sm6225-common: sepolicy: Initial import sepolicy
Change-Id: Id0975fa225f837ae4ef4d6795e7a479caf09dc2b
Signed-off-by: ReStranger <restranger@disroot.org>
diff --git a/sepolicy/private/property_contexts b/sepolicy/private/property_contexts
new file mode 100644
index 0000000..78141a5
--- /dev/null
+++ b/sepolicy/private/property_contexts
@@ -0,0 +1,26 @@
+# Camera
+ro.camera. u:object_r:exported_default_prop:s0
+
+# Fingerprint
+gf.debug. u:object_r:vendor_fp_prop:s0
+
+# GLobal
+ro.boot.hwc u:object_r:exported_default_prop:s0
+ro.boot.hwname u:object_r:exported_default_prop:s0
+ro.boot.hwversion u:object_r:exported_default_prop:s0
+ro.build.flavor u:object_r:build_prop:s0
+
+# Hardware
+ro.hardware.chipname u:object_r:exported_default_prop:s0
+
+# MIUI
+ro.cust.test u:object_r:exported_system_prop:s0
+ro.miui. u:object_r:exported_system_prop:s0
+ro.fota.oem u:object_r:exported_system_prop:s0
+ro.product.mod_device u:object_r:build_prop:s0
+ro.product.marketname u:object_r:build_prop:s0
+
+# WiFi
+ro.wlan.bdf u:object_r:vendor_public_vendor_default_prop:s0
+ro.wlan.chip u:object_r:vendor_public_vendor_default_prop:s0
+ro.ril.oem.wifimac u:object_r:vendor_wifimac_prop:s0
diff --git a/sepolicy/private/system_server.te b/sepolicy/private/system_server.te
new file mode 100644
index 0000000..b9d8ced
--- /dev/null
+++ b/sepolicy/private/system_server.te
@@ -0,0 +1,3 @@
+allow system_server audioserver_tmpfs:file { write };
+allow system_server mediaserver_tmpfs:file { write };
+allow system_server system_file:file { open read getattr };
diff --git a/sepolicy/private/system_suspend.te b/sepolicy/private/system_suspend.te
new file mode 100644
index 0000000..df3ee0c
--- /dev/null
+++ b/sepolicy/private/system_suspend.te
@@ -0,0 +1,5 @@
+allow system_suspend sysfs:dir { open read };
+allow system_suspend sysfs:file { getattr };
+allow system_suspend sysfs_net:dir { open read };
+allow system_suspend sysfs_net:file { open read };
+dontaudit system_suspend sysfs:file { open read };