gs201: sepolicy: Regenerate

Change-Id: I39143fba971fbe24b4bcb5a1c205d040616837e7
2025-12-10 21:06:20 +02:00
parent ea8032d800
commit ce8eacb771
39 changed files with 98 additions and 100 deletions
--- a/sepolicy/product/private/pbcs_app.te
+++ b/sepolicy/product/private/pbcs_app.te
@@ -1,11 +1,11 @@
 app_domain(vendor_pbcs_app)
 typeattribute vendor_pbcs_app coredomain;
 add_service(vendor_pbcs_app, camera_binder_service)
 add_service(vendor_pbcs_app, camera_cameraidremapper_service)
 add_service(vendor_pbcs_app, camera_lyricconfigprovider_service)
 app_domain(vendor_pbcs_app)
 allow vendor_pbcs_app app_api_service:service_manager find;
 allow vendor_pbcs_app cameraserver_service:service_manager find;
--- a/sepolicy/product/private/pcs_app.te
+++ b/sepolicy/product/private/pcs_app.te
@@ -1,11 +1,11 @@
 typeattribute vendor_pcs_app coredomain;
 app_domain(vendor_pcs_app)
 bluetooth_domain(vendor_pcs_app)
 net_domain(vendor_pcs_app)
 typeattribute vendor_pcs_app coredomain;
 r_dir_file(vendor_pcs_app, preloads_data_file)
 r_dir_file(vendor_pcs_app, preloads_media_file)
--- a/sepolicy/system_ext/private/con_monitor_app.te
+++ b/sepolicy/system_ext/private/con_monitor_app.te
@@ -1,7 +1,7 @@
 typeattribute con_monitor_app coredomain;
 app_domain(con_monitor_app)
 typeattribute con_monitor_app coredomain;
 set_prop(con_monitor_app, radio_prop)
 allow con_monitor_app app_api_service:service_manager find;
--- a/sepolicy/system_ext/private/dcservice_app.te
+++ b/sepolicy/system_ext/private/dcservice_app.te
@@ -1,11 +1,11 @@
 typeattribute dcservice_app coredomain;
 app_domain(dcservice_app)
 get_prop(dcservice_app, bluetooth_lea_prop)
 net_domain(dcservice_app)
 typeattribute dcservice_app coredomain;
 get_prop(dcservice_app, bluetooth_lea_prop)
 set_prop(dcservice_app, ctl_start_prop)
 allow dcservice_app app_api_service:service_manager find;
--- a/sepolicy/system_ext/private/hbmsvmanager_app.te
+++ b/sepolicy/system_ext/private/hbmsvmanager_app.te
@@ -1,7 +1,7 @@
 typeattribute hbmsvmanager_app coredomain;
 app_domain(hbmsvmanager_app)
 typeattribute hbmsvmanager_app coredomain;
 allow hbmsvmanager_app app_api_service:service_manager find;
 allow hbmsvmanager_app cameraserver_service:service_manager find;
 allow hbmsvmanager_app proc_vendor_sched:dir r_dir_perms;
--- a/sepolicy/system_ext/private/pixelntnservice_app.te
+++ b/sepolicy/system_ext/private/pixelntnservice_app.te
@@ -1,7 +1,7 @@
 typeattribute pixelntnservice_app coredomain;
 app_domain(pixelntnservice_app)
 typeattribute pixelntnservice_app coredomain;
 set_prop(pixelntnservice_app, telephony_modem_prop)
 allow pixelntnservice_app app_api_service:service_manager find;
--- a/sepolicy/system_ext/private/platform_app.te
+++ b/sepolicy/system_ext/private/platform_app.te
@@ -1,3 +1,3 @@
 get_prop(platform_app, bluetooth_lea_prop)
 hal_client_domain(platform_app, hal_fingerprint)
 get_prop(platform_app, bluetooth_lea_prop)
--- a/sepolicy/vendor/battery_mitigation.te
+++ b/sepolicy/vendor/battery_mitigation.te
@@ -1,6 +1,9 @@
 type battery_mitigation, domain;
 type battery_mitigation_exec, exec_type, file_type, vendor_file_type;
 hal_client_domain(battery_mitigation, hal_health)
 hal_client_domain(battery_mitigation, hal_thermal)
 add_service(battery_mitigation, hal_battery_mitigation_service)
 binder_call(battery_mitigation, hal_audio_default)
@@ -10,9 +13,6 @@ get_prop(battery_mitigation, boot_status_prop)
 get_prop(battery_mitigation, system_boot_reason_prop)
 get_prop(battery_mitigation, vendor_brownout_reason_prop)
 hal_client_domain(battery_mitigation, hal_health)
 hal_client_domain(battery_mitigation, hal_thermal)
 init_daemon_domain(battery_mitigation)
 r_dir_file(battery_mitigation, sysfs_acpm_stats)
--- a/sepolicy/vendor/chre.te
+++ b/sepolicy/vendor/chre.te
@@ -1,10 +1,10 @@
 type chre, domain;
 type chre_exec, exec_type, file_type, vendor_file_type;
 binder_call(chre, stats_service_server)
 hal_client_domain(chre, hal_graphics_allocator)
 binder_call(chre, stats_service_server)
 init_daemon_domain(chre)
 wakelock_use(chre)
--- a/sepolicy/vendor/dump_exynos_display.te
+++ b/sepolicy/vendor/dump_exynos_display.te
@@ -1,7 +1,7 @@
 binder_call(dump_exynos_display, hal_graphics_composer_default)
 pixel_bugreport(dump_exynos_display)
 binder_call(dump_exynos_display, hal_graphics_composer_default)
 vndbinder_use(dump_exynos_display)
 allow dump_exynos_display sysfs_display:file r_file_perms;
--- a/sepolicy/vendor/dump_gsc.te
+++ b/sepolicy/vendor/dump_gsc.te
@@ -1,10 +1,10 @@
 type dump_gsc, domain;
 type dump_gsc_exec, exec_type, file_type, vendor_file_type;
 binder_call(dump_gsc, citadeld)
 hal_client_domain(dump_gsc, hal_dumpstate)
 binder_call(dump_gsc, citadeld)
 vndbinder_use(dump_gsc)
 allow dump_gsc citadel_updater:file execute_no_trans;
--- a/sepolicy/vendor/dump_storage.te
+++ b/sepolicy/vendor/dump_storage.te
@@ -1,7 +1,7 @@
 get_prop(dump_storage, boottime_public_prop)
 pixel_bugreport(dump_storage)
 get_prop(dump_storage, boottime_public_prop)
 allow dump_storage proc_f2fs:dir r_dir_perms;
 allow dump_storage proc_f2fs:file r_file_perms;
 allow dump_storage sysfs:file r_file_perms;
--- a/sepolicy/vendor/edgetpu_app.te
+++ b/sepolicy/vendor/edgetpu_app.te
@@ -2,13 +2,13 @@ type edgetpu_app_server, coredomain, domain;
 type edgetpu_app_server_exec, exec_type, file_type, system_file_type;
 type edgetpu_app_service, app_api_service, isolated_compute_allowed_service, service_manager_type;
 binder_service(edgetpu_app_server)
 add_service(edgetpu_app_server, edgetpu_app_service)
 binder_call(edgetpu_app_server, edgetpu_vendor_server)
 binder_call(edgetpu_app_server, system_server)
 binder_service(edgetpu_app_server)
 binder_use(edgetpu_app_server)
 get_prop(edgetpu_app_server, device_config_edgetpu_native_prop)
--- a/sepolicy/vendor/edgetpu_dba.te
+++ b/sepolicy/vendor/edgetpu_dba.te
@@ -2,12 +2,14 @@ type edgetpu_dba_server, domain;
 type edgetpu_dba_server_exec, exec_type, file_type, vendor_file_type;
 type edgetpu_dba_service, app_api_service, isolated_compute_allowed_service, service_manager_type;
 binder_service(edgetpu_dba_server)
 hal_client_domain(edgetpu_dba_server, hal_power)
 add_service(edgetpu_dba_server, edgetpu_dba_service)
 binder_call(edgetpu_dba_server, edgetpu_app_server)
 binder_service(edgetpu_dba_server)
 binder_use(edgetpu_dba_server)
 get_prop(edgetpu_dba_server, vendor_edgetpu_cpu_scheduler_prop)
@@ -15,8 +17,6 @@ get_prop(edgetpu_dba_server, vendor_edgetpu_runtime_prop)
 get_prop(edgetpu_dba_server, vendor_hetero_runtime_prop)
 get_prop(edgetpu_dba_server, vendor_tflite_delegate_prop)
 hal_client_domain(edgetpu_dba_server, hal_power)
 init_daemon_domain(edgetpu_dba_server)
 allow edgetpu_dba_server dmabuf_system_heap_device:chr_file r_file_perms;
--- a/sepolicy/vendor/edgetpu_tachyon.te
+++ b/sepolicy/vendor/edgetpu_tachyon.te
@@ -2,6 +2,8 @@ type edgetpu_tachyon_server, domain;
 type edgetpu_tachyon_server_exec, exec_type, file_type, vendor_file_type;
 type edgetpu_tachyon_service, app_api_service, isolated_compute_allowed_service, service_manager_type;
 binder_service(edgetpu_tachyon_server)
 add_service(edgetpu_tachyon_server, edgetpu_tachyon_service)
 binder_call(edgetpu_tachyon_server, edgetpu_app_server)
@@ -12,8 +14,6 @@ binder_call(edgetpu_tachyon_server, shell)
 binder_call(edgetpu_tachyon_server, system_server)
 binder_call(edgetpu_tachyon_server, untrusted_app_all)
 binder_service(edgetpu_tachyon_server)
 binder_use(edgetpu_tachyon_server)
 get_prop(edgetpu_tachyon_server, vendor_edgetpu_cpu_scheduler_prop)
--- a/sepolicy/vendor/edgetpu_vendor.te
+++ b/sepolicy/vendor/edgetpu_vendor.te
@@ -2,10 +2,10 @@ type edgetpu_vendor_server, domain;
 type edgetpu_vendor_server_exec, exec_type, file_type, vendor_file_type;
 type edgetpu_vendor_service, hal_service_type, service_manager_type;
 add_service(edgetpu_vendor_server, edgetpu_vendor_service)
 binder_service(edgetpu_vendor_server)
 add_service(edgetpu_vendor_server, edgetpu_vendor_service)
 binder_use(edgetpu_vendor_server)
 get_prop(edgetpu_vendor_server, vendor_hetero_runtime_prop)
--- a/sepolicy/vendor/grilservice_app.te
+++ b/sepolicy/vendor/grilservice_app.te
@@ -2,14 +2,14 @@ type grilservice_app, domain;
 app_domain(grilservice_app)
 hal_client_domain(grilservice_app, hal_power_stats)
 binder_call(grilservice_app, hal_audiometricext_default)
 binder_call(grilservice_app, hal_bluetooth_btlinux)
 binder_call(grilservice_app, hal_radioext_default)
 binder_call(grilservice_app, hal_wifi_ext)
 binder_call(grilservice_app, rild)
 hal_client_domain(grilservice_app, hal_power_stats)
 r_dir_file(grilservice_app, sysfs_irq)
 allow grilservice_app app_api_service:service_manager find;
--- a/sepolicy/vendor/hal_audio.te
+++ b/sepolicy/vendor/hal_audio.te
@@ -1,3 +1,7 @@
 hal_client_domain(hal_audio_default, hal_graphics_allocator)
 hal_client_domain(hal_audio_default, hal_health)
 hal_client_domain(hal_audio_default, hal_thermal)
 add_hwservice(hal_audio_default, hal_audio_ext_hwservice)
 binder_call(hal_audio_default, aocxd)
@@ -8,10 +12,6 @@ get_prop(hal_audio_default, vendor_edgetpu_runtime_prop)
 get_prop(hal_audio_default, vendor_hetero_runtime_prop)
 get_prop(hal_audio_default, vendor_tflite_delegate_prop)
 hal_client_domain(hal_audio_default, hal_graphics_allocator)
 hal_client_domain(hal_audio_default, hal_health)
 hal_client_domain(hal_audio_default, hal_thermal)
 perfetto_producer(hal_audio_default)
 r_dir_file(hal_audio_default, aoc_audio_file)
--- a/sepolicy/vendor/hal_authsecret_citadel.te
+++ b/sepolicy/vendor/hal_authsecret_citadel.te
@@ -1,10 +1,10 @@
 type hal_authsecret_citadel, domain;
 type hal_authsecret_citadel_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_authsecret_citadel, citadeld)
 hal_server_domain(hal_authsecret_citadel, hal_authsecret)
 binder_call(hal_authsecret_citadel, citadeld)
 init_daemon_domain(hal_authsecret_citadel)
 vndbinder_use(hal_authsecret_citadel)
--- a/sepolicy/vendor/hal_camera.te
+++ b/sepolicy/vendor/hal_camera.te
@@ -1,3 +1,8 @@
 hal_client_domain(hal_camera_default, hal_graphics_allocator)
 hal_client_domain(hal_camera_default, hal_graphics_composer)
 hal_client_domain(hal_camera_default, hal_power)
 hal_client_domain(hal_camera_default, hal_thermal)
 add_service(hal_camera_default, vendor_image_processing_hal_service)
 binder_call(hal_camera_default, edgetpu_app_server)
@@ -16,11 +21,6 @@ get_prop(hal_camera_default, vendor_gxp_prop)
 get_prop(hal_camera_default, vendor_hetero_runtime_prop)
 get_prop(hal_camera_default, vendor_tflite_delegate_prop)
 hal_client_domain(hal_camera_default, hal_graphics_allocator)
 hal_client_domain(hal_camera_default, hal_graphics_composer)
 hal_client_domain(hal_camera_default, hal_power)
 hal_client_domain(hal_camera_default, hal_thermal)
 set_prop(hal_camera_default, log_tag_prop)
 set_prop(hal_camera_default, vendor_camera_prop)
--- a/sepolicy/vendor/hal_contexthub.te
+++ b/sepolicy/vendor/hal_contexthub.te
@@ -1,10 +1,10 @@
 hal_client_domain(hal_contexthub_default, hal_graphics_allocator)
 binder_call(hal_contexthub_default, hal_sensors_default)
 binder_call(hal_contexthub_default, hal_wifi_ext)
 get_prop(hal_contexthub_default, vendor_aoc_prop)
 hal_client_domain(hal_contexthub_default, hal_graphics_allocator)
 unix_socket_connect(hal_contexthub_default, chre, chre)
 wakelock_use(hal_contexthub_default)
--- a/sepolicy/vendor/hal_fingerprint.te
+++ b/sepolicy/vendor/hal_fingerprint.te
@@ -1,12 +1,12 @@
 hal_client_domain(hal_fingerprint_default, hal_power)
 hal_client_domain(hal_fingerprint_default, hal_thermal)
 add_hwservice(hal_fingerprint_default, hal_fingerprint_ext_hwservice)
 binder_call(hal_fingerprint_default, hal_graphics_composer_default)
 get_prop(hal_fingerprint_default, fingerprint_ghbm_prop)
 hal_client_domain(hal_fingerprint_default, hal_power)
 hal_client_domain(hal_fingerprint_default, hal_thermal)
 r_dir_file(hal_fingerprint_default, sysfs_chosen)
 set_prop(hal_fingerprint_default, vendor_fingerprint_prop)
--- a/sepolicy/vendor/hal_graphics_composer.te
+++ b/sepolicy/vendor/hal_graphics_composer.te
@@ -1,3 +1,6 @@
 hal_client_domain(hal_graphics_composer_default, hal_graphics_allocator)
 hal_client_domain(hal_graphics_composer_default, hal_power)
 add_service(hal_graphics_composer_default, hal_pixel_display_service)
 add_service(hal_graphics_composer_default, vendor_displaycolor_service)
 add_service(hal_graphics_composer_default, vendor_surfaceflinger_vndservice)
@@ -6,9 +9,6 @@ get_prop(hal_graphics_composer_default, boot_status_prop)
 get_prop(hal_graphics_composer_default, device_config_surface_flinger_native_boot_prop)
 get_prop(hal_graphics_composer_default, vendor_persist_sys_default_prop)
 hal_client_domain(hal_graphics_composer_default, hal_graphics_allocator)
 hal_client_domain(hal_graphics_composer_default, hal_power)
 set_prop(hal_graphics_composer_default, vendor_display_prop)
 vndbinder_use(hal_graphics_composer_default)
--- a/sepolicy/vendor/hal_identity_citadel.te
+++ b/sepolicy/vendor/hal_identity_citadel.te
@@ -1,11 +1,11 @@
 type hal_identity_citadel, domain;
 type hal_identity_citadel_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_identity_citadel, citadeld)
 hal_server_domain(hal_identity_citadel, hal_identity)
 hal_server_domain(hal_identity_citadel, hal_keymint)
 binder_call(hal_identity_citadel, citadeld)
 init_daemon_domain(hal_identity_citadel)
 vndbinder_use(hal_identity_citadel)
--- a/sepolicy/vendor/hal_keymint_citadel.te
+++ b/sepolicy/vendor/hal_keymint_citadel.te
@@ -1,12 +1,12 @@
 type hal_keymint_citadel, domain;
 type hal_keymint_citadel_exec, exec_type, file_type, vendor_file_type;
 hal_server_domain(hal_keymint_citadel, hal_keymint)
 binder_call(hal_keymint_citadel, citadeld)
 get_prop(hal_keymint_citadel, vendor_security_patch_level_prop)
 hal_server_domain(hal_keymint_citadel, hal_keymint)
 init_daemon_domain(hal_keymint_citadel)
 vndbinder_use(hal_keymint_citadel)
--- a/sepolicy/vendor/hal_neuralnetworks_darwinn.te
+++ b/sepolicy/vendor/hal_neuralnetworks_darwinn.te
@@ -1,6 +1,11 @@
 type hal_neuralnetworks_darwinn, domain;
 type hal_neuralnetworks_darwinn_exec, exec_type, file_type, vendor_file_type;
 hal_client_domain(hal_neuralnetworks_darwinn, hal_graphics_allocator)
 hal_client_domain(hal_neuralnetworks_darwinn, hal_power)
 hal_server_domain(hal_neuralnetworks_darwinn, hal_neuralnetworks)
 add_service(hal_neuralnetworks_darwinn, edgetpu_nnapi_service)
 binder_call(hal_neuralnetworks_darwinn, edgetpu_app_server)
@@ -13,11 +18,6 @@ get_prop(hal_neuralnetworks_darwinn, vendor_edgetpu_runtime_prop)
 get_prop(hal_neuralnetworks_darwinn, vendor_hetero_runtime_prop)
 get_prop(hal_neuralnetworks_darwinn, vendor_tflite_delegate_prop)
 hal_client_domain(hal_neuralnetworks_darwinn, hal_graphics_allocator)
 hal_client_domain(hal_neuralnetworks_darwinn, hal_power)
 hal_server_domain(hal_neuralnetworks_darwinn, hal_neuralnetworks)
 hwbinder_use(hal_neuralnetworks_darwinn)
 init_daemon_domain(hal_neuralnetworks_darwinn)
--- a/sepolicy/vendor/hal_oemlock_citadel.te
+++ b/sepolicy/vendor/hal_oemlock_citadel.te
@@ -1,10 +1,10 @@
 type hal_oemlock_citadel, domain;
 type hal_oemlock_citadel_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_oemlock_citadel, citadeld)
 hal_server_domain(hal_oemlock_citadel, hal_oemlock)
 binder_call(hal_oemlock_citadel, citadeld)
 init_daemon_domain(hal_oemlock_citadel)
 vndbinder_use(hal_oemlock_citadel)
--- a/sepolicy/vendor/hal_secure_element_uicc.te
+++ b/sepolicy/vendor/hal_secure_element_uicc.te
@@ -1,10 +1,10 @@
 type hal_secure_element_uicc, domain;
 type hal_secure_element_uicc_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_secure_element_uicc, rild)
 hal_server_domain(hal_secure_element_uicc, hal_secure_element)
 binder_call(hal_secure_element_uicc, rild)
 init_daemon_domain(hal_secure_element_uicc)
 allow hal_secure_element_uicc hal_exynos_rild_hwservice:hwservice_manager find;
--- a/sepolicy/vendor/hal_sensors.te
+++ b/sepolicy/vendor/hal_sensors.te
@@ -1,3 +1,5 @@
 hal_client_domain(hal_sensors_default, hal_graphics_allocator)
 binder_call(hal_sensors_default, hal_contexthub_default)
 binder_call(hal_sensors_default, hal_graphics_composer_default)
 binder_call(hal_sensors_default, system_server)
@@ -6,8 +8,6 @@ get_prop(hal_sensors_default, vendor_aoc_prop)
 get_prop(hal_sensors_default, vendor_chre_hal_prop)
 get_prop(hal_sensors_default, vendor_dynamic_sensor_prop)
 hal_client_domain(hal_sensors_default, hal_graphics_allocator)
 r_dir_file(hal_sensors_default, persist_camera_file)
 r_dir_file(hal_sensors_default, persist_sensor_reg_file)
 r_dir_file(hal_sensors_default, sysfs_batteryinfo)
--- a/sepolicy/vendor/hal_thermal.te
+++ b/sepolicy/vendor/hal_thermal.te
@@ -1,9 +1,9 @@
 hal_client_domain(hal_thermal_default, hal_power)
 binder_call(hal_thermal_default, servicemanager)
 get_prop(hal_thermal_default, vendor_thermal_prop)
 hal_client_domain(hal_thermal_default, hal_power)
 r_dir_file(hal_thermal_default, sysfs_iio_devices)
 r_dir_file(hal_thermal_default, sysfs_odpm)
--- a/sepolicy/vendor/hal_usb_impl.te
+++ b/sepolicy/vendor/hal_usb_impl.te
@@ -1,13 +1,13 @@
 type hal_usb_impl, domain;
 type hal_usb_impl_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_usb_impl, servicemanager)
 hal_client_domain(hal_usb_impl, hal_thermal)
 hal_server_domain(hal_usb_impl, hal_usb)
 hal_server_domain(hal_usb_impl, hal_usb_gadget)
 binder_call(hal_usb_impl, servicemanager)
 init_daemon_domain(hal_usb_impl)
 set_prop(hal_usb_impl, vendor_usb_config_prop)
--- a/sepolicy/vendor/hal_uwb_vendor.te
+++ b/sepolicy/vendor/hal_uwb_vendor.te
@@ -2,6 +2,11 @@ type hal_uwb_vendor_default, domain;
 type hal_uwb_vendor_default_exec, exec_type, file_type, vendor_file_type;
 type hal_uwb_vendor_service, hal_service_type, service_manager_type;
 dump_hal(hal_uwb_vendor)
 hal_server_domain(hal_uwb_vendor_default, hal_uwb)
 hal_server_domain(hal_uwb_vendor_default, hal_uwb_vendor)
 add_service(hal_uwb_vendor_default, hal_uwb_vendor_service)
 binder_call(hal_uwb_vendor_client, hal_uwb_vendor_server)
@@ -9,15 +14,10 @@ binder_call(hal_uwb_vendor_default, uwb_vendor_app)
 binder_call(hal_uwb_vendor_server, hal_uwb_vendor_client)
 binder_call(hal_uwb_vendor_server, servicemanager)
 dump_hal(hal_uwb_vendor)
 get_prop(hal_uwb_vendor_default, vendor_uwb_calibration_prop)
 hal_attribute_service(hal_uwb_vendor, hal_uwb_vendor_service)
 hal_server_domain(hal_uwb_vendor_default, hal_uwb)
 hal_server_domain(hal_uwb_vendor_default, hal_uwb_vendor)
 init_daemon_domain(hal_uwb_vendor_default)
 allow hal_uwb_vendor self:global_capability_class_set net_admin;
--- a/sepolicy/vendor/hal_weaver_citadel.te
+++ b/sepolicy/vendor/hal_weaver_citadel.te
@@ -1,12 +1,12 @@
 type hal_weaver_citadel, domain;
 type hal_weaver_citadel_exec, exec_type, file_type, vendor_file_type;
 binder_call(hal_weaver_citadel, citadeld)
 hal_server_domain(hal_weaver_citadel, hal_authsecret)
 hal_server_domain(hal_weaver_citadel, hal_oemlock)
 hal_server_domain(hal_weaver_citadel, hal_weaver)
 binder_call(hal_weaver_citadel, citadeld)
 init_daemon_domain(hal_weaver_citadel)
 vndbinder_use(hal_weaver_citadel)
--- a/sepolicy/vendor/ims_app.te
+++ b/sepolicy/vendor/ims_app.te
@@ -2,12 +2,12 @@ type vendor_ims_app, domain;
 app_domain(vendor_ims_app)
 net_domain(vendor_ims_app)
 binder_call(vendor_ims_app, rild)
 get_prop(vendor_ims_app, vendor_imssvc_prop)
 net_domain(vendor_ims_app)
 set_prop(vendor_ims_app, radio_prop)
 set_prop(vendor_ims_app, vendor_rild_prop)
--- a/sepolicy/vendor/mediacodec_google.te
+++ b/sepolicy/vendor/mediacodec_google.te
@@ -1,13 +1,13 @@
 type mediacodec_google, domain;
 type mediacodec_google_exec, exec_type, file_type, vendor_file_type;
 crash_dump_fallback(mediacodec_google)
 hal_client_domain(mediacodec_google, hal_codec2)
 hal_client_domain(mediacodec_google, hal_graphics_allocator)
 hal_server_domain(mediacodec_google, hal_codec2)
 crash_dump_fallback(mediacodec_google)
 init_daemon_domain(mediacodec_google)
 vndbinder_use(mediacodec_google)
--- a/sepolicy/vendor/mediacodec_samsung.te
+++ b/sepolicy/vendor/mediacodec_samsung.te
@@ -1,6 +1,10 @@
 type mediacodec_samsung, domain;
 type mediacodec_samsung_exec, exec_type, file_type, vendor_file_type;
 hal_client_domain(mediacodec_samsung, hal_graphics_allocator)
 hal_server_domain(mediacodec_samsung, hal_codec2)
 add_service(mediacodec_samsung, eco_service)
 binder_call(mediacodec_samsung, hal_camera_default)
@@ -9,10 +13,6 @@ binder_use(mediacodec_samsung)
 crash_dump_fallback(mediacodec_samsung)
 hal_client_domain(mediacodec_samsung, hal_graphics_allocator)
 hal_server_domain(mediacodec_samsung, hal_codec2)
 init_daemon_domain(mediacodec_samsung)
 vndbinder_use(mediacodec_samsung)
--- a/sepolicy/vendor/pktrouter.te
+++ b/sepolicy/vendor/pktrouter.te
@@ -1,14 +1,14 @@
 type pktrouter, domain;
 type pktrouter_exec, exec_type, file_type, vendor_file_type;
 net_domain(pktrouter)
 domain_auto_trans(pktrouter, netutils_wrapper_exec, netutils_wrapper)
 get_prop(pktrouter, vendor_ims_prop)
 init_daemon_domain(pktrouter)
 net_domain(pktrouter)
 allow pktrouter pktrouter_device:chr_file rw_file_perms;
 allow pktrouter radio_device:chr_file r_file_perms;
 allow pktrouter self:capability net_raw;
--- a/sepolicy/vendor/rcs_app.te
+++ b/sepolicy/vendor/rcs_app.te
@@ -2,10 +2,10 @@ type vendor_rcs_app, domain;
 app_domain(vendor_rcs_app)
 binder_call(vendor_rcs_app, rild)
 net_domain(vendor_rcs_app)
 binder_call(vendor_rcs_app, rild)
 allow vendor_rcs_app app_api_service:service_manager find;
 allow vendor_rcs_app hal_exynos_rild_hwservice:hwservice_manager find;
 allow vendor_rcs_app radio_service:service_manager find;
--- a/sepolicy/vendor/uwb_vendor_app.te
+++ b/sepolicy/vendor/uwb_vendor_app.te
@@ -1,13 +1,11 @@
 not_recovery(`
 hal_client_domain(uwb_vendor_app, hal_uwb_vendor)
 binder_call(uwb_vendor_app, hal_uwb_vendor_default)
 ')
 get_prop(uwb_vendor_app, vendor_secure_element_prop)
 not_recovery(`
 hal_client_domain(uwb_vendor_app, hal_uwb_vendor)
 ')
 set_prop(uwb_vendor_app, vendor_uwb_calibration_country_code)
 not_recovery(`