From 85e3e7d6e1fb8a1fce326409cbe953f4070ee757 Mon Sep 17 00:00:00 2001
From: Roshan Pius <rpius@google.com>
Date: Mon, 12 Dec 2016 10:18:51 -0800
Subject: [PATCH] hal_wifi: Allow HAL to reload wifi firmware

Need write permissions on the specified sysfs path for reloading
firmware.

Denials:
01-21 23:39:01.650  4669  4669 W android.hardwar: type=1400
audit(0.0:103): avc: denied { write } for name="fwpath" dev="sysfs"
ino=6847 scontext=u:r:hal_wifi:s0
tcontext=u:object_r:sysfs_wlan_fwpath:s0 tclass=file permissive=0
01-21 23:39:01.653  4669  4669 E android.hardware.wifi@1.0-service:
Failed to open wlan fw path param: Permission denied

Bug: 32018162
Test: Denials no longer present in the logs.
Change-Id: I1a468e7c2a2a4360a2b61f04f1940471d52d0dd6
---
 public/hal_wifi.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/public/hal_wifi.te b/public/hal_wifi.te
index a883d7907..7c5600b5d 100644
--- a/public/hal_wifi.te
+++ b/public/hal_wifi.te
@@ -20,3 +20,5 @@ allow hal_wifi self:capability { net_admin net_raw };
 allow hal_wifi self:netlink_socket create_socket_perms_no_ioctl;
 # newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets
 allow hal_wifi self:netlink_generic_socket create_socket_perms_no_ioctl;
+# hal_wifi writes firmware paths to this file.
+allow hal_wifi sysfs_wlan_fwpath:file { w_file_perms };
-- 
GitLab