common: sepolicy: legacy: Add sepolicy rules for TZAS

Add the sepolicy rules for trustzone
access service to provide it access to
various vendor and android services.

Change-Id: I80f8bcb9a917ed18331fa3b92f1e8c65f8c631ad
[Jprimero15: Change to vendor_hal_perf to align with our changes]
Signed-off-by: Jprimero15 <jprimero15@aospa.co>

sepolicy/legacy/vendor/common/seapp_contexts

@@ -67,3 +67,6 @@ user=_app seinfo=platform name=com.qti.phone domain=vendor_qtelephony type=app_d
 
 #allow embms msdc app to access embmssl hal
 user=_app seinfo=platform name=com.qti.ltebc domain=vendor_embmssl_app type=app_data_file levelFrom=all
+
+#Add new domain for trustzone access app
+user=_app seinfo=platform name=com.qualcomm.qti.qms.service.trustzoneaccess domain=vendor_tzas_app type=app_data_file levelfrom=all

sepolicy/legacy/vendor/common/tzas_app.te

@@ -0,0 +1,14 @@
+# Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+type vendor_tzas_app, domain;
+
+app_domain(vendor_tzas_app)
+net_domain(vendor_tzas_app)
+
+unix_socket_connect(vendor_tzas_app, ssgtzd, ssgtzd)
+
+binder_call(vendor_tzas_app, vendor_hal_perf_default)
+allow vendor_tzas_app app_api_service:service_manager find;
+allow vendor_tzas_app vendor_hal_perf_hwservice:hwservice_manager find;
+