commit 5bca3e860d34b3aff070a38bfd39caa74cade443
author Roshan Pius <rpius@google.com> Fri Dec 22 15:03:15 2017 -0800
committer Roshan Pius <rpius@google.com> Fri Jan 12 14:05:38 2018 -0800
tree 9830451f706dbe9c550599887d1caf2cd88ef75f
parent a4e83bc5f36d908b19aff88eb2a6829ff6053134

sepolicy(hostapd): Add a HIDL interface for hostapd

Change sepolicy permissions to now classify hostapd as a HAL exposing
HIDL interface.

Sepolicy denial for accessing /data/vendor/misc/wifi/hostapd:
12-27 23:40:55.913  4952  4952 W hostapd : type=1400 audit(0.0:19): avc:
denied { write } for name="hostapd" dev="sda13" ino=4587601
scontext=u:r:hal_wifi_hostapd_default:s0
tcontext=u:object_r:system_data_file:s0 tclass=dir permissive=0

01-02 19:07:16.938  5791  5791 W hostapd : type=1400 audit(0.0:31): avc:
denied { search } for name="net" dev="sysfs" ino=30521
scontext=u:r:hal_wifi_hostapd_default:s0
tcontext=u:object_r:sysfs_net:s0 tclass=dir permissive=0

Bug: 36646171
Test: Device boots up and able to turn on SoftAp.
Change-Id: Ibacfcc938deab40096b54b8d0e608d53ca91b947

private/compat/26.0/26.0.ignore.cil

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 5b30be0..aad4bee 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -34,6 +34,7 @@
     hal_lowpan_hwservice
     hal_neuralnetworks_hwservice
     hal_tetheroffload_hwservice
+    hal_wifi_hostapd_hwservice
     hal_wifi_offload_hwservice
     kmsg_debug_device
     last_boot_reason_prop

private/hwservice_contexts

diff --git a/private/hwservice_contexts b/private/hwservice_contexts
index a98c68a..316c34c 100644
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@@ -47,6 +47,7 @@
 android.hardware.vr::IVr                                        u:object_r:hal_vr_hwservice:s0
 android.hardware.weaver::IWeaver                                u:object_r:hal_weaver_hwservice:s0
 android.hardware.wifi::IWifi                                    u:object_r:hal_wifi_hwservice:s0
+android.hardware.wifi.hostapd::IHostapd                         u:object_r:hal_wifi_hostapd_hwservice:s0
 android.hardware.wifi.offload::IOffload                         u:object_r:hal_wifi_offload_hwservice:s0
 android.hardware.wifi.supplicant::ISupplicant                   u:object_r:hal_wifi_supplicant_hwservice:s0
 android.hidl.allocator::IAllocator                              u:object_r:hidl_allocator_hwservice:s0

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index 973b017..48ae95d 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -202,6 +202,7 @@
 hal_client_domain(system_server, hal_vr)
 hal_client_domain(system_server, hal_weaver)
 hal_client_domain(system_server, hal_wifi)
+hal_client_domain(system_server, hal_wifi_hostapd)
 hal_client_domain(system_server, hal_wifi_offload)
 hal_client_domain(system_server, hal_wifi_supplicant)