Lines Matching refs:netd

1 typeattribute netd coredomain;
3 init_daemon_domain(netd)
5 # Allow netd to spawn dnsmasq in it's own domain
6 domain_auto_trans(netd, dnsmasq_exec, dnsmasq)
8 # Allow netd to start clatd in its own domain and kill it
9 domain_auto_trans(netd, clatd_exec, clatd)
10 allow netd clatd:process signal;
12 # give netd permission to setup iptables rule with xt_bpf, attach program to cgroup, and read/write
14 allow netd bpfloader:bpf { prog_run map_read map_write };
18 allow netd self:key_socket create;
20 set_prop(netd, ctl_mdnsd_prop)
21 set_prop(netd, netd_stable_secret_prop)
23 get_prop(netd, bpf_progs_loaded_prop)
24 get_prop(netd, hwservicemanager_prop)
25 get_prop(netd, device_config_netd_native_prop)
27 # Allow netd to write to statsd.
28 unix_socket_send(netd, statsdw, statsd)
30 # Allow netd to send callbacks to network_stack
31 binder_call(netd, network_stack)
33 # Allow netd to send dump info to dumpstate
34 allow netd dumpstate:fd use;
35 allow netd dumpstate:fifo_file { getattr write };
37 # persist.netd.stable_secret contains RFC 7217 secret key which should never be
39 neverallow { domain -netd -init -dumpstate } netd_stable_secret_prop:file r_file_perms;
41 # We want to ensure that no other process ever tries tampering with persist.netd.stable_secret,
42 # the RFC 7217 secret key managed by netd. Doing so could compromise user privacy.
43 neverallow { domain -netd -init } netd_stable_secret_prop:property_service set;