diff options
author | Xin Li <delphij@google.com> | 2022-06-27 23:38:03 +0000 |
---|---|---|
committer | Xin Li <delphij@google.com> | 2022-06-27 23:38:03 +0000 |
commit | 6006da656add30477f0269654b7c19061b00a285 (patch) | |
tree | 5f0bdf382efc219fc3695c92e553ce718cc81b2e | |
parent | 5563c789ae4efbe9d239b0bbc4c72f8301ac2649 (diff) | |
parent | c0278d30d7c6777b4b5b12028674aac3e53a7250 (diff) | |
download | wembley-sepolicy-temp_sam_242648940.tar.gz |
Merge tm-dev-plus-aosp-without-vendor@8763363temp_sam_242648940
Bug: 236760014
Merged-In: I27123db04b1f6bc635ae2b5764719d9610c9f020
Change-Id: If896a27bf7824c9c3e586822a93b4d8122cb37fd
-rw-r--r-- | non_plat/mnld.te | 2 | ||||
-rw-r--r-- | non_plat/mtk_agpsd.te | 2 | ||||
-rw-r--r-- | non_plat/mtkrild.te | 2 | ||||
-rw-r--r-- | non_plat/slpd.te | 2 |
4 files changed, 7 insertions, 1 deletions
diff --git a/non_plat/mnld.te b/non_plat/mnld.te index 4625b8e..17bacba 100644 --- a/non_plat/mnld.te +++ b/non_plat/mnld.te @@ -109,3 +109,5 @@ allow mnld sysfs_leds:file r_file_perms; #Add for /nvcfg/almanac.dat allow mnld nvcfg_file:dir w_dir_perms; allow mnld nvcfg_file:file create_file_perms; + +allow mnld self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; diff --git a/non_plat/mtk_agpsd.te b/non_plat/mtk_agpsd.te index 40abed3..c9488e0 100644 --- a/non_plat/mtk_agpsd.te +++ b/non_plat/mtk_agpsd.te @@ -70,3 +70,5 @@ get_prop(mtk_agpsd, vendor_mtk_mnld_prop) get_prop(mtk_agpsd, vendor_mtk_gps_support_prop) wakelock_use(mtk_agpsd) + +allow mtk_agpsd self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; diff --git a/non_plat/mtkrild.te b/non_plat/mtkrild.te index 677e17f..82cc1e5 100644 --- a/non_plat/mtkrild.te +++ b/non_plat/mtkrild.te @@ -53,7 +53,7 @@ allow mtkrild sdcardfs:dir r_dir_perms; allow mtkrild proc_net:file w_file_perms; # Set and get routes directly via netlink. -allow mtkrild self:netlink_route_socket nlmsg_write; +allow mtkrild self:netlink_route_socket { nlmsg_write bind nlmsg_readpriv nlmsg_getneigh }; # Allow read/write to devices/files allow mtkrild mtk_radio_device:dir search; diff --git a/non_plat/slpd.te b/non_plat/slpd.te index cfce93b..fa3efeb 100644 --- a/non_plat/slpd.te +++ b/non_plat/slpd.te @@ -16,3 +16,5 @@ net_domain(slpd) # mtk_agpsd will send the current SUPL profile to SLPD allow slpd mtk_agpsd:unix_dgram_socket sendto; + +allow slpd self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; |