system_netd.git - system

	Commit message (Collapse)	Author	Age	Files	Lines
*	Add unit for setAllowNetworkingForProcess	Luke Huang	2020-06-18	1	-0/+52
\| \| \| \| \| \|	Bug: 150028556 Test: atest netdclient_test Change-Id: I0342b2981179dd77bf6a210cb7f6fa6ca069c487
*	netdclient - attempt to eliminate spurious netd selinux denials on ↵	Treehugger Robot	2020-04-07	1	-0/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	unix_stream_sockets This should hopefully fix for example: avc: denied { read write } for comm="netd" path="socket:[1580915]" dev="sockfs" ino=1580915 scontext=u:r:netd:s0 tcontext=u:r:untrusted_app_25:s0:c512,c768 tclass=unix_stream_socket permissive=0 Make sure protectFromVpn() only passes AF_INET/AF_INET6 sockets to netd. Let us make sure that we pass real AF_INET/AF_INET6 sockets to netd from sendmmsg/sendmsg/sendto - the type of the socket when erroneously used by an app might not necessarily match the address family of the passed in sockaddr. ie. sendto(AF_LOCAL_socket, AF_INET_sockaddr) Note that this also means these system calls will now honour the 'ANDROID_NO_USE_FWMARK_CLIENT' env variable for euid=0 processes. While we're at it also add some missing parentheses in a macro. Test: build, atest netdclient_test Bug: 77870037 Change-Id: I1040838950d363f08a02593e9b669fec31fa847b Merged-In: I1040838950d363f08a02593e9b669fec31fa847b
*	Fix netclient test and add it to test mapping	Luke Huang	2019-06-05	1	-2/+3
\| \| \| \| \| \| \| \|	Bug: 134356964 Test: atest netdclient_test cd system/netd && atest Change-Id: I1519e541c1018ac1be51467397c40d075ed7b4b6
*	Make getdnsnetid returning app_netId instead of dns_netId and fix nits	Luke Huang	2019-05-30	1	-0/+75
	1. getdnsnetid command return app_netId instead of dns_netId. 2. fix nits for ag/7691940 3. Add more tests Bug: 129530368 Test: built, flashed, booted system/netd/tests/runtests.sh Change-Id: Ifd1345e1124088179e38346e3693957a8b5ef63b