Closed Flamefire closed 2 years ago
Seemingly also needs allow netmgrd system_file:file { open read };
Testing...
I think those will likely hit a neverallow anyway. Seeing as the modem issues (that I know of anyway) happen even on permissive selinux, I doubt that this will fix it. Ping me if your tests say otherwise. Thanks.
I think those will likely hit a neverallow anyway. Seeing as the modem issues (that I know of anyway) happen even on permissive selinux, I doubt that this will fix it. Ping me if your tests say otherwise. Thanks.
Yeah this didn't fix them unfortunately. Anyway I still think this patch is good as it fixes the denials from the Sony blobs which I think are valid accesses. And as quoted above the Sony OpenDevices have this too.
I think those will likely hit a neverallow anyway
I'm using this right now for quite a while and yes there was a issue which got fixed by setting PRODUCT_FULL_TREBLE_OVERRIDE
(which enables a bit more than PRODUCT_FULL_TREBLE
which is set by default)
Allow netmgrd to execute system commands
E.g. the lilac one accesses the following commands
See for similar allows, especially the one from Sony: https://github.com/sonyxperiadev/device-qcom-sepolicy/blob/4fa99c11e926b3e5f8cd829e8e2022e72a605131/common/netmgrd.te#L50-L51 https://github.com/LineageOS/android_device_samsung_msm8930-common/blob/1ba8e965e7b4e343b6de8cf7a2c73715d123d557/sepolicy/netmgrd.te#L23-L24 https://github.com/JAOSP/aosp_device_htc_flounder/blob/ba666eb415ce5818beb0b2c4ccbda77a9b8cb272/sepolicy/netmgrd.te#L26-L27
Note: Actual failures observed on lilac. audit2allow only shows "exec" as the required fix, but still used the macro used by Sony
Might be the cause for the phone not getting any connection after being offline for a while (e.g. in an area without any reception)