msm8996-common: sepolicy: Update

Signed-off-by: Davide Garberi <dade.garberi@gmail.com>

3 files changed, 4 insertions, 5 deletions

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 1f20590..1b368ba 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -52,7 +52,7 @@
 /system/bin/readmac                                             u:object_r:readmac_exec:s0
 
 # ril
-/system/vendor/qcril.db                                         u:object_r:nv_data_file:s0
+/system/vendor/radio/qcril_database/qcril.db                    u:object_r:nv_data_file:s0
 
 # ssd
 /dev/block/mmcblk0p36                                           u:object_r:ssd_device:s0
diff --git a/sepolicy/hal_audio_default.te b/sepolicy/hal_audio_default.te
index 950d6bc..9d9001b 100644
--- a/sepolicy/hal_audio_default.te
+++ b/sepolicy/hal_audio_default.te
@@ -1,3 +1,3 @@
-allow hal_audio_default socket_device:sock_file write;
+allow hal_audio_default { socket_device thermal_socket }:sock_file write;
 allow hal_audio_default audio_data_file:sock_file { unlink create setattr };
 allow hal_audio_default thermal-engine:unix_stream_socket connectto;
diff --git a/sepolicy/rild.te b/sepolicy/rild.te
index 3238c3d..9ecd3d9 100644
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te
@@ -2,12 +2,11 @@ allow rild servicemanager:binder call;
 allow rild nv_data_file:dir rw_dir_perms;
 allow rild nv_data_file:file create_file_perms;
 
-allow rild radio_data_file:dir search;
-allow rild vendor_configs_file:file ioctl;
+allow rild { vendor_configs_file vendor_file }:file ioctl;
 
 allow rild qcom_ims_prop:property_service set;
 
 allow rild default_android_service:service_manager find;
 
 allow rild radio_data_file:file { create getattr ioctl lock open read unlink write };
-allow rild radio_data_file:dir { add_name getattr open read remove_name write };
+allow rild radio_data_file:dir { add_name getattr open read remove_name search write };