From dbef5fe67858b20c7a4bf4135f00990ea37b28fc Mon Sep 17 00:00:00 2001
From: terrycrhuang <terrycrhuang@google.com>
Date: Thu, 25 Mar 2021 15:56:20 +0800
Subject: [PATCH] Fix pktrouter avc denied

03-25 15:28:05.656 I auditd  : type=1400 audit(0.0:48): avc: denied {
net_raw } for comm="wfc-pkt-router" capability=13
scontext=u:r:pktrouter:s0 tcontext=u:r:pktrouter:s0 tclass=capability
permissive=0

Bug: 183664765
Test: Manual

Change-Id: I378b2c0ed8af9e4ba1accfdcc5380a1f9f066b81
---
 whitechapel/vendor/google/pktrouter.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/whitechapel/vendor/google/pktrouter.te b/whitechapel/vendor/google/pktrouter.te
index 8c436f3f..e06c8db6 100644
--- a/whitechapel/vendor/google/pktrouter.te
+++ b/whitechapel/vendor/google/pktrouter.te
@@ -8,5 +8,6 @@ domain_auto_trans(pktrouter, netutils_wrapper_exec, netutils_wrapper);
 allow pktrouter pktrouter_device:chr_file rw_file_perms;
 allow pktrouter self:netlink_route_socket nlmsg_write;
 allow pktrouter self:packet_socket { bind create read write getattr shutdown};
+allow pktrouter self:capability net_raw;
 
 get_prop(pktrouter, vendor_ims_prop);