From c466a683050fcffeced82de01290b200f11b9569 Mon Sep 17 00:00:00 2001
From: Star Chang <starchang@google.com>
Date: Thu, 30 Jun 2022 12:07:32 +0000
Subject: [PATCH] wifi_sniffer: Add policy to allow wifi sniffer to access wifi
 firmware related files.

Add policy to allow wifi_sniffer daemon to access wifi firmware related
files.

To fix the denial message:
[85544.205505] type=1400 audit(1656381950.486:90): avc: denied { search
} for comm="wifi_sniffer" name="wifi" dev="sysfs" ino=97256
scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=dir permissive=1
[85544.206027] type=1400 audit(1656381950.486:91): avc: denied { write }
for comm="wifi_sniffer" name="firmware_path" dev="sysfs" ino=97268
scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1
[85544.206206] type=1400 audit(1656381950.486:92): avc: denied { open }
for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs"
ino=97268 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1
[85544.206349] type=1400 audit(1656381950.486:93): avc: denied { getattr
} for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs"
ino=97268 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1

Bug: 237465412
Test: wifi_sniffer is workable
Change-Id: I5500be87d2b670e29c08d026872a6b304109f7a3
---
 whitechapel_pro/wifi_sniffer.te | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 whitechapel_pro/wifi_sniffer.te

diff --git a/whitechapel_pro/wifi_sniffer.te b/whitechapel_pro/wifi_sniffer.te
new file mode 100644
index 00000000..1faffcea
--- /dev/null
+++ b/whitechapel_pro/wifi_sniffer.te
@@ -0,0 +1,4 @@
+userdebug_or_eng(`
+allow wifi_sniffer sysfs_wifi:dir search;
+allow wifi_sniffer sysfs_wifi:file rw_file_perms;
+')