Exempt tetheroffload hal from network socket restrictions
The tetheroffload hal must be able to use network sockets as part of its job. Bug: 62870833 Test: neverallow-only change builds. Change-Id: I630b36340796a5ecb5db08e732b0978dd82835c7
This commit is contained in:
parent
3692b3189e
commit
d75a2c0cc8
@ -8,10 +8,11 @@ neverallow {
|
|||||||
-rild
|
-rild
|
||||||
} self:capability { net_admin net_raw };
|
} self:capability { net_admin net_raw };
|
||||||
|
|
||||||
# Unless a HAL's job is to manage network hardware, it should not be
|
# Unless a HAL's job is to communicate over the network, or control network
|
||||||
# using network sockets.
|
# hardware, it should not be using network sockets.
|
||||||
neverallow {
|
neverallow {
|
||||||
halserverdomain
|
halserverdomain
|
||||||
|
-hal_tetheroffload_server
|
||||||
-hal_wifi_server
|
-hal_wifi_server
|
||||||
-hal_wifi_supplicant_server
|
-hal_wifi_supplicant_server
|
||||||
-rild
|
-rild
|
||||||
|
Loading…
Reference in New Issue
Block a user