Skip to content
Snippets Groups Projects
Select Git revision
  • android-7.1.2_r28_klist
  • master default protected
  • pie-cts-release
  • pie-vts-release
  • pie-cts-dev
  • oreo-mr1-iot-release
  • sdk-release
  • oreo-m6-s4-release
  • oreo-m4-s12-release
  • pie-release
  • pie-r2-release
  • pie-r2-s1-release
  • oreo-vts-release
  • oreo-cts-release
  • oreo-dev
  • oreo-mr1-dev
  • pie-gsi
  • pie-platform-release
  • pie-dev
  • oreo-cts-dev
  • android-o-mr1-iot-release-1.0.4
  • android-9.0.0_r8
  • android-9.0.0_r7
  • android-9.0.0_r6
  • android-9.0.0_r5
  • android-8.1.0_r46
  • android-8.1.0_r45
  • android-n-iot-release-smart-display-r2
  • android-vts-8.1_r5
  • android-cts-8.1_r8
  • android-cts-8.0_r12
  • android-cts-7.1_r20
  • android-cts-7.0_r24
  • android-o-mr1-iot-release-1.0.3
  • android-cts-9.0_r1
  • android-8.1.0_r43
  • android-8.1.0_r42
  • android-n-iot-release-smart-display
  • android-p-preview-5
  • android-9.0.0_r3
40 results
Blame Permalink
  • Lorenzo Colitti's avatar
    6cd57a43
    Allow clatd to read from packet sockets and write to raw sockets · 6cd57a43
    Lorenzo Colitti authored 
    This addresses the following denials that occur when switching
clatd from an IPv6 tun interface to packet and raw sockets:

avc: denied { net_raw } for pid=3540 comm="clatd" capability=13 scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=capability
avc: denied { create } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { bind } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { setopt } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { read } for pid=3540 comm="clatd" path="socket:[19117]" dev="sockfs" ino=19117 scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket

Bug: 15340961
Change-Id: I3c06e8e3e0cfc0869a7b73c803bbffe28369ee5e
    6cd57a43
    History
    Allow clatd to read from packet sockets and write to raw sockets
    Lorenzo Colitti authored 
    This addresses the following denials that occur when switching
clatd from an IPv6 tun interface to packet and raw sockets:

avc: denied { net_raw } for pid=3540 comm="clatd" capability=13 scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=capability
avc: denied { create } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { bind } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { setopt } for pid=3540 comm="clatd" scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket
avc: denied { read } for pid=3540 comm="clatd" path="socket:[19117]" dev="sockfs" ino=19117 scontext=u:r:clatd:s0 tcontext=u:r:clatd:s0 tclass=packet_socket

Bug: 15340961
Change-Id: I3c06e8e3e0cfc0869a7b73c803bbffe28369ee5e