Add permissions to allow iface up/down I need SIOCGIFFLAGS and SIOCSIFFLAGS in order to bring up/down interfaces with AIDL CAN HAL. Bug: 260592449 Test: CAN HAL can bring up interfaces Change-Id: I67edaa857cffdf3c3fc9f3b17aad5879e09c6385

commit: 1bcbc0b667a65f668b9400a208ecd8206c7cfa98 [log] [tgz]
author: Chris Weir <chrisweir@google.com> Fri Dec 09 11:35:48 2022 -0800
committer: Chris Weir <chrisweir@google.com> Mon Dec 12 14:30:15 2022 -0800
tree: fd1be2ad2fa9970967b09613f0a2a52302d7d637
parent: c3802445d0c8ab1b0ebabdef05f24824f7b1edf2 [diff]
diff --git a/vendor/hal_can_socketcan.te b/vendor/hal_can_socketcan.te
index 7498788..12bb028 100644
--- a/vendor/hal_can_socketcan.te
+++ b/vendor/hal_can_socketcan.te

@@ -9,10 +9,12 @@
 allow hal_can_socketcan self:capability net_admin;
 allow hal_can_socketcan self:netlink_route_socket { create bind write nlmsg_write read };
 
-# Calling if_nametoindex(3) to open CAN sockets
+# See man page for netdevice(7) for more info on ioctls
 allow hal_can_socketcan self:udp_socket { create ioctl };
 allowxperm hal_can_socketcan self:udp_socket ioctl {
     SIOCGIFINDEX
+    SIOCGIFFLAGS
+    SIOCSIFFLAGS
 };
 
 # Communicating with SocketCAN interfaces and bringing them up/down
commit	1bcbc0b667a65f668b9400a208ecd8206c7cfa98	[log] [tgz]
author	Chris Weir <chrisweir@google.com>	Fri Dec 09 11:35:48 2022 -0800
committer	Chris Weir <chrisweir@google.com>	Mon Dec 12 14:30:15 2022 -0800
tree	fd1be2ad2fa9970967b09613f0a2a52302d7d637
parent	c3802445d0c8ab1b0ebabdef05f24824f7b1edf2 [diff]