diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-03-04 13:34:54 -0500 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2014-03-04 13:34:54 -0500 |
| commit | 495e9d12b97cfaf3d6efb007b7b68217c2b94ba8 (patch) | |
| tree | 088519874e9c1bcb9e8debbedcbefbdc2dd77d89 /bluetooth.te | |
| parent | 28afdd9234236d0b3c510f28255aa14625d11457 (diff) | |
| download | android_external_sepolicy-495e9d12b97cfaf3d6efb007b7b68217c2b94ba8.tar.gz android_external_sepolicy-495e9d12b97cfaf3d6efb007b7b68217c2b94ba8.tar.bz2 android_external_sepolicy-495e9d12b97cfaf3d6efb007b7b68217c2b94ba8.zip | |
Allow getopt / getattr to bluetooth unix_stream_socket.
Resolve denials such as:
avc: denied { getattr } for pid=16226 comm="Thread-2096" path="socket:[414657]" dev="sockfs" ino=414657 scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0 tclass=unix_stream_socket
avc: denied { getopt } for pid=5890 comm="FinalizerDaemon" scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0 tclass=unix_stream_socket
Change-Id: Iea7790aa4f8e24f3ec0d2c029933a3902333472e
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'bluetooth.te')
| -rw-r--r-- | bluetooth.te | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/bluetooth.te b/bluetooth.te index 16e7b0b..474ca43 100644 --- a/bluetooth.te +++ b/bluetooth.te @@ -31,7 +31,7 @@ allow bluetooth self:capability net_admin; # Allow clients to use a socket provided by the bluetooth app. # TODO: See if this is still required under bluedroid. -allow bluetoothdomain bluetooth:unix_stream_socket { read write shutdown }; +allow bluetoothdomain bluetooth:unix_stream_socket { getopt getattr read write shutdown }; # tethering allow bluetooth self:tun_socket create_socket_perms; |