Move goldfish-specific policy rules to their own directory.

Change-Id: I1bdd80f641db05fef4714654515c1e1fbb259794
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

target/board/generic/BoardConfig.mk

@@ -52,3 +52,6 @@ BOARD_CACHEIMAGE_PARTITION_SIZE := 69206016
 BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE := ext4
 BOARD_FLASH_BLOCK_SIZE := 512
 TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
+
+BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
+BOARD_SEPOLICY_UNION += domain.te surfaceflinger.te

target/board/generic/sepolicy/domain.te

@@ -0,0 +1,2 @@
+# For /sys/qemu_trace files in the emulator.
+allow domain sysfs_writable:file rw_file_perms;

target/board/generic/sepolicy/surfaceflinger.te

@@ -0,0 +1 @@
+allow surfaceflinger self:process execmem;