Merge "trusty: sepolicy for metrics reporter" into sc-dev am: f7bec8b3c6

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14286451

Change-Id: I65819ea555dafbd575e26c1f9e45fbb1ce8617ff

whitechapel/vendor/google/file_contexts

@@ -322,6 +322,7 @@
 /vendor/bin/securedpud.slider        u:object_r:securedpud_slider_exec:s0
 /vendor/bin/storageproxyd            u:object_r:tee_exec:s0
 /vendor/bin/trusty_apploader         u:object_r:trusty_apploader_exec:s0
+/vendor/bin/trusty_metricsd\.gs101    u:object_r:trusty_metricsd_exec:s0
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty                u:object_r:hal_gatekeeper_default_exec:s0
 /vendor/bin/hw/android\.hardware\.keymaster@4\.0-service\.trusty                 u:object_r:hal_keymaster_default_exec:s0
 /vendor/bin/hw/android\.hardware\.confirmationui@1\.0-service\.trusty\.vendor    u:object_r:hal_confirmationui_default_exec:s0

whitechapel/vendor/google/trusty_metricsd.te

@@ -0,0 +1,11 @@
+type trusty_metricsd, domain;
+type trusty_metricsd_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(trusty_metricsd)
+
+allow trusty_metricsd tee_device:chr_file rw_file_perms;
+
+# For Suez metrics collection
+binder_use(trusty_metricsd)
+binder_call(trusty_metricsd, system_server)
+allow trusty_metricsd fwk_stats_service:service_manager find;