Allow heap profiling everything except TCB on userdebug.

Bug: 117762471
Test: m
Test: flash sailfish
Test: profile all running processes with setenforce 1

Change-Id: I71d41d06d2a62190e33b7e3e425a1f7b8039196e

private/domain.te

@@ -10,6 +10,18 @@ allow domain crash_dump:process sigchld;
 # heap profiling, as initialization will fail if it does not have the
 # necessary SELinux permissions.
 get_prop(domain, heapprofd_prop);
+userdebug_or_eng(`can_profile_heap({
+  domain
+  -bpfloader
+  -init
+  -kernel
+  -keystore
+  -llkd
+  -logd
+  -ueventd
+  -vendor_init
+  -vold
+})')
 
 # Limit ability to ptrace or read sensitive /proc/pid files of processes
 # with other UIDs to these whitelisted domains.

private/system_server.te

@@ -5,7 +5,6 @@
 
 typeattribute system_server coredomain;
 typeattribute system_server mlstrustedsubject;
-can_profile_heap(system_server)
 
 # Define a type for tmpfs-backed ashmem regions.
 tmpfs_domain(system_server)

public/domain.te

@@ -776,6 +776,7 @@ full_treble_only(`
     userdebug_or_eng(`-su') # communications with su are permitted only on userdebug or eng builds
     -init
     -tombstoned # TODO(b/36604251): Remove tombstoned from this list once mediacodec (OMX HAL) no longer declares Binder services
+    userdebug_or_eng('-heapprofd`)
   });
 ')
 

public/hal_configstore.te

@@ -33,6 +33,7 @@ neverallow hal_configstore_server {
   -logd
   userdebug_or_eng(`-su')
   -tombstoned
+  userdebug_or_eng(`-heapprofd')
 }:{ unix_dgram_socket unix_stream_socket } *;
 
 # Should never need access to anything on /data