sepolicy: basic: non_plat: Address Audio HAL tcp_socket neverallow * Due to system SEPolicy/audioserver changes in Android 13, mtk_hal_audio needs to be allowed to create and use TCP sockets. Signed-off-by: bengris32 <bengris32@protonmail.ch> Change-Id: I8d1d0034dfeb64ede815f7c7c7249ee034dd9528

commit: 695d5c03597e9efbacfc5a7b3772098e3c2d6002 [log] [tgz]
author: bengris32 <bengris32@protonmail.ch> Mon Aug 22 20:49:58 2022 +0100
committer: Matsvei Niaverau <matvej2002@gmail.com> Mon Jan 02 23:48:40 2023 +0100
tree: 900a155f9787eeda31de5884af2b88af3c249d0f
parent: 0f2e6efe701f44767f302ed5397bc1c6c0a163a0 [diff]
diff --git a/basic/non_plat/mtk_hal_audio.te b/basic/non_plat/mtk_hal_audio.te
index f02354c..d948673 100644
--- a/basic/non_plat/mtk_hal_audio.te
+++ b/basic/non_plat/mtk_hal_audio.te

@@ -25,8 +25,8 @@
 neverallow mtk_hal_audio { file_type fs_type }:file execute_no_trans;
 
 # mtk_hal_audio should never need network access.
-# Disallow network sockets.
-neverallow mtk_hal_audio domain:{ tcp_socket udp_socket rawip_socket } *;
+# Disallow network sockets apart from TCP sockets.
+neverallow mtk_hal_audio domain:{ udp_socket rawip_socket } *;
 
 # Date : WK14.32
 # Operation : Migration
commit	695d5c03597e9efbacfc5a7b3772098e3c2d6002	[log] [tgz]
author	bengris32 <bengris32@protonmail.ch>	Mon Aug 22 20:49:58 2022 +0100
committer	Matsvei Niaverau <matvej2002@gmail.com>	Mon Jan 02 23:48:40 2023 +0100
tree	900a155f9787eeda31de5884af2b88af3c249d0f
parent	0f2e6efe701f44767f302ed5397bc1c6c0a163a0 [diff]