diff options
author | Boxiang Pan <bopan@codeaurora.org> | 2015-08-03 17:28:25 -0700 |
---|---|---|
committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2015-09-11 11:07:07 -0700 |
commit | 30b1f04444007e226c37e2f739a1c543ca54dca3 (patch) | |
tree | 600e29f7219b269ac1b731a3945c8b3ccfa7be7c | |
parent | 0560c44a7796e5cc542d442d1341102bbbbe12db (diff) | |
download | android_device_qcom_sepolicy-30b1f04444007e226c37e2f739a1c543ca54dca3.tar.gz android_device_qcom_sepolicy-30b1f04444007e226c37e2f739a1c543ca54dca3.tar.bz2 android_device_qcom_sepolicy-30b1f04444007e226c37e2f739a1c543ca54dca3.zip |
sepolicy: allow vpn connection via L2TP.
avc: denied { read write } for comm="pppd" path="socket:[44031]"
dev="sockfs" ino=44031 scontext=u:r:ppp:s0 tcontext=u:r:mtp:s0
tclass=unix_stream_socket.
CRs-fixed: 884186
Change-Id: I6eaacbcaeb9f70c2e9f774002547f8826b089844
-rw-r--r-- | common/ppp.te | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/common/ppp.te b/common/ppp.te new file mode 100644 index 00000000..d5bb3638 --- /dev/null +++ b/common/ppp.te @@ -0,0 +1,29 @@ +#Copyright (c) 2015, The Linux Foundation. All rights reserved. +# +#Redistribution and use in source and binary forms, with or without +#modification, are permitted provided that the following conditions are +#met: +#* Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +#* Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +#* Neither the name of The Linux Foundation nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +#THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED +#WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT +#ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS +#BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +#CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +#SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +#BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +#WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +#IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# allow VPN connection via L2TP +allow ppp mtp:unix_stream_socket rw_socket_perms; |