diff options
author | Niranjan Pendharkar <npendhar@codeaurora.org> | 2017-07-27 14:13:21 -0700 |
---|---|---|
committer | Jayachandran C <jayachandranc@google.com> | 2017-07-28 13:16:27 -0700 |
commit | 7b7530c0e6c33ae6fec28aa13c8d7909f710f800 (patch) | |
tree | 5289453163d44784cea594a3bb06ac71d22d59e7 | |
parent | f93a0d3c949515de62566bbd6168d0dfd2b4d0fb (diff) | |
download | device_google_wahoo-7b7530c0e6c33ae6fec28aa13c8d7909f710f800.tar.gz device_google_wahoo-7b7530c0e6c33ae6fec28aa13c8d7909f710f800.tar.bz2 device_google_wahoo-7b7530c0e6c33ae6fec28aa13c8d7909f710f800.zip |
allow netmgrd to use INetd hal
Remove permissions to read /data/misc/* (netd pid file).
Allow netmgrd to become client of INetd HAL.
Test: no denials
Bug:36682246
Change-Id: If7a120a74ced3e63eed6baea288e814a7a0e177e
-rw-r--r-- | sepolicy/vendor/netmgrd.te | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/sepolicy/vendor/netmgrd.te b/sepolicy/vendor/netmgrd.te index af09105a..adbc4b6d 100644 --- a/sepolicy/vendor/netmgrd.te +++ b/sepolicy/vendor/netmgrd.te @@ -46,8 +46,6 @@ userdebug_or_eng(` dontaudit netmgrd kernel:system { module_request }; allow netmgrd proc_net:file rw_file_perms; -allow netmgrd net_data_file:dir r_dir_perms; -allow netmgrd net_data_file:file r_file_perms; allow netmgrd netmgr_data_file:dir rw_dir_perms; allow netmgrd netmgr_data_file:file create_file_perms; allow netmgrd system_file:file execute_no_trans; @@ -56,5 +54,11 @@ allow netmgrd self:capability { net_admin net_raw setgid setpcap setuid }; allow netmgrd vendor_toolbox_exec:file rx_file_perms; +# Allow netmgrd to use netd HAL +allow netmgrd system_net_netd_hwservice:hwservice_manager find; +get_prop(netmgrd, hwservicemanager_prop) +binder_call(netmgrd, netd) +hwbinder_use(netmgrd) + dontaudit netmgrd kernel:system module_request; dontaudit netmgrd self:system module_request; |