msm8996-common: sepolicy: Move neverallows to neverallows.te

Change-Id: Ie067c2f0f6ec96edd110c79d143de36b20708b47
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>

3 files changed, 6 insertions, 4 deletions

diff --git a/sepolicy/charger.te b/sepolicy/charger.te
index 02e345f..944a1c0 100644
--- a/sepolicy/charger.te
+++ b/sepolicy/charger.te
@@ -1,5 +1,2 @@
-allow charger mnt_vendor_file:dir create_dir_perms;
-allow charger mnt_vendor_file:file create_file_perms;
 allow charger rtc_device:chr_file r_file_perms;
-allow charger self:capability dac_override;
 allow charger sysfs_battery_supply:file read;
diff --git a/sepolicy/init.te b/sepolicy/init.te
index cf3120e..159809a 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -11,4 +11,3 @@ allow init sysfs_fingerprint:file { open read setattr write };
 allow init sysfs:file setattr;
 allow init tee_device:chr_file write;
 allow init hidl_base_hwservice:hwservice_manager add;
-allow init sysfs_scsi_devices_0000:file { open setattr write };
diff --git a/sepolicy/neverallows.te b/sepolicy/neverallows.te
index 4cd7823..ddf1d48 100644
--- a/sepolicy/neverallows.te
+++ b/sepolicy/neverallows.te
@@ -1,3 +1,8 @@
+# Charger
+allow charger mnt_vendor_file:dir create_dir_perms;
+allow charger mnt_vendor_file:file create_file_perms;
+allow charger self:capability dac_override;
+
 # CND
 allow cnd default_android_hwservice:hwservice_manager add;
 
@@ -10,6 +15,7 @@ allow ims default_android_hwservice:hwservice_manager find;
 # Init
 binder_call(init, system_server);
 allow init sysfs:file { open read write };
+allow init sysfs_scsi_devices_0000:file { open setattr write };
 
 # Netmgrd
 allow netmgrd vendor_xlat_prop:property_service set;