From a76088362ec4bb6ee91820dab7dbf225e43baa83 Mon Sep 17 00:00:00 2001
From: Christopher Wiley <wiley@google.com>
Date: Tue, 12 Jul 2016 14:30:21 -0700
Subject: [PATCH] Tag hostapd binary with CAP_NET_ADMIN | CAP_NET_RAW

Bug: 30041118
Change-Id: I14d1fd601fc4bce12c563a2004e91bd8ba0f42c3
Test: hostapd can start as the wifi user with these capabilities.
(cherry picked from commit 25024901781db197880fc398e43c76008ecde524)
---
 libcutils/fs_config.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libcutils/fs_config.c b/libcutils/fs_config.c
index 840ac86f8..2922ec4a7 100644
--- a/libcutils/fs_config.c
+++ b/libcutils/fs_config.c
@@ -142,6 +142,10 @@ static const struct fs_path_config android_files[] = {
     { 00750, AID_ROOT,      AID_SHELL,     CAP_MASK_LONG(CAP_SETUID) | CAP_MASK_LONG(CAP_SETGID), "system/bin/run-as" },
     { 00700, AID_SYSTEM,    AID_SHELL,     CAP_MASK_LONG(CAP_BLOCK_SUSPEND), "system/bin/inputflinger" },
 
+    /* Support hostapd administering a network interface. */
+    { 00755, AID_WIFI,      AID_WIFI,     CAP_MASK_LONG(CAP_NET_ADMIN) |
+                                          CAP_MASK_LONG(CAP_NET_RAW),    "system/bin/hostapd" },
+
     { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/uncrypt" },
     { 00750, AID_ROOT,      AID_ROOT,      0, "system/bin/install-recovery.sh" },
     { 00755, AID_ROOT,      AID_SHELL,     0, "system/bin/*" },