e397503f80
Test: ran on flame with ipv6 only wifi network Bug: 144642337 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I5610b5e446ed1f2288edb12c665a5bddd69d6dae
20 lines
626 B
Text
20 lines
626 B
Text
# 464xlat daemon
|
|
type clatd, domain, coredomain;
|
|
type clatd_exec, system_file_type, exec_type, file_type;
|
|
|
|
net_domain(clatd)
|
|
|
|
r_dir_file(clatd, proc_net_type)
|
|
userdebug_or_eng(`
|
|
auditallow clatd proc_net_type:{ dir file lnk_file } { getattr open read };
|
|
')
|
|
|
|
# Access objects inherited from netd.
|
|
allow clatd netd:fd use;
|
|
allow clatd netd:fifo_file { read write };
|
|
|
|
allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid };
|
|
|
|
allow clatd self:netlink_route_socket nlmsg_write;
|
|
allow clatd self:{ packet_socket rawip_socket } create_socket_perms_no_ioctl;
|
|
allow clatd tun_device:chr_file rw_file_perms;
|