pixel-selinux: add SJTAG policies

These are the SELinux policies for the sysfs files of the SJTAG
kernel interface. The files are in the following directories:

  /sys/devices/platform/sjtag_ap/interface/
  /sys/devices/platform/sjtag_gsa/interface/

Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I4ecf5cec5bbd08a44d7dbf88de5f3bc58b6c4fe5

whitechapel/vendor/google/file.te

@@ -35,7 +35,6 @@ type vendor_maxfg_debugfs, fs_type, debugfs_type;
 type vendor_charger_debugfs, fs_type, debugfs_type;
 type vendor_votable_debugfs, fs_type, debugfs_type;
 type vendor_battery_debugfs, fs_type, debugfs_type;
-type vendor_sjtag_debugfs, fs_type, debugfs_type;
 
 # Exynos sysfs
 type sysfs_exynos_bts, sysfs_type, fs_type;
@@ -208,3 +207,6 @@ type sysfs_pixelstats, fs_type, sysfs_type;
 
 # WLC FW
 type vendor_wlc_fwupdata_file, vendor_file_type, file_type;
+
+# SJTAG
+type sysfs_sjtag, fs_type, sysfs_type;

whitechapel/vendor/google/genfs_contexts

@@ -334,7 +334,6 @@ genfscon debugfs /usb
 genfscon debugfs /google_charger                                                                          u:object_r:vendor_charger_debugfs:s0
 genfscon debugfs /gvotables                                                                               u:object_r:vendor_votable_debugfs:s0
 genfscon debugfs /google_battery                                                                          u:object_r:vendor_battery_debugfs:s0
-genfscon debugfs /sjtag                                                                                   u:object_r:vendor_sjtag_debugfs:s0
 
 # tracefs
 genfscon tracefs /events/dmabuf_heap/dma_heap_stat                                                        u:object_r:debugfs_tracing:s0
@@ -359,3 +358,7 @@ genfscon sysfs /devices/platform/audiometrics/speaker_heartbeat        u:object_
 genfscon sysfs /devices/platform/audiometrics/speaker_temp             u:object_r:sysfs_pixelstats:s0
 genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade       u:object_r:sysfs_pixelstats:s0
 genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter    u:object_r:sysfs_pixelstats:s0
+
+# SJTAG
+genfscon sysfs /devices/platform/sjtag_ap/interface                    u:object_r:sysfs_sjtag:s0
+genfscon sysfs /devices/platform/sjtag_gsa/interface                   u:object_r:sysfs_sjtag:s0

whitechapel/vendor/google/shell.te

@@ -2,6 +2,6 @@ allow shell eco_service:service_manager find;
 
 # Allow access to the SJTAG kernel interface from the shell
 userdebug_or_eng(`
-  allow shell vendor_sjtag_debugfs:dir r_dir_perms;
-  allow shell vendor_sjtag_debugfs:file rw_file_perms;
+  allow shell sysfs_sjtag:dir r_dir_perms;
+  allow shell sysfs_sjtag:file rw_file_perms;
 ')

whitechapel/vendor/google/ssr_detector.te

@@ -12,8 +12,8 @@ userdebug_or_eng(`
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
   get_prop(ssr_detector_app, vendor_aoc_prop)
-  allow ssr_detector_app vendor_sjtag_debugfs:dir r_dir_perms;
-  allow ssr_detector_app vendor_sjtag_debugfs:file rw_file_perms;
+  allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
+  allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
 ')
 
 get_prop(ssr_detector_app, vendor_ssrdump_prop)