From 4433226c0be879c88548a92d326bdb138f011075 Mon Sep 17 00:00:00 2001
From: Demon Singur <demonsingur@gmail.com>
Date: Thu, 20 Sep 2018 11:44:35 +0000
Subject: msm8996-common: sepolicy: Allow netmgrd to set persist.net.doxlat

* Solves the following denial.
avc: denied  { set } for property=persist.net.doxlat pid=837 uid=1001 gid=1001 scontext=u:r:netmgrd:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=1

* We need this again after having switched back to Oreo RIL in 4d1a575a1900797720c957c40898a1bdebecfe55

Change-Id: I30db8b7aa6017dfdea1c874f69b7b8b90bcc8800
---
 sepolicy/netmgrd.te        | 2 ++
 sepolicy/property_contexts | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/sepolicy/netmgrd.te b/sepolicy/netmgrd.te
index e3a0212..b98e8d9 100644
--- a/sepolicy/netmgrd.te
+++ b/sepolicy/netmgrd.te
@@ -2,3 +2,5 @@ allow netmgrd sysfs_net:dir search;
 allow netmgrd sysfs_net:file rw_file_perms;
 allow netmgrd property_socket:sock_file write;
 allow netmgrd init:unix_stream_socket connectto;
+
+set_prop(netmgrd, vendor_xlat_prop)
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index a472b82..1ae2e9b 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -1,6 +1,9 @@
 # Camera
 persist.camera.                                  u:object_r:camera_prop:s0
 
+# Netmgrd
+persist.net.doxlat                               u:object_r:vendor_xlat_prop:s0
+
 # OEM unlocking
 ro.oem_unlock_supported                          u:object_r:oem_unlock_prop:s0
 
-- 
cgit v1.2.3