selinux: New aocx service

Add new aocxd server domain
- Allow aocxd to access AOC resources
- Add new aocx binder vendor service

Allow audio hal to find and talk to aocx

avc error tcontext=u:object_r:binder_device:s0 tclass=chr_file or tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file

avc:  denied  { add } for pid=1073 uid=0 name=aocx.IAocx scontext=u:r:aocxd:s0 tcontext=u:object_r:aocx:s0 tclass=service_manager

avc:  denied  { call } for  scontext=u:r:hal_audio_default:s0 tcontext=u:r:aocxd:s0 tclass=binder

BUG: 315853303
Change-Id: Ide16a2be9f032bef60f43d4d3daa6372ae06b057

audio/sepolicy/aidl/service.te

@@ -1,3 +1,3 @@
 # Audio
 type hal_audio_ext_service, hal_service_type, service_manager_type;
-type hal_audio_parameter_parser_service, service_manager_type;
+type hal_audio_parameter_parser_service, service_manager_type;

audio/sepolicy/aidl/service_contexts

@@ -1,4 +1,3 @@
 # Audio
 vendor.google.whitechapel.audio.extension.IAudioExtension/default    u:object_r:hal_audio_ext_service:s0
-android.media.audio.IHalAdapterVendorExtension/default               u:object_r:hal_audio_parameter_parser_service:s0
-
+android.media.audio.IHalAdapterVendorExtension/default               u:object_r:hal_audio_parameter_parser_service:s0

audio/sepolicy/common/hal_audio_default.te

@@ -34,3 +34,7 @@ userdebug_or_eng(`
 ')
 
 wakelock_use(hal_audio_default);
+
+vndbinder_use(hal_audio_default);
+allow hal_audio_default aocx:service_manager find;
+binder_call(hal_audio_default, aocxd);