sepolicy: add policy file for USTA test app

USTA is a system app which interacts with fastRPC to communicate
to SLPI. There are changes in fastRPC to access require DAC and MAC
permissions, required only by USTA test app. Adding separate domain
for USTA app.

Change-Id: I89c1beff1c10d341e678f7ae654dc16d2c184a83

vendor/common/system_app.te

@@ -9,10 +9,4 @@ hal_client_domain(system_app, hal_hbtp)
 hal_client_domain(system_app, hal_qdutils_disp);
 hal_client_domain(system_app, hal_tui_comm);
 
-#allow only system_app with userdebug to access ioctl
-userdebug_or_eng(`
-  allowxperm system_app self:socket ioctl msm_sock_ipc_ioctls;
-  allow system_app self:socket create_socket_perms;
-')
-
 get_prop(system_app, vendor_radio_prop)

vendor/test/seapp_contexts

@@ -27,3 +27,6 @@
 
 #Add new domain for pdt apps
 user=system seinfo=platform name=.pdtapps domain=pdt_app type=system_app_data_file
+
+#Add new domain for usta app
+user=system seinfo=platform name=com.qualcomm.qti.usta domain=usta_app type=system_app_data_file

vendor/test/usta_app.te

@@ -0,0 +1,50 @@
+# Copyright (c) 2018, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#    * Redistributions of source code must retain the above copyright
+#      notice, this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above
+#      copyright notice, this list of conditions and the following
+#      disclaimer in the documentation and/or other materials provided
+#      with the distribution.
+#    * Neither the name of The Linux Foundation nor the names of its
+#      contributors may be used to endorse or promote products derived
+#      from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+## usta_app
+##
+## This file defines the permissions that usta_apps can carry
+
+type usta_app, domain;
+
+app_domain(usta_app)
+hal_client_domain(usta_app, hal_perf)
+
+#allow only usta_app with userdebug to access ioctl
+userdebug_or_eng(`
+  allowxperm usta_app self:{ socket qipcrtr_socket } ioctl msm_sock_ipc_ioctls;
+  allow usta_app self:{ socket qipcrtr_socket } create_socket_perms;
+  allow usta_app xdsp_device:chr_file r_file_perms;
+')
+
+allow usta_app {
+  app_api_service
+  surfaceflinger_service
+}:service_manager find;
+
+allow usta_app system_app_data_file:dir create_dir_perms;
+allow usta_app system_app_data_file:file create_file_perms;