From 437952dd46239585221481de5ac28dbc454f79b1 Mon Sep 17 00:00:00 2001
From: zhanghaifeng <zhanghaifeng@huawei.com>
Date: Mon, 13 Feb 2023 16:12:53 +0800
Subject: [PATCH] Description: Change patch to master Signed-off-by:
 zhanghaifeng <zhanghaifeng11@huawei.com>

---
 .../ohos_policy/ability/ability_runtime/system/foundation.te  | 1 +
 .../ohos_policy/communication/netmanager/system/netmanager.te | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te b/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
index 12df5ce4b..196d6b8e2 100644
--- a/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
+++ b/sepolicy/ohos_policy/ability/ability_runtime/system/foundation.te
@@ -91,5 +91,6 @@ allowxperm foundation dev_mali:chr_file ioctl {  0x8002  };
 allowxperm foundation sys_file:file ioctl {  0x5413  };
 allow foundation foundation:capability { sys_ptrace };
 allow foundation storage_manager:dir { search };
+allow foundation netmanager:binder { transfer };
 neverallow foundation *:process ptrace;
 
diff --git a/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te b/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
index dd8112b6c..b0c9e2c74 100644
--- a/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
+++ b/sepolicy/ohos_policy/communication/netmanager/system/netmanager.te
@@ -19,7 +19,7 @@ allow netmanager data_data_file:file { open read };
 allow netmanager data_file:dir { remove_name rmdir search };
 allow netmanager data_init_agent:dir { search };
 allow netmanager data_init_agent:file { ioctl open read append };
-allow netmanager data_service_el1_file:dir { add_name create getattr ioctl lock open read remove_name search setattr unlink write };
+allow netmanager data_service_el1_file:dir { add_name create getattr ioctl lock open read remove_name search setattr unlink write rmdir };
 allow netmanager data_service_el1_file:file { append create getattr ioctl lock map open read setattr unlink write };
 allow netmanager data_service_file:dir { add_name create getattr ioctl lock open read remove_name search setattr unlink write };
 allow netmanager data_system:dir { add_name search write };
@@ -73,3 +73,5 @@ allowxperm netmanager netmanager:udp_socket ioctl { 0x8915 0x8916 0x891b 0x891c
 allowxperm netmanager netmanager:unix_dgram_socket ioctl { 0x8910 };
 allow netsysnative netmanager:fd { use };
 allow netsysnative netmanager:tcp_socket { read write bind getopt setopt connect };
+allow netmanager data_service_el1_file:file { rename };
+allow netmanager sa_foundation_appms:samgr_class { get };
\ No newline at end of file
-- 
Gitee