Update SE-policy to enable citadel communication Allow dumpstate to invoke citadel_updater (which communicates with citadeld). Bug: 112442165 Test: bugreport contains citadel info Change-Id: I4919938c2c8e734f26f149da55d211dc22e9d8fc (cherry picked from commit 128453d0c6e2a3835ea29f2a0ab7d5ceb5fa5dca)

commit: 52c078f96e68b89f2a5eade20262aa12a80cae86 [log] [tgz]
author: nagendra modadugu <ngm@google.com> Tue Aug 14 11:31:56 2018 -0700
committer: android-build-team Robot <android-build-team-robot@google.com> Thu Aug 16 02:13:06 2018 +0000
tree: 20c57898097f938d7b650a25d25670a443b31af9
parent: a215aef826b0c90246f766c1c678c05d12cd95ca [diff]
diff --git a/vendor/qcom/common/hal_dumpstate_impl.te b/vendor/qcom/common/hal_dumpstate_impl.te
index b71a3d9..431bf41 100644
--- a/vendor/qcom/common/hal_dumpstate_impl.te
+++ b/vendor/qcom/common/hal_dumpstate_impl.te

@@ -113,3 +113,10 @@
 # Dump PMIC votables
 allow hal_dumpstate_impl debugfs_pmic_votable:dir r_dir_perms;
 allow hal_dumpstate_impl debugfs_pmic_votable:file r_file_perms;
+
+userdebug_or_eng(`
+  # Citadel communication must be via citadeld
+  vndbinder_use(hal_dumpstate_impl)
+  binder_call(hal_dumpstate_impl, citadeld)
+  allow hal_dumpstate_impl citadeld_service:service_manager find;
+')
commit	52c078f96e68b89f2a5eade20262aa12a80cae86	[log] [tgz]
author	nagendra modadugu <ngm@google.com>	Tue Aug 14 11:31:56 2018 -0700
committer	android-build-team Robot <android-build-team-robot@google.com>	Thu Aug 16 02:13:06 2018 +0000
tree	20c57898097f938d7b650a25d25670a443b31af9
parent	a215aef826b0c90246f766c1c678c05d12cd95ca [diff]