Allow netd to use NETLINK_SOCK_DIAG. This is needed to kill sockets using the new SOCK_DESTROY operation instead of using SIOCKILLADDR. Bug: 26976388 (cherry picked from commit b38e2790944d028a81089ec088ded54f269aa1f2) Change-Id: Id80c6278f19f9fd20fe8d4fca72f84bff9249ed8

commit: 71a6a3ef5262f0ca45a5cf25a478c564d4219511 [log] [tgz]
author: Lorenzo Colitti <lorenzo@google.com> Mon Feb 15 17:16:06 2016 +0900
committer: Lorenzo Colitti <lorenzo@google.com> Tue Feb 16 15:57:36 2016 +0900
tree: adeb7f67bb824bf4a0816a558cbf0b42efdb1021
parent: 0d5bac13e1a98a942689f3b2183ed6f7ff66b976 [diff]
diff --git a/netd.te b/netd.te
index 0f4e891..2c0fb15 100644
--- a/netd.te
+++ b/netd.te

@@ -18,6 +18,7 @@
 allow netd self:netlink_route_socket nlmsg_write;
 allow netd self:netlink_nflog_socket create_socket_perms;
 allow netd self:netlink_socket create_socket_perms;
+allow netd self:netlink_tcpdiag_socket { create_socket_perms nlmsg_read nlmsg_write };
 allow netd shell_exec:file rx_file_perms;
 allow netd system_file:file x_file_perms;
 allow netd devpts:chr_file rw_file_perms;
commit	71a6a3ef5262f0ca45a5cf25a478c564d4219511	[log] [tgz]
author	Lorenzo Colitti <lorenzo@google.com>	Mon Feb 15 17:16:06 2016 +0900
committer	Lorenzo Colitti <lorenzo@google.com>	Tue Feb 16 15:57:36 2016 +0900
tree	adeb7f67bb824bf4a0816a558cbf0b42efdb1021
parent	0d5bac13e1a98a942689f3b2183ed6f7ff66b976 [diff]