Merge "Fix the missing nlmsg_read for netlink_xfrm_socket" am: 1965e156d4 am: fe0f25f3dd am: 64a01b66b7 Change-Id: I4398775a2acf00183d8967fb144029ec9cc814c7

commit: 6c1cb0d184352866ca9fdb83242a826223c49327 [log] [tgz]
author: Jayachandran Chinnakkannu <jayachandranc@google.com> Sat Mar 04 00:52:53 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Sat Mar 04 00:52:53 2017 +0000
tree: 1d70e49abd6bdde825da4461f6eac36fd2816fad
parent: d82ad1be4ed4040b9488f88832cfe49b76d7081f [diff]
parent: 64a01b66b7b36d5946f4d3fc857516beb9c81120 [diff]
diff --git a/sepolicy/netmgrd.te b/sepolicy/netmgrd.te
index 353a4bd..b534801 100644
--- a/sepolicy/netmgrd.te
+++ b/sepolicy/netmgrd.te

@@ -39,7 +39,7 @@
 # netmgrd sockets
 allow netmgrd self:netlink_route_socket { create_socket_perms_no_ioctl nlmsg_read nlmsg_write };
 allow netmgrd self:netlink_socket create_socket_perms_no_ioctl;
-allow netmgrd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_write };
+allow netmgrd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_read nlmsg_write };
 allow netmgrd self:rawip_socket create_socket_perms_no_ioctl;
 allow netmgrd self:socket create_socket_perms;
 # in addition to ioctl commands granted to domain allow netmgrd to use:
commit	6c1cb0d184352866ca9fdb83242a826223c49327	[log] [tgz]
author	Jayachandran Chinnakkannu <jayachandranc@google.com>	Sat Mar 04 00:52:53 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Sat Mar 04 00:52:53 2017 +0000
tree	1d70e49abd6bdde825da4461f6eac36fd2816fad
parent	d82ad1be4ed4040b9488f88832cfe49b76d7081f [diff]
parent	64a01b66b7b36d5946f4d3fc857516beb9c81120 [diff]