fc6556a5b5
System server forks clatd now. Need to add rules to
fork clatd. netd doesn't fork clatd anymore.
Bug: 212345928
Test: ping 8.8.8.8 under ipv6-only network
check bpf maps are added.
$ adb shell dumpsys netd --short | grep Clat -A10
ClatdController
Trackers: iif[iface] nat64Prefix v6Addr -> v4Addr v4iif[v4iface] [fwmark]
BPF ingress map: iif(iface) nat64Prefix v6Addr -> v4Addr oif(iface)
47(wlan0) 64:ff9b::/96 2a00:79e1:abc:6f02:b7aa:ff3c:9220:595c -> 192.0.0.4 52(v4-wlan0)
BPF egress map: iif(iface) v4Addr -> v6Addr nat64Prefix oif(iface)
52(v4-wlan0) 192.0.0.4 -> 2a00:79e1:abc:6f02:b7aa:ff3c:9220:595c 64:ff9b::/96 47(wlan0) ether
Change-Id: I70be6132ab7bfdd96b5f537a96722312cd93bbb8
13 lines
417 B
Text
13 lines
417 B
Text
# 464xlat daemon
|
|
type clatd, domain, coredomain;
|
|
type clatd_exec, system_file_type, exec_type, file_type;
|
|
|
|
net_domain(clatd)
|
|
|
|
# Access objects inherited from system_server.
|
|
allow clatd system_server:fd use;
|
|
allow clatd system_server:packet_socket { read write };
|
|
allow clatd system_server:rawip_socket { read write };
|
|
|
|
allow clatd self:netlink_route_socket nlmsg_write;
|
|
allow clatd tun_device:chr_file rw_file_perms;
|