SEPolicy changes for BT SAP hal.

Test: Verified that WIP telephony and BT SAP CLs work fine with this change
https://android-review.googlesource.com/#/q/topic:%22Basic+radio+service+and+client%22+(status:open+OR+status:merged)
https://android-review.googlesource.com/#/q/topic:%22SAP+HAL%22+(status:open+OR+status:merged)
Bug: 32020264
Change-Id: If15820d43e324d80e35808a292ee811f98d499cc
diff --git a/public/attributes b/public/attributes
index aafafa6..c14365c 100644
--- a/public/attributes
+++ b/public/attributes
@@ -125,6 +125,7 @@
 attribute hal_memtrack;
 attribute hal_nfc;
 attribute hal_power;
+attribute hal_telephony;
 attribute hal_thermal;
 attribute hal_vibrator;
 attribute hal_vr;
diff --git a/public/bluetooth.te b/public/bluetooth.te
index 75a11f4..9f21676 100644
--- a/public/bluetooth.te
+++ b/public/bluetooth.te
@@ -58,6 +58,10 @@
 # /data/data/com.android.shell/files/bugreports/bugreport-*.
 allow bluetooth shell_data_file:file read;
 
+# Perform HwBinder IPC.
+hwbinder_use(bluetooth)
+binder_call(bluetooth, hal_telephony)
+
 ###
 ### Neverallow rules
 ###
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
new file mode 100644
index 0000000..6f3a38f
--- /dev/null
+++ b/public/hal_telephony.te
@@ -0,0 +1,5 @@
+# Perform HwBinder IPC.
+hwbinder_use(hal_telephony)
+binder_call(hal_telephony, radio)
+binder_call(hal_telephony, bluetooth)
+
diff --git a/public/radio.te b/public/radio.te
index d46fc89..f510a96 100644
--- a/public/radio.te
+++ b/public/radio.te
@@ -37,6 +37,7 @@
 allow radio app_api_service:service_manager find;
 allow radio system_api_service:service_manager find;
 
-# Allow access to hwservicemanager for binderized hal
-binder_call(radio, hwservicemanager)
-binder_call(radio, rild)
+# Perform HwBinder IPC.
+hwbinder_use(radio)
+binder_call(radio, hal_telephony)
+
diff --git a/public/rild.te b/public/rild.te
index 6871182..3981676 100644
--- a/public/rild.te
+++ b/public/rild.te
@@ -1,5 +1,5 @@
 # rild - radio interface layer daemon
-type rild, domain, domain_deprecated;
+type rild, domain, domain_deprecated, hal_telephony;
 type rild_exec, exec_type, file_type;
 
 net_domain(rild)
@@ -51,6 +51,3 @@
 # granting the ioctl permission for rild should be device specific
 allow rild self:socket create_socket_perms_no_ioctl;
 
-# Allow access to hwservicemanager for binderized hal
-binder_call(rild, hwservicemanager)
-binder_call(rild, radio)