diff options
author | Robert Craig <rpcraig@tycho.ncsc.mil> | 2013-12-05 17:24:03 -0500 |
---|---|---|
committer | rpcraig <rpcraig@tycho.ncsc.mil> | 2013-12-05 17:37:25 -0500 |
commit | aa376831e88cf08a6c6e73bfcf05345412a357bb (patch) | |
tree | aacb214bbba69c6aa406ca69c32bbb1ca7763268 /rild.te | |
parent | b2547644effa3994766d7ebf1df3f712fb06577a (diff) | |
download | android_external_sepolicy-aa376831e88cf08a6c6e73bfcf05345412a357bb.tar.gz android_external_sepolicy-aa376831e88cf08a6c6e73bfcf05345412a357bb.tar.bz2 android_external_sepolicy-aa376831e88cf08a6c6e73bfcf05345412a357bb.zip |
Fix new rild denials.
Denials seen on hammerhead but seem
appropriate for general policy.
<5>[ 8.339347] type=1400 audit(3731546.390:17): avc: denied { ioctl } for pid=314 comm="rild" path="socket:[7996]" dev="sockfs" ino=7996 scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=socket
<5>[ 8.339065] type=1400 audit(3731546.390:16): avc: denied { create } for pid=314 comm="rild" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=socket
<5>[ 11.232121] type=1400 audit(3731549.289:22): avc: denied { read } for pid=620 comm="rild" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=socket
Change-Id: Ieaca5360afbb44d5da21c7c24bdd5e7c5758f0a2
Diffstat (limited to 'rild.te')
-rw-r--r-- | rild.te | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -45,3 +45,5 @@ allow rild self:netlink_kobject_uevent_socket { bind create getopt read setopt } # Access to wake locks allow rild sysfs_wake_lock:file rw_file_perms; + +allow rild self:socket create_socket_perms; |