Label device-specific sysfs net nodes
avc: denied { write } for name="mtu" dev="sysfs" ino=10779
scontext=u:r:netd:s0 tcontext=u:object_r:sysfs:s0 tclass=file
permissive=0
netd hits this denial by following this symlink
qemu: /sys/class/net/rmnet0 -> /sys/devices/pci0000:00/0000:00:0a.0/virtio8/net/rmnet0
crosvm: /sys/class/net/rmnet0 -> /sys/devices/pci0000:00/0000:00:0c.0/virtio11/net/rmnet0
Bug: 129497117
Test: boot cuttlefish without above denial
Change-Id: I08508b22c4e6e3bf86f2c22b1187a3a6d40c89b5
Merged-In: I08508b22c4e6e3bf86f2c22b1187a3a6d40c89b5
(cherry picked from commit 3f84caf090ea81df166a358f32a3d630cbf9aba6)
Loading
Please sign in to comment