adbd should be able to shutdown shell:unix_stream_socket
adbd started calling shutdown and waiting for EOF before closing sockets in commit 74b7ec72, because closing a TCP socket while you have pending data to read is specified to send a TCP RST to the other end, which can result in data that we've written into the socket to be prematurely thrown away on the other end. Not being able to do so on a Unix domain socket is benign, aside from the denial showing up in the log. Fixes the following selinux denial when installing a package: avc: denied { shutdown } for scontext=u:r:adbd:s0 tcontext=u:r:shell:s0 tclass=unix_stream_socket permissive=0 Test: manual Change-Id: I266092a8323ac02bfe96738a8f4a8021f3a10387
This commit is contained in:
parent
f58e6777b2
commit
b9c7001837
@ -180,7 +180,7 @@ allow adbd perfetto_traces_data_file:dir r_dir_perms;
|
||||
|
||||
# Connect to shell and use a socket transferred from it.
|
||||
# Used for e.g. abb.
|
||||
allow adbd shell:unix_stream_socket { read write };
|
||||
allow adbd shell:unix_stream_socket { read write shutdown };
|
||||
allow adbd shell:fd use;
|
||||
|
||||
###
|
||||
|
Loading…
Reference in New Issue
Block a user