Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / fb69c8e64f9b872411f6460303f91791061fc6c9^! / . / private
commitfb69c8e64f9b872411f6460303f91791061fc6c9[log] [tgz]
authorJeff Vander Stoep <jeffv@google.com>Wed Oct 16 15:19:40 2019 +0200
committerJeff Vander Stoep <jeffv@google.com>Wed Oct 16 16:14:16 2019 +0200
tree928f957ec7ec312d179150ff27d40022a847a574
parentede8b7e39d88b85938d595ef343eae6150687339 [diff]
netlink_route_socket: add new nlmsg_readpriv perm

Used when mapping RTM_GETLINK messages to this new permission.

Users of netlink_route_sockets that do not use the net_domain()
macro will need to grant this permission as needed. Compatibility
with older vendor images is preserved by granting all vendor domains
access to this new permission in *.compat.cil files.

Bug: 141455849
Test: build (this change is a no-op without kernel changes)
Change-Id: I18f1c9fc958120a26b7b3bea004920d848ffb26e

diff --git a/private/access_vectors b/private/access_vectors
index 275b9af..66c1b79 100644
--- a/private/access_vectors
+++ b/private/access_vectors

@@ -446,6 +446,7 @@
 {
 	nlmsg_read
 	nlmsg_write
+	nlmsg_readpriv
 }
 
 class netlink_tcpdiag_socket

diff --git a/private/compat/26.0/26.0.compat.cil b/private/compat/26.0/26.0.compat.cil
index 9031d15..30af58c 100644
--- a/private/compat/26.0/26.0.compat.cil
+++ b/private/compat/26.0/26.0.compat.cil

@@ -2,3 +2,4 @@
 (typeattributeset vendordomain ((and (domain) ((not (coredomain))))))
 (allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff))))
 (allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff))))
+(allow vendordomain self (netlink_route_socket (nlmsg_readpriv)))

diff --git a/private/compat/27.0/27.0.compat.cil b/private/compat/27.0/27.0.compat.cil
index 9031d15..30af58c 100644
--- a/private/compat/27.0/27.0.compat.cil
+++ b/private/compat/27.0/27.0.compat.cil

@@ -2,3 +2,4 @@
 (typeattributeset vendordomain ((and (domain) ((not (coredomain))))))
 (allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff))))
 (allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff))))
+(allow vendordomain self (netlink_route_socket (nlmsg_readpriv)))

diff --git a/private/compat/28.0/28.0.compat.cil b/private/compat/28.0/28.0.compat.cil
index 9031d15..30af58c 100644
--- a/private/compat/28.0/28.0.compat.cil
+++ b/private/compat/28.0/28.0.compat.cil

@@ -2,3 +2,4 @@
 (typeattributeset vendordomain ((and (domain) ((not (coredomain))))))
 (allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff))))
 (allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff))))
+(allow vendordomain self (netlink_route_socket (nlmsg_readpriv)))

diff --git a/private/compat/29.0/29.0.compat.cil b/private/compat/29.0/29.0.compat.cil
index 628abfc..af4da8a 100644
--- a/private/compat/29.0/29.0.compat.cil
+++ b/private/compat/29.0/29.0.compat.cil

@@ -1 +1,3 @@
-;; This file can't be empty.
+(typeattribute vendordomain)
+(typeattributeset vendordomain ((and (domain) ((not (coredomain))))))
+(allow vendordomain self (netlink_route_socket (nlmsg_readpriv)))