Loading data/etc/platform.xml +3 −0 Original line number Diff line number Diff line Loading @@ -147,6 +147,9 @@ <assign-permission name="android.permission.UPDATE_DEVICE_STATS" uid="media" /> <assign-permission name="android.permission.UPDATE_APP_OPS_STATS" uid="media" /> <assign-permission name="android.permission.GET_PROCESS_STATE_AND_OOM_SCORE" uid="media" /> <assign-permission name="android.permission.INTERNET" uid="media" /> <assign-permission name="android.permission.INTERNET" uid="shell" /> <assign-permission name="android.permission.MODIFY_AUDIO_SETTINGS" uid="audioserver" /> <assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="audioserver" /> Loading services/core/java/com/android/server/connectivity/PermissionMonitor.java +3 −5 Original line number Diff line number Diff line Loading @@ -199,15 +199,13 @@ public class PermissionMonitor { ArraySet<String> perms = systemPermission.valueAt(i); int uid = systemPermission.keyAt(i); int netdPermission = 0; // Get the uids of native services that have UPDATE_DEVICE_STATS permission. // Get the uids of native services that have UPDATE_DEVICE_STATS or INTERNET permission. if (perms != null) { netdPermission |= perms.contains(UPDATE_DEVICE_STATS) ? INetd.PERMISSION_UPDATE_DEVICE_STATS : 0; netdPermission |= perms.contains(INTERNET) ? INetd.PERMISSION_INTERNET : 0; } // For internet permission, the native services have their own selinux domains and // sepolicy will control the socket creation during run time. netd cannot block the // socket creation based on the permission information here. netdPermission |= INetd.PERMISSION_INTERNET; netdPermsUids.put(uid, netdPermsUids.get(uid) | netdPermission); } log("Users: " + mUsers.size() + ", Apps: " + mApps.size()); Loading Loading
data/etc/platform.xml +3 −0 Original line number Diff line number Diff line Loading @@ -147,6 +147,9 @@ <assign-permission name="android.permission.UPDATE_DEVICE_STATS" uid="media" /> <assign-permission name="android.permission.UPDATE_APP_OPS_STATS" uid="media" /> <assign-permission name="android.permission.GET_PROCESS_STATE_AND_OOM_SCORE" uid="media" /> <assign-permission name="android.permission.INTERNET" uid="media" /> <assign-permission name="android.permission.INTERNET" uid="shell" /> <assign-permission name="android.permission.MODIFY_AUDIO_SETTINGS" uid="audioserver" /> <assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="audioserver" /> Loading
services/core/java/com/android/server/connectivity/PermissionMonitor.java +3 −5 Original line number Diff line number Diff line Loading @@ -199,15 +199,13 @@ public class PermissionMonitor { ArraySet<String> perms = systemPermission.valueAt(i); int uid = systemPermission.keyAt(i); int netdPermission = 0; // Get the uids of native services that have UPDATE_DEVICE_STATS permission. // Get the uids of native services that have UPDATE_DEVICE_STATS or INTERNET permission. if (perms != null) { netdPermission |= perms.contains(UPDATE_DEVICE_STATS) ? INetd.PERMISSION_UPDATE_DEVICE_STATS : 0; netdPermission |= perms.contains(INTERNET) ? INetd.PERMISSION_INTERNET : 0; } // For internet permission, the native services have their own selinux domains and // sepolicy will control the socket creation during run time. netd cannot block the // socket creation based on the permission information here. netdPermission |= INetd.PERMISSION_INTERNET; netdPermsUids.put(uid, netdPermsUids.get(uid) | netdPermission); } log("Users: " + mUsers.size() + ", Apps: " + mApps.size()); Loading
