dumpstate: allow dumpstate to access displaycolor

In bugreport, we need to dump libdisplaycolor information.
Hence, we should add corresponding sepolicy.

Bug: 181915591
Test: There is no avc denied regarding to displaycolor when we
capture the bugreport.

Change-Id: I9f7f8f451fab24b4d0c49305d96b8db6b4d0eed4

tracking_denials/hal_dumpstate_default.te

@@ -2,8 +2,6 @@
 dontaudit hal_dumpstate_default aac_drc_prop:file { open };
 dontaudit hal_dumpstate_default sysfs:dir { read };
 dontaudit hal_dumpstate_default sysfs:dir { open };
-dontaudit hal_dumpstate_default vendor_displaycolor_service:service_manager { find };
-dontaudit hal_dumpstate_default hal_graphics_composer_default:binder { call };
 dontaudit hal_dumpstate_default aac_drc_prop:file { getattr };
 dontaudit hal_dumpstate_default aac_drc_prop:file { map };
 dontaudit hal_dumpstate_default aac_drc_prop:file { open };
@@ -13,4 +11,3 @@ dontaudit hal_dumpstate_default ab_update_gki_prop:file { open };
 dontaudit hal_dumpstate_default ab_update_gki_prop:file { open };
 dontaudit hal_dumpstate_default sysfs:dir { read };
 dontaudit hal_dumpstate_default sysfs:dir { open };
-dontaudit hal_dumpstate_default hal_graphics_composer_default:binder { call };

whitechapel/vendor/google/hal_dumpstate_default.te

@@ -70,6 +70,9 @@ allow hal_dumpstate_default debugfs_f2fs:file r_file_perms;
 allow hal_dumpstate_default sysfs_scsi_devices_0000:dir r_dir_perms;
 allow hal_dumpstate_default sysfs_scsi_devices_0000:file r_file_perms;
 
+allow hal_dumpstate_default vendor_displaycolor_service:service_manager find;
+binder_call(hal_dumpstate_default, hal_graphics_composer_default);
+
 userdebug_or_eng(`
   allow hal_dumpstate_default mnt_vendor_file:dir search;
   allow hal_dumpstate_default ramdump_vendor_mnt_file:dir search;