device/rockchip/common/sepolicy/vendor/netd.te

# Triggers a sys_module denial, but kernel has CONFIG_MODULES=n.
dontaudit netd self:capability sys_module;
allow netd kernel:system module_request;

# map with latest kernel security/selinux/include/classmap.h
allow netd netd:netlink_netfilter_socket { create setopt bind write read getopt };
allow netd netd:netlink_generic_socket { create setopt bind write read getopt getattr };
allow netd netd:netlink_scsitransport_socket { create setopt bind write read getopt getattr };
allow netd netd:netlink_rdma_socket { create setopt bind write read getopt getattr };
allow netd netd:netlink_crypto_socket { create setopt bind write read getopt getattr };
android 13 from xiaosuan 2025-08-25 08:28:21 +08:00			`# Triggers a sys_module denial, but kernel has CONFIG_MODULES=n.`
			`dontaudit netd self:capability sys_module;`
			`allow netd kernel:system module_request;`

			`# map with latest kernel security/selinux/include/classmap.h`
			`allow netd netd:netlink_netfilter_socket { create setopt bind write read getopt };`
			`allow netd netd:netlink_generic_socket { create setopt bind write read getopt getattr };`
			`allow netd netd:netlink_scsitransport_socket { create setopt bind write read getopt getattr };`
			`allow netd netd:netlink_rdma_socket { create setopt bind write read getopt getattr };`
			`allow netd netd:netlink_crypto_socket { create setopt bind write read getopt getattr };`