From d3381cd9e6d74bb36048818c58533de54dc07fda Mon Sep 17 00:00:00 2001
From: Sandeep Patil <sspatil@google.com>
Date: Wed, 14 Jun 2017 09:42:21 -0700
Subject: [PATCH] radio: disalllow radio and rild socket for treble devices

This violates the socket comms ban between coredomain (radio) and
non coredomain (rild) in the platform policy.

Bug: 62616897
Bug: 62343727

Test: Build and boot sailfish

Change-Id: I48303bbd8b6eb62c120a551d0f584b9733fc2d43
Signed-off-by: Sandeep Patil <sspatil@google.com>
---
 public/radio.te | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/public/radio.te b/public/radio.te
index 87329d913..6f29a705d 100644
--- a/public/radio.te
+++ b/public/radio.te
@@ -5,9 +5,8 @@ net_domain(radio)
 bluetooth_domain(radio)
 binder_service(radio)
 
-# TODO(b/36613472): Remove this once radio no longer communicates with rild over sockets.
-# Talks to rild via the rild socket.
-unix_socket_connect(radio, rild, rild)
+# Talks to rild via the rild socket only for devices without full treble
+not_full_treble(`unix_socket_connect(radio, rild, rild)')
 
 # Data file accesses.
 allow radio radio_data_file:dir create_dir_perms;
-- 
GitLab