From 4dffde8c1bca99e8c26a37faa126ed14868505a3 Mon Sep 17 00:00:00 2001
From: Danny Wood <danwood76@gmail.com>
Date: Tue, 3 Dec 2019 12:46:51 +0000
Subject: [PATCH] universal7580: sepolicy: address init denials

Change-Id: I6fb637349ddd80681ebe38fad8c41af5c5bf1896
---
 sepolicy/init.te | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/sepolicy/init.te b/sepolicy/init.te
index a86829e..4d6a88e 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -4,6 +4,9 @@ allow init debugfs:dir mounton;
 # Mount EFS on /efs
 allow init efs_file:dir  mounton;
 
+# Mount CPEFS on /cpefs
+allow init sec_efs_file:dir mounton;
+
 # /dev/block/mmcblk0p[0-9]
 allow init emmcblk_device:blk_file rw_file_perms;
 
@@ -52,6 +55,9 @@ allow init gps_device:chr_file { open read write };
 # CPU permissions
 allow init sysfs_devices_system_cpu:file rw_file_perms;
 
+# umts permissions
+allow init mif_device:chr_file rw_file_perms;
+
 # sswap permissions
 allow init sswap_device:blk_file write;
 allow init sysfs_sswap:file { open write };
@@ -82,10 +88,10 @@ allow init sysfs_sensors:lnk_file read;
 allow init sysfs_multipdp:file setattr;
 
 # Proc files
-allow init proc_reset_reason:file rw_file_perms;
+allow init proc_reset_reason:file { rw_file_perms setattr };
 allow init proc_vm:file rw_file_perms;
 allow init proc_simslot_count:file rw_file_perms;
-allow init proc_sec:file rw_file_perms;
+allow init proc_sec:file { rw_file_perms setattr };
 
 # Sockets
 allow init socket_device:sock_file { read write getattr setattr create unlink };
-- 
2.20.1