display-dump: sepolicy for legacy primary display dump

Create sub-directory for project-specific sepolicy files, and move
legacy sepolicy files to sub-directory.

Bug: 376426334
Test: adb bugreport
Test: adb shell /vendor/bin/dump/dump_*_display
Test: adb shell /vendor/bin/dump/dump_*_second_display
Flag: EXEMPT bugfix
Change-Id: I7de8667b666d7f47c05b147a1f9e7da62ba35e1c

display/sepolicy/dump_display.te

@@ -1,15 +0,0 @@
-# Display (dump for bugreport)
-pixel_bugreport(dump_display)
-
-allow dump_display sysfs_display:file r_file_perms;
-allow dump_display vendor_displaycolor_service:service_manager find;
-binder_call(dump_display, hal_graphics_composer_default)
-allow dump_display vendor_dumpsys:file execute_no_trans;
-allow dump_display vendor_shell_exec:file execute_no_trans;
-
-userdebug_or_eng(`
-  allow dump_display vendor_dri_debugfs:dir r_dir_perms;
-  allow dump_display vendor_dri_debugfs:file r_file_perms;
-')
-vndbinder_use(dump_display)
-

display/sepolicy/dump_display_userdebug.te

@@ -1,11 +0,0 @@
-# Display eng/userdebug (dump for bugreport)
-pixel_bugreport(dump_display_userdebug)
-
-userdebug_or_eng(`
-  allow dump_display_userdebug vendor_toolbox_exec:file execute_no_trans;
-  allow dump_display_userdebug vendor_log_file:dir search;
-  allow dump_display_userdebug vendor_hwc_log_file:dir r_dir_perms;
-  allow dump_display_userdebug vendor_hwc_log_file:file r_file_perms;
-  allow dump_display_userdebug debugfs_tracing_instances:dir search;
-  allow dump_display_userdebug debugfs_tracing_instances:file r_file_perms;
-')

display/sepolicy/exynos/dump_display.te

@@ -0,0 +1,15 @@
+# Display (dump for bugreport)
+pixel_bugreport(dump_exynos_display)
+
+allow dump_exynos_display sysfs_display:file r_file_perms;
+allow dump_exynos_display vendor_displaycolor_service:service_manager find;
+binder_call(dump_exynos_display, hal_graphics_composer_default)
+allow dump_exynos_display vendor_dumpsys:file execute_no_trans;
+allow dump_exynos_display vendor_shell_exec:file execute_no_trans;
+
+userdebug_or_eng(`
+  allow dump_exynos_display vendor_dri_debugfs:dir r_dir_perms;
+  allow dump_exynos_display vendor_dri_debugfs:file r_file_perms;
+')
+vndbinder_use(dump_exynos_display)
+

display/sepolicy/exynos/dump_display_userdebug.te

@@ -0,0 +1,11 @@
+# Display eng/userdebug (dump for bugreport)
+pixel_bugreport(dump_exynos_display_userdebug)
+
+userdebug_or_eng(`
+  allow dump_exynos_display_userdebug vendor_toolbox_exec:file execute_no_trans;
+  allow dump_exynos_display_userdebug vendor_log_file:dir search;
+  allow dump_exynos_display_userdebug vendor_hwc_log_file:dir r_dir_perms;
+  allow dump_exynos_display_userdebug vendor_hwc_log_file:file r_file_perms;
+  allow dump_exynos_display_userdebug debugfs_tracing_instances:dir search;
+  allow dump_exynos_display_userdebug debugfs_tracing_instances:file r_file_perms;
+')

display/sepolicy/exynos/file_contexts

@@ -1,5 +1,5 @@
-/vendor/bin/dump/dump_display_userdebug\.sh      u:object_r:dump_display_userdebug_exec:s0
+/vendor/bin/dump/dump_display_userdebug\.sh      u:object_r:dump_exynos_display_userdebug_exec:s0
-/vendor/bin/dump/dump_display                    u:object_r:dump_display_exec:s0
+/vendor/bin/dump/dump_exynos_display             u:object_r:dump_exynos_display_exec:s0
 
 /data/vendor/log/hwc(/.*)?                       u:object_r:vendor_hwc_log_file:s0
 

display/sepolicy/exynos/hal_graphics_composer_default.te

@@ -0,0 +1,3 @@
+allow hal_graphics_composer_default dump_exynos_display:fifo_file { append write };
+allow hal_graphics_composer_default dump_exynos_display:fd use;
+

display/sepolicy/hal_graphics_composer_default.te

@@ -1,3 +0,0 @@
-allow hal_graphics_composer_default dump_display:fifo_file { append write };
-allow hal_graphics_composer_default dump_display:fd use;
-