Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 185941aaff0e0c0050c32fba38af7617fcdf56cf
commit185941aaff0e0c0050c32fba38af7617fcdf56cf[log] [tgz]
authorChenbo Feng <fengc@google.com>Tue Oct 24 14:40:53 2017 -0700
committerChenbo Feng <fengc@google.com>Thu Nov 09 14:35:23 2017 -0800
treeb3338e2ff7c1faa246179019722e7cf9f7a330fe
parentaa93dad6697940dd78e31335658c92d3a190ca11 [diff]
sepolicy: allow netd to write to qtaguid file

Since all qtaguid related userspace implementation are moved into netd
and will use netd to choose which module to run at run time. Netd module
should be the only process can directly read/write to the ctrl file of
qtaguid located at /proc/net/xt_qtaguid/ctrl. This sepolicy change grant
netd the privilege to access qtaguid proc files. It also grant netd the
permission to control trigger to turn on and off qtaguid module by write
parameters to files under sys_fs. The file and directory related is
properly labled.

Bug: 68774956
Bug: 30950746
Test: qtaguid function still working after the native function is
redirected.

Change-Id: Ia6db6f16ecbf8c58f631c79c9b4893ecf2cc607b
1 file changed
tree: b3338e2ff7c1faa246179019722e7cf9f7a330fe
  1. prebuilts/
  2. private/
  3. public/
  4. reqd_mask/
  5. tests/
  6. tools/
  7. vendor/
  8. Android.bp
  9. Android.mk
  10. CleanSpec.mk
  11. definitions.mk
  12. MODULE_LICENSE_PUBLIC_DOMAIN
  13. NOTICE
  14. OWNERS
  15. PREUPLOAD.cfg
  16. README