[SELinux] Add gyotaku_app doamin to gs-common.

Bug: 296836878

Test: Local build and tested pass.
Change-Id: Ie76c7017098b7f5d4a8703c40e3c9e87e80f2801

gyotaku_app/gyotaku.mk

@@ -0,0 +1,6 @@
+ifneq ($(TARGET_BUILD_VARIANT), user)
+  PRODUCT_PACKAGES_DEBUG += \
+      Gyotaku
+
+  BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/sepolicy/
+endif

gyotaku_app/sepolicy/gyotaku_app.te

@@ -0,0 +1,34 @@
+type gyotaku_app, domain;
+
+app_domain(gyotaku_app)
+
+userdebug_or_eng(`
+  # For Gyotaku app common use
+  allow gyotaku_app app_api_service:service_manager find;
+  allow gyotaku_app privapp_data_file:lnk_file read;
+  allow gyotaku_app gyotaku_app:udp_socket create;
+  allow gyotaku_app system_app_data_file:dir create_dir_perms;
+  allow gyotaku_app system_app_data_file:file create_file_perms;
+
+  # For cloud and network related use
+  allow gyotaku_app dnsproxyd_socket:sock_file write;
+  allow gyotaku_app gyotaku_app:udp_socket connect;
+  allow gyotaku_app netd:unix_stream_socket connectto;
+  allow gyotaku_app gyotaku_app:tcp_socket create;
+  allow gyotaku_app privapp_data_file:file execute;
+  allow netd gyotaku_app:fd use;
+  allow netd gyotaku_app:tcp_socket {read write};
+
+  # For access /proc/fs/f2fs/* storage use
+  allow gyotaku_app proc_f2fs:dir search;
+  allow gyotaku_app proc_f2fs:file {open read};
+
+  # For access /proc/stat use
+  allow gyotaku_app proc_stat:file {read open getattr};
+
+  # For getproperty isDebuggable use
+  get_prop(gyotaku_app, userdebug_or_eng_prop)
+
+  # For persiste property use
+  allow gyotaku_app logpersistd_logging_prop:file {read open getattr map};
+')

gyotaku_app/sepolicy/seapp_contexts

@@ -0,0 +1,2 @@
+# Gyotaku app
+user=system seinfo=platform name=com.google.android.apps.internal.gyotaku domain=gyotaku_app type=system_app_data_file levelFrom=all