Update Common NetD SEPolicy to allow Netlink XFRM

In order to perform XFRM operations NetD needs the ability to both read and write Netlink XFRM messages. Bug: 34811756 Test: 34812052 Change-Id: I26831c58b24a4c1f344b113f0b5cf47ed2c93fee

Update Common NetD SEPolicy to allow Netlink XFRM
In order to perform XFRM operations NetD needs the ability to both read and write Netlink XFRM messages. Bug: 34811756 Test: 34812052 Change-Id: I26831c58b24a4c1f344b113f0b5cf47ed2c93fee
7eb3dd3b · Nathan Harold · 63211f8d · 7eb3dd3b
Commit 7eb3dd3b authored 8 years ago by Nathan Harold
--- a/public/netd.te
+++ b/public/netd.te
@@ -80,6 +80,9 @@ allow netd netdomain:{
 } { read write getattr setattr getopt setopt };
 allow netd netdomain:fd use;
+# give netd permission to read and write netlink xfrm
+allow netd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_write nlmsg_read };
 ###
 ### Neverallow rules
 ###