From 8600a1d97f22632717b5b1caf1a8d83697db6b1f Mon Sep 17 00:00:00 2001
From: pix106 <sbordenave@gmail.com>
Date: Wed, 5 Jan 2022 19:07:28 +0100
Subject: [PATCH] sdm660-common: sepolicy: Address zygote unix_stream_socket
 denials

---
 sepolicy/vendor/radio.te               | 1 +
 sepolicy/vendor/shell.te               | 1 +
 sepolicy/vendor/traceur_app.te         | 1 +
 sepolicy/vendor/vendor_qtetelephony.te | 1 +
 4 files changed, 4 insertions(+)
 create mode 100644 sepolicy/vendor/shell.te
 create mode 100644 sepolicy/vendor/traceur_app.te
 create mode 100644 sepolicy/vendor/vendor_qtetelephony.te

diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te
index 9b5f49fc..9872bca7 100644
--- a/sepolicy/vendor/radio.te
+++ b/sepolicy/vendor/radio.te
@@ -3,5 +3,6 @@ binder_call(radio, hal_imsrtp)
 
 allow radio { hal_datafactory_hwservice hal_iwlan_hwservice }:hwservice_manager find;
 allow radio hal_iwlan_hwservice:hwservice_manager find;
+allow radio zygote:unix_stream_socket getopt;
 
 get_prop(radio, vendor_qcom_ims_prop)
diff --git a/sepolicy/vendor/shell.te b/sepolicy/vendor/shell.te
new file mode 100644
index 00000000..b70916cb
--- /dev/null
+++ b/sepolicy/vendor/shell.te
@@ -0,0 +1 @@
+allow shell zygote:unix_stream_socket getopt;
diff --git a/sepolicy/vendor/traceur_app.te b/sepolicy/vendor/traceur_app.te
new file mode 100644
index 00000000..e0b427e8
--- /dev/null
+++ b/sepolicy/vendor/traceur_app.te
@@ -0,0 +1 @@
+allow traceur_app zygote:unix_stream_socket getopt;
diff --git a/sepolicy/vendor/vendor_qtetelephony.te b/sepolicy/vendor/vendor_qtetelephony.te
new file mode 100644
index 00000000..3bb80d21
--- /dev/null
+++ b/sepolicy/vendor/vendor_qtetelephony.te
@@ -0,0 +1 @@
+allow vendor_qtelephony zygote:unix_stream_socket getopt;