[NC#1] netd: allow netd to setup packet socket for clatd Needed because the packet socket setup has been moved from clatd to netd. Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Change-Id: If6c3ba70cd7b3a44a31b8deab088303c22838da8

commit: ffa08bbd21346b2fc61d6f4213d568df97286657 [log] [tgz]
author: Hungming Chen <nuccachen@google.com> Fri Nov 26 18:26:23 2021 +0800
committer: Hungming Chen <nuccachen@google.com> Fri Nov 26 20:28:29 2021 +0800
tree: 6ac558a8445241ef50c3d5f1494bbc54c195105b
parent: cc82a6ae89573b2b39527e1feb5aa9477d033081 [diff]
diff --git a/private/netd.te b/private/netd.te
index 670a4bf..d87b9a6 100644
--- a/private/netd.te
+++ b/private/netd.te

@@ -9,6 +9,9 @@
 domain_auto_trans(netd, clatd_exec, clatd)
 allow netd clatd:process signal;
 
+# Allow netd to setup packet socket and pass to clatd
+allow netd self:packet_socket { bind create setopt };
+
 # give netd permission to setup iptables rule with xt_bpf, attach program to cgroup, and read/write
 # the map created by bpfloader
 allow netd bpfloader:bpf { prog_run map_read map_write };
commit	ffa08bbd21346b2fc61d6f4213d568df97286657	[log] [tgz]
author	Hungming Chen <nuccachen@google.com>	Fri Nov 26 18:26:23 2021 +0800
committer	Hungming Chen <nuccachen@google.com>	Fri Nov 26 20:28:29 2021 +0800
tree	6ac558a8445241ef50c3d5f1494bbc54c195105b
parent	cc82a6ae89573b2b39527e1feb5aa9477d033081 [diff]