sepolicy: add fingerprint & sensor policies

allow cameraserver proc:file { read ioctl open };

allow cameraserver devmap_device:chr_file r_file_perms;

allow cameraserver devmap_device:chr_file { ioctl };

allow cameraserver sysfs_devinfo:file rw_file_perms;

# PQ

allow cameraserver pq_service:service_manager find;

 No newline at end of file

# NFC

type mt6605_device, dev_type;

# Fingerprint

type esfp0_device, dev_type;

# Block devices

type proinfo_device, dev_type;

type nvram_device, dev_type;

type etsd_exec, exec_type, file_type;

type etsd, domain, domain_deprecated;

init_daemon_domain(etsd)

binder_use(etsd)

allow etsd etsd_service:service_manager { add find };

allow etsd fingerprintd:binder { call transfer };

allow etsd esfp0_device:chr_file rw_file_perms;

allow etsd fingerprintd_data_file:file { create_file_perms };

allow etsd fingerprintd_data_file:dir rw_dir_perms;

use_keystore(etsd)

allow etsd keystore:keystore_key { add_auth };

allow etsd self:capability { dac_override dac_read_search };

 No newline at end of file

/system/bin/muxreport                                           u:object_r:muxreport_exec:s0

/system/bin/msensord                                            u:object_r:msensord_exec:s0

/system/bin/qmc6983d                                            u:object_r:qmc6983d_exec:s0

/system/bin/mxg2320d                                            u:object_r:mxg2320d_exec:s0

/system/bin/mtk_agpsd                                           u:object_r:mtk_agpsd_exec:s0

/system/bin/nvram_daemon                                        u:object_r:nvram_daemon_exec:s0

/system/bin/pq                                                  u:object_r:pq_exec:s0

/system/bin/wmt_loader                                          u:object_r:wmt_loader_exec:s0

/system/bin/em_svr                                              u:object_r:em_svr_exec:s0

/system/bin/kpoc_charger                                        u:object_r:kpoc_charger_exec:s0

/system/bin/etsd                                                u:object_r:etsd_exec:s0

# Meta mode

/system/bin/meta_tst                                            u:object_r:meta_tst_exec:s0

/dev/MAINAF                                                     u:object_r:camera_device:s0

/dev/mtk_jpeg(/.*)                                              u:object_r:camera_device:s0

/dev/DW9714AF(/.*)?                                             u:object_r:camera_device:s0

/dev/FM50AF(/.*)?                                               u:object_r:camera_device:s0

/dev/CAM_CAL_DRV(/.*)?                                          u:object_r:camera_device:s0

/dev/MTK_SMI                                                    u:object_r:mtk_smi_device:s0

/dev/MT_pmic_adc_cali                                           u:object_r:pmic_adc_device:s0

/dev/Vcodec                                                     u:object_r:Vcodec_device:s0

/dev/M4U_device(/.*)?                                           u:object_r:M4U_device_device:s0

/dev/mt6605                                                     u:object_r:mt6605_device:s0

/dev/esfp0(/.*)?                                                u:object_r:esfp0_device:s0

# Sockets

/dev/socket/rild[2-4]                                           u:object_r:rild_socket:s0

allow fingerprintd esfp0_device:chr_file rw_file_perms;

allow fingerprintd etsd:binder { call transfer };

 No newline at end of file