diff --git a/hostapd.te b/hostapd.te
index a6ca0e754f220081d8173c6abfdc6f85cfea5a25..caa7b6ddf3f17d9ea03c67a8cf8ccb2802c8706b 100644
--- a/hostapd.te
+++ b/hostapd.te
@@ -11,6 +11,7 @@ allow hostapd self:udp_socket { create ioctl };
 
 allow hostapd wifi_data_file:file rw_file_perms;
 allow hostapd wifi_data_file:dir create_dir_perms;
+type_transition hostapd wifi_data_file:dir wpa_socket "sockets";
 allow hostapd wpa_socket:dir create_dir_perms;
 allow hostapd wpa_socket:sock_file create_file_perms;
 allow hostapd netd:fd use;
diff --git a/wpa_supplicant.te b/wpa_supplicant.te
index 2f51ff322c3719b372815b22fd43b48adbc37dda..ae4b96ccf036557c5048ed46b7cc9af56f158474 100644
--- a/wpa_supplicant.te
+++ b/wpa_supplicant.te
@@ -19,8 +19,8 @@ binder_use(wpa)
 binder_call(wpa, keystore)
 
 # Create a socket for receiving info from wpa
-type_transition wpa wifi_data_file:sock_file wpa_socket;
-allow wpa wpa_socket:dir { rw_dir_perms setattr };
+type_transition wpa wifi_data_file:dir wpa_socket "sockets";
+allow wpa wpa_socket:dir create_dir_perms;
 allow wpa wpa_socket:sock_file create_file_perms;
 
 # Allow wpa_cli to work. wpa_cli creates a socket in