Avc denials on sdm660 from location, hal_gnss_qti

Change-Id: I3ac6a4d5db46cce66eecd70531a180e21177d979
CRs-fixed: 3661430

legacy/vendor/sdm660/hal_gnss_qti.te

@@ -0,0 +1,9 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_hal_gnss_qti.te - generic sepolicy rules for vendor_location hidl
+
+#Allow Gnss HAL to access ril socket
+allow hal_gnss_qti vendor_rild_socket:dir search;
+allow hal_gnss_qti vendor_rild_socket:sock_file write;
+unix_socket_connect(hal_gnss_qti, rild, rild)

legacy/vendor/sdm660/location.te

@@ -0,0 +1,7 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_location.te - sepolicy rules for generic vendor_location modules
+
+# allows location to access ssgtzd socket
+allow location ssgtzd_socket:sock_file write;

legacy/vendor/sdm660/location_app.te

@@ -24,5 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
 
 allow vendor_location_app sysfs_kgsl_gpu_model:file r_file_perms;
+dontaudit vendor_location_app default_android_service:service_manager {find};