diff options
author | Xin Li <delphij@google.com> | 2022-08-15 22:01:57 -0700 |
---|---|---|
committer | Xin Li <delphij@google.com> | 2022-08-15 22:01:57 -0700 |
commit | f13c09a795718ec8d5b69d1371f144a0ac262e8e (patch) | |
tree | 5f0bdf382efc219fc3695c92e553ce718cc81b2e | |
parent | 5563c789ae4efbe9d239b0bbc4c72f8301ac2649 (diff) | |
parent | 6006da656add30477f0269654b7c19061b00a285 (diff) | |
download | wembley-sepolicy-android13-platform-release.tar.gz |
DO NOT MERGE - Merge Android 13android-platform-13.0.0_r1android13-platform-release
Bug: 242648940
Merged-In: I27123db04b1f6bc635ae2b5764719d9610c9f020
Change-Id: Ie6505d841fd4cdc291e89e6d0b20c1ca13ad22c2
-rw-r--r-- | non_plat/mnld.te | 2 | ||||
-rw-r--r-- | non_plat/mtk_agpsd.te | 2 | ||||
-rw-r--r-- | non_plat/mtkrild.te | 2 | ||||
-rw-r--r-- | non_plat/slpd.te | 2 |
4 files changed, 7 insertions, 1 deletions
diff --git a/non_plat/mnld.te b/non_plat/mnld.te index 4625b8e..17bacba 100644 --- a/non_plat/mnld.te +++ b/non_plat/mnld.te @@ -109,3 +109,5 @@ allow mnld sysfs_leds:file r_file_perms; #Add for /nvcfg/almanac.dat allow mnld nvcfg_file:dir w_dir_perms; allow mnld nvcfg_file:file create_file_perms; + +allow mnld self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; diff --git a/non_plat/mtk_agpsd.te b/non_plat/mtk_agpsd.te index 40abed3..c9488e0 100644 --- a/non_plat/mtk_agpsd.te +++ b/non_plat/mtk_agpsd.te @@ -70,3 +70,5 @@ get_prop(mtk_agpsd, vendor_mtk_mnld_prop) get_prop(mtk_agpsd, vendor_mtk_gps_support_prop) wakelock_use(mtk_agpsd) + +allow mtk_agpsd self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; diff --git a/non_plat/mtkrild.te b/non_plat/mtkrild.te index 677e17f..82cc1e5 100644 --- a/non_plat/mtkrild.te +++ b/non_plat/mtkrild.te @@ -53,7 +53,7 @@ allow mtkrild sdcardfs:dir r_dir_perms; allow mtkrild proc_net:file w_file_perms; # Set and get routes directly via netlink. -allow mtkrild self:netlink_route_socket nlmsg_write; +allow mtkrild self:netlink_route_socket { nlmsg_write bind nlmsg_readpriv nlmsg_getneigh }; # Allow read/write to devices/files allow mtkrild mtk_radio_device:dir search; diff --git a/non_plat/slpd.te b/non_plat/slpd.te index cfce93b..fa3efeb 100644 --- a/non_plat/slpd.te +++ b/non_plat/slpd.te @@ -16,3 +16,5 @@ net_domain(slpd) # mtk_agpsd will send the current SUPL profile to SLPD allow slpd mtk_agpsd:unix_dgram_socket sendto; + +allow slpd self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh }; |