[ALPS04314391] sepolicy: aee_aedv/dumpstate access to camerahalserver

Allow aee_aedv/dumpstate to dump debug info from camerahalserver.

- SELinux : avc:  denied  { find } for
  interface=android.hardware.camera.provider::ICameraProvider
  sid=u:r:aee_aedv:s0 pid=23819 scontext=u:r:aee_aedv:s0
  tcontext=u:object_r:hal_camera_hwservice:s0
  tclass=hwservice_manager permissive=0

MTK-Commit-Id: 18210cf3984bd62caa334f28e45bb0f99500bac8

Change-Id: I291450101bd0ea94fca47b592cb1ef7ffb7f1ae4
CR-Id: ALPS04314391
Feature: [Android Default] Camera Application Basic Functions

non_plat/aee_aedv.te

@@ -297,7 +297,8 @@ get_prop(aee_aedv, hwservicemanager_prop)
 # - avc: denied { find } for interface=android.hardware.camera.provider::ICameraProvider pid=2956
 #   scontext=u:r:aee_aedv:s0 tcontext=u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager
 # - Transaction error in ICameraProvider::debug: Status(EX_TRANSACTION_FAILED)
-#allow aee_aedv hal_camera_hwservice:hwservice_manager { find };
+hal_client_domain(aee_aedv, hal_camera)
+allow aee_aedv hal_camera_hwservice:hwservice_manager { find };
 binder_call(aee_aedv, mtk_hal_camera)
 
 # Purpose: allow aee to read /sys/fs/selinux/enforce to get selinux status

plat_private/dumpstate.te

@@ -39,7 +39,8 @@ allow dumpstate gpu_device:dir search;
 # Purpose: 01-01 08:30:57.474   286   286 E SELinux : avc:  denied  { find } for interface=
 # android.hardware.camera.provider::ICameraProvider pid=3133 scontext=u:r:dumpstate:s0 tcontext=
 # u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager
-#allow dumpstate hal_camera_hwservice:hwservice_manager find;
+hal_client_domain(dumpstate, hal_camera)
+allow dumpstate hal_camera_hwservice:hwservice_manager find;
 
 #Purpose: Allow dumpstate to read/write /sys/kernel/debug/tracing/buffer_total_size_kb
 userdebug_or_eng(`allow dumpstate debugfs_tracing_debug:file { r_file_perms write };')