Skip to content
Snippets Groups Projects
Commit eab85946 authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Allow bluetooth users ioctl access to bluetooth unix stream socket.


Resolves denials such as:
avc:  denied  { ioctl } for  pid=6390 comm="m.wimmcompanion" path="socket:[472596]" dev="sockfs" ino=472596 scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0 tclass=unix_stream_socket

Change-Id: Idd4fa219fe8674c6e1c40211b3c105d6276cfc5a
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent 66f25cb1
No related branches found
No related tags found
No related merge requests found
...@@ -31,7 +31,7 @@ allow bluetooth self:capability net_admin; ...@@ -31,7 +31,7 @@ allow bluetooth self:capability net_admin;
# Allow clients to use a socket provided by the bluetooth app. # Allow clients to use a socket provided by the bluetooth app.
# TODO: See if this is still required under bluedroid. # TODO: See if this is still required under bluedroid.
allow bluetoothdomain bluetooth:unix_stream_socket { getopt getattr read write shutdown }; allow bluetoothdomain bluetooth:unix_stream_socket { getopt getattr read write ioctl shutdown };
# tethering # tethering
allow bluetooth self:tun_socket create_socket_perms; allow bluetooth self:tun_socket create_socket_perms;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment