From cd259e551a21590709046d14fab0757ff00d8baa Mon Sep 17 00:00:00 2001
From: Arian <arian.kulmer@web.de>
Date: Wed, 3 Nov 2021 23:49:10 +0100
Subject: sepolicy_vndr: qva: Allow vendor_cnd to read wifi_hal_prop

W libc    : Access denied finding property "wifi.interface"
W cnd     : type=1400 audit(0.0:22): avc: denied { read } for name="u:object_r:wifi_hal_prop:s0" dev="tmpfs" ino=26257 scontext=u:r:vendor_cnd:s0 tcontext=u:object_r:wifi_hal_prop:s0 tclass=file permissive=0

Change-Id: I6cf8ad4133ca3013d844d4ef3b2701de22f408b0
---
 qva/vendor/common/cnd.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/qva/vendor/common/cnd.te b/qva/vendor/common/cnd.te
index c4f019b9..d7ae7503 100644
--- a/qva/vendor/common/cnd.te
+++ b/qva/vendor/common/cnd.te
@@ -45,6 +45,9 @@ allow vendor_cnd self:{
 allow vendor_cnd vendor_wifi_vendor_data_file:dir r_dir_perms;
 allow vendor_cnd vendor_wifi_vendor_wpa_socket:sock_file write;
 
+# allow vendor_cnd to read wifi_hal_prop
+get_prop(vendor_cnd, wifi_hal_prop)
+
 #allow vendor_cnd daemon to invoke hostapd_cli
 allow vendor_cnd vendor_shell_exec:file rx_file_perms;
 domain_auto_trans(vendor_cnd, vendor_hostapd_exec, vendor_hostapd)
-- 
cgit v1.2.3