Allow crash_dump to read from /data/local/tests.

Without this change, any crash from an executable in /data/local/tests
is incomplete. Specifically, function names are missing which makes
the crash nearly useless for debugging.

Bug: 197229540

Test: Used the crasher executable and copied it to /data/local/tests
Test: and verified that running it as root and shell results in
Test: tombstones that have full unwinds with function names.
Change-Id: Ic4862ca6ee9b02132a593ccd5fe26508ed5c8510

public/crash_dump.te

@@ -43,6 +43,9 @@ r_dir_file(crash_dump, apk_data_file);
 # Read all /vendor
 r_dir_file(crash_dump, { vendor_file same_process_hal_file })
 
+# Read all /data/local/tests
+r_dir_file(crash_dump, shell_test_data_file)
+
 # Talk to tombstoned
 unix_socket_connect(crash_dump, tombstoned_crash, tombstoned)
 

public/domain.te

@@ -474,7 +474,7 @@ neverallow { domain userdebug_or_eng(`-shell') } nativetest_data_file:file no_x_
 
 neverallow { domain -shell -init -adbd } shell_test_data_file:file_class_set no_w_file_perms;
 neverallow { domain -shell -init -adbd } shell_test_data_file:dir no_w_dir_perms;
-neverallow { domain -shell -init -adbd -heapprofd } shell_test_data_file:file *;
+neverallow { domain -shell -init -adbd -heapprofd -crash_dump } shell_test_data_file:file *;
 neverallow heapprofd shell_test_data_file:file { no_w_file_perms no_x_file_perms };
 neverallow { domain -shell -init -adbd } shell_test_data_file:sock_file *;