[ALPS04525727] SEPolicy:add perm for system_server

For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: d79045e8bfe072a3125efa56cf5012cfb84e416b

Change-Id: Ic82c4ff92333077d9260f931c67453b9e53d305e
CR-Id: ALPS04525727
Feature: [Module]SystemServer

non_plat/system_server.te

@@ -42,10 +42,6 @@ allow system_server debugfs_wakeup_sources:file r_file_perms;
 # Allow system_server to read/write /sys/power/dcm_state
 allow system_server sysfs_dcm:file rw_file_perms;
 
-# Date : WK16.33
-# Purpose: Allow to access ged for gralloc_extra functions
-allow system_server proc_ged:file {open read write ioctl getattr};
-
 # Date : WK16.36
 # Purpose: Allow to set property log.tag.WifiHW to control log level of WifiHW
 allow system_server log_tag_prop:property_service set;
@@ -205,12 +201,27 @@ allow system_server alarm_device:chr_file rw_file_perms;
 # Date : WK19.7
 # Operation: Q migration
 # Purpose : Allow system_server to use ioctl/ioctlcmd
+allow system_server proc_ged:file rw_file_perms;
 allowxperm system_server proc_ged:file ioctl {
   GED_BRIDGE_IO_LOG_BUF_GET
+  GED_BRIDGE_IO_LOG_BUF_WRITE
+  GED_BRIDGE_IO_LOG_BUF_RESET
+  GED_BRIDGE_IO_BOOST_GPU_FREQ
   GED_BRIDGE_IO_MONITOR_3D_FENCE
+  GED_BRIDGE_IO_QUERY_INFO
+  GED_BRIDGE_IO_NOTIFY_VSYNC
+  GED_BRIDGE_IO_DVFS_PROBE
+  GED_BRIDGE_IO_DVFS_UM_RETURN
+  GED_BRIDGE_IO_EVENT_NOTIFY
+  GED_BRIDGE_IO_WAIT_HW_VSYNC
+  GED_BRIDGE_IO_QUERY_TARGET_FPS
+  GED_BRIDGE_IO_VSYNC_WAIT
+  GED_BRIDGE_IO_GPU_HINT_TO_CPU
+  GED_BRIDGE_IO_GE_ALLOC
   GED_BRIDGE_IO_GE_GET
   GED_BRIDGE_IO_GE_SET
-  GED_BRIDGE_IO_LOG_BUF_WRITE
-  GED_BRIDGE_IO_BOOST_GPU_FREQ
-  GED_BRIDGE_IO_QUERY_INFO
+  GED_BRIDGE_IO_GPU_TIMESTAMP
+  GED_BRIDGE_IO_TARGET_FPS
+  GED_BRIDGE_IO_GE_INFO
+  GED_BRIDGE_IO_GPU_TUNER_STATUS
   };