Denials are required due to location libraries using le properties
api

Change-Id: I8bd902a96d57799660df186d885f298af1870b32
CRs-Fixed: 3695044
(cherry picked from commit 8db5ee0f)

Adds rules to allow mount permission in loc_etc context
This is seen as with new variants, we have restricted
permissions, so we need to keep conf files in systemrw
to allow modiciation

Change-Id: Ie88ea2891104476ccdd7a0ccdbf29aa13bcb9453
CRs-Fixed: 3725549

Change-Id: Ic831d1004e19357340fab3a619159bd5d323e92b
CRs-Fixed: 3794755

Change-Id: I2464a999e84d348d22907ea33051d2d737e46097
CRs-Fixed: 3794280

Provide name_connect access for edgnss daemon on tcp_socket over
unreserved port for Ntrip download.

Change-Id: I97a033abae1b8964d825be406c9f53cc25bc4729
CRs-Fixed: 3771406

1. Replace deprecated APIs like files_pid_file and files_pid_filetrans with
files_runtime_file and files_runtime_filetrans.
2. Remove conflicting file contexts introduced during the upgrade.
3. Remove non-existing types in the policy files.

Change-Id: I71cb0750e36a4c0c8d1f283d2cfb34c0b73ee0c9

signals to other process.

Change-Id: I51ee76a0cec00107e1b99f8192c6aff9aff3c09b
CRs-Fixed: 3636224
(cherry picked from commit e7bc8d7f)

* binary name daemon_cl is changed to qgptp

Change-Id: I8b7e3f05bbede71fa75e40136ad559198ced7271
(cherry picked from commit 8ff86951)

CRs-Fixed: 3569195

Change-Id: I616fd0c6614c040ac1c64a5572e5452d9d71baf5

Add search permission for dir with qwes_mink_socket
context

Change-Id: I08ba57972e9fd464160c7226dcaade4620c78a0e
CRs-Fixed: 3401654

Add search permission for dir, write to sock_file
with context qwes_mink_socket.
Also add connect permission to unix_stream_socket
with context qwesd

Change-Id: I9c61b8865b81ed8a3e91918711cbd6cc9c2f0af3
CRs-Fixed: 3401663

Add search permission for dir with context device_t

Change-Id: Iab02928cb17abc24c54da923f78e40b4a815a9ec
CRs-Fixed: 3394867

Allow xtra-demon telux_access_data_call_ops and
telux_access_tel_private_info_read capability.

Change-Id: Icec099f18eab0c0c424cca1770ff045f1fba901f
CRs-Fixed: 3398857

Provide unix_dgram_socket access to various services
engine_Service, loc_hald_t, slim_daemon

Change-Id: I51de6e01fa6a66ab657a1214cc41aedd514704e0
CRs-Fixed: 3373179

Add SElinux rule for sensor multi-client framework enablement
for sensors– ASM330,SMI130,SMI230 and IAM20680

Change-Id: I5bfcd1d38f2d5a8bb8d5c04061005aa420db43ea
CRs-Fixed: 3336002

Provide net admin capability to slim daemon.

Change-Id: I5bfcd1d5e12d5a8bb8d5c04061005aa420db43ea
CRs-Fixed: 3301184

rules for auto targets

CRs-Fixed: 2971281
Change-Id: Ibe9a0dccdd82b2e8a2b3d2eab9a4e60ef47865ad

for QDR functionality

Add rules to and slim_daemon to prevent denials
seen during testing of QDR functionality.

Change-Id: Ifd4afb6e83b0a9088abced8cc4702ee7a608e84f
CRs-Fixed: 3296401

for QDR functionality

Add rules to engine-service and slim_daemon
to prevent denials seen during testing of
QDR functionality.

Change-Id: Ifd4afb6e83b0a9088abced8cc4702ee7a608e01e
CRs-Fixed: 3279771

Change-Id: I9042a0037094e3976407001bfa38e3e3d7eaa924
CRs-Fixed: 3247453

Change-Id: I6fd595b303ca80708023dbb5b4e8507189644e0a
CRs-Fixed: 3116450

engine-service denials are addressed for SSL connection
from PPE libs.

Change-Id: I6429078c6ea6d3de7d9e82e17a6482fd5c5d385f
CRs-Fixed: 2796171

Fix denials for location daemons interaction with gptp. Add rules
for interaction with gptp sockets, tmpfs files, device files etc.

Change-Id: I217d53efd01a608c4b0b672b0bc8a9c61a6a3b6b
CRs-Fixed: 2713712

Slim daemon needs to open and read the configuration files hence
need to add rules to enable permisions.

Change-Id: I21165de9ef376b896ecdcc7a20fb1d148a3eb94c
CRs-Fixed: 2683749

SLIM daemon is enhanced to send sensor data over UDP socket. We
need new rules to provide the required selinux permissions for
newly created sockets.

Change-Id: Ia947371a68b7dea9b30336fc4393e8be8ce984e3
CRs-Fixed: 2651051

Added se policy interfaces for each of the SDK verticals such as
telephony, data, audio, location, thermal, power, modem config.
Also demonstrated the usage of interfaces in reference apps such
as Ecall.

Change-Id: Ia6eb2224699e44bc06adbb88d6798e09a46240a9

engine service need to connect to qwesd daemon through
unix socket from qwesd interface and also write access to
qwes mink socket.

Change-Id: I52635169b56b1ca45c6532a49193d5d5b4e0506a
CRs-Fixed: 2617467

need to add sepolicie rule for engine-service to access xen_port_t.

Change-Id: Ib3a616b71d47c8c9e6e7d57ee3425c7c5b4864bf
CRs-Fixed: 2606305

Change-Id: I8c218816d20262cbc37ecd41c48a72f70d3e9cfe
CRs-Fixed: 2566186

Add changes to run telsdk app run in unconfined_t domain as it is
launched from shell.
Also make changes to run rild and rilmuxd in enforcing mode.

Change-Id: I79465c4b87b569306480bf9e2b80463d915b3d68

Change-Id: I2694792150a8e3ab2e403f803d96399f33e301fc
CRs-Fixed: 2480711

Make changes in the makefile to compile sdxpoorwills auto
variant as modular instead of monolithic.

Change-Id: I664564f15128aa1eb6b7623aade8ec8d5600315c

The dontaudit rules for the applications to load kernel module
has been taken care at the domain level. Hence removing it
at individual application level.

Change-Id: Iffafb8bd71c2c534b7301cddd12f87b15abc2673

telsdk_console_app covers multiple domains and this change creates
a standard template for the policies for each of the domain using
attributes. Also fix denials for interaction of telsdkconsole_app
with location.

Change-Id: I6dc106d585508da2d72a8d3e81f560919169ca58

Add dontaudit rules for applications trying to load kernel modules.

Change-Id: Ia9a78a4684d15eb6c5fb66e1dc457c52b17aa00b

Add sepolicies for rild, rilmuxd applications and make them
run in permissive mode.

Change-Id: I2eb3ee4dde64730795cea878903872ba4a5e05c6

Add change to enable power manager daemon to run in permissive mode
in sdxpoorwills.

Change-Id: Ida4503eb5e01e2820525bca6348f33f8c3cb3594

Change-Id: Ifda862ae9b5c13bec6cbc0c9bc24ba336803eeb9

Add the conf files, .bbappend files and few target specific 
policy files under meta-qti-auto-sepolicy layer.

Change-Id: I73ed3794a4b4ecfbc9d1655786bd548feed56113