bramble-sepolicy: allow dumpstate hal to access proc/bldrlog

Allow android.hardware.dumpstate@1.0-service.bramble to read bldrlog proc nodes

Bug: 140221183
Change-Id: I5e87afc399cb77168212d62afbe94650b1a6d7ba
Signed-off-by: Jone Chou <jonechou@google.com>

vendor/google/file.te

@@ -37,3 +37,6 @@ type sysfs_contaminant, sysfs_type, fs_type;
 type hal_neuralnetworks_darwinn_hal_camera_data_file, file_type, data_file_type;
 type camera_calibration_vendor_data_file, file_type, data_file_type;
 type sysfs_knowles_info, fs_type, sysfs_type;
+
+# Dumpstates bootloader logs
+type proc_bldrlog, fs_type, proc_type;

vendor/google/genfs_contexts

@@ -160,3 +160,6 @@ genfscon debugfs /pmic-votable                        u:object_r:debugfs_pmic:s0
 # USB contaminant detection
 genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-02/c440000.qcom,spmi:qcom,pm8150b@2:qcom,qpnp-smb5/power_supply/usb/moisture_detected            u:object_r:sysfs_contaminant:s0
 genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-02/c440000.qcom,spmi:qcom,pm8150b@2:qcom,qpnp-smb5/power_supply/usb/moisture_detection_enabled   u:object_r:sysfs_contaminant:s0
+
+# Bootloader
+genfscon proc /bldrlog                                u:object_r:proc_bldrlog:s0

vendor/google/hal_dumpstate_impl.te

@@ -1,3 +1,9 @@
 type hal_dumpstate_impl, domain;
 type hal_dumpstate_impl_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(hal_dumpstate_impl)
+init_daemon_domain(hal_dumpstate_impl)
+
+userdebug_or_eng(`
+  allow hal_dumpstate_impl proc_bldrlog:file r_file_perms;
+')
+
+dontaudit hal_dumpstate_impl proc_bldrlog:file r_file_perms;