sepolicy: Allowing netd to use priv_sock_ioctls

Radish uses brctl to create bridge interface which in turn uses ioctl's. Allowing netd to call ioctls that are part of priv_sock_ioctls. CRs-Fixed: 1024043 Change-Id: Ia912a18204da22b6ff2d8d03c7652fa91b41a624
author: Ashwanth Goli <ashwanth@codeaurora.org> 2016-06-03 12:55:06 +0530
committer: Ashwanth Goli <ashwanth@codeaurora.org> 2016-06-03 14:11:03 +0530
commit: ad2c7efa67ca5f7574d9c70bed43e346c9a9a208 (patch)
tree: a61312e64289abbde3d78ac185bba0d512d84f34 /common/netd.te
parent: d057af1d9ec1c9c0673c51917c1eb2ac00f69509 (diff)
download: android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.tar.gz
android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.tar.bz2
android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/common/netd.te b/common/netd.te
index 77886373..603946ad 100644
--- a/common/netd.te
+++ b/common/netd.te
@@ -16,6 +16,9 @@ binder_use(netd);
 allow netd ipacm_data_file:dir r_dir_perms;
 allow netd ipacm_data_file:file r_file_perms;
 
+#allow netd to use privileged sock ioctls
+allowxperm netd self: { unix_stream_socket } ioctl priv_sock_ioctls;
+
 # needed for netd to start FST Manager via system property
 allow netd netd_prop:property_service set;
 allow netd qtitetherservices_service:service_manager find;
author	Ashwanth Goli <ashwanth@codeaurora.org>	2016-06-03 12:55:06 +0530
committer	Ashwanth Goli <ashwanth@codeaurora.org>	2016-06-03 14:11:03 +0530
commit	ad2c7efa67ca5f7574d9c70bed43e346c9a9a208 (patch)
tree	a61312e64289abbde3d78ac185bba0d512d84f34 /common/netd.te
parent	d057af1d9ec1c9c0673c51917c1eb2ac00f69509 (diff)
download	android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.tar.gz android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.tar.bz2 android_device_qcom_sepolicy-ad2c7efa67ca5f7574d9c70bed43e346c9a9a208.zip