-
Nick Kralevich authored
system/sepolicy commit 619c1ef2 started enforcing ioctl whitelisting requirements for /dev/tun. Bluetooth needs the ability to issue TUNSETIFF on /dev/tun, so allow access. We also allow access to TUNGETIFF for good measure. Addresses the following denial: avc: denied { ioctl } for comm=425420536572766963652043616C6C path="/dev/tun" dev="tmpfs" ino=20047 ioctlcmd=0x54ca scontext=u:r:bluetooth:s0 tcontext=u:object_r:tun_device:s0 tclass=chr_file permissive=0 Test: policy compiles Change-Id: Ie4c138fc774373cec266c59de6663db147d60423
049c03d8