| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute netd coredomain; |
| 2 | |
| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 3 | init_daemon_domain(netd) |
| 4 | |
| 5 | # Allow netd to spawn dnsmasq in it's own domain |
| 6 | domain_auto_trans(netd, dnsmasq_exec, dnsmasq) |
| 7 | |
| 8 | # Allow netd to start clatd in its own domain |
| 9 | domain_auto_trans(netd, clatd_exec, clatd) |
| Chenbo Feng | 566411e | 2018-01-02 15:31:18 -0800 | [diff] [blame] | 10 | |
| 11 | # Allow netd to start bpfloader_exec in its own domain |
| 12 | domain_auto_trans(netd, bpfloader_exec, bpfloader) |
| Chenbo Feng | 5c95c16 | 2018-03-20 15:42:44 -0700 | [diff] [blame] | 13 | |
| Chenbo Feng | 7b57104 | 2018-12-04 17:57:27 -0800 | [diff] [blame^] | 14 | # give netd permission to setup iptables rule with xt_bpf, attach program to cgroup, and read/write |
| 15 | # the map created by bpfloader |
| 16 | allow netd bpfloader:bpf { prog_run map_read map_write }; |