Merge "Hide denial for wpa_supplicant writing to /data/misc/wifi."
This commit is contained in:
Treehugger Robot
Gerrit Code Review
commit
1356a75fd5
1 changed files with 8 additions and 0 deletions
8
vendor/hal_wifi_supplicant_default.te
vendored
8
vendor/hal_wifi_supplicant_default.te
vendored
|
|
@ -15,3 +15,11 @@ binder_call(hal_wifi_supplicant_default, wifi_keystore_service_server)
|
|||
|
||||
# Write to security logs for audit.
|
||||
get_prop(hal_wifi_supplicant_default, device_logging_prop)
|
||||
|
||||
# Devices upgrading to P may grant this permission in device-specific
|
||||
# policy along with the data_between_core_and_vendor_violators
|
||||
# attribute needed for an exemption. However, devices that launch with
|
||||
# P should use /data/vendor/wifi, which is already granted in core
|
||||
# policy. This is dontaudited here to avoid conditional
|
||||
# device-specific behavior in wpa_supplicant.
|
||||
dontaudit hal_wifi_supplicant_default wifi_data_file:dir search;
|
||||
|
|
|
|||
Loading…
Reference in a new issue