DO NOT MERGE: Move bind permission on netlink to private am: d6e0b0b371

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/17630426

Change-Id: I7d3a7d51f77d00070ba4b25040483528177ed43b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

prebuilts/api/29.0/private/net.te

@@ -0,0 +1,2 @@
+# b/227803340
+allow netdomain self:netlink_route_socket bind;

prebuilts/api/29.0/public/net.te

@@ -18,7 +18,7 @@ allow {netdomain -ephemeral_app} node_type:{ icmp_socket rawip_socket tcp_socket
 allow {netdomain -ephemeral_app} port_type:udp_socket name_bind;
 allow {netdomain -ephemeral_app} port_type:tcp_socket name_bind;
 # See changes to the routing table.
-allow netdomain self:netlink_route_socket { create read getattr write setattr lock append bind connect getopt setopt shutdown nlmsg_read };
+allow netdomain self:netlink_route_socket { create read getattr write setattr lock append connect getopt setopt shutdown nlmsg_read };
 
 # Talks to netd via dnsproxyd socket.
 unix_socket_connect(netdomain, dnsproxyd, netd)

private/net.te

@@ -0,0 +1,2 @@
+# b/227803340
+allow netdomain self:netlink_route_socket bind;

public/net.te

@@ -18,7 +18,7 @@ allow {netdomain -ephemeral_app} node_type:{ icmp_socket rawip_socket tcp_socket
 allow {netdomain -ephemeral_app} port_type:udp_socket name_bind;
 allow {netdomain -ephemeral_app} port_type:tcp_socket name_bind;
 # See changes to the routing table.
-allow netdomain self:netlink_route_socket { create read getattr write setattr lock append bind connect getopt setopt shutdown nlmsg_read };
+allow netdomain self:netlink_route_socket { create read getattr write setattr lock append connect getopt setopt shutdown nlmsg_read };
 
 # Talks to netd via dnsproxyd socket.
 unix_socket_connect(netdomain, dnsproxyd, netd)