From 37c32d672f0031f02bfde14f00eb8e18d70fe471 Mon Sep 17 00:00:00 2001
From: "Jinhee.k" <jinhee.k@samsung.com>
Date: Thu, 15 Sep 2022 19:15:31 +0000
Subject: [PATCH] sepolicy: allowed permissions required for network access    
            : add permission to allow create, connect udp socket Apply to add
 network access permissions

Bug: 242231557
Test: Verified no IMS exception and avc denied
Change-Id: I4a4bd1efb22b5538b1679aad8f543d00203e0b48
Signed-off-by: Jinhee.k <jinhee.k@samsung.com>
---
 whitechapel_pro/vendor_ims_app.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/whitechapel_pro/vendor_ims_app.te b/whitechapel_pro/vendor_ims_app.te
index 38e63646..ed65eae1 100644
--- a/whitechapel_pro/vendor_ims_app.te
+++ b/whitechapel_pro/vendor_ims_app.te
@@ -1,5 +1,6 @@
 type vendor_ims_app, domain;
 app_domain(vendor_ims_app)
+net_domain(vendor_ims_app)
 
 allow vendor_ims_app app_api_service:service_manager find;
 allow vendor_ims_app audioserver_service:service_manager find;
@@ -11,6 +12,8 @@ allow vendor_ims_app mediaserver_service:service_manager find;
 allow vendor_ims_app cameraserver_service:service_manager find;
 allow vendor_ims_app mediametrics_service:service_manager find;
 
+allow vendor_ims_app self:udp_socket { create_socket_perms_no_ioctl };
+
 binder_call(vendor_ims_app, rild)
 set_prop(vendor_ims_app, vendor_rild_prop)
 set_prop(vendor_ims_app, radio_prop)