0747fe7 Mon Sep 17 00:00:00 2001 From: markchien Date: Thu, 21 Nov 2019 12:58:31 +0800 Subject: [PATCH] [Tether12] Give network stack permission for tetheroffload Tethering module would run in network stack process. Add network_stack as client of tetheroffload hidl and give it permission to create and share netlink_netfilter_sockets Bug: 144320246 Test: -build, flas, boot -OFF/ON hotspot Change-Id: Id961fd4af0d30f902eb0115aa15db612aaa8bb91 --- private/network_stack.te | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/private/network_stack.te b/private/network_stack.te index 6db7d8fbb..e13284032 100644 --- a/private/network_stack.te +++ b/private/network_stack.te @@ -70,3 +70,7 @@ allow network_stack dumpstate:fifo_file write; # Create/use netlink_tcpdiag_socket to get tcp info allow network_stack self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read nlmsg_write }; +############### Tethering Service app - Tethering.apk ############## +hal_client_domain(network_stack, hal_tetheroffload) +# Create and share netlink_netfilter_sockets for tetheroffload. +allow network_stack self:netlink_netfilter_socket create_socket_perms_no_ioctl;