Allow piping console output to clients

Any virtualization service client should be able to use a pipe for the
VM log fds.

We previously had some support for this in crosvm (but appdomain is
the wrong label), but not for virtualizationservice. Instead I've
centralised it in the virtualizationservice_use macro so it applies to
exactly those things that can start a VM.

I've removed read permission from crosvm; it doesn't seem to be
needed, and logically it shouldn't be.

Test: Patch in https://r.android.com/1997004, see no denials
Change-Id: Ia9cff469c552dd297ed02932e9e91a5a8cc2c13f

private/crosvm.te

@@ -59,7 +59,6 @@ allow crosvm {
 # Allow crosvm to pipe console log to shell or app which could be the owner of a VM.
 allow crosvm adbd:fd use;
 allow crosvm adbd:unix_stream_socket { read write };
-allow crosvm appdomain:fifo_file { read write };
 
 # The console log can also be written to /data/local/tmp. This is not safe as the log then can be
 # visible to the processes which don't own the VM. Therefore, this is a debugging only feature.

public/te_macros

@@ -191,6 +191,8 @@ binder_call(virtualizationservice, $1)
 # Let the client pass file descriptors to virtualizationservice and on
 # to crosvm
 allow { virtualizationservice crosvm } $1:fd use;
+# Allow piping console log to the client
+allow { virtualizationservice crosvm } $1:fifo_file write;
 # Allow client to read/write vsock created by virtualizationservice to
 # communicate with the VM that it created. Notice that we do not grant
 # permission to create a vsock; the client can only connect to VMs