Merge "sepolicy: Fix 'avc denied' issues for the emulators"

target/board/generic/sepolicy/domain.te

@@ -1,3 +1,5 @@
 # For /sys/qemu_trace files in the emulator.
 allow domain sysfs_writable:file rw_file_perms;
 allow domain qemu_device:chr_file rw_file_perms;
+
+get_prop(domain, qemu_prop)

target/board/generic/sepolicy/goldfish_setup.te

@@ -13,6 +13,8 @@ allow goldfish_setup toolbox_exec:file rx_file_perms;
 allow goldfish_setup self:capability { net_admin net_raw };
 allow goldfish_setup self:udp_socket create_socket_perms;
 
+net_domain(goldfish_setup)
+
 # Set net.eth0.dns*, debug.sf.nobootanimation
 set_prop(goldfish_setup, system_prop)
 set_prop(goldfish_setup, debug_prop)

target/board/generic/sepolicy/netd.te

@@ -0,0 +1 @@
+dontaudit netd self:capability sys_module;