Merge "Restrict HAL network access to HALS that manage network hardware"

public/hal_neverallows.te

+# only HALs responsible for network hardware should have privileged
+# network capabilities
+neverallow {
+  halserverdomain
+  -hal_bluetooth_server
+  -hal_wifi_server
+  -hal_wifi_supplicant_server
+  -rild
+} self:capability { net_admin net_raw };
+
+# Unless a HAL's job is to manage network hardware, it should not be
+# using network sockets.
+neverallow {
+  halserverdomain
+  -hal_gnss # TODO b/36085168 b/35757613
+  -hal_wifi_server
+  -hal_wifi_supplicant_server
+  -rild
+} domain:{ tcp_socket udp_socket rawip_socket } *;