Move coredomain policies to system_ext/product

Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: If768b5cb9f3b4024893117d8e3bf49adb7c5b070

system_ext/private/con_monitor.te

@@ -0,0 +1,7 @@
+typeattribute con_monitor_app coredomain;
+
+app_domain(con_monitor_app)
+
+set_prop(con_monitor_app, radio_prop)
+allow con_monitor_app app_api_service:service_manager find;
+allow con_monitor_app radio_service:service_manager find;

system_ext/private/hbmsvmanager_app.te

@@ -0,0 +1,11 @@
+typeattribute hbmsvmanager_app coredomain;
+
+app_domain(hbmsvmanager_app);
+
+allow hbmsvmanager_app proc_vendor_sched:dir r_dir_perms;
+allow hbmsvmanager_app proc_vendor_sched:file w_file_perms;
+
+# Standard system services
+allow hbmsvmanager_app app_api_service:service_manager find;
+
+allow hbmsvmanager_app cameraserver_service:service_manager find;

system_ext/private/seapp_contexts

@@ -0,0 +1,5 @@
+# Domain for connectivity monitor
+user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all
+
+# HbmSVManager
+user=_app seinfo=platform name=com.android.hbmsvmanager domain=hbmsvmanager_app type=app_data_file levelFrom=all

system_ext/public/con_monitor.te

@@ -0,0 +1,2 @@
+# ConnectivityMonitor app
+type con_monitor_app, domain;

system_ext/public/hbmsvmanager_app.te

@@ -0,0 +1 @@
+type hbmsvmanager_app, domain;