HALs are intended to be limited responsibility and thus limited
permission. In order to enforce this, place limitations on:
1. What processes may transition into a HAL - currently only init
2. What methods may be used to transition into a HAL - no using
seclabel
3. When HALs exec - only allow exec with a domain transition.
Bug: 36376258
Test: Build aosp_marlin, aosp_bullhead, aosp_dragon. Neverallow rules
are compile time assertions, so building is a sufficient test.
Change-Id: If4df19ced730324cf1079f7a86ceba7c71374131
Only HALs that manage networks need network capabilities and network
sockets.
Test: aosp_marlin and aosp_bullhead policy builds. Note: neverallow
rules are compile time assertions and do not change the
on-device policy.
Bug: 36185625
Change-Id: Id64846eac24cf72ed91ce775cecb2c75f11b78df
