SEAndroid: location policies update

Add net_admin and udp_socket for RTT feature Bug: 22827223 Change-Id: Ifb17ca46a17f7ef7515f96e9181c89e15b6358aa
author: Dante Russo <drusso@codeaurora.org> 2015-08-17 09:09:52 -0700
committer: Vineeta Srivastava <vsrivastava@google.com> 2015-08-18 23:14:05 +0000
commit: fb5e77593a0e56472b07719eb193bd01f72903f3 (patch)
tree: 45442a8d1ac2af45387dc003237184e6a090c8b2 /sepolicy
parent: 0171f69ac692725a2c67bb56b498aa7b24510a45 (diff)
download: bullhead-fb5e77593a0e56472b07719eb193bd01f72903f3.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/sepolicy/location.te b/sepolicy/location.te
index 834b970..2e190df 100644
--- a/sepolicy/location.te
+++ b/sepolicy/location.te
@@ -18,6 +18,7 @@ allow location location_exec:file x_file_perms;
 allow location self:{
     socket
     netlink_socket
+    udp_socket
 } create_socket_perms;
 
 # create location socket location-mq-s
@@ -26,7 +27,7 @@ allow location location_data_file:sock_file { create setattr unlink };
 # daemon starts as root to obtain all DAC capabilities
 # TODO start as gps user and use filesystem-config to give
 # proper DAC capabilities.
-allow location self:capability { setuid setgid net_raw};
+allow location self:capability { setuid setgid net_admin net_raw };
 
 # execute /system/bin/lowi-server and /vendor/bin/slim_daemon
 allow location location_exec:file rx_file_perms;
author	Dante Russo <drusso@codeaurora.org>	2015-08-17 09:09:52 -0700
committer	Vineeta Srivastava <vsrivastava@google.com>	2015-08-18 23:14:05 +0000
commit	fb5e77593a0e56472b07719eb193bd01f72903f3 (patch)
tree	45442a8d1ac2af45387dc003237184e6a090c8b2 /sepolicy
parent	0171f69ac692725a2c67bb56b498aa7b24510a45 (diff)
download	bullhead-fb5e77593a0e56472b07719eb193bd01f72903f3.tar.gz