Restrict isolated_app's /sys access

isolated_app is strictly limited on the files in /sys which can be
accessed.

Test: policy compiles.
Change-Id: Ibe6702322cd069d773416789b06b123493055a21
1 file changed