diff options
| author | Ruslan Trofymenko <ruslan.trofymenko@linaro.org> | 2018-08-10 23:27:23 +0000 |
|---|---|---|
| committer | Praneeth Bajjuri <praneeth@ti.com> | 2018-08-10 15:04:52 -0500 |
| commit | 15d1e390bad92ce193a571701b7d30a2179c2602 (patch) | |
| tree | c0ec2808bac82b31164a813fbff3535a7784be98 | |
| parent | e29f15fa662d234cfe250a673c0ac8dbceb5963c (diff) | |
| download | am57xevm-15d1e390bad92ce193a571701b7d30a2179c2602.tar.gz | |
am57xevm: sepolicy: Allow access netd to /proc/net
'netd' daemon require access to /proc/net items, for example [1]:
asprintf(&fname, "/proc/net/xt_quota/%s", quotaName);
fp = fopen(fname, "we");
Were added the rules for manipulations with /proc/net filesystem.
[1] system/netd/server/BandwidthController.cpp
Signed-off-by: Ruslan Trofymenko <ruslan.trofymenko@linaro.org>
| -rw-r--r-- | sepolicy/netd.te | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sepolicy/netd.te b/sepolicy/netd.te index 6c8303c..406fa53 100644 --- a/sepolicy/netd.te +++ b/sepolicy/netd.te @@ -2,3 +2,6 @@ # Ignore them dontaudit netd self:capability sys_module; dontaudit netd kernel:system module_request; + +allow netd proc_net:dir {add_name write}; +allow netd proc_net:file create; |