sm6225-common: Label and address NFC sec hal and its denials

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I1e1f62611ecd1bc090e4a9d87f4b0a86d1e83c2a

sepolicy/vendor/file.te

@@ -16,6 +16,9 @@ type proc_moto_boot, proc_type, fs_type;
 type vendor_motobox_exec, exec_type, vendor_file_type, file_type;
 type vendor_proc_hw, proc_type, fs_type;
 
+# NFC
+type sec_device, dev_type;
+
 # Partitions
 type fsg_file, file_type, contextmount_type, vendor_file_type;
 

sepolicy/vendor/file_contexts

@@ -34,6 +34,10 @@
 # Motobox
 /(vendor|system/vendor)/bin/motobox                     u:object_r:vendor_motobox_exec:s0
 
+# NFC
+/dev/sec-nfc                                            u:object_r:sec_device:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.2-service\.sec       u:object_r:hal_nfc_default_exec:s0
+
 # Radio
 /data/vendor/misc/cutback(/.*)?                         u:object_r:cutback_data_file:s0
 /dev/socket/cutback                                     u:object_r:cutback_socket:s0

sepolicy/vendor/hal_nfc_default.te

@@ -2,3 +2,4 @@ add_hwservice(hal_nfc_default, nxpese_hwservice)
 add_hwservice(hal_nfc_default, nxpnfc_hwservice)
 allow hal_nfc_default vendor_nfc_vendor_data_file:dir create_dir_perms;
 allow hal_nfc_default vendor_nfc_vendor_data_file:file create_file_perms;
+allow hal_nfc_default sec_device:chr_file rw_file_perms;