[ALPS03902348] GPU: Add sepolicy for graphics

[Detail]
More strictly selinux policy that system process cannot access vendor partition,
unless label the specific vendor lib to same_process_hal_file

[Solution]
Add same-process HAL files and their dependencies

MTK-Commit-Id: 142626c1bf5c65f7781d3c75969cacd86afa938a

Change-Id: I4f6f1be7eef4f013578fe06512ba32e43d107ddf
CR-Id: ALPS03902348
Feature: OpenGL|ES

non_plat/file_contexts

@@ -570,3 +570,25 @@
 
 #hidl process merging
 /(system\/vendor|vendor)/bin/hw/merged_hal_service          u:object_r:merged_hal_service_exec:s0
+
+
+###############################################
+# same-process HAL files and their dependencies
+#
+/vendor/lib(64)?/hw/gralloc\.mt[0-9]+\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/hw/vulkan\.mt[0-9]+\.so     u:object_r:same_process_hal_file:s0
+
+/vendor/lib(64)?/libIMGegl\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libsrv_um\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libtqvalidate\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libusc\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libglslcompiler\.so   u:object_r:same_process_hal_file:s0
+
+/vendor/lib(64)?/libGLES_mali\.so   u:object_r:same_process_hal_file:s0
+
+/vendor/lib(64)?/libgralloc_extra\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libgpu_aux\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libged\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libdrm\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libion_mtk\.so   u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libion_ulit\.so   u:object_r:same_process_hal_file:s0