Define smc_socket security class. am: 2be9799b am: 52909aca am: ad01d1f6

am: 06a22e41 Change-Id: Ib3549463537470e9af49cc4b1e6b2a526c2a9c76

Define smc_socket security class. am: 2be9799b am: 52909aca am: ad01d1f6
2d192759 · Stephen Smalley · android-build-merger · 13a9dfbe · 06a22e41 · 2d192759
Commit 2d192759 authored 7 years ago by Stephen Smalley Committed by android-build-merger 7 years ago
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -657,6 +657,9 @@ inherits socket
 class qipcrtr_socket
 inherits socket
+class smc_socket
+inherits socket
 class property_service
 {
 	set

--- a/private/security_classes
+++ b/private/security_classes
@@ -127,6 +127,7 @@ class nfc_socket
 class vsock_socket
 class kcm_socket
 class qipcrtr_socket
+class smc_socket
 # Property service
 class property_service          # userspace

--- a/private/webview_zygote.te
+++ b/private/webview_zygote.te
@@ -108,7 +108,7 @@ neverallow webview_zygote domain:{
  x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket
  pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket
  rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket
-  alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket
+  alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket
 } *;
 # Do not allow access to Bluetooth-related system properties.

--- a/public/global_macros
+++ b/public/global_macros
@@ -8,7 +8,7 @@ define(`notdevfile_class_set', `{ file lnk_file sock_file fifo_file }')
 define(`file_class_set', `{ devfile_class_set notdevfile_class_set }')
 define(`dir_file_class_set', `{ dir file_class_set }')
-define(`socket_class_set', `{ socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket }')
+define(`socket_class_set', `{ socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket }')
 define(`dgram_socket_class_set', `{ udp_socket unix_dgram_socket }')
 define(`stream_socket_class_set', `{ tcp_socket unix_stream_socket }')
 define(`unpriv_socket_class_set', `{ tcp_socket udp_socket unix_stream_socket unix_dgram_socket }')