Add NFC SELinux policy

device/samsung/s5neolte/sepolicy/file_contexts

@@ -0,0 +1 @@
+/(vendor|system/vendor)/bin/hw/vendor\.hardware\.nfc@\d+\.\d+-service\.samsung   u:object_r:nfc_exec:s0

device/samsung/s5neolte/sepolicy/nfc.te

@@ -0,0 +1,23 @@
+type nfc_exec, exec_type, vendor_file_type, file_type;
+
+# Init transition.
+allow init nfc:process transition;
+
+# Vendor file accesses.
+allow nfc vendor_file:file { entrypoint read }; 
+
+allow init nfc:process { rlimitinh siginh noatsecure };
+
+allow nfc hal_nfc_hwservice:hwservice_manager { add find }; 
+allow nfc hidl_base_hwservice:hwservice_manager { add find }; 
+
+allow nfc mediaserver_exec:file { read }; 
+
+# TODO(b/36657258): Remove data_between_core_and_vendor_violators once
+# hal_nfc no longer directly accesses /data owned by the nfc app.
+typeattribute nfc data_between_core_and_vendor_violators;
+
+# Data file accesses.
+allow nfc nfc_data_file:dir create_dir_perms;
+allow nfc nfc_data_file:{ file lnk_file fifo_file } create_file_perms;
+allow nfc nfc_data_file:dir { search read write create remove_name};

device/samsung/s5neolte/sepolicy/seapp_contexts

@@ -0,0 +1 @@
+user=nfc seinfo=platform domain=nfc type=nfc_data_file