diff --git a/device/mediatek/sepolicy/basic/non_plat/platform_app.te b/device/mediatek/sepolicy/basic/non_plat/platform_app.te
index 95a403ae28fe8ba29115e06e7e712469891dd508..88b413a6acf5e9c4c022b6052e2673696d054dd8 100644
--- a/device/mediatek/sepolicy/basic/non_plat/platform_app.te
+++ b/device/mediatek/sepolicy/basic/non_plat/platform_app.te
@@ -112,5 +112,7 @@ get_prop(platform_app, vendor_connsysfw_prop)
# Data: 2020/11/20
allow platform_app ttyACM_device:chr_file { read write ioctl open };
+allow platform_app sysfs_net:dir { search read open };
+allow platform_app sysfs:file { open read getattr};
allow platform_app selinuxfs:file { read open };
diff --git a/device/mediatek/sepolicy/basic/plat_private/file.te b/device/mediatek/sepolicy/basic/plat_private/file.te
index a548ca011cdc5cb42b004e372f2402e172f73471..f040a1a10764bfcac7cb575d41ad65e7fda42011 100755
--- a/device/mediatek/sepolicy/basic/plat_private/file.te
+++ b/device/mediatek/sepolicy/basic/plat_private/file.te
@@ -9,3 +9,4 @@
type access_sys_file, fs_type, sysfs_type;
type sys_usbhost_device_file, fs_type, sysfs_type;
type sys_netpower_device_file, fs_type, sysfs_type;
+type sys_eth0_device_file, fs_type, sysfs_type;
diff --git a/device/mediatek/sepolicy/basic/plat_private/file_contexts b/device/mediatek/sepolicy/basic/plat_private/file_contexts
index 4dbb47354b37cb1168febf0ab105d547a65eadd4..7367f62d7ff6e7f953ab15852260fc640c8b1b4c 100644
--- a/device/mediatek/sepolicy/basic/plat_private/file_contexts
+++ b/device/mediatek/sepolicy/basic/plat_private/file_contexts
@@ -49,3 +49,4 @@
/sys/devices/virtual/mt8788_gpio_ctrl_node/gpio_ctrl_dev/otg_ctrl u:object_r:sys_usbhost_device_file:s0
/sys/devices/virtual/mt8788_gpio_ctrl_node/gpio_ctrl_dev/net_pwr u:object_r:sys_netpower_device_file:s0
+/sys/class/net/eth0/address u:object_r:sys_eth0_device_file:s0
diff --git a/device/mediatek/sepolicy/basic/plat_private/platform_app.te b/device/mediatek/sepolicy/basic/plat_private/platform_app.te
index b7434ced02aa9e5e2a4078cf57df272a43094160..ded31f4b799bd66d88f6cb73949208a7471b572a 100644
--- a/device/mediatek/sepolicy/basic/plat_private/platform_app.te
+++ b/device/mediatek/sepolicy/basic/plat_private/platform_app.te
@@ -21,3 +21,6 @@ allow platform_app proc_tty_drivers:file { open read };
allow platform_app config_gz:file { read open };
allow platform_app selinuxfs:file { read open };
+allow platform_app sys_eth0_device_file:file { read open };
+allow platform_app sysfs_net:dir { search read open };
+#allow platform_app sysfs:file { open read };
diff --git a/system/sepolicy/prebuilts/api/28.0/private/domain.te b/system/sepolicy/prebuilts/api/28.0/private/domain.te
index 8200c40ba107e9720fed612442e89d92af465534..24bc46fda439c53c8e4cbf56d538a3ec63cf092d 100644
--- a/system/sepolicy/prebuilts/api/28.0/private/domain.te
+++ b/system/sepolicy/prebuilts/api/28.0/private/domain.te
@@ -42,6 +42,7 @@ full_treble_only(`
-ueventd
-vold
-priv_app
+ -platform_app
} sysfs:file no_rw_file_perms;
# /dev
diff --git a/system/sepolicy/private/domain.te b/system/sepolicy/private/domain.te
index 8200c40ba107e9720fed612442e89d92af465534..24bc46fda439c53c8e4cbf56d538a3ec63cf092d 100644
--- a/system/sepolicy/private/domain.te
+++ b/system/sepolicy/private/domain.te
@@ -42,6 +42,7 @@ full_treble_only(`
-ueventd
-vold
-priv_app
+ -platform_app
} sysfs:file no_rw_file_perms;
# /dev
![與專家面對面:Android開發入門問與答[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)