Enforce MAC address restrictions for priv apps. Bug: 230733237 Test: atest NetlinkSocketTest NetworkInterfaceTest bionic-unit-tests-static CtsSelinuxTargetSdkCurrentTestCases CtsSelinuxTargetSdk29TestCases CtsSelinuxTargetSdk27TestCases Change-Id: I1d66ae7849e950612f3b6693216ec8c84e942640

commit: af609b2f3ced2e468ee97e5eccd87c8bb5d27c0d [log] [tgz]
author: Bram Bonne <brambonne@google.com> Tue May 17 14:22:02 2022 +0200
committer: Bram Bonne <brambonne@google.com> Tue May 17 14:36:15 2022 +0200
tree: 45eae4df5e695081a94698f41d294513041f252f
parent: e14ad82c982bde97cdcd7008dd86d0363e8c012a [diff] [blame]
diff --git a/private/net.te b/private/net.te
index 25bd538..c2bac03 100644
--- a/private/net.te
+++ b/private/net.te

@@ -12,6 +12,7 @@
   netdomain
   -ephemeral_app
   -mediaprovider
+  -priv_app
   -sdk_sandbox
   -untrusted_app_all
 } self:netlink_route_socket { bind nlmsg_readpriv nlmsg_getneigh };
commit	af609b2f3ced2e468ee97e5eccd87c8bb5d27c0d	[log] [tgz]
author	Bram Bonne <brambonne@google.com>	Tue May 17 14:22:02 2022 +0200
committer	Bram Bonne <brambonne@google.com>	Tue May 17 14:36:15 2022 +0200
tree	45eae4df5e695081a94698f41d294513041f252f
parent	e14ad82c982bde97cdcd7008dd86d0363e8c012a [diff] [blame]