Reland "Treat input files as public API."

Input files are public API: https://source.android.com/devices/input/input-device-configuration-files Now that they have labels from core policy (aosp/782082), we can tighten up our neverallows. Bug: 37168747 Test: m selinux_policy Change-Id: Ifaf9547993eb8c701fb63b7ee41971ea4e3f7cf9

Reland "Treat input files as public API."
888b9213 · Tri Vo · 9c22895c · 888b9213
Commit 888b9213 authored Oct 15, 2018 by Tri Vo
--- a/public/domain.te
+++ b/public/domain.te
@@ -1130,7 +1130,6 @@ full_treble_only(`
    userdebug_or_eng(`-perfprofd')
    -shell
    -system_executes_vendor_violators
-    -system_server # reads vendor input files
    -ueventd # reads /vendor/ueventd.rc
  } {
    vendor_file_type
@@ -1138,6 +1137,9 @@ full_treble_only(`
    -vendor_app_file
    -vendor_configs_file
    -vendor_framework_file
+    -vendor_idc_file
+    -vendor_keychars_file
+    -vendor_keylayout_file
    -vendor_overlay_file
    -vendor_public_lib_file
    -vndk_sp_file