Merge "product:enable PRODUCT_SHIPPING_API_LEVEL := 28 [1/8]" into p-tv-dev

58 files changed, 410 insertions, 106 deletions

diff --git a/factory.mk b/factory.mk
index 2d9fc2a..b62e421 100644
--- a/factory.mk
+++ b/factory.mk
@@ -18,6 +18,10 @@ ifneq ($(AB_OTA_UPDATER),true)
 BUILT_IMAGES += cache.img
 endif
 
+ifdef BOARD_PREBUILT_DTBOIMAGE
+BUILT_IMAGES += dtbo.img
+endif
+
 BUILT_IMAGES += vendor.img
 ifeq ($(BOARD_USES_ODMIMAGE),true)
 BUILT_IMAGES += odm.img
@@ -85,6 +89,9 @@ endif
 ifdef KERNEL_DEVICETREE
 DTBTOOL := $(BOARD_AML_VENDOR_PATH)/tools/dtbTool
 
+DTCTOOL := out/host/linux-x86/bin/dtc
+DTIMGTOOL := out/host/linux-x86/bin/mkdtimg
+
 ifdef KERNEL_DEVICETREE_CUSTOMER_DIR
 KERNEL_DEVICETREE_DIR := $(KERNEL_DEVICETREE_CUSTOMER_DIR)
 else
@@ -116,7 +123,7 @@ ifeq ($(PRODUCT_BUILD_SECURE_BOOT_IMAGE_DIRECTLY),true)
 	INSTALLED_BOARDDTB_TARGET := $(INSTALLED_BOARDDTB_TARGET).encrypt
 endif# ifeq ($(PRODUCT_BUILD_SECURE_BOOT_IMAGE_DIRECTLY),true)
 
-$(INSTALLED_BOARDDTB_TARGET) : $(KERNEL_DEVICETREE_SRC) $(KERNEL_OUT) $(KERNEL_CONFIG)
+$(INSTALLED_BOARDDTB_TARGET) : $(KERNEL_DEVICETREE_SRC) $(KERNEL_OUT) $(KERNEL_CONFIG) $(DTCTOOL) $(DTIMGTOOL)
 	$(foreach aDts, $(KERNEL_DEVICETREE), \
 		sed -i 's/^#include \"partition_.*/#include \"$(TARGET_PARTITION_DTSI)\"/' $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(strip $(aDts)).dts; \
 		sed -i 's/^#include \"firmware_.*/#include \"$(TARGET_FIRMWARE_DTSI)\"/' $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(TARGET_PARTITION_DTSI); \
@@ -140,9 +147,17 @@ ifeq ($(BOARD_AVB_ENABLE),true)
 	  --partition_name dtb
 endif
 
+$(BOARD_PREBUILT_DTBOIMAGE): $(INSTALLED_BOARDDTB_TARGET) | $(DTCTOOL) $(DTIMGTOOL)
+	$(DTCTOOL) -@ -O dtb -o $(PRODUCT_OUT)/$(DTBO_DEVICETREE).dtbo $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(DTBO_DEVICETREE).dts
+	$(DTIMGTOOL) create $@ $(PRODUCT_OUT)/$(DTBO_DEVICETREE).dtbo
+	@echo "Instaled $@"
+
 .PHONY: dtbimage
 dtbimage: $(INSTALLED_BOARDDTB_TARGET)
 
+.PHONY: dtboimage
+dtboimage: $(PRODUCT_OUT)/dtbo.img
+
 endif # ifdef KERNEL_DEVICETREE
 
 # Adds to <product name>-img-<build number>.zip so can be flashed.  b/110831381
@@ -376,6 +391,10 @@ ifeq ($(BOARD_USES_PRODUCTIMAGE),true)
 FASTBOOT_IMAGES += product.img
 endif
 
+ifdef BOARD_PREBUILT_DTBOIMAGE
+FASTBOOT_IMAGES += dtbo.img
+endif
+
 ifeq ($(BUILD_WITH_AVB),true)
 	FASTBOOT_IMAGES += vbmeta.img
 endif
diff --git a/flash-all.bat b/flash-all.bat
index dbbeaf5..ecb2dde 100755
--- a/flash-all.bat
+++ b/flash-all.bat
@@ -26,6 +26,7 @@ ping -n 5 127.0.0.1 >nul
 fastboot flashing unlock_critical
 fastboot flashing unlock
 fastboot flash dts dt.img
+fastboot flash dtbo dtbo.img
 fastboot -w
 fastboot flash vbmeta vbmeta.img
 fastboot flash odm odm.img
diff --git a/flash-all.sh b/flash-all.sh
index 96397a9..ff2b333 100755
--- a/flash-all.sh
+++ b/flash-all.sh
@@ -61,6 +61,7 @@ sleep 5
 fastboot $sern flashing unlock_critical
 fastboot $sern flashing unlock
 fastboot $sern flash dts dt.img
+fastboot $sern flash dtbo dtbo.img
 fastboot $sern erase param
 fastboot $sern -w
 
diff --git a/optimization/config b/optimization/config
index ec564fc..597a2ec 100755
--- a/optimization/config
+++ b/optimization/config
@@ -1 +1 @@
-NPEF;IjhiQspgjmfEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0dqvjogp`nby`gsfr0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0inq`cpptu;20tzt0dmbtt0nqhqv0tdbmf`npef;40tzt0efwjdft0tztufn0dmpdltpvsdf0dmpdltpvsdf10dvssfou`dmpdltpvsdf;Ujnfs.Ltzt/pqujnj{bujpo/vj/ix;usvftzt/ibsexbsf/wtzod;usvfQLH;dpn/bouvuvdpn/sjhiuxbsf/uenn3w21kojgsfftpguxfh/ix/qfsgpsnbodfdpn/hmcfodinbsldb/qsjnbufmbct/hfflcfodi3dpn/fmmjtnbslpw/hqvcfodiqfsgpsnbodf/uftudpn/hsffofdpnqvujoh/mjoqbdldpn/espmf{/ocfoditf/ofobdpn/rvbmdpnn/ry/ofpdpsfdpn/bvspsbtpguxpslt/rvbesboudpn/tnbsucfodi/fmfwfodpn/qbttnbsl/qu`npcjmfdpn/fecvsofuuf/gqt3edpn/Cgjfme/DqvJefoujgjfsfv/dibjogjsf/dgcfodidpn/gvuvsfnbsl/enboespje/bqqmjdbujpodpn/rvjdjod/wfmmbnpdpn/IPUJDF/NpcjmfUftudpn/qduwuw/boespje/uutydpn/ffncd/dpsfnbsldpn/boespje/dn4dpn/qsjnbufmbctdpn/bsn/of21/efnpdpn/boespje/dut/pqfohm0/qsjnjujwf/HMQsjnjujwfBdujwjuzdpn/ubdufm/fmfdupqjbdpn/rrgsjfoetdpn/topxdpme/cfodinbslNPEF;DqvMjnjufsGsfrEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;711111QLH;dpn/bouvuv/uftufsNPEF;HqvGpsdfSfoefsEBUB;tzt/pqujnj{bujpo/vj/ix;usvfQLH;dpn/ufodfou/hbnf/sizuinnbtufsNPEF;DUTEBUB;tzt/wtzod/uzqf;ibsexbsftzt/nfejb/pny/ws;usvfQLH;boespje/nfejb/dut0/EfdpefBddvsbdzUftuBdujwjuzboespje/wjfx/dut0/QjyfmDpqzWjefpTpvsdfBdujwjuzboespje/wjfx/dut0/tvsgbdfwbmjebups/DbquvsfeBdujwjuzdpn/hpphmf/boespje/fypqmbzfs/hut0/vujm/IptuBdujwjuzdpn/boespje/dut/wfsjgjfsNPEF;HqvIjhiQspgjmfEBUB;0tzt0dmbtt0nqhqv0tdbmf`npef;4QLH;dpn/esbxfmfnfout/efrqboespje/mfbocbdlkbol/dutboespje/mfbocbdlkbol/bqqdpn/boespje/tfswfs/dut/efwjdf/hsbqijdttubutboespje/wjfx/dut0/EjtqmbzSfgsftiSbufDutBdujwjuzboespje/pqfohmqfsg/dut0/HmQmbofutBdujwjuzdpn/ofugmjy/ojokb0/NbjoBdujwjuzNPEF;FodpefsHutUftuEBUB;ix/fodpefs/cjusbuf/uftu;2nfejb/pny/ejtqmbz`npef;20tzt0npevmf0ej0qbsbnfufst0czqbtt`bmm;2QLH;dpn/hpphmf/boespje/nfejb/hut
\ No newline at end of file
+NPEF;IjhiQspgjmfEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0dqvjogp`nby`gsfr0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0inq`cpptu;20tzt0dmbtt0nqhqv0tdbmf`npef;40tzt0efwjdft0tztufn0dmpdltpvsdf0dmpdltpvsdf10dvssfou`dmpdltpvsdf;Ujnfs.Ltzt/pqujnj{bujpo/vj/ix;usvftzt/ibsexbsf/wtzod;usvfQLH;dpn/bouvuvdpn/sjhiuxbsf/uenn3w21kojgsfftpguxfh/ix/qfsgpsnbodfdpn/hmcfodinbsldb/qsjnbufmbct/hfflcfodi3dpn/fmmjtnbslpw/hqvcfodiqfsgpsnbodf/uftudpn/hsffofdpnqvujoh/mjoqbdldpn/espmf{/ocfoditf/ofobdpn/rvbmdpnn/ry/ofpdpsfdpn/bvspsbtpguxpslt/rvbesboudpn/tnbsucfodi/fmfwfodpn/qbttnbsl/qu`npcjmfdpn/fecvsofuuf/gqt3edpn/Cgjfme/DqvJefoujgjfsfv/dibjogjsf/dgcfodidpn/gvuvsfnbsl/enboespje/bqqmjdbujpodpn/rvjdjod/wfmmbnpdpn/IPUJDF/NpcjmfUftudpn/qduwuw/boespje/uutydpn/ffncd/dpsfnbsldpn/boespje/dn4dpn/qsjnbufmbctdpn/bsn/of21/efnpdpn/boespje/dut/pqfohm0/qsjnjujwf/HMQsjnjujwfBdujwjuzdpn/ubdufm/fmfdupqjbdpn/rrgsjfoetdpn/topxdpme/cfodinbslNPEF;DqvMjnjufsGsfrEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;711111QLH;dpn/bouvuv/uftufsNPEF;HqvGpsdfSfoefsEBUB;tzt/pqujnj{bujpo/vj/ix;usvfQLH;dpn/ufodfou/hbnf/sizuinnbtufsNPEF;DUTEBUB;tzt/wtzod/uzqf;ibsexbsfnfejb/pny/ws;usvfQLH;boespje/nfejb/dut0/EfdpefBddvsbdzUftuBdujwjuzboespje/wjfx/dut0/QjyfmDpqzWjefpTpvsdfBdujwjuzboespje/wjfx/dut0/tvsgbdfwbmjebups/DbquvsfeBdujwjuzdpn/hpphmf/boespje/fypqmbzfs/hut0/vujm/IptuBdujwjuzdpn/boespje/dut/wfsjgjfsNPEF;HqvIjhiQspgjmfEBUB;0tzt0dmbtt0nqhqv0tdbmf`npef;4QLH;dpn/esbxfmfnfout/efrqboespje/mfbocbdlkbol/dutboespje/mfbocbdlkbol/bqqdpn/boespje/tfswfs/dut/efwjdf/hsbqijdttubutboespje/wjfx/dut0/EjtqmbzSfgsftiSbufDutBdujwjuzboespje/pqfohmqfsg/dut0/HmQmbofutBdujwjuzdpn/ofugmjy/ojokb0/NbjoBdujwjuzNPEF;FodpefsHutUftuEBUB;nfejb/fodpefs/cjusbuf/uftu;2nfejb/pny/ejtqmbz`npef;20tzt0npevmf0ej0qbsbnfufst0czqbtt`bmm;2QLH;dpn/hpphmf/boespje/nfejb/hut
\ No newline at end of file
diff --git a/optimization/liboptimization_32.so b/optimization/liboptimization_32.so
index 90bf96a..991f8b8 100755
--- a/optimization/liboptimization_32.so
+++ b/optimization/liboptimization_32.so
@@ -1,19 +1,19 @@
-ELF



-
-@
-HA�xD
-�(F!FO�r��B�(F��@�U���-��O��F
+ELF



+
+HA�xD
+�(F!FO�r��6�(F��@𯸰�-��O��F
 �
-�
!F�,	HF������py���� x/(%�1HD�h
xD
-�

-�

-�

+�
!F�,	HF������py���� x/(%�1HD�h
xD
+�

+�

+�

+O�
+�PF1F�"����PF9F�"��0��PF9F�"���� F1F����
�
+
+9
 C��
-����$�8F
-����
���������
-O�
-�PF1F�"����PF9F�"��\��PF9F�"���� F1F����
�
-
+��b�$�8F
+����
�������,�
 �
HF*F
 ��
 p
@@ -23,18 +23,19 @@ p
 �
�

�hHF1F
 ��
 1DF���
-�

-�)� -أ�0F)F"F
-�1� ,أ�2h(F!F
-�F�
+�

+�)� -أ�0F)F"F
+�1� ,أ�2h(F!F
+
+�F�
 �
-�nF�c���H�
-�"F
- Fo�

BF
-KzD��
+�nF�c���H�
+�"F
+ Fo�

BF
+KzD��
 Fb�
 
� 
-�8
+�8
 ��p@�
 ��p@�
 ��p@�
@@ -44,48 +45,55 @@ Fb�
 ��
 ��p@�
  hA�
-
+
 I}D
 J
-KzD��
- Fo�

�G
%H�xD
+KzD��
+ Fo�

�G
%H�xD
 `��J
�
-��
-
-
-
-
-
+��
+
+
 
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 
-
+
 
 
-
-
-
+
+
+
+
+
 A
	
-



"
&
�7zXZ
-���� l��5�^<���`.�����sd<���G�eP����PcFT�-��R�? ��$�X��g\L�[~�I8��H�
-�ŷd<�
-��� ^�wc�K�����뭗�AkSO�6�i�0�~!��3]X�-�擩���m��R��
 }�ךd&YP,J|N���6ܒ{�/���BK�O��$��J-���v�`ʽ�$�ӻ��E=��ᷕ�,��S���bdN�
-!�%}�(���-�3e�2-���/�i,���"��ez�l�-�^�2*�*�Aaz#�\�Dh��#�.
-�N�c鑵��w�Hi�,&(�l25�U\�f֬%�
�1�_gq�[��Q-���3��x���G���oK��Q1��ֳ�T����f��T���'�_q"�
�c
�W�%nXok�E�R��������&�xm��WcC\ź�L�U���mcd��dͦ�Zr�>�kV�m�����QM���nmm~��^X}�#��g&�g�1*5Є
v�ӯ�;�����G0�_/3�O�epML�řW�����Շ�u���3�
-�箱�
-�Z��b�#3t�
-�\�����Ea�J9�fJ�beq�o�rz�H&�ȵ�ZX=3�5e��D�;h�C��_sǂ��֎�
-=�2�
-���g�
-
-
+



"
&
�7zXZ
+[B⥐���j��yv଴ƷxV�^� ��S��W9
+��e����.2��Q�Ϻ�2C��P�9��Y�F�'3
+x� �̬=����H����7^�
�T��8��9%\���.�[B���o�'qu��d���J�b�����NJ(P���Ih�&܅٦:���(�h��E���=�)uW=��VS�O������$6���/����Ƨ��g��f-󭲻V����KY��
+�����D��ۛ�<��$�Uf�_�'�
���T�$ܐ;����5�.Όg��ΏI��s��.�������,2�1Z�^�/
~��I�� 3�TMG}ZI��	r�|#F�Ur;�Z(Е�[>¿�i�OK2?73k6���׺/
8'�2�rD�0�J������W��+���2،##>�5�ఆ�7z��0`"__��C@8�q��*�eF�#�*��Y�[��������A�fh�g�Vk�%��-yR���[k�T����ݜ�i�5�P�	�V
I�!@^��X6_���
��kp����_���W���`E��Y#��v=���0������ƞ���e����+ܨ'W�g�K6�as�_�j�&A;X�cʗQ㶙�v~^a�!Z�V�֡w��xa�M'�eg�VҏAG�n;e��'�?��L��*��p��!�YcP*�����xA+$�P��џ4��zGC�>������)^�?�V�
+$qҦ��K���(���Ȟ�
��b?샑8�P}{'g	{{��6k��M��9�> 2+�wՕ.�a�#�����������
+*�Y�TH״����
+��
+R�Ej��)G��A�ű�y'q�G��ܯ�)BA9��FE�䈆�����-
+
�Cq:�&
+���\
+BƔ��gGv�ݑd����a��x��Co	��Kx��>B
���RZ.����r�a�p�w.����b��
+
+
+
+
+
+
diff --git a/products/mbox/init.amlogic.system.rc b/products/mbox/init.amlogic.system.rc
index 10b9ee9..b7a460a 100644
--- a/products/mbox/init.amlogic.system.rc
+++ b/products/mbox/init.amlogic.system.rc
@@ -239,6 +239,11 @@ on boot
     chown media system /sys/module/amvdec_h265/parameters/double_write_mode
     chmod 666 /sys/module/amvdec_h265/parameters/double_write_mode
 
+    chown media system /sys/module/amdolby_vision/parameters/dolby_vision_profile
+    chown media system /sys/module/amdolby_vision/parameters/dolby_vision_level
+    chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_profile
+    chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_level
+
     chown media system /sys/module/deinterlace/parameters/deinterlace_mode
     chown media system /sys/class/graphics/fb0/block_mode
 
@@ -269,7 +274,7 @@ on boot
     chown system system /sys/class/amhdmitx/amhdmitx0/cec_lang_config
     chown system system /sys/class/amhdmitx/amhdmitx0/config
     chown system system /sys/class/amhdmitx/amhdmitx0/avmute
-    chmod 0664 /sys/class/amhdmitx/amhdmitx0/avmute
+    chmod 0666 /sys/class/amhdmitx/amhdmitx0/avmute
     chown mediadrm audio /sys/class/amhdmitx/amhdmitx0/aud_output_chs
     chown media system /sys/class/switch/hdmi/state
     chmod 0660 /sys/class/switch/hdmi/state
diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package.conf b/products/mbox/upgrade_4.9/aml_upgrade_package.conf
index 6b1e222..e64aed8 100644
--- a/products/mbox/upgrade_4.9/aml_upgrade_package.conf
+++ b/products/mbox/upgrade_4.9/aml_upgrade_package.conf
@@ -24,4 +24,5 @@ file="product.img"      main_type="PARTITION"      sub_type="product"
 file="recovery.img"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf
index e78eb2a..ad38dda 100755..100644
--- a/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf
+++ b/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf
@@ -23,4 +23,5 @@ file="odm.img"          main_type="PARTITION"      sub_type="odm_a"
 file="odm.img"          main_type="PARTITION"      sub_type="odm_b"
 file="bootloader.img"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf
index 4d76632..c65dee0 100755..100644
--- a/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf
+++ b/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf
@@ -27,4 +27,5 @@ file="odm.img"                  main_type="PARTITION"      sub_type="odm_a"
 file="odm.img"                  main_type="PARTITION"      sub_type="odm_b"
 file="bootloader.img.encrypt"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img.encrypt"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf
index 5985f54..c35249c 100755..100644
--- a/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf
+++ b/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf
@@ -25,4 +25,5 @@ file="product.img"      main_type="PARTITION"      sub_type="product"
 file="recovery.img"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf
index 1fe859b..714ef45 100644
--- a/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf
+++ b/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf
@@ -28,4 +28,5 @@ file="product.img"              main_type="PARTITION"      sub_type="product"
 file="recovery.img.encrypt"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img.encrypt"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img.encrypt"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/tv/init.amlogic.system.rc b/products/tv/init.amlogic.system.rc
index a20c565..5de777d 100755
--- a/products/tv/init.amlogic.system.rc
+++ b/products/tv/init.amlogic.system.rc
@@ -253,6 +253,11 @@ on boot
     chown media system /sys/module/amvdec_h265/parameters/double_write_mode
     chmod 666 /sys/module/amvdec_h265/parameters/double_write_mode
 
+    chown media system /sys/module/amdolby_vision/parameters/dolby_vision_profile
+    chown media system /sys/module/amdolby_vision/parameters/dolby_vision_level
+    chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_profile
+    chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_level
+
     chown media system /sys/module/deinterlace/parameters/deinterlace_mode
     chown media system /sys/class/graphics/fb0/block_mode
 
@@ -283,7 +288,7 @@ on boot
     chown system system /sys/class/amhdmitx/amhdmitx0/cec_lang_config
     chown system system /sys/class/amhdmitx/amhdmitx0/config
     chown system system /sys/class/amhdmitx/amhdmitx0/avmute
-    chmod 644 /sys/class/amhdmitx/amhdmitx0/avmute
+    chmod 0666 /sys/class/amhdmitx/amhdmitx0/avmute
     chown system mediadrm /sys/class/amhdmitx/amhdmitx0/aud_output_chs
     chown media system /sys/class/switch/hdmi/state
     chmod 0660 /sys/class/switch/hdmi/state
diff --git a/products/tv/upgrade_4.9/aml_upgrade_package.conf b/products/tv/upgrade_4.9/aml_upgrade_package.conf
index 6b1e222..e64aed8 100644
--- a/products/tv/upgrade_4.9/aml_upgrade_package.conf
+++ b/products/tv/upgrade_4.9/aml_upgrade_package.conf
@@ -24,4 +24,5 @@ file="product.img"      main_type="PARTITION"      sub_type="product"
 file="recovery.img"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf b/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf
index 96bfb61..2491323 100755..100644
--- a/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf
+++ b/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf
@@ -22,4 +22,5 @@ file="vendor.img"       main_type="PARTITION"      sub_type="vendor_a"
 file="odm.img"          main_type="PARTITION"      sub_type="odm_a"
 file="bootloader.img"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf b/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf
index b2af592..bc0bb43 100755..100644
--- a/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf
+++ b/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf
@@ -27,4 +27,5 @@ file="system.img"               main_type="PARTITION"      sub_type="system_a"
 #file="system.img"               main_type="PARTITION"      sub_type="system_b"
 file="bootloader.img.encrypt"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img.encrypt"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf b/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf
index 1e17a97..ddc66fc 100644
--- a/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf
+++ b/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf
@@ -26,4 +26,5 @@ file="product.img"      main_type="PARTITION"      sub_type="product"
 file="recovery.img"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img"   main_type="PARTITION"      sub_type="bootloader"
 file="dt.img"           main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf b/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf
index 0413369..dec7053 100644
--- a/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf
+++ b/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf
@@ -28,4 +28,5 @@ file="product.img"      main_type="PARTITION"      sub_type="product"
 file="recovery.img.encrypt"     main_type="PARTITION"      sub_type="recovery"
 file="bootloader.img.encrypt"       main_type="PARTITION"      sub_type="bootloader"
 file="dt.img.encrypt"          main_type="PARTITION"      sub_type="_aml_dtb"
+file="dtbo.img"          main_type="PARTITION"      sub_type="dtbo"
 
diff --git a/sepolicy/audioserver.te b/sepolicy/audioserver.te
index bb6d881..d138955 100644
--- a/sepolicy/audioserver.te
+++ b/sepolicy/audioserver.te
@@ -12,6 +12,11 @@ allow audioserver self:netlink_kobject_uevent_socket create_socket_perms_no_ioct
 # operation hidraw device
 allow audioserver hidraw_audio_device:chr_file rw_file_perms;
 
+#bootanim
+allow audioserver bootanim:binder call;
+
 #operation property;
 
 set_prop(audioserver, audio_prop)
+
+get_prop(audioserver, vendor_platform_prop)
\ No newline at end of file
diff --git a/sepolicy/bootanim.te b/sepolicy/bootanim.te
index 5d1577a..49a56ef 100644
--- a/sepolicy/bootanim.te
+++ b/sepolicy/bootanim.te
@@ -1 +1,14 @@
-#allow bootanim vendor_file:file { open read getattr execute };

+allow bootanim sysfs_video:dir { search };
+allow bootanim sysfs_video:file { open read write getattr };
+allow bootanim input_device:dir {open read write search };
+allow bootanim input_device:chr_file {open read write ioctl };
+allow bootanim sysfs_display:file {open read write ioctl };
+allow bootanim video_device:chr_file {open read write getattr ioctl };
+allow bootanim sysfs_audio:file {open read write getattr };
+allow bootanim system_data_file:file { open read };
+allow bootanim system_data_file:dir { open read };
+allow bootanim mediaserver_service:service_manager { find };
+allow bootanim mediaserver:binder { call transfer };
+set_prop(bootanim, system_prop)
+get_prop(bootanim, media_prop)
+
diff --git a/sepolicy/bootvideo.te b/sepolicy/bootvideo.te
index 6f1ca89..356394e 100644
--- a/sepolicy/bootvideo.te
+++ b/sepolicy/bootvideo.te
@@ -23,4 +23,7 @@ allow bootvideo property_socket:sock_file write;
 
 allow bootvideo sysfs_xbmc:file { open read write getattr };
 
-set_prop(bootvideo, system_prop)
+#--------------------------------------------------------------------#
+#  product_shipping_api_level=28 vendor/system cannot share prop
+#--------------------------------------------------------------------#
+#set_prop(bootvideo, system_prop)
diff --git a/sepolicy/device.te b/sepolicy/device.te
index b97236f..f1d28f6 100644
--- a/sepolicy/device.te
+++ b/sepolicy/device.te
@@ -5,6 +5,7 @@ type bootloader_device, dev_type;
 type defendkey_device, dev_type;
 type dtb_device, dev_type;
 type dvb_device, dev_type, mlstrustedobject;
+type frontend_device, dev_type;
 type cec_device, dev_type;
 
 type unify_device, dev_type;
@@ -34,6 +35,7 @@ type system_block_fsck_device, dev_type;
 type subtitle_device, dev_type;
 type sw_sync_device, dev_type;
 type ge2d_device, dev_type;
+type display_device, dev_type;
 type amvecm_device, dev_type;
 type di0_device, dev_type;
 type hidraw_device, dev_type;
diff --git a/sepolicy/drmserver.te b/sepolicy/drmserver.te
index 9351c5d..2e64607 100644
--- a/sepolicy/drmserver.te
+++ b/sepolicy/drmserver.te
@@ -9,3 +9,6 @@ allow drmserver kernel:system module_request;
 
 allow drmserver unlabeled:file { read };
 
+allow drmserver bootanim:fd { use };
+allow drmserver system_data_file:file { read };
+
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 1be0154..ac5bbcc 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -66,6 +66,8 @@ type sysfs_remote, fs_type, sysfs_type;
 type sysfs_clock, fs_type, sysfs_type;
 type sysfs_hdmi, fs_type, sysfs_type;
 
+type sysfs_ir, fs_type, sysfs_type;
+
 type reco_file, file_type;
 
 type sysfs_unifykey, fs_type, sysfs_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 0c05a2d..21cebbf 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -67,6 +67,7 @@
 /dev/dtb            			u:object_r:dtb_device:s0
 /dev/dvb0.*         			u:object_r:dvb_device:s0
 /dev/dvb.*          			u:object_r:video_device:s0
+/dev/v4l2_frontend			  u:object_r:frontend_device:s0
 /dev/esm            			u:object_r:hdcptx_device:s0
 /dev/esm_rx         			u:object_r:hdcprx_device:s0
 /dev/ge2d                               u:object_r:ge2d_device:s0
@@ -110,6 +111,7 @@
 /sys/class/video/axis						u:object_r:sysfs_video:s0
 /sys/class/tsync/enable						u:object_r:sysfs_video:s0
 /sys/class/audiodsp/digital_raw					u:object_r:sysfs_audio:s0
+/sys/class/amaudio/debug                                        u:object_r:sysfs_audio:s0
 /sys/class/hidraw(/.*)?                                         u:object_r:sysfs_audio:s0
 /sys/class/tsync/firstapts                                      u:object_r:sysfs_xbmc:s0
 /sys/class/tsync/pts_audio                                      u:object_r:sysfs_xbmc:s0
@@ -145,10 +147,13 @@
 /sys/devices/platform/meson-fb/graphics/fb[0-3](/.*)            u:object_r:sysfs_display:s0
 /sys/class/lcd/enable                                           u:object_r:sysfs_lcd:s0
 /sys/class/video/video_scaler_path_sel                          u:object_r:sysfs_video:s0
+/sys/module/amdolby_vision/parameters(/.*)?                     u:object_r:sysfs_video:s0
 
 /sys/class/unifykeys(/.*)?                                      u:object_r:sysfs_unifykey:s0
 /sys/devices/platform/ffd26000.hdmirx/hdmirx/hdmirx0/key        u:object_r:sysfs_unifykey:s0
 
+/sys/devices/virtual/meson-irblaster/irblaster1(/.*)?           u:object_r:sysfs_ir:s0
+
 /sys/class/aml_store/store_device                               u:object_r:sysfs_store:s0
 /sys/class/defendkey/decrypt_dtb                                u:object_r:sysfs_defendkey:s0
 /sys/class/aml_store/bl_off_bytes                               u:object_r:sysfs_store:s0
@@ -159,6 +164,7 @@
 /sys/class/amhdmitx/amhdmitx0/sink_type                         u:object_r:sysfs_amhdmitx:s0
 /sys/class/amhdmitx/amhdmitx0/edid_parsing                      u:object_r:sysfs_amhdmitx:s0
 /sys/class/amhdmitx/amhdmitx0/hdcp_mode                         u:object_r:sysfs_amhdmitx:s0
+/sys/class/amhdmitx/amhdmitx0/avmute                            u:object_r:sysfs_amhdmitx:s0
 /sys/class/amhdmitx/amhdmitx0/disp_cap                          u:object_r:sysfs_amhdmitx:s0
 /sys/module/amvdec_h265/parameters/double_write_mode            u:object_r:sysfs_amvdec:s0
 
@@ -195,6 +201,7 @@
 
 /sys/class/amvecm(/.*)?                                         u:object_r:sysfs_video:s0
 /sys/class/video(/.*)?                                          u:object_r:sysfs_video:s0
+/dev/vbi                                                        u:object_r:vbi_device:s0
 /dev/vbi[0-3]                                                   u:object_r:vbi_device:s0
 
 /sys/class/mpgpu/scale_mode                                     u:object_r:sysfs_mpgpu_scale:s0
@@ -204,6 +211,7 @@
 /tee(/.*)?                    u:object_r:tee_data_file:s0
 /mnt/vendor/tee(/.*)?         u:object_r:tee_data_file:s0
 /mnt/vendor/param(/.*)?       u:object_r:param_tv_file:s0
+/mnt/vendor                   u:object_r:param_tv_file:s0
 
 #/vendor/bin/bootplayer       u:object_r:bootvideo_exec:s0
 #/vendor/bin/dv_config        u:object_r:dv_config_exec:s0
@@ -216,11 +224,13 @@
 
 /vendor/bin/hdcp_rx22         u:object_r:hdcp_rx22_exec:s0
 /vendor/bin/hdcp_tx22         u:object_r:hdcp_tx22_exec:s0
+/vendor/bin/hdcp_rp22         u:object_r:hdcp_rp22_exec:s0
 /vendor/bin/remotecfg         u:object_r:remotecfg_exec:s0
 /vendor/bin/systemcontrol     u:object_r:system_control_exec:s0
 /vendor/bin/hdmicecd          u:object_r:hdmicecd_exec:s0
 /vendor/bin/droidvold         u:object_r:droidvold_exec:s0
 /vendor/bin/ntfs-3g           u:object_r:ntfs_3g_exec:s0
+/vendor/bin/rc_server         u:object_r:rc_server_exec:s0
 /vendor/bin/tee-supplicant    u:object_r:tee_exec:s0
 /vendor/bin/tee_preload_fw    u:object_r:firmload_exec:s0
 
@@ -238,16 +248,23 @@
 /data/vendor/mediadrm(/.*)?         u:object_r:hal_drm_data:s0
 
 /vendor/lib(64)?/hw/gralloc\.amlogic\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/hw/android\.hardware\.graphics\.mapper@2\.0-impl-2.1\.so   u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/libfbcnf\.so              u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/extractors                u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?		           u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/extractors/libamextractor\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libamffmpegadapter\.so          u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libamffmpeg\.so                 u:object_r:same_process_hal_file:s0
 
 /vendor/lib(64)?/libjni_remoteime\.so      u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/libtunertvinput_jni\.so   u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/libjnifont\.so            u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/jnidtvepgscanner\.so      u:object_r:vendor_app_file:s0
-/vendor/lib(64)?/am_adp\.so                u:object_r:vendor_app_file:s0
-/vendor/lib(64)?/am_mw\.so                 u:object_r:vendor_app_file:s0
-/vendor/lib(64)?/zvbi\.so                  u:object_r:vendor_app_file:s0
-/vendor/lib(64)?/jnidtvsubtitle\.so        u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libam_adp\.so             u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libam_mw\.so              u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libicuuc_vendor\.so       u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libzvbi\.so               u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libjnidtvsubtitle\.so     u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/libvendorfont\.so         u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/libtvbinder\.so           u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/libtv_jni\.so             u:object_r:vendor_app_file:s0
@@ -262,7 +279,10 @@
 /vendor/lib(64)?/vendor\.amlogic\.hardware\.remotecontrol@1\.0\.so   u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/vendor\.amlogic\.hardware\.hdmicec@1\.0\.so    u:object_r:vendor_app_file:s0
 /vendor/lib(64)?/vendor\.amlogic\.hardware\.droidvold@1\.0\.so  u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libjnidtvepgscanner\.so   u:object_r:vendor_app_file:s0
+/vendor/lib(64)?/libjniuevent\.so            u:object_r:vendor_app_file:s0
 
 /dev/hidraw[0-9]*	u:object_r:hidraw_audio_device:s0
 #The final space is necessary. Please don't delete it.
 
+/vendor/lib/vendor\.amlogic\.hardware\.remotecontrol@1\.0\.so   u:object_r:vendor_app_file:s0
diff --git a/sepolicy/hal_audio_default.te b/sepolicy/hal_audio_default.te
index 30e1d48..32b627d 100644
--- a/sepolicy/hal_audio_default.te
+++ b/sepolicy/hal_audio_default.te
@@ -6,19 +6,26 @@ allow hal_audio_default sysfs_digital_codec:file { write read open };
 allow hal_audio_default sysfs_amhdmitx:dir search;
 allow hal_audio_default kernel:system { module_request };
 allow hal_audio_default media_prop:file { read open getattr };
+allow hal_audio_default media_prop:property_service { set };
 allow hal_audio_default shell_data_file:file { read write };
 allow hal_audio_default sysfs_xbmc:file { read open write };
 allow hal_audio_default hidraw_device:chr_file { create read write open ioctl};
 allow hal_audio_default property_socket:sock_file { write };
 allow hal_audio_default init:unix_stream_socket { connectto };
-allow hal_audio_default bluetooth_prop:property_service { set };
-allow hal_audio_default bluetooth_prop:file { read getattr open };
+
+#--------------------------------------------------------------------#
+#  product_shipping_api_level=28 vendor/system cannot share prop
+#--------------------------------------------------------------------#
+#s/get_prop(hal_audio_default, bluetooth_prop)
+get_prop(hal_audio_default, vendor_platform_prop)
 allow hal_audio_default sysfs_aud_output_chs:file { open read write };
 allow hal_audio_default sysfs_aud_output_chs:file { read write open };
 allow hal_audio_default remotecontrol_hwservice:hwservice_manager find;
-allow hal_audio_default sysfs:file open;
+allow hal_audio_default sysfs:file { open read write };
 allow hal_audio_default device:dir read;
+allow hal_audio_default uio_device:chr_file { open read write };
 allow hal_audio_default system_app:binder call;
+allow hal_audio_default tv_prop:file { read getattr open };
 allow hal_audio_default hidraw_audio_device:chr_file { create read write open ioctl};
 allow hal_audio_default sysfs_audio:file rw_file_perms;
 allow hal_audio_default sysfs_audio:dir r_dir_perms;
diff --git a/sepolicy/hal_camera_default.te b/sepolicy/hal_camera_default.te
index cd52269..cd52269 100755..100644
--- a/sepolicy/hal_camera_default.te
+++ b/sepolicy/hal_camera_default.te
diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te
index 699e79b..05660f8 100644
--- a/sepolicy/hal_graphics_composer_default.te
+++ b/sepolicy/hal_graphics_composer_default.te
@@ -7,8 +7,6 @@ allow hal_graphics_composer_default vndservicemanager:binder { call transfer };
 allow hal_graphics_composer_default systemcontrol_hwservice:hwservice_manager { find };
 allow hal_graphics_composer_default system_control:binder { call };
 
-allow hal_graphics_composer_default tv_prop:file { getattr open read };
-
 allow hal_graphics_composer_default video_device:chr_file rw_file_perms;
 allow hal_graphics_composer_default graphics_device:chr_file {open read write ioctl};
 allow hal_graphics_composer_default sysfs_video:file rw_file_perms;
@@ -18,9 +16,18 @@ allow hal_graphics_composer_default sysfs_display:dir search;
 allow hal_graphics_composer_default sysfs_display:lnk_file { open read write ioctl };
 allow hal_graphics_composer_default sysfs_display:file { read write open getattr };
 allow hal_graphics_composer_default sysfs_display:chr_file { ioctl read write open };
+allow hal_graphics_composer_default display_device:chr_file r_file_perms;
 allow hal_graphics_composer_default sysfs_amhdmitx:file { read write open getattr };
 allow hal_graphics_composer_default sysfs_amhdmitx:dir search;
 
+allow hal_graphics_composer_default tv_prop:file { getattr open read };
 get_prop(hal_graphics_composer_default, tv_prop)
+
+allow hal_graphics_composer_default media_prop:file { getattr open read  };
+get_prop(hal_graphics_composer_default, media_prop)
+
 allow hal_graphics_composer_default sysfs_video:dir { search };
 allow hal_graphics_composer_default sysfs_display:file { read write open getattr };
+
+allow hal_graphics_composer_default vendor_platform_prop:file {getattr open read};
+get_prop(hal_graphics_composer_default, vendor_platform_prop)
diff --git a/sepolicy/hal_memtrack_default.te b/sepolicy/hal_memtrack_default.te
index 9940dd7..2c219d3 100644
--- a/sepolicy/hal_memtrack_default.te
+++ b/sepolicy/hal_memtrack_default.te
@@ -82,3 +82,5 @@ allow hal_memtrack_default tvserver:file r_file_perms;
 
 allow hal_memtrack_default hal_drm_clearkey:dir search;
 allow hal_memtrack_default hdcp_tx22:dir search;
+allow hal_memtrack_default hdcp_rx22:dir { search read };
+allow hal_memtrack_default hdcp_rx22:file { read open getattr };
diff --git a/sepolicy/hdcp_rp22.te b/sepolicy/hdcp_rp22.te
new file mode 100644
index 0000000..f6b7c26
--- a/dev/null
+++ b/sepolicy/hdcp_rp22.te
@@ -0,0 +1,45 @@
+type hdcp_rp22, domain;
+type hdcp_rp22_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hdcp_rp22)
+type hdcprp_device, dev_type;
+
+allow hdcp_rp22 hdcprp_device:chr_file { open read write getattr ioctl };
+
+allow hdcp_rp22 system_file:file execute_no_trans;
+allow hdcp_rp22 hdcp_rp22_exec:file {entrypoint read};
+
+#allow hdcp_rp22 shell_exec:file rx_file_perms;
+
+allow hdcp_rp22 sysfs:file rw_file_perms;
+
+allow hdcp_rp22 param_tv_file:dir  { search create read write open add_name remove_name rmdir };
+allow hdcp_rp22 param_tv_file:file { create open read write setattr getattr lock unlink };
+allow hdcp_rp22 kmsg_device:chr_file {write};
+allow hdcp_rp22 device:dir {write};
+allow hdcp_rp22 kmsg_device:chr_file {open};
+allow hdcp_rp22 hdcptx_device:chr_file {open read write ioctl};
+
+allow hdcp_rp22 mnt_media_rw_file:file { create read write open };
+allow hdcp_rp22 mnt_media_rw_file:dir { write add_name };
+allow hdcp_rp22 rootfs:lnk_file {getattr};
+allow hdcp_rp22 storage_file:dir {read write search};
+allow hdcp_rp22 storage_file:file {open read write getattr};
+allow hdcp_rp22 storage_file:lnk_file {open read write getattr};
+allow hdcp_rp22 tmpfs:dir {search getattr};
+allow hdcp_rp22 tmpfs:file create_file_perms;
+allow hdcp_rp22 mnt_user_file:dir {read write search};
+allow hdcp_rp22 mnt_user_file:file {open read write getattr};
+allow hdcp_rp22 mnt_user_file:lnk_file {open read write getattr};
+allow hdcp_rp22 fuse:dir {create open read write search add_name getattr};
+allow hdcp_rp22 fuse:file {open create read write getattr};
+allow hdcp_rp22 fuse:file rw_file_perms;
+#allow hdcp_rp22 app_data_file:file rw_file_perms;
+#allow hdcp_rp22 app_data_file:dir search;
+allow hdcp_rp22 fuse:lnk_file {open read write getattr};
+allow hdcp_rp22 { mnt_user_file storage_file }:dir { create open read write search add_name getattr };
+allow hdcp_rp22 { mnt_user_file storage_file }:lnk_file { open read write getattr };
+allow hdcp_rp22 sysfs_cec:dir { search open };
+allow hdcp_rp22 sysfs_cec:file { read open write getattr };
+allow hdcp_rp22 sysfs_amhdmitx:dir search;
+allow hdcp_rp22 sysfs_amhdmitx:file { getattr open read write ioctl };
+allow hdcp_rp22 mnt_vendor_file:dir {search};
diff --git a/sepolicy/hdmicecd.te b/sepolicy/hdmicecd.te
index 697cf50..45fc087 100644
--- a/sepolicy/hdmicecd.te
+++ b/sepolicy/hdmicecd.te
@@ -12,7 +12,9 @@ allow hdmicecd { hdmicecd_hwservice  hidl_base_hwservice }:hwservice_manager { a
 allow hdmicecd cec_device:chr_file { open read write ioctl };
 allow hdmicecd hwservicemanager_prop:file { open read getattr };
 
+allow hdmicecd system_control:binder { call transfer };
+allow hdmicecd systemcontrol_hwservice:hwservice_manager { find };
+
 allow hdmicecd { hal_tv_cec_default system_app }:binder { call transfer };
 
-allow hdmicecd systemcontrol_hwservice:hwservice_manager find;
-allow hdmicecd system_control:binder { call transfer };
+allow hdmicecd vendor_platform_prop:file { open read getattr };
diff --git a/sepolicy/hwservice.te b/sepolicy/hwservice.te
index a37e6fb..27188b0 100644
--- a/sepolicy/hwservice.te
+++ b/sepolicy/hwservice.te
@@ -3,4 +3,4 @@ type hdmicecd_hwservice, hwservice_manager_type;
 type droidvold_hwservice, hwservice_manager_type;
 type tvserver_hwservice, hwservice_manager_type;
 type remotecontrol_hwservice, hwservice_manager_type;
-
+type imageserver_hwservice, hwservice_manager_type;
diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts
index 2f4e22f..9daa08b 100644
--- a/sepolicy/hwservice_contexts
+++ b/sepolicy/hwservice_contexts
@@ -3,4 +3,4 @@ vendor.amlogic.hardware.hdmicec::IDroidHdmiCEC                     u:object_r:hd
 vendor.amlogic.hardware.droidvold::IDroidVold                      u:object_r:droidvold_hwservice:s0
 vendor.amlogic.hardware.tvserver::ITvServer                        u:object_r:tvserver_hwservice:s0
 vendor.amlogic.hardware.remotecontrol::IRemoteControl              u:object_r:remotecontrol_hwservice:s0
-
+vendor.amlogic.hardware.imageserver::IImageService                 u:object_r:imageserver_hwservice:s0
diff --git a/sepolicy/hwservicemanager.te b/sepolicy/hwservicemanager.te
index 697b434..65bc9f8 100644
--- a/sepolicy/hwservicemanager.te
+++ b/sepolicy/hwservicemanager.te
@@ -17,3 +17,8 @@ allow hwservicemanager tvserver:binder { call transfer };
 allow hwservicemanager tvserver:dir { search };
 allow hwservicemanager tvserver:file { read open };
 allow hwservicemanager tvserver:process { getattr };
+
+allow hwservicemanager imageserver:binder { call transfer };
+allow hwservicemanager imageserver:dir { search };
+allow hwservicemanager imageserver:file { read open };
+allow hwservicemanager imageserver:process { getattr };
diff --git a/sepolicy/imageserver.te b/sepolicy/imageserver.te
index 4f68d0e..9f72266 100644
--- a/sepolicy/imageserver.te
+++ b/sepolicy/imageserver.te
@@ -42,3 +42,5 @@ allow imageserver vendor_file:file { execute };
 #allow imageserver kernel:system module_request;
 
 #allow imageserver tmpfs:dir { getattr search };
+set_prop(imageserver, hwservicemanager_prop)
+get_prop(imageserver, hwservicemanager_prop)
diff --git a/sepolicy/mediacodec.te b/sepolicy/mediacodec.te
index d053773..2f04503 100644
--- a/sepolicy/mediacodec.te
+++ b/sepolicy/mediacodec.te
@@ -21,3 +21,4 @@ allow mediacodec sysfs_am_vecm:file { read write open getattr };
 allow mediacodec uio_device:chr_file rw_file_perms;
 allow mediacodec audio_device:chr_file { setattr open read write };
 allow mediacodec sysfs_audio:file { open read write };
+allow mediacodec vendor_platform_prop:file { open read getattr };
diff --git a/sepolicy/mediaextractor.te b/sepolicy/mediaextractor.te
index 76c843f..83fb9b0 100644
--- a/sepolicy/mediaextractor.te
+++ b/sepolicy/mediaextractor.te
@@ -1,10 +1,21 @@
+allow mediaextractor init:unix_stream_socket { connectto };
 get_prop(mediaextractor, media_prop)
+get_prop(mediaextractor, vendor_default_prop)
+get_prop(mediaextractor, vendor_platform_prop)
 
 allow mediaextractor vfat:file { read getattr };
 allow mediaextractor fuseblk:file { read getattr };
 allow mediaextractor fuse:file { read getattr };
 allow mediaextractor sdcardfs:file { read getattr };
 allow mediaextractor system_server:fifo_file { write getattr append };
-#allow mediaextractor vendor_file:file { read open getattr execute };
+allow mediaextractor same_process_hal_file:dir { read open };
+allow mediaextractor same_process_hal_file:file { read open getattr execute};
 allow platform_app iso9660:dir { search open read getattr };
 allow platform_app iso9660:file { open read getattr };
+
+allow mediaextractor exfat:file { read getattr };
+allow mediaextractor property_socket:sock_file write;
+
+allow mediaextractor bootanim:fd { use };
+allow mediaextractor system_data_file:file { read getattr };
+
diff --git a/sepolicy/mediaprovider.te b/sepolicy/mediaprovider.te
index 85882e5..c6b1a83 100644
--- a/sepolicy/mediaprovider.te
+++ b/sepolicy/mediaprovider.te
@@ -1 +1,5 @@
 allow mediaprovider media_prop:file { getattr open read };
+
+allow mediaprovider fuseblk:dir { open read search };
+allow mediaprovider fuseblk:file { getattr open read };
+
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
index 0152b22..63b44f2 100644
--- a/sepolicy/mediaserver.te
+++ b/sepolicy/mediaserver.te
@@ -9,3 +9,9 @@ allow mediaserver sysfs_video:file  rw_file_perms;
 allow mediaserver sysfs_audio:file  rw_file_perms;
 
 get_prop(mediaserver, media_prop)
+get_prop(mediaserver, vendor_platform_prop)
+
+allow mediaserver bootanim:binder { call transfer };
+allow mediaserver bootanim:fd  use;
+allow mediaserver system_data_file:file { read getattr };
+
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te
index 44c7e5a..7a112d8 100644
--- a/sepolicy/platform_app.te
+++ b/sepolicy/platform_app.te
@@ -15,3 +15,6 @@ allow platform_app droidvold:binder { call transfer };
 
 allow platform_app tvserver_hwservice:hwservice_manager { find };
 allow platform_app tvserver:binder { call transfer };
+
+allow platform_app imageserver_hwservice:hwservice_manager { find };
+allow platform_app imageserver:binder { call transfer };
diff --git a/sepolicy/priv_app.te b/sepolicy/priv_app.te
index 5889379..5758d64 100644
--- a/sepolicy/priv_app.te
+++ b/sepolicy/priv_app.te
@@ -16,4 +16,11 @@ allow priv_app device:dir { read search open };
 allow priv_app proc_stat:file { getattr open };
 
 allow priv_app { su_exec bootanim_exec bootstat_exec }:file { getattr };
-allow priv_app proc_uptime:file read;
\ No newline at end of file
+allow priv_app proc_uptime:file read;
+
+allow priv_app tvserver_hwservice:hwservice_manager { find };
+allow priv_app systemcontrol_hwservice:hwservice_manager { find };
+allow priv_app system_control:binder call;
+allow priv_app tvserver:binder { call transfer };
+allow priv_app param_tv_file:file { create open read write setattr getattr lock unlink };
+allow priv_app param_tv_file:dir { search read open write add_name remove_name getattr };
diff --git a/sepolicy/property.te b/sepolicy/property.te
index a3e38fb..9c650b1 100644
--- a/sepolicy/property.te
+++ b/sepolicy/property.te
@@ -6,3 +6,6 @@ type tv_prop, property_type;
 type bcmdl_prop, property_type;
 type ctl_dhcp_pan_prop, property_type;
 type netflix_prop, property_type;
+type vendor_platform_prop, property_type;
+type vendor_persist_prop, property_type;
+type vendor_app_prop, property_type;
\ No newline at end of file
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index 075f2e7..581a95f 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -1,10 +1,24 @@
 media.                  u:object_r:media_prop:s0
+ro.media.               u:object_r:media_prop:s0
+sys.media.              u:object_r:media_prop:s0
+sys.subtitle.           u:object_r:media_prop:s0
+ro.audio.               u:object_r:media_prop:s0
+persist.vendor.audio.   u:object_r:media_prop:s0
+persist.vendor.media.   u:object_r:media_prop:s0
+drm.                    u:object_r:media_prop:s0
 ubootenv.               u:object_r:uboot_prop:s0
 ro.ubootenv.            u:object_r:uboot_prop:s0
 const.filesystem.       u:object_r:aml_display_prop:s0
 snd.                    u:object_r:tv_config_prop:s0
 tv.                     u:object_r:tv_prop:s0
+persist.tv.             u:object_r:tv_prop:s0
 bcmdl_status            u:object_r:bcmdl_prop:s0
 wc_transport            u:object_r:bluetooth_prop:s0
 rc_hidraw_fd            u:object_r:bluetooth_prop:s0
 vendor.display-size     u:object_r:netflix_prop:s0
+ro.vendor.nrdp.modelgroup     u:object_r:netflix_prop:s0
+ro.vendor.platform      u:object_r:vendor_platform_prop:s0
+persist.vendor.sys      u:object_r:vendor_persist_prop:s0
+vendor.sys              u:object_r:vendor_platform_prop:s0
+ro.vendor.app           u:object_r:vendor_app_prop:s0
+
diff --git a/sepolicy/rc_server.te b/sepolicy/rc_server.te
new file mode 100644
index 0000000..ed0c33c
--- a/dev/null
+++ b/sepolicy/rc_server.te
@@ -0,0 +1,14 @@
+type rc_server, domain;
+type rc_server_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(rc_server)
+
+allow rc_server vndbinder_device:chr_file rw_file_perms;
+
+vndbinder_use(rc_server);
+hwbinder_use(rc_server);
+
+allow rc_server remotecontrol_hwservice:hwservice_manager add;
+allow rc_server hidl_base_hwservice:hwservice_manager add;
+
+get_prop(rc_server, hwservicemanager_prop);
diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te
index e2f49eb..a528323 100644
--- a/sepolicy/recovery.te
+++ b/sepolicy/recovery.te
@@ -1,4 +1,3 @@
-allow recovery aml_display_prop:property_service set;
 allow recovery input_device:chr_file write;
 allow recovery kmsg_device:chr_file { write open read };
 allow recovery self:netlink_kobject_uevent_socket { create setopt bind read };
@@ -6,7 +5,6 @@ allow recovery sysfs_xbmc:file { read write open };
 allow recovery system_prop:property_service set;
 allow recovery self:capability net_admin;
 
-allow recovery uboot_prop:property_service set;
 allow recovery rootfs:dir create_dir_perms;
 allow recovery sysfs:dir mounton;
 
@@ -20,7 +18,6 @@ allow recovery device:dir rw_dir_perms;
 allow recovery bootloader_device:chr_file rw_file_perms;
 allow recovery defendkey_device:chr_file rw_file_perms;
 allow recovery dtb_device:chr_file { open read write };
-allow recovery aml_display_prop:property_service set;
 allow recovery recovery:capability { net_admin };
 
 allow recovery sysfs_unifykey:dir search;
@@ -32,9 +29,13 @@ allow recovery sysfs_am_vecm:file { open read write };
 allow recovery sysfs_audio_cap:file r_file_perms;
 allow recovery sysfs_cec:file rw_file_perms;
 
-set_prop(recovery, aml_display_prop)
-set_prop(recovery, uboot_prop)
-set_prop(recovery, bluetooth_prop)
+#--------------------------------------------------------------------#
+#  product_shipping_api_level=28 vendor/system cannot share prop
+#--------------------------------------------------------------------#
+#get_prop(recovery, aml_display_prop)
+get_prop(recovery, uboot_prop)
+get_prop(recovery, bluetooth_prop)
+get_prop(recovery, vendor_platform_prop)
 set_prop(recovery, boottime_prop)
 set_prop(recovery, ctl_bootanim_prop)
 
@@ -62,7 +63,7 @@ allow recovery cache_file:dir mounton;
 allow recovery tmpfs:blk_file write;
 
 allow recovery sysfs:dir { open read };
-allow recovery sysfs_display:file read;
+allow recovery sysfs_display:file { open read write };
 allow recovery sysfs_video:dir search;
 
 allow recovery sysfs_store:file { open read write getattr };
@@ -130,6 +131,12 @@ allow recovery sysfs_display:lnk_file { open read write getattr };
 allow init reco_file:file { open read create write };
 
 get_prop(recovery, aml_display_prop)
+allow recovery aml_display_prop:file { getattr open read };
+allow recovery bluetooth_a2dp_offload_prop:file { getattr open };
+allow recovery exported_audio_prop:file { getattr open };
+allow recovery exported_bluetooth_prop:file { getattr open };
+allow recovery exported_overlay_prop:file { getattr open };
+allow recovery exported_wifi_prop:file { getattr open };
 
 allow shell tmpfs:file {open read getattr};
 allow shell rootfs:file {execute_no_trans};
diff --git a/sepolicy/sdcardd.te b/sepolicy/sdcardd.te
index 88c5b2e..ffcc5be 100644
--- a/sepolicy/sdcardd.te
+++ b/sepolicy/sdcardd.te
@@ -6,3 +6,5 @@ allow sdcardd vold:unix_stream_socket { read write };
 # for exfat
 allow sdcardd unlabeled:dir { open read write getattr search };
 allow sdcardd unlabeled:file { open read write getattr };
+
+allow sdcardd storage_file:dir mounton;
diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
index 474383d..d0c8c64 100644
--- a/sepolicy/system_app.te
+++ b/sepolicy/system_app.te
@@ -1,7 +1,8 @@
 allow system_app sysfs_mpgpu_scale:file { read write open };
 allow system_app cache_recovery_file:dir { search read open write add_name remove_name };
-allow system_app cache_recovery_file:file { create getattr open read write unlink  };
-
+allow system_app cache_recovery_file:file { create getattr setattr open read write unlink  };
+allow system_app cache_file:dir {search open read write unlink add_name remove_name};
+allow system_app cache_file:file {create getattr write open unlink read};
 allow system_app update_engine:binder {call transfer};
 
 allow system_app rootfs:dir { getattr };
@@ -42,15 +43,29 @@ allow system_app sysfs_clock:file { getattr open read };
 allow sysfs_display tmpfs:filesystem associate;
 
 allow system_app sysfs_display:dir search;
+allow system_app sysfs_display:dir search;
 allow system_app sysfs_display:file { read write open getattr };
 
+#--------------------------------------------------------------------#
+#  product_shipping_api_level=28 vendor/system cannot share prop
+#--------------------------------------------------------------------#
 get_prop(system_app, tv_prop)
-set_prop(system_app, media_prop)
-set_prop(system_app, netflix_prop)
+#set_prop(system_app, media_prop)
+get_prop(system_app, media_prop)
+#set_prop(system_app, netflix_prop)
+get_prop(system_app, netflix_prop)
+get_prop(system_app, vendor_platform_prop)
+get_prop(system_app, vendor_app_prop)
+
 allow system_app vbi_device:chr_file { read write open ioctl };
 allow system_app vendor_file:file r_file_perms;
 allow system_app sysfs_video:dir { search };
 allow system_app sysfs_video:file r_file_perms;
 allow system_app sysfs_amhdmitx:dir search;
 allow system_app sysfs_amhdmitx:file { getattr open read };
-allow system_app vendor_app_file:file execute;
+allow system_app vendor_app_file:file { read open getattr execute };
+allow system_app dvb_device:chr_file { open read write ioctl };
+allow system_app codec_device:chr_file { open read write ioctl getattr};
+allow system_app param_tv_file:file { create open read write setattr getattr lock unlink };
+allow system_app param_tv_file:dir { search read open write add_name remove_name getattr };
+
diff --git a/sepolicy/system_control.te b/sepolicy/system_control.te
index d7d3df3..834d894 100644
--- a/sepolicy/system_control.te
+++ b/sepolicy/system_control.te
@@ -22,7 +22,7 @@ allow system_control vendor_shell_exec:file execute_no_trans;
 allow system_control vendor_file:file execute_no_trans;
 
 allow system_control sysfs_display:dir search;
-
+allow system_control sysfs_di:dir search;
 #unix_socket_connect(system_control, vold, vold);
 #unix_socket_connect(system_control, property, init);
 
@@ -33,39 +33,53 @@ allow system_control sysfs_amvdec:file { open read write };
 allow system_control mnt_vendor_file:dir { search read open remove_name rmdir };
 allow system_control mnt_vendor_file:file { setattr getattr lock unlink };
 
-# Property Service write
-set_prop(system_control, system_prop)
-set_prop(system_control, dhcp_prop)
-set_prop(system_control, net_radio_prop)
-set_prop(system_control, system_radio_prop)
-set_prop(system_control, debug_prop)
-set_prop(system_control, powerctl_prop)
-
+#Property Service write
+#--------------------------------------------------------------------#
+#  product_shipping_api_level=28 vendor/system cannot share prop
+#--------------------------------------------------------------------#
 get_prop(system_control, tv_config_prop)
 get_prop(system_control, bcmdl_prop)
 get_prop(system_control, safemode_prop)
 get_prop(system_control, mmc_prop)
 get_prop(system_control, device_logging_prop)
+get_prop(system_control, vendor_platform_prop)
+set_prop(system_control, vendor_platform_prop)
+get_prop(system_control, vendor_default_prop)
 
 set_prop(system_control, media_prop)
+get_prop(system_control, media_prop)
 get_prop(system_control, aml_display_prop)
 set_prop(system_control, uboot_prop)
+get_prop(system_control, uboot_prop)
 set_prop(system_control, tv_prop)
 set_prop(system_control, netflix_prop)
+get_prop(system_control, tv_prop)
+
+set_prop(system_control, vendor_persist_prop)
+get_prop(system_control, vendor_persist_prop)
+
+set_prop(system_control, netflix_prop)
+get_prop(system_control, netflix_prop)
 
-get_prop(system_control, wifi_prop)
+#get_prop(system_control, wifi_prop)
 set_prop(system_control, boottime_prop)
 
+get_prop(system_control, boottime_prop)
 #get_prop(system_control, firstboot_prop)
 #get_prop(system_control, serialno_prop)
 set_prop(system_control, overlay_prop)
+get_prop(system_control, overlay_prop)
 set_prop(system_control, net_dns_prop)
+get_prop(system_control, net_dns_prop)
 set_prop(system_control, logpersistd_logging_prop)
+get_prop(system_control, logpersistd_logging_prop)
 set_prop(system_control, hwservicemanager_prop)
+get_prop(system_control, hwservicemanager_prop)
 set_prop(system_control, dumpstate_options_prop)
-set_prop(system_control, bluetooth_prop)
+#set_prop(system_control, bluetooth_prop)
 
 set_prop(system_control, persistent_properties_ready_prop)
+get_prop(system_control, persistent_properties_ready_prop)
 
 get_prop(system_control, system_boot_reason_prop)
 
@@ -77,6 +91,7 @@ set_prop(system_control, ctl_bugreport_prop)
 allow system_control block_device:dir r_dir_perms;
 
 allow system_control sysfs_audio_cap:file {open getattr read};
+allow system_control sysfs_audio:file {open getattr read};
 allow system_control sysfs_video:file rw_file_perms;
 allow system_control { sysfs_video sysfs_cec sysfs_am_vecm }:dir { search };
 allow system_control sysfs_cec:file rw_file_perms;
@@ -93,7 +108,7 @@ allow system_control appdomain:dir { getattr search };
 allow system_control appdomain:file { r_file_perms };
 allow system_control platform_app:dir { search };
 
-allow system_control param_tv_file:dir  { search read write open add_name remove_name rmdir };
+allow system_control param_tv_file:dir  { search read write open add_name remove_name rmdir create };
 allow system_control param_tv_file:file { create open read write setattr getattr lock unlink };
 
 #allow system_control shell_exec:file { execute_no_trans execute open read getattr };
@@ -114,6 +129,7 @@ allow system_control param_tv_file:dir { write search add_name create };
 allow system_control param_tv_file:file { create read write open getattr };
 allow system_control sysfs_amhdmitx:dir search;
 allow system_control sysfs_amvdec:file { create open read write getattr};
+allow system_control sysfs_xbmc:file { read open };
 
 allow system_control vendor_configs_file:file { ioctl lock };
 allow system_control sysfs_display:lnk_file { read write open getattr };
@@ -122,3 +138,8 @@ allow system_control { sysfs_display sysfs_am_vecm sysfs_display sysfs_amhdmitx
 allow system_control sysfs_unifykey:dir { search };
 allow system_control sysfs_unifykey:file { read write open };
 allow system_control unlabeled:dir search;
+allow system_control sysfs_mpgpu_scale:file { read write open } ;
+allow system_control hdmirx0_device:chr_file { read write open ioctl getattr };
+
+allow system_control exported_system_prop:file { read } ;
+get_prop(system_control, exported_system_prop);
\ No newline at end of file
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index ef5133b..f9b2520 100644
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -31,7 +31,7 @@ allow system_server sysfs:dir r_dir_perms;
 allow system_server sysfs_rtc:file { read write open getattr };
 
 r_dir_file(system_server, sysfs_hdmi)
-allow system_server sysfs_hdmi:file write;
+allow system_server sysfs_hdmi:file { read write open getattr };
 
 allow system_server sysfs_display:lnk_file { read write open getattr };
 allow system_server sysfs_display:file { read write open getattr };
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index 137d092..1a6775e 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -17,3 +17,4 @@ allow tee unlabeled:file { open read rename write };
 
 allow tee hidraw_device:chr_file { create read open write ioctl };
 allow tee vendor_file:file { read open getattr execute };
+allow tee param_tv_file:dir { search };
diff --git a/sepolicy/toolbox.te b/sepolicy/toolbox.te
index aeae6ba..aeae6ba 100755..100644
--- a/sepolicy/toolbox.te
+++ b/sepolicy/toolbox.te
diff --git a/sepolicy/tvserver.te b/sepolicy/tvserver.te
index c10e154..fa241a4 100644
--- a/sepolicy/tvserver.te
+++ b/sepolicy/tvserver.te
@@ -24,6 +24,7 @@ get_prop(tvserver, media_prop)
 get_prop(tvserver, tv_prop)
 set_prop(tvserver, tv_prop)
 set_prop(tvserver, tv_config_prop)
+get_prop(tvserver, vendor_default_prop)
 allow tvserver tv_prop:file { read open getattr };
 
 allow tvserver proc:file { read write open ioctl getattr };
@@ -60,5 +61,15 @@ allow tvserver mnt_vendor_file:file { create open write setattr getattr lock rea
 allow tvserver platform_app:binder { call };
 allow tvserver sysfs:file { read write open };
 
+#add for search channel
+allow tvserver dvb_device:chr_file { open read write ioctl };
+allow tvserver frontend_device:chr_file { open read write ioctl };
+allow tvserver priv_app:binder { call };
+allow tvserver codec_device:chr_file { read write open ioctl };
+
+#add for timeshift
+allow tvserver vendor_data_file:dir { search remove_name write add_name create };
+allow tvserver vendor_data_file:file { unlink write create open read getattr };
+
 allow tvserver sysfs_amhdmitx:dir search;
 allow tvserver sysfs_amhdmitx:file { write open read getattr };
diff --git a/sepolicy/untrusted_app.te b/sepolicy/untrusted_app.te
index 351aa0f..351aa0f 100755..100644
--- a/sepolicy/untrusted_app.te
+++ b/sepolicy/untrusted_app.te
diff --git a/sepolicy/untrusted_app_25.te b/sepolicy/untrusted_app_25.te
index 015efd9..015efd9 100755..100644
--- a/sepolicy/untrusted_app_25.te
+++ b/sepolicy/untrusted_app_25.te
diff --git a/sepolicy/update_engine.te b/sepolicy/update_engine.te
index f3330aa..f3330aa 100755..100644
--- a/sepolicy/update_engine.te
+++ b/sepolicy/update_engine.te
diff --git a/sepolicy/update_verifier.te b/sepolicy/update_verifier.te
index 244b431..244b431 100755..100644
--- a/sepolicy/update_verifier.te
+++ b/sepolicy/update_verifier.te
diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
index 90d4bea..08ca710 100644
--- a/sepolicy/vendor_init.te
+++ b/sepolicy/vendor_init.te
@@ -7,6 +7,7 @@ allow vendor_init rootfs:dir { create_dir_perms relabelfrom };
 allow vendor_init sysfs_devices_system_cpu:file { create };
 
 allow vendor_init debugfs:dir { mounton };
+allow vendor_init debugfs:file { read write };
 
 allow vendor_init update_data_file:file { read };
 
@@ -19,8 +20,20 @@ allow vendor_init self:capability sys_module;
 allow vendor_init proc:file write;
 allow vendor_init unlabeled:dir search;
 
+allow vendor_init ffs_prop:property_service set;
 # optee
 allow vendor_init drm_device:chr_file setattr;
 
 # allow init mount a new filesystem and set its selinux contexts
 allow vendor_init unlabeled:dir { getattr read relabelfrom setattr };
+
+set_prop(vendor_init, vendor_platform_prop)
+set_prop(vendor_init, shell_prop)
+set_prop(vendor_init, vendor_app_prop)
+set_prop(vendor_init, media_prop)
+set_prop(vendor_init, aml_display_prop)
+set_prop(vendor_init, tv_config_prop)
+set_prop(vendor_init, tv_prop)
+set_prop(vendor_init, netflix_prop)
+set_prop(vendor_init, vold_prop)
+set_prop(vendor_init, config_prop)
diff --git a/sepolicy/vold.te b/sepolicy/vold.te
index dffc5bf..3a5d396 100644
--- a/sepolicy/vold.te
+++ b/sepolicy/vold.te
@@ -6,3 +6,7 @@ allow vold param_tv_file:dir { ioctl open read };
 
 #for hw keymaster
 allow vold drm_device:chr_file  {open read write ioctl};
+
+allow vold fsck_exec:file {execute read open };
+allow vold kernel:system module_request;
+
diff --git a/sepolicy/wificond.te b/sepolicy/wificond.te
index 34e68d6..34e68d6 100755..100644
--- a/sepolicy/wificond.te
+++ b/sepolicy/wificond.te