From 2c831009a59f122fc870bedb6ed084eb5aeea0b0 Mon Sep 17 00:00:00 2001
From: Geremy Condra <gcondra@google.com>
Date: Tue, 2 Apr 2013 21:34:41 -0700
Subject: [PATCH] Fix various SELinux denials.

Change-Id: I73a2b841ab3399b7528b8084a5c4736e6ecea48a
---
 adbd.te   | 2 +-
 system.te | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/adbd.te b/adbd.te
index 074f35b00..8b809e2c8 100644
--- a/adbd.te
+++ b/adbd.te
@@ -4,7 +4,7 @@ type adbd, domain, mlstrustedsubject;
 allow adbd adb_device:chr_file rw_file_perms;
 allow adbd qemu_device:chr_file rw_file_perms;
 allow adbd self:capability { net_raw setgid setuid dac_override sys_boot sys_admin };
-allow adbd rootfs:file { read entrypoint };
+allow adbd rootfs:file { r_file_perms entrypoint };
 allow adbd init:process sigchld;
 allow adbd self:tcp_socket *;
 allow adbd self:unix_stream_socket *;
diff --git a/system.te b/system.te
index 503bd3c71..451eb63a2 100644
--- a/system.te
+++ b/system.te
@@ -112,6 +112,7 @@ unix_socket_connect(system, gps, gpsd)
 unix_socket_connect(system, bluetooth, bluetoothd)
 unix_socket_connect(system, racoon, racoon)
 unix_socket_send(system, wpa, wpa)
+unix_socket_send(system, wpa, init)
 
 # Communicate over a socket created by surfaceflinger.
 allow system surfaceflinger:unix_stream_socket { read write setopt };
-- 
GitLab