sm6150-common: sepolicy: Address/Silence some denials

Change-Id: I528e7e7b1c7483ce1829605ce0ffafdf62228761
Signed-off-by: therealmharc <therealmharc@gmail.com>

sepolicy/vendor/hal_camera_default.te

@@ -4,6 +4,7 @@ hal_client_domain(hal_camera_default, hal_power)
 
 allow hal_camera_default proc_meminfo:file r_file_perms;
 
+r_dir_file(hal_camera_default, sysfs_leds)
 r_dir_file(hal_camera_default, vendor_sysfs_kgsl)
 r_dir_file(hal_camera_default, vendor_persist_camera_file)
 r_dir_file(hal_camera_default, mnt_vendor_file)

sepolicy/vendor/hal_wifi_default.te

@@ -0,0 +1 @@
+allow hal_wifi_default self:capability sys_module;

sepolicy/vendor/kernel.te

@@ -1 +1,3 @@
 allow kernel per_boot_file:file r_file_perms;
+
+dontaudit kernel mnt_vendor_file:dir search;

sepolicy/vendor/property.te

@@ -1,2 +1,5 @@
 # Ultrasound
 vendor_public_prop(elliptic_ultrasound_prop)
+
+# WiFi
+vendor_internal_prop(vendor_wcnss_service_prop)

sepolicy/vendor/property_contexts

@@ -18,5 +18,8 @@ ro.vendor.oem.sno                  u:object_r:vendor_sno_prop:s0
 persist.vendor.radio.imei          u:object_r:vendor_deviceid_prop:s0
 persist.vendor.radio.meid          u:object_r:vendor_deviceid_prop:s0
 
+# WiFi
+persist.vendor.cnss-daemon.        u:object_r:vendor_wcnss_service_prop:s0
+
 # Xiaomi thermal daemon
 vendor.sys.thermal.                u:object_r:vendor_thermal_normal_prop:s0

sepolicy/vendor/toolbox.te

@@ -1,2 +1,3 @@
 allow toolbox per_boot_file:dir create_dir_perms;
 allow toolbox per_boot_file:file create_file_perms;
+allow toolbox self:capability kill;

sepolicy/vendor/vendor_thermal-engine.te

@@ -0,0 +1,2 @@
+r_dir_file(vendor_thermal-engine, thermal_data_file)
+set_prop(vendor_thermal-engine, vendor_thermal_normal_prop)

sepolicy/vendor/vendor_wcnss_service.te

@@ -0,0 +1,2 @@
+set_prop(vendor_wcnss_service, vendor_radio_prop)
+set_prop(vendor_wcnss_service, vendor_wcnss_service_prop)