Allow bluetooth users ioctl access to bluetooth unix stream socket.

Resolves denials such as: avc: denied { ioctl } for pid=6390 comm="m.wimmcompanion" path="socket:[472596]" dev="sockfs" ino=472596 scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0 tclass=unix_stream_socket Change-Id: Idd4fa219fe8674c6e1c40211b3c105d6276cfc5a Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Allow bluetooth users ioctl access to bluetooth unix stream socket.
Resolves denials such as: avc: denied { ioctl } for pid=6390 comm="m.wimmcompanion" path="socket:[472596]" dev="sockfs" ino=472596 scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0 tclass=unix_stream_socket Change-Id: Idd4fa219fe8674c6e1c40211b3c105d6276cfc5a Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
eab85946 · Stephen Smalley · 66f25cb1 · eab85946
Commit eab85946 authored 11 years ago by Stephen Smalley
--- a/bluetooth.te
+++ b/bluetooth.te
@@ -31,7 +31,7 @@ allow bluetooth self:capability net_admin;
 # Allow clients to use a socket provided by the bluetooth app.
 # TODO:  See if this is still required under bluedroid.
-allow bluetoothdomain bluetooth:unix_stream_socket { getopt getattr read write shutdown };
+allow bluetoothdomain bluetooth:unix_stream_socket { getopt getattr read write ioctl shutdown };
 # tethering
 allow bluetooth self:tun_socket create_socket_perms;