[KA08] Allow system_server call tcp socket ioctl
In order to offload application tcp socket’s keepalive message, system server must know if application's socket is idle with no data in send/receive queues. Allow system_server to use ioctl on all tcp sockets. Bug: 114151147 Test: -build, flash, boot Change-Id: I3f5a0e06bc22f8a64ae6180db48df2a31106c511
This commit is contained in:
markchien
Chalard Jean
parent
73d0a67b06
commit
f6b59fe644
1 changed files with 6 additions and 0 deletions
|
|
@ -53,6 +53,12 @@ net_domain(system_server)
|
|||
allowxperm system_server self:udp_socket ioctl priv_sock_ioctls;
|
||||
bluetooth_domain(system_server)
|
||||
|
||||
# Allow setup of tcp keepalive offload. This gives system_server the permission to
|
||||
# call ioctl on app domains' tcp sockets. Additional ioctl commands still need to
|
||||
# be granted individually, except for a small set of safe values whitelisted in
|
||||
# public/domain.te.
|
||||
allow system_server appdomain:tcp_socket ioctl;
|
||||
|
||||
# These are the capabilities assigned by the zygote to the
|
||||
# system server.
|
||||
allow system_server self:global_capability_class_set {
|
||||
|
|
|
|||
Loading…
Reference in a new issue