sm7250-common: sepolicy: resolve some denials

sepolicy/private/linkerconfig.te

@@ -0,0 +1 @@
+allow linkerconfig linkerconfig:capability { sys_admin kill };

sepolicy/private/odrefresh.te

@@ -0,0 +1 @@
+allow odrefresh odrefresh:capability { kill };

sepolicy/vendor/hal_audio_default.te

@@ -12,4 +12,4 @@ set_prop(hal_audio_default, vendor_audio_prop)
 
 allow hal_audio_default audio_socket:sock_file rw_file_perms;
 allow hal_audio_default system_suspend_hwservice:hwservice_manager find;
-allow hal_audio_default vendor_diag_device:chr_file { read write };
+allow hal_audio_default vendor_diag_device:chr_file rw_file_perms;

sepolicy/vendor/hal_sensors_default.te

@@ -6,5 +6,6 @@ allow hal_sensors_default iio_device:chr_file rw_file_perms;
 allow hal_sensors_default ultrasound_device:chr_file rw_file_perms;
 allow hal_sensors_default vendor_sysfs_iio:dir r_dir_perms;
 allow hal_sensors_default vendor_sysfs_iio:file rw_file_perms;
+allow hal_sensors_default vendor_diag_device:chr_file rw_file_perms;
 
 get_prop(hal_sensors_default, vendor_adsprpc_prop)

sepolicy/vendor/hdvcp.te

@@ -0,0 +1,2 @@
+allow vendor_hvdcp sysfs:file getattr;
+allow vendor_hvdcp kmsg_device:chr_file rw_file_perms;

sepolicy/vendor/kernel.te

@@ -0,0 +1 @@
+allow kernel kernel:qipcrtr_socket create;

sepolicy/vendor/vendor_qti_init_shell.te

@@ -1,7 +1,7 @@
 allow vendor_qti_init_shell configfs:dir rw_dir_perms;
 allow vendor_qti_init_shell configfs:file create_file_perms;
 allow vendor_qti_init_shell ctl_stop_prop:property_service set;
-allow vendor_qti_init_shell sysfs_wakeup:file setattr;
+allow vendor_qti_init_shell sysfs:file setattr;
 
 # allow init.mi.btmac.sh to read hex-encoded mac address and set it
 allow vendor_qti_init_shell vendor_bluetooth_prop:property_service set;