Move platform/vendor data violations to device policy Sharing data folders by path will be disallowed because it violates the approved API between platform and vendor components tested by VTS. Move all violating permissions from core selinux policy to device specific policy so that we can exempt existing devices from the ban and enforce it on new devices. Bug: 34980020 Test: build Change-Id: I9821151e67e33ac60aa7a57a5ab1e6a1024bf418

commit: a9b668805c9f27e4b50766033e527dd19d73d18f [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Wed Nov 29 17:19:16 2017 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Wed Nov 29 17:20:51 2017 -0800
tree: 06ff68e9afeec144cea177c9f6313f7df729cc3c
parent: 3ff58fd0b65c2aff0994f40e9230885ea469b27d [diff]
diff --git a/sepolicy/hal_wifi_supplicant.te b/sepolicy/hal_wifi_supplicant.te
index 90628c1..7137b06 100644
--- a/sepolicy/hal_wifi_supplicant.te
+++ b/sepolicy/hal_wifi_supplicant.te

@@ -1,2 +1,9 @@
 allow hal_wifi_supplicant efs_file:dir r_dir_perms;
 allow hal_wifi_supplicant efs_file:file rw_file_perms;
+
+allow hal_wifi_supplicant wifi_data_file:dir create_dir_perms;
+allow hal_wifi_supplicant wifi_data_file:file create_file_perms;
+
+# Create a socket for receiving info from wpa
+allow hal_wifi_supplicant wpa_socket:dir create_dir_perms;
+allow hal_wifi_supplicant wpa_socket:sock_file create_file_perms;
commit	a9b668805c9f27e4b50766033e527dd19d73d18f	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Wed Nov 29 17:19:16 2017 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Wed Nov 29 17:20:51 2017 -0800
tree	06ff68e9afeec144cea177c9f6313f7df729cc3c
parent	3ff58fd0b65c2aff0994f40e9230885ea469b27d [diff]