sepolicy: Add create socket file permission for vendor_wcnss_service

cnss_cli use unix socket to communicate with cnss-daemon. cnss-daemon need create unix socket server file when init. Change-Id: Ibbe1eb1f418da17c0155a0663f6a94d8777ef80f
author: Baowei Liu <quic_baowei@quicinc.com> 2021-11-22 14:07:21 +0800
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2021-11-30 00:24:53 -0800
commit: 639219bf3a7a356a04d3a70b6146a9c1e591921b (patch)
tree: ec1d1f7681caec19922b91106269bd6bb31829e4
parent: f6efb39ffb93cdf41187e3a306b1bab9baab681a (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/qva/vendor/common/wcnss_service.te b/qva/vendor/common/wcnss_service.te
index 46a9f323..7b68a048 100644
--- a/qva/vendor/common/wcnss_service.te
+++ b/qva/vendor/common/wcnss_service.te
@@ -32,3 +32,10 @@ unix_socket_connect(vendor_wcnss_service, vendor_wigignpt, vendor_wigignpt)
 allow vendor_wcnss_service self:capability net_admin;
 allow vendor_wcnss_service kmsg_device:chr_file { write open };
 allow vendor_wcnss_service proc_net:file read;
+
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir create_dir_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir r_dir_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file create_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file rw_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file create_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file rw_file_perms;
author	Baowei Liu <quic_baowei@quicinc.com>	2021-11-22 14:07:21 +0800
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2021-11-30 00:24:53 -0800
commit	639219bf3a7a356a04d3a70b6146a9c1e591921b (patch)
tree	ec1d1f7681caec19922b91106269bd6bb31829e4
parent	f6efb39ffb93cdf41187e3a306b1bab9baab681a (diff)