parser: add support for kernel 4.17 v8 networking

Make it so the parser can properly support network socket mediation
in the upstream kernel,

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/521
Signed-off-by: John Johansen <john.johansen@canonical.com>

parser/af_unix.cc

@@ -196,17 +196,11 @@ void unix_rule::downgrade_rule(Profile &prof) {
 	}
 }
 
-static uint32_t map_perms(uint32_t mask)
-{
-	return (mask & 0x7f) |
-		((mask & (AA_NET_GETATTR | AA_NET_SETATTR)) << (AA_OTHER_SHIFT - 8)) |
-		((mask & (AA_NET_ACCEPT | AA_NET_BIND | AA_NET_LISTEN)) >> 4) | /* 2 + (AA_OTHER_SHIFT - 20) */
-		((mask & (AA_NET_SETOPT | AA_NET_GETOPT)) >> 5); /* 5 + (AA_OTHER_SHIFT - 24) */
-}
-
 void unix_rule::write_to_prot(std::ostringstream &buffer)
 {
-	buffer << "\\x" << std::setfill('0') << std::setw(2) << std::hex << AA_CLASS_NET;
+	int c = features_supports_networkv8 ? AA_CLASS_NETV8 : AA_CLASS_NET;
+
+	buffer << "\\x" << std::setfill('0') << std::setw(2) << std::hex << c;
 	writeu16(buffer, AF_UNIX);
 	if (sock_type)
 		writeu16(buffer, sock_type_n);
@@ -306,7 +300,7 @@ int unix_rule::gen_policy_re(Profile &prof)
 	 */
 	downgrade_rule(prof);
 	if (!features_supports_unix) {
-		if (features_supports_network) {
+		if (features_supports_network || features_supports_networkv8) {
 			/* only warn if we are building against a kernel
 			 * that requires downgrading */
 			if (warnflags & WARN_RULE_DOWNGRADED)