sepolicy-legacy-um: poweroffalarm_app: Add power off alarm app

Make power off alarm app as an independent app domain so that
the sepolies will not affect other apps.
[Giovix92]: Adapt it to lineage-18.1

CRs-Fixed: 2113144
Original Change-Id: Ia80575b6dea893bde30636b9a814a6f20ea54b6f

Change-Id: Ie56c5cbade7332a145f10cd5fff0955bcfc724ef

legacy/vendor/common/poweroffalarm_app.te

@@ -30,7 +30,17 @@ app_domain(poweroffalarm_app);
 
 allow poweroffalarm_app app_api_service:service_manager find;
 
+allow poweroffalarm_app persist_file:dir r_dir_perms;
+allow poweroffalarm_app persist_alarm_file:dir rw_dir_perms;
+allow poweroffalarm_app persist_alarm_file:file create_file_perms;
+
 hal_client_domain(poweroffalarm_app, hal_alarm_qti);
 
 binder_call(poweroffalarm_app, hal_alarm_qti_default);
 
+allow poweroffalarm_app system_app_data_file:dir create_dir_perms;
+allow poweroffalarm_app system_app_data_file:{ file lnk_file } create_file_perms;
+
+allow poweroffalarm_app surfaceflinger_service:service_manager find;
+allow poweroffalarm_app audioserver_service:service_manager find;
+allow poweroffalarm_app mediaserver_service:service_manager find;

legacy/vendor/common/seapp_contexts

@@ -48,7 +48,7 @@ user=system seinfo=platform name=.imshelperservice domain=imshelper_app type=ims
 user=system seinfo=platform name=com.qualcomm.qti.perfdump domain=perfdump_app type=system_app_data_file
 
 #Add new domain for power off alarm app
-user=_app seinfo=platform name=com.qualcomm.qti.poweroffalarm domain=poweroffalarm_app type=app_data_file levelFrom=all
+user=system seinfo=platform name=com.qualcomm.qti.poweroffalarm domain=poweroffalarm_app type=system_app_data_file
 
 #add new domain for qtidataservices
 user=_app seinfo=platform name=.qtidataservices domain=qtidataservices_app type=app_data_file levelFrom=all