From 81f027f9a1f6524fecd196bd650ffcee56eaf11f Mon Sep 17 00:00:00 2001
From: Xiaofan Jiang <xiaofanj@google.com>
Date: Fri, 13 Sep 2024 00:50:42 +0000
Subject: [PATCH] modem_svc: update sepolicy for UMI

Bug: 357139752

09-12 14:58:18.412 21402 21402 W shared_modem_pl: type=1400 audit(0.0:445): avc:  denied  { write } for  name="modem_svc_socket" dev="dm-53" ino=55074 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=0

Flag: EXEMPT sepolicy change only

Change-Id: I0f465e6a3039cc9781142c2b0f3fc433eaa1c9dc
---
 radio/modem_svc_sit.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/radio/modem_svc_sit.te b/radio/modem_svc_sit.te
index 69b6770..d23274c 100644
--- a/radio/modem_svc_sit.te
+++ b/radio/modem_svc_sit.te
@@ -1,3 +1,4 @@
+# Selinux rule for modem_svc_sit daemon
 type modem_svc_sit, domain;
 type modem_svc_sit_exec, vendor_file_type, exec_type, file_type;
 init_daemon_domain(modem_svc_sit)
@@ -51,6 +52,6 @@ allow modem_svc_sit modem_img_file:lnk_file r_file_perms;
 
 # Allow modem_svc_sit to access socket for UMI
 userdebug_or_eng(`
-  allow modem_svc_sit radio_vendor_data_file:sock_file { create unlink };
+  allow modem_svc_sit radio_vendor_data_file:sock_file { create write unlink };
 ')