sepolicy: Add permissions for feature_enabler_client

1. Allow read permission to /mnt/vendor/persist/data/*
2. Binder access for featenab_client.service

Change-Id: I2fcc6e34c5c208c41fcff5ab526a420210a9204c

generic/vendor/common/feature_enabler_client.te

@@ -33,6 +33,14 @@ allow feature_enabler_client tee_device:chr_file rw_file_perms;
 allow feature_enabler_client ion_device:chr_file rw_file_perms;
 unix_socket_connect(feature_enabler_client , ssgtzd, ssgtzd)
 
+
+# Allow read permission to /mnt/vendor/persist/feature_enabler_client/*
 allow feature_enabler_client mnt_vendor_file:dir search;
-allow feature_enabler_client persist_feature_enabler_file:dir r_dir_perms;
-allow feature_enabler_client persist_feature_enabler_file:file r_file_perms;
+r_dir_file(feature_enabler_client, persist_feature_enabler_file)
+
+# Allow read permission to /mnt/vendor/persist/data/*
+r_dir_file(feature_enabler_client, persist_data_file)
+
+# Binder access for featenab_client.service
+vndbinder_use(feature_enabler_client)
+allow feature_enabler_client qfeatenab_client_service:service_manager { add find };

generic/vendor/common/vndservice.te

@@ -25,4 +25,5 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 type qdisplay_service,             vndservice_manager_type;
-type vendor_per_mgr_service,              vndservice_manager_type;
+type vendor_per_mgr_service,       vndservice_manager_type;
+type qfeatenab_client_service,     vndservice_manager_type;

generic/vendor/common/vndservice_contexts

@@ -25,4 +25,5 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 display.qservice                        u:object_r:qdisplay_service:s0
+featenab_client.service                 u:object_r:qfeatenab_client_service:s0
 vendor.qcom.PeripheralManager           u:object_r:vendor_per_mgr_service:s0