Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix netutils_wrapper avc denied

Browse source 
avc denied log:
03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2269): avc: denied { read write } for path="/dev/umts_wfc1" dev="tmpfs" ino=748 scontext=u:r:netutils_wrapper:s0 tcontext=u:object_r:pktrouter_device:s0 tclass=chr_file permissive=0

03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2270): avc: denied { read write } for path="socket:[1017]" dev="sockfs" ino=1017 scontext=u:r:netutils_wrapper:s0 tcontext=u:r:pktrouter:s0 tclass=netlink_route_socket permissive=0

03-25 22:30:40.226  root 22962 22962 W iptables-wrappe: type=1400 audit(0.0:2274): avc: denied { read write } for path="socket:[655847]" dev="sockfs" ino=655847 scontext=u:r:netutils_wrapper:s0 tcontext=u:r:pktrouter:s0 tclass=udp_socket permissive=0

Bug: 183713618
Test: WFC/WFC handover

Change-Id: I363bf009c3b05ac2ceccb5580e786fcebf0f5631
This commit is contained in:
Hsiaoan Hsu 2021-03-29 11:58:18 +08:00
parent 6d56fb7391
commit c9f580b083
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
whitechapel/vendor/google/netutils_wrapper.te vendored
View file

@ -1,4 +1,7 @@
allow netutils_wrapper pktrouter:fd use;
allow netutils_wrapper pktrouter:fifo_file write;
allow netutils_wrapper pktrouter:netlink_route_socket { read write };
allow netutils_wrapper pktrouter:packet_socket { read write };
allow netutils_wrapper pktrouter:rawip_socket { read write };
allow netutils_wrapper pktrouter:udp_socket { read write };
allow netutils_wrapper pktrouter_device:chr_file rw_file_perms;