From 2818b902dcb74dbb6e6d45df6185d14f68928c3c Mon Sep 17 00:00:00 2001
From: Alan Stokes <alanstokes@google.com>
Date: Wed, 18 Apr 2018 17:46:53 +0100
Subject: [PATCH] Allow wpa_supplicant to write to files in /proc/net.

This is needed for interface configuration - see e.g. nl80211_configure_data_frame_filters.

Bug: 77903086
Test: Device boots, denial not seen, wifi works

(cherry picked from commit 72ed615228735cd714c9569d8cc172c52f2a50f2)

Change-Id: Ia781e7c56f6e8e77e654cd28ca34de09180e2213
Merged-In: Ia55c4af1fcee75ada0e67a162fdb92ecc0089312
---
 vendor/hal_wifi_supplicant_default.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vendor/hal_wifi_supplicant_default.te b/vendor/hal_wifi_supplicant_default.te
index 2e04dcf2c..a44672110 100644
--- a/vendor/hal_wifi_supplicant_default.te
+++ b/vendor/hal_wifi_supplicant_default.te
@@ -8,6 +8,9 @@ net_domain(hal_wifi_supplicant_default)
 # Create a socket for receiving info from wpa
 type_transition hal_wifi_supplicant_default wifi_data_file:dir wpa_socket "sockets";
 
+# Allow wpa_supplicant to configure nl80211
+allow hal_wifi_supplicant_default proc_net:file write;
+
 # Allow wpa_supplicant to talk to Wifi Keystore HwBinder service.
 hwbinder_use(hal_wifi_supplicant_default)
 allow hal_wifi_supplicant_default system_wifi_keystore_hwservice:hwservice_manager find;
-- 
GitLab