Allow dumpstate to run ss. (cherry picked from commit 63c7ad6efbf2e64a8e5d41be581d769cf6c5c413) Bug: 23113288 Test: see http://ag/1476096 Change-Id: I3beb21f1af092c93eceb3d5115f823c1b993727d

commit: bb9b4dd895f2be24f3a49444bf11470bfaf3dcc3 [log] [tgz]
author: Lorenzo Colitti <lorenzo@google.com> Mon Sep 26 13:39:43 2016 +0900
committer: Lorenzo Colitti <lorenzo@google.com> Tue Sep 27 23:29:54 2016 +0900
tree: fe2e1896b8c6ac723d714085b0dc7e62dd4217ac
parent: 96031a8357d96f2b260e65476bdec67c6424671b [diff]
diff --git a/dumpstate.te b/dumpstate.te
index 29695b7..dd0a7e0 100644
--- a/dumpstate.te
+++ b/dumpstate.te

@@ -141,6 +141,9 @@
 allow dumpstate net_data_file:dir search;
 allow dumpstate net_data_file:file r_file_perms;
 
+# List sockets via ss.
+allow dumpstate self:netlink_tcpdiag_socket { create_socket_perms nlmsg_read };
+
 # Access /data/tombstones.
 allow dumpstate tombstone_data_file:dir r_dir_perms;
 allow dumpstate tombstone_data_file:file r_file_perms;
commit	bb9b4dd895f2be24f3a49444bf11470bfaf3dcc3	[log] [tgz]
author	Lorenzo Colitti <lorenzo@google.com>	Mon Sep 26 13:39:43 2016 +0900
committer	Lorenzo Colitti <lorenzo@google.com>	Tue Sep 27 23:29:54 2016 +0900
tree	fe2e1896b8c6ac723d714085b0dc7e62dd4217ac
parent	96031a8357d96f2b260e65476bdec67c6424671b [diff]