mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-02-01 07:50:47 +00:00
f6b582c420
Adding rules for following denials:
denied { read } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=socket
denied { read } for pid=1106 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=netlink_generic_socket
denied { write } for pid=1107 comm="imsdatadaemon"
name="netmgr_connect_socket" dev="tmpfs" ino=29853 scontext=u:r:ims:s0
tcontext=u:object_r:netmgrd_socket:s0 tclass=sock_file
denied { net_raw } for pid=913 comm="imsdatadaemon" capability=13
scontext=u:r:ims:s0 tcontext=u:r:ims:s0 tclass=capability
denied { bind } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=socket
denied { bind } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=netlink_generic_socket
denied { create } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=netlink_generic_socket
denied { write } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=socket
denied { create } for pid=913 comm="imsdatadaemon" scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=socket
denied { ioctl } for pid=913 comm="imsdatadaemon" path="socket:[25647]"
dev="sockfs" ino=25647 ioctlcmd=c302 scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=socket
denied { read } for pid=808 comm="imsqmidaemon" name="subsys0"
dev="sysfs" ino=33422 scontext=u:r:ims:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=lnk_file
denied { read } for pid=808 comm="imsqmidaemon" name="name" dev="sysfs"
ino=33416 scontext=u:r:ims:s0 tcontext=u:object_r:sysfs_msm_subsys:s0
tclass=file
denied { open } for pid=808 comm="imsqmidaemon"
path="/sys/devices/soc/soc:qcom,ipa_fws@1e08000/subsys0/name"
dev="sysfs" ino=33416 scontext=u:r:ims:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file
denied { open } for pid=808 comm="imsqmidaemon"
path="/sys/bus/msm_subsys/devices" dev="sysfs" ino=16322
scontext=u:r:ims:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir
denied { read } for pid=808 comm="imsqmidaemon" name="devices"
dev="sysfs" ino=16322 scontext=u:r:ims:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir
denied { search } for pid=808 comm="imsqmidaemon" name="msm_subsys"
dev="sysfs" ino=16320 scontext=u:r:ims:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir
denied { ioctl } for pid=913 comm="imsdatadaemon" path="socket:[19931]"
dev="sockfs" ino=19931 ioctlcmd=89fd scontext=u:r:ims:s0
tcontext=u:r:ims:s0 tclass=udp_socket
Bug: 34784662
Test: The above denials are no longer present
Change-Id: I84c4c7d75d8d6f3427d8293ef072ec5c3c2392f7
11 lines
465 B
Plaintext
11 lines
465 B
Plaintext
# socket ioctls
|
|
define(`RMNET_IOCTL_EXTENDED', `0x000089FD')
|
|
|
|
# socket ioctls defined in the kernel in include/uapi/linux/msm_ipc.h
|
|
define(`IPC_ROUTER_IOCTL_GET_VERSION', `0x0000c300')
|
|
define(`IPC_ROUTER_IOCTL_GET_MTU', `0x0000c301')
|
|
define(`IPC_ROUTER_IOCTL_LOOKUP_SERVER', `0x0000c302')
|
|
define(`IPC_ROUTER_IOCTL_GET_CURR_PKT_SIZE', `0x0000c303')
|
|
define(`IPC_ROUTER_IOCTL_BIND_CONTROL_PORT', `0x0000c304')
|
|
define(`IPC_ROUTER_IOCTL_CONFIG_SEC_RULES', `0x0000c305')
|