From 97ff0e6d32e0fb32caf84ccfaff3ea0fe8ea869a Mon Sep 17 00:00:00 2001
From: "Kevin F. Haggerty" <haggertk@lineageos.org>
Date: Sat, 20 Oct 2018 17:25:18 -0600
Subject: [PATCH] msm8974-common: sepolicy: Label sysfs_net, resolve denials

* avc: denied { getattr } for path="/sys/devices/msm_sdcc.2/mmc_host/
  mmc0/mmc0:0001/mmc0:0001:2/net/wlan0/phy80211" dev="sysfs"
  ino=29873 scontext=u:r:hal_wifi_hostapd_default:s0
  tcontext=u:object_r:sysfs_net:s0 tclass=lnk_file permissive=0
* avc: denied { read } for name="phy80211" dev="sysfs" ino=29823
  scontext=u:r:hal_wifi_hostapd_default:s0
  tcontext=u:object_r:sysfs_net:s0 tclass=lnk_file permissive=0

Change-Id: I6f40b8bdac2537b7000c02af6fac8277acb2a718
---
 sepolicy/common/file_contexts               | 4 ++++
 sepolicy/common/hal_wifi_hostapd_default.te | 1 +
 2 files changed, 5 insertions(+)
 create mode 100644 sepolicy/common/hal_wifi_hostapd_default.te

diff --git a/sepolicy/common/file_contexts b/sepolicy/common/file_contexts
index 2c13ad5..2490cfe 100644
--- a/sepolicy/common/file_contexts
+++ b/sepolicy/common/file_contexts
@@ -61,6 +61,10 @@
 # sysfs - mdnie
 /sys/devices/virtual/mdnie/mdnie(/.*)?                  u:object_r:sysfs_mdnie:s0
 
+# sysfs - net
+/sys/devices/msm_sdcc\.[0-9]/mmc_host/.*/net(/.*)?      u:object_r:sysfs_net:s0
+/sys/devices/virtual/net(/.*)?                          u:object_r:sysfs_net:s0
+
 # sysfs - sec
 /sys/devices/platform/sec-thermistor(/.*)?              u:object_r:sysfs_sec_thermistor:s0
 /sys/devices/virtual/sec/bamdmux(/.*)?                  u:object_r:sysfs_sec_bamdmux:s0
diff --git a/sepolicy/common/hal_wifi_hostapd_default.te b/sepolicy/common/hal_wifi_hostapd_default.te
new file mode 100644
index 0000000..34c1bd2
--- /dev/null
+++ b/sepolicy/common/hal_wifi_hostapd_default.te
@@ -0,0 +1 @@
+allow hal_wifi_hostapd_default sysfs_net:lnk_file { getattr read };