sepolicy: enable tcmd

add socket connect rules for tcmd.

we can enable and disable tcmd feature by setting
persist.vendor.tcmd.feature to 1 and 0.

Change-Id: Ia298e37884d2a3d4626550df1a64dff0e53d14f5

generic/private/tcmd.te

@@ -27,7 +27,7 @@
 
 #tcmd as domain
 type vendor_tcmd,domain;
-
+typeattribute vendor_tcmd mlstrustedsubject;
 typeattribute vendor_tcmd coredomain;
 
 type vendor_tcmd_exec, exec_type, system_file_type, file_type;

generic/private/untrusted_app_all.te

@@ -28,3 +28,4 @@
 unix_socket_connect(untrusted_app_all, vendor_dpmtcm, vendor_dpmd)
 unix_socket_connect(untrusted_app_all, vendor_qvrd, vendor_qvrd)
 allow untrusted_app_all vendor_qvrd:fd use;
+unix_socket_connect(untrusted_app_all, vendor_dpmtcm, vendor_tcmd)