NekoSakura/Android_Device_Mediatek_Sepolicy_Vndr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sepolicy: bsp: non_plat: Grant all network permissions to ipsec_mon

Browse Source 
Change-Id: I01ffcf9cc31332f45f9a1d3120c6d2946d3dc650
This commit is contained in:
SamarV-121 2022-09-14 22:56:58 +05:30 committed by Matsvei Niaverau
parent 6f21f83c67
commit 173aae2fb1
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bsp/non_plat/ipsec_mon.te
View File

@ -9,6 +9,8 @@ type ipsec_mon_exec, exec_type, file_type, vendor_file_type;
init_daemon_domain(ipsec_mon) init_daemon_domain(ipsec_mon)
net_domain(ipsec_mon)
allow ipsec_mon self:netlink_xfrm_socket { write bind create read nlmsg_read nlmsg_write}; allow ipsec_mon self:netlink_xfrm_socket { write bind create read nlmsg_read nlmsg_write};
allow ipsec_mon ims_ipsec_data_file:dir w_dir_perms; allow ipsec_mon ims_ipsec_data_file:dir w_dir_perms;
allow ipsec_mon ims_ipsec_data_file:file create_file_perms; allow ipsec_mon ims_ipsec_data_file:file create_file_perms;