Skip to content
Snippets Groups Projects
Commit 59078a94 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

netd: allow tcp connections. 

DNS can use TCP connections, in addition to UDP connections.
Allow TCP connections.

Addresses the following denial:

[ 1831.586826] type=1400 audit(1384129166.563:173): avc:  denied  { create } for  pid=11406 comm="netd" scontext=u:r:netd:s0 tcontext=u:r:netd:s0 tclass=tcp_socket

Public Bug: https://code.google.com/p/android/issues/detail?id=62196
Bug: 11097631

(cherry picked from commit 36a5d109)

Change-Id: Id2e383e1c74a26ef7e56499a33bf2b06b869c12b
parent 2abfe7d4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 3 deletions
netd.te
+ 3
3
View file @ 59078a94
...@@ -8,9 +8,9 @@ allow netd self:netlink_kobject_uevent_socket *; ...@@ -8,9 +8,9 @@ allow netd self:netlink_kobject_uevent_socket *;
allow netd self:netlink_route_socket *; allow netd self:netlink_route_socket *;
allow netd self:netlink_nflog_socket *; allow netd self:netlink_nflog_socket *;
allow netd self:rawip_socket *; allow netd self:rawip_socket *;
allow netd self:udp_socket *; allow netd self:{ tcp_socket udp_socket } *;
allow netd node:udp_socket node_bind; allow netd node:{ tcp_socket udp_socket } node_bind;
allow netd port:udp_socket name_bind; allow netd port:{ tcp_socket udp_socket } name_bind;
allow netd self:unix_stream_socket *; allow netd self:unix_stream_socket *;
allow netd shell_exec:file rx_file_perms; allow netd shell_exec:file rx_file_perms;
allow netd system_file:file x_file_perms; allow netd system_file:file x_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment