sanders: Address some denials

sepolicy/hal_camera_default.te

@@ -0,0 +1,4 @@
+allow hal_camera_default gpu_device:dir r_dir_perms;
+allow hal_camera_default gpu_device:file r_file_perms;
+allow hal_camera_default hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find;
+allow hal_camera_default hal_configstore_default:binder call;

sepolicy/mm-qcamerad.te

@@ -23,3 +23,6 @@ allow mm-qcamerad init:unix_stream_socket { read write };
 allow mm-qcamerad sysfs_graphics:file { open read };
 
 allow mm-qcamerad hal_sensors_default:unix_stream_socket { read write };
+
+allow mm-qcamerad hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find;
+allow mm-qcamerad hal_configstore_default:binder call;

sepolicy/platform_app.te

@@ -1,4 +1,5 @@
 get_prop(platform_app, camera_prop);
+get_prop(platform_app, qemu_hw_mainkeys_prop);
 binder_call(platform_app, hal_sensors_default);
 
 allow platform_app rootfs:dir getattr;

sepolicy/priv_app.te

@@ -2,4 +2,5 @@ allow priv_app device:dir r_dir_perms;
 allow priv_app persist_file:filesystem getattr;
 allow priv_app proc_interrupts:file { open read getattr };
 allow priv_app proc_modules:file { open read getattr };
-get_prop(priv_app, adspd_prop);
+get_prop(priv_app, adspd_prop);
+get_prop(priv_app, qemu_hw_mainkeys_prop);