760871c753
Update SELinux permissions to work with Treble and the much stricter SELinux rules. BUG: 74514143 Test: Compile and manually test that WiFi is working Change-Id: Ic0a6417fb4fed1597fee70367924e5d59f37e725 (cherry picked from commit 37d7bc2adcc4bfd4c0f03dcddf1c7fbd31e87a4f) (cherry picked from commit 1b0158a4ab6ca4f05b4b186ec3a080c689492b58)
16 lines
600 B
Text
16 lines
600 B
Text
# IPv6 proxying
|
|
type ipv6proxy, domain;
|
|
type ipv6proxy_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
init_daemon_domain(ipv6proxy)
|
|
net_domain(ipv6proxy)
|
|
|
|
# Allow ipv6proxy to be run by execns in its own domain
|
|
domain_auto_trans(execns, ipv6proxy_exec, ipv6proxy);
|
|
allow ipv6proxy execns:fd use;
|
|
|
|
allow ipv6proxy self:capability { sys_admin sys_module net_admin net_raw };
|
|
allow ipv6proxy self:packet_socket { bind create read };
|
|
allow ipv6proxy self:netlink_route_socket nlmsg_write;
|
|
allow ipv6proxy varrun_file:dir search;
|
|
allowxperm ipv6proxy self:udp_socket ioctl { SIOCSIFFLAGS SIOCGIFHWADDR };
|