clone sepolicy from gs101

s/gs101/gs201/g

Bug: 186836335
Test: Boot
Signed-off-by: Pat Tjin <pattjin@google.com>
Change-Id: Ifa0d083f7317c38eb02c8228c2804cbd4d5ee19f

private/dex2oat.te

@@ -0,0 +1,59 @@
+# b/187016929
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat proc_filesystems:file read ;
+dontaudit dex2oat postinstall_apex_mnt_dir:file getattr ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat proc_filesystems:file read ;
+dontaudit dex2oat postinstall_apex_mnt_dir:file getattr ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;
+dontaudit dex2oat vendor_overlay_file:file read ;

private/gmscore_app.te

@@ -0,0 +1,2 @@
+# b/177389198
+dontaudit gmscore_app adbd_prop:file *;

private/hal_dumpstate_default.te

@@ -0,0 +1,2 @@
+# b/176868217
+dontaudit hal_dumpstate adbd_prop:file *;

private/incidentd.te

@@ -0,0 +1,14 @@
+# b/174961589
+dontaudit incidentd adbd_config_prop:file open ;
+dontaudit incidentd adbd_prop:file getattr ;
+dontaudit incidentd adbd_prop:file open ;
+dontaudit incidentd adbd_config_prop:file open ;
+dontaudit incidentd adbd_config_prop:file getattr ;
+dontaudit incidentd adbd_config_prop:file map ;
+dontaudit incidentd adbd_prop:file open ;
+dontaudit incidentd adbd_prop:file getattr ;
+dontaudit incidentd adbd_prop:file map ;
+dontaudit incidentd apexd_prop:file open ;
+dontaudit incidentd adbd_config_prop:file getattr ;
+dontaudit incidentd adbd_config_prop:file map ;
+dontaudit incidentd adbd_prop:file map ;

private/lpdumpd.te

@@ -0,0 +1,7 @@
+# b/177176997
+dontaudit lpdumpd block_device:blk_file getattr ;
+dontaudit lpdumpd block_device:blk_file getattr ;
+dontaudit lpdumpd block_device:blk_file read ;
+dontaudit lpdumpd block_device:blk_file getattr ;
+dontaudit lpdumpd block_device:blk_file read ;
+dontaudit lpdumpd block_device:blk_file read ;

private/priv_app.te

@@ -0,0 +1,19 @@
+# b/178433525
+dontaudit priv_app adbd_prop:file { map };
+dontaudit priv_app adbd_prop:file { getattr };
+dontaudit priv_app adbd_prop:file { open };
+dontaudit priv_app ab_update_gki_prop:file { map };
+dontaudit priv_app ab_update_gki_prop:file { getattr };
+dontaudit priv_app ab_update_gki_prop:file { open };
+dontaudit priv_app aac_drc_prop:file { map };
+dontaudit priv_app aac_drc_prop:file { getattr };
+dontaudit priv_app aac_drc_prop:file { open };
+dontaudit priv_app adbd_prop:file { map };
+dontaudit priv_app aac_drc_prop:file { open };
+dontaudit priv_app aac_drc_prop:file { getattr };
+dontaudit priv_app aac_drc_prop:file { map };
+dontaudit priv_app ab_update_gki_prop:file { open };
+dontaudit priv_app ab_update_gki_prop:file { getattr };
+dontaudit priv_app ab_update_gki_prop:file { map };
+dontaudit priv_app adbd_prop:file { open };
+dontaudit priv_app adbd_prop:file { getattr };

private/radio.te

@@ -0,0 +1 @@
+add_service(radio, uce_service)

private/service_contexts

@@ -0,0 +1 @@
+telephony.oem.oemrilhook        u:object_r:radio_service:s0

private/untrusted_app_25.te

@@ -0,0 +1,2 @@
+# b/177389321
+dontaudit untrusted_app_25 adbd_prop:file *;

private/wait_for_keymaster.te

@@ -0,0 +1,2 @@
+# b/188114822
+dontaudit wait_for_keymaster servicemanager:binder transfer;