wpa_supplicant(hidl): Handle file access denials

For new devices (launching with P+), we're removing the sepolicy
exception granted to wpa_supplicant to access /data/misc/wifi.

This causes a problem in the .conf file migration logic in the HIDL
interface. We currently identify clean (new/factory-reset/wiped) devices by
the ENOENT error code, which indicates the legacy conf file does not
exist. But, with the sepolicy exception removed for new devices, we will
now receive an error code of EACCESS instead of ENOENT.
For older devices (launched with O), the sepolicy exception
granted will continue and hence they would have access to /data/misc/wifi/
in P.

Bug: 72643420
Bug: 74120033
Test: Booted device in enforcing mode and completed the setup wizard.
Change-Id: I4ca0cf97420f2cd377f02d856e26b9a92c3631c2
diff --git a/wpa_supplicant/hidl/1.1/supplicant.cpp b/wpa_supplicant/hidl/1.1/supplicant.cpp
index 7631eac..4785c37 100644
--- a/wpa_supplicant/hidl/1.1/supplicant.cpp
+++ b/wpa_supplicant/hidl/1.1/supplicant.cpp
@@ -62,7 +62,7 @@
 /**
  * Copy |src_file_path| to |dest_file_path| if it exists.
  *
- * Returns 1 if |src_file_path| does not exists,
+ * Returns 1 if |src_file_path| does not exist or not accessible,
  * Returns -1 if the copy fails.
  * Returns 0 if the copy succeeds.
  */
@@ -70,7 +70,8 @@
     const std::string& src_file_path, const std::string& dest_file_path)
 {
 	int ret = access(src_file_path.c_str(), R_OK);
-	if ((ret != 0) && (errno == ENOENT)) {
+	// Sepolicy denial (2018+ device) will return EACCESS instead of ENOENT.
+	if ((ret != 0) && ((errno == ENOENT) || (errno == EACCES))) {
 		return 1;
 	}
 	ret = copyFile(src_file_path, dest_file_path);