Add camera HAL sepolicy based on previous chip family.

The camera HAL code is reused from the previous chip and needs to
perform the same operations as previously, with the following
differences:
- The interrupt affinity workaround may no longer be necessary
  due to image sensor changes, so the ability to set interrupt
  affinity is removed.
- Access to some files that were only present before the APEX
  migration is removed.
- vendor_camera_tuning_file is no longer needed.
- TEE access for face auth is removed for now.

Bug: 205904406
Bug: 205657132
Bug: 205780186
Bug: 205072921
Bug: 205657133
Bug: 205780065
Bug: 204718762
Bug: 207300298
Bug: 209889068
Bug: 210067468
Test: Ensure that the policy builds; I don't have access to target
      hardware at the moment.

Change-Id: Ia70b98d4e1f3a156a5e719f0d069a90579b6a247

tracking_denials/hal_camera_default.te

@@ -1,54 +1,7 @@
-# b/204718762
-dontaudit hal_camera_default edgetpu_vendor_service:service_manager { find };
-dontaudit hal_camera_default hal_power_service:service_manager { find };
 # b/205072921
 dontaudit hal_camera_default kernel:process { setsched };
-dontaudit hal_camera_default vendor_camera_prop:file { getattr };
-dontaudit hal_camera_default vendor_camera_prop:file { map };
-dontaudit hal_camera_default vendor_camera_prop:file { open };
-dontaudit hal_camera_default vendor_camera_prop:file { read };
-dontaudit hal_camera_default vendor_camera_prop:property_service { set };
-# b/205657133
-dontaudit hal_camera_default edgetpu_device:chr_file { ioctl };
-dontaudit hal_camera_default edgetpu_device:chr_file { map };
-dontaudit hal_camera_default edgetpu_device:chr_file { open };
-dontaudit hal_camera_default edgetpu_device:chr_file { read write };
-dontaudit hal_camera_default gpu_device:chr_file { getattr };
-dontaudit hal_camera_default gpu_device:chr_file { ioctl };
-dontaudit hal_camera_default gpu_device:chr_file { map };
-dontaudit hal_camera_default gpu_device:chr_file { open };
-dontaudit hal_camera_default gpu_device:chr_file { read write };
-dontaudit hal_camera_default lwis_device:chr_file { ioctl };
-dontaudit hal_camera_default lwis_device:chr_file { open };
-dontaudit hal_camera_default lwis_device:chr_file { read };
-dontaudit hal_camera_default lwis_device:chr_file { write };
-dontaudit hal_camera_default vndbinder_device:chr_file { ioctl };
-dontaudit hal_camera_default vndbinder_device:chr_file { map };
-dontaudit hal_camera_default vndbinder_device:chr_file { open };
-dontaudit hal_camera_default vndbinder_device:chr_file { read };
-dontaudit hal_camera_default vndbinder_device:chr_file { write };
 # b/205780065
-dontaudit hal_camera_default apex_info_file:file { getattr };
-dontaudit hal_camera_default apex_info_file:file { open };
-dontaudit hal_camera_default apex_info_file:file { read };
-dontaudit hal_camera_default apex_info_file:file { watch };
-dontaudit hal_camera_default mnt_vendor_file:dir { search };
-dontaudit hal_camera_default persist_file:dir { search };
 dontaudit hal_camera_default system_data_file:dir { search };
-dontaudit hal_camera_default vendor_camera_data_file:dir { getattr };
-dontaudit hal_camera_default vendor_camera_data_file:dir { open };
-dontaudit hal_camera_default vendor_camera_data_file:dir { read };
-dontaudit hal_camera_default vendor_camera_data_file:dir { search };
-dontaudit hal_camera_default vendor_camera_data_file:file { open };
-dontaudit hal_camera_default vendor_camera_data_file:file { read };
 # b/205904406
-dontaudit hal_camera_default hal_camera_default:capability { sys_nice };
-dontaudit hal_camera_default hal_power_default:binder { call };
-dontaudit hal_camera_default hal_radioext_default:binder { call };
 dontaudit hal_camera_default init:unix_stream_socket { connectto };
 dontaudit hal_camera_default property_socket:sock_file { write };
-dontaudit hal_camera_default system_server:binder { call };
-# b/207300298
-dontaudit hal_camera_default vendor_camera_data_file:file { getattr };
-# b/210067468
-dontaudit hal_camera_default persist_camera_file:dir { search };