Commit 14858acb authored Feb 05, 2020 by Hungming Chen Committed by Maciej Żenczykowski Feb 05, 2020

Associate MAINLINE_NETWORK_STACK with net_raw and net_admin gid

Provide network stack the permission to access eBPF maps for tethering
offload

Test: m
Test: cat /proc/<pid>/status of network_stack has net_raw (3004) and
      net_admin (3005)

$ adb shell cat /proc/<pid>/status | egrep "Name|Uid|Gid|Groups"
Name:   rkstack.process
Uid:    1073    1073    1073    1073
Gid:    1073    1073    1073    1073
Groups:	1073 3001 3002 3003 3004 3005 3006 3007 9997

Change-Id: Ib3f6094e4c846832e44497466e3fed7dcd125593

parent 8de85f4b

data/etc/platform.xml

+5 −0

Original line number	Diff line number	Diff line
		@@ -72,6 +72,11 @@
		<group gid="net_admin" />
		</permission>

		<permission name="android.permission.MAINLINE_NETWORK_STACK" >
		<group gid="net_admin" />
		<group gid="net_raw" />
		</permission>

		<!-- The group that /cache belongs to, linked to the permission
		set on the applications that can access /cache -->
		<permission name="android.permission.ACCESS_CACHE_FILESYSTEM" >