From 069de3333d40551420547333b179cd78d7534b19 Mon Sep 17 00:00:00 2001
From: Hsiu-Chang Chen <hsiuchangchen@google.com>
Date: Thu, 6 Jan 2022 10:36:23 +0800
Subject: [PATCH] wifi: Add sepolicy for qcom driver control interface

01-06 11:55:38.816   796   796 I auditd  : type=1400 audit(0.0:281): avc: denied { write } for comm="wifi_ext@1.0-se" name="wlan" dev="tmpfs" ino=984 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
01-06 11:55:38.820   796   796 I auditd  : type=1400 audit(0.0:282): avc: denied { open } for comm="wifi_ext@1.0-se" path="/dev/wlan" dev="tmpfs" ino=984 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1

Bug: 209934729
Test: Basic function tests, SSR tests
Change-Id: Id6afd0580f8792eeb7ef8a25d42724ec79696875
---
 vendor/device.te       | 2 ++
 vendor/file_contexts   | 3 +++
 vendor/hal_wifi_ext.te | 1 +
 3 files changed, 6 insertions(+)
 create mode 100644 vendor/device.te
 create mode 100644 vendor/hal_wifi_ext.te

diff --git a/vendor/device.te b/vendor/device.te
new file mode 100644
index 0000000..3e16875
--- /dev/null
+++ b/vendor/device.te
@@ -0,0 +1,2 @@
+# Wifi
+type vendor_wlan_device, dev_type;
\ No newline at end of file
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 30e57a0..46faec0 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -7,3 +7,6 @@
 /dev/lwis-sensor-imx712                                                     u:object_r:lwis_device:s0
 /dev/lwis-sensor-imx712-uw                                                  u:object_r:lwis_device:s0
 /dev/lwis-sensor-imx787                                                     u:object_r:lwis_device:s0
+
+# Wifi
+/dev/wlan                               u:object_r:vendor_wlan_device:s0
diff --git a/vendor/hal_wifi_ext.te b/vendor/hal_wifi_ext.te
new file mode 100644
index 0000000..c5cf260
--- /dev/null
+++ b/vendor/hal_wifi_ext.te
@@ -0,0 +1 @@
+allow hal_wifi_ext vendor_wlan_device:chr_file w_file_perms;