device_google_zuma/radio/radio.te at 25c992012f83c412eb9810ce47eb4dbd0ce29aad - Evolution-X-Tensor/device_google_zuma - Forgejo: Beyond coding. We Forge.

Evolution-X-Tensor/device_google_zuma

Jayachandran C f54ab444ac Allow radio to access IMS stack's socket for sending/receiving RTP packets and aoc_device for codec encoding/decoding

This fixes the follow denials

Vendor ImsStack denials
================
type=1400 audit(0.0:9): avc: denied { read write } for comm="pool-28-thread-" path="socket:[109431]" dev="sockfs" ino=109431 scontext=u:r:radio:s0 tcontext=u:r:vendor_ims_app:s0:c7,c257,c512,c768 tclass=udp_socket permissive=0 app=com.shannon.imsservice

AOC denials
===========
type=1400 audit(0.0:11): avc: denied { write } for name="acd-audio_rtp_tx" dev="tmpfs" ino=1185 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
type=1400 audit(0.0:12): avc: denied { read } for name="acd-audio_rtp_rx" dev="tmpfs" ino=1186 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 259178236
Test: Manually verified on the device with AOC

Change-Id: I000c0c72d8a37ab5680caddd499977db66939bfa

2023-02-15 22:20:56 +00:00

4 lines

237 B

Text

Raw Blame History

 allow radio radio_vendor_data_file:dir rw_dir_perms;
 allow radio radio_vendor_data_file:file create_file_perms;
 allow radio vendor_ims_app:udp_socket { getattr read write setopt shutdown };
 allow radio aoc_device:chr_file rw_file_perms;