avc特例分析

01-01 11:49:18.089 W/ptt_socket_app(  315): type=1400 audit(0.0:4): avc: denied { net_raw } for capability=13 scontext=u:r:wcnss_service:s0 tcontext=u:r:wcnss_service:s0 tclass=capability permissive=0
01-01 11:49:18.100 D/WLAN_PSA(  315): PTT_SOCKET_APP Start

比較特別的地方
scontext=u:r:wcnss_service:s0 tcontext=u:r:wcnss_service:s0 tclass=capability permissive=0
解決方案：

# meig:jicong.wang modify for bug 11119 start
allow wcnss_service self:capability {
    net_admin
    net_bind_service
    net_raw
    dac_override
};
#meig:jicong.wang modify for bug 11119 end