From f54ab444aca26b6b42425bf0a587eedb2c0e5dab Mon Sep 17 00:00:00 2001
From: Jayachandran C <jayachandranc@google.com>
Date: Fri, 3 Feb 2023 07:51:42 +0000
Subject: [PATCH] Allow radio to access IMS stack's socket for
 sending/receiving RTP packets and aoc_device for codec encoding/decoding

This fixes the follow denials

Vendor ImsStack denials
================
type=1400 audit(0.0:9): avc: denied { read write } for comm="pool-28-thread-" path="socket:[109431]" dev="sockfs" ino=109431 scontext=u:r:radio:s0 tcontext=u:r:vendor_ims_app:s0:c7,c257,c512,c768 tclass=udp_socket permissive=0 app=com.shannon.imsservice

AOC denials
===========
type=1400 audit(0.0:11): avc: denied { write } for name="acd-audio_rtp_tx" dev="tmpfs" ino=1185 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
type=1400 audit(0.0:12): avc: denied { read } for name="acd-audio_rtp_rx" dev="tmpfs" ino=1186 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 259178236
Test: Manually verified on the device with AOC

Change-Id: I000c0c72d8a37ab5680caddd499977db66939bfa
---
 radio/radio.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/radio/radio.te b/radio/radio.te
index a0492bf2..59107aab 100644
--- a/radio/radio.te
+++ b/radio/radio.te
@@ -1,2 +1,4 @@
 allow radio radio_vendor_data_file:dir rw_dir_perms;
 allow radio radio_vendor_data_file:file create_file_perms;
+allow radio vendor_ims_app:udp_socket { getattr read write setopt shutdown };
+allow radio aoc_device:chr_file rw_file_perms;