From 72ed615228735cd714c9569d8cc172c52f2a50f2 Mon Sep 17 00:00:00 2001
From: Alan Stokes <alanstokes@google.com>
Date: Wed, 18 Apr 2018 17:46:53 +0100
Subject: [PATCH] Allow wpa_supplicant to write to files in /proc/net.

This is needed for interface configuration - see e.g. nl80211_configure_data_frame_filters.

Bug: 77903086
Test: WiFi still working

Change-Id: I4b5e2b59eeeb6d0ac19dbcbcf0e7e80942247893
---
 vendor/hal_wifi_supplicant_default.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vendor/hal_wifi_supplicant_default.te b/vendor/hal_wifi_supplicant_default.te
index cca80947c..a345f297b 100644
--- a/vendor/hal_wifi_supplicant_default.te
+++ b/vendor/hal_wifi_supplicant_default.te
@@ -8,6 +8,9 @@ net_domain(hal_wifi_supplicant_default)
 # Create a socket for receiving info from wpa
 type_transition hal_wifi_supplicant_default wifi_data_file:dir wpa_socket "sockets";
 
+# Allow wpa_supplicant to configure nl80211
+allow hal_wifi_supplicant_default proc_net:file write;
+
 # Allow wpa_supplicant to talk to Wifi Keystore HwBinder service.
 hwbinder_use(hal_wifi_supplicant_default)
 allow hal_wifi_supplicant_default system_wifi_keystore_hwservice:hwservice_manager find;
-- 
GitLab