Evolution-X-Devices/device_google_gs101
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix netutils_wrapper avc denied

Browse Source 
avc denied log:
03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2269): avc: denied { read write } for path="/dev/umts_wfc1" dev="tmpfs" ino=748 scontext=u:r:netutils_wrapper:s0 tcontext=u:object_r:pktrouter_device:s0 tclass=chr_file permissive=0

03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2270): avc: denied { read write } for path="socket:[1017]" dev="sockfs" ino=1017 scontext=u:r:netutils_wrapper:s0 tcontext=u:r:pktrouter:s0 tclass=netlink_route_socket permissive=0

03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2274): avc: denied { read write } for path="socket:[655847]" dev="sockfs" ino=655847 scontext=u:r:netutils_wrapper:s0 tcontext=u:r:pktrouter:s0 tclass=udp_socket permissive=0

Bug: 183713618
Test: WFC/WFC handover

Change-Id: I363bf009c3b05ac2ceccb5580e786fcebf0f5631
This commit is contained in:
Hsiaoan Hsu
2021-03-29 11:58:18 +08:00
parent 6d56fb7391
commit c9f580b083
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
whitechapel/vendor/google/netutils_wrapper.te vendored
View File

@@ -1,4 +1,7 @@
allow netutils_wrapper pktrouter:fd use;
allow netutils_wrapper pktrouter:fifo_file write;
allow netutils_wrapper pktrouter:netlink_route_socket { read write };
allow netutils_wrapper pktrouter:packet_socket { read write };
allow netutils_wrapper pktrouter:rawip_socket { read write };
allow netutils_wrapper pktrouter:udp_socket { read write };
allow netutils_wrapper pktrouter_device:chr_file rw_file_perms;