From c7eb1cd5f3c84e83621f2bef9e671c9757139600 Mon Sep 17 00:00:00 2001
From: Luke Huang <huangluke@google.com>
Date: Tue, 6 Nov 2018 14:19:46 +0900
Subject: [PATCH] Clatd: allow clatd use ioctl

Test: built, flashed, booted
      Clatd works well
Bug: 119006129

Change-Id: Ie3b2a7b44040755787787ff2b8e6199cac7aec8e
---
 public/clatd.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/public/clatd.te b/public/clatd.te
index 5c9d724db..7d3d40eb8 100644
--- a/public/clatd.te
+++ b/public/clatd.te
@@ -34,3 +34,4 @@ allow clatd self:global_capability_class_set ipc_lock;
 allow clatd self:netlink_route_socket nlmsg_write;
 allow clatd self:{ packet_socket rawip_socket tun_socket } create_socket_perms_no_ioctl;
 allow clatd tun_device:chr_file rw_file_perms;
+allowxperm clatd tun_device:chr_file ioctl { TUNGETIFF TUNSETIFF };
-- 
GitLab