4 files changed, 5 insertions, 24 deletions

diff --git a/sepolicy/cnd.te b/sepolicy/cnd.te
index 99ea2df..e52c40b 100644
--- a/sepolicy/cnd.te
+++ b/sepolicy/cnd.te
@@ -2,3 +2,5 @@ allow cnd { sysfs_msm_subsys sysfs_soc }:dir search;
 allow cnd sysfs_msm_subsys:file { getattr open read setattr };
 allow cnd system_data_file:dir read;
 allow cnd system_data_file:file { getattr ioctl open read };
+
+add_hwservice(cnd, hal_cne_hwservice)
diff --git a/sepolicy/hwservice.te b/sepolicy/hwservice.te
new file mode 100644
index 0000000..2b74a92
--- /dev/null
+++ b/sepolicy/hwservice.te
@@ -0,0 +1 @@
+type hal_cne_hwservice, hwservice_manager_type;
diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts
new file mode 100644
index 0000000..3dbdf29
--- /dev/null
+++ b/sepolicy/hwservice_contexts
@@ -0,0 +1,2 @@
+com.quicinc.cne.api::IApiService                                u:object_r:hal_cne_hwservice:s0
+com.quicinc.cne.server::IServer                                 u:object_r:hal_cne_hwservice:s0
diff --git a/sepolicy/neverallows.te b/sepolicy/neverallows.te
index ddf1d48..ac95576 100644
--- a/sepolicy/neverallows.te
+++ b/sepolicy/neverallows.te
@@ -3,29 +3,5 @@ allow charger mnt_vendor_file:dir create_dir_perms;
 allow charger mnt_vendor_file:file create_file_perms;
 allow charger self:capability dac_override;
 
-# CND
-allow cnd default_android_hwservice:hwservice_manager add;
-
-# Dataservice
-allow dataservice_app default_android_hwservice:hwservice_manager find;
-
-# IMS
-allow ims default_android_hwservice:hwservice_manager find;
-
-# Init
-binder_call(init, system_server);
-allow init sysfs:file { open read write };
-allow init sysfs_scsi_devices_0000:file { open setattr write };
-
-# Netmgrd
-allow netmgrd vendor_xlat_prop:property_service set;
-
-# Perf
-binder_call(system_app, perfprofd);
-
 # ReadMac
 allow readmac self:capability dac_override;
-
-# SystemServer
-allow system_server dalvikcache_data_file:file { execute write };
-allow system_server vendor_camera_prop:file { getattr open read };