sm7250-common: sepolicy: Add sepolicy for kernel to access /data/per_boot/zram_swap

type=1400 audit(1581485243.256:88): avc: denied { read } for comm="loop29" path="/data/per_boot/zram_swap" dev="dm-9" ino=9820 scontext=u:r:kernel:s0 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0

Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I48d7684ce3b4ca1ada81011b1cab21007c758ba5
Signed-off-by: Mimi Wu <mimiwu@google.com>
Signed-off-by: aswin7469 <aswinas@pixysos.com>
Signed-off-by: Sandeep-FED <sandymankara11@gmail.com>
Signed-off-by: Sandeep P S <sandymankara11@gmail.com>

sepolicy/vendor/file.te

@@ -21,3 +21,6 @@ type sysfs_tpd, fs_type, sysfs_type;
 type sysfs_tri_state_key, sysfs_type, fs_type;
 type sysfs_vl53l1, fs_type, sysfs_type;
 type vendor_sysfs_video_call_on, fs_type, sysfs_type;
+
+# Data files
+type per_boot_file, file_type, data_file_type, core_data_file_type;

sepolicy/vendor/file_contexts

@@ -26,6 +26,7 @@
 
 # Data files
 /data/reserve-lib(/.*)?    u:object_r:apk_data_file:s0
+/data/per_boot(/.*)?                                                 u:object_r:per_boot_file:s0
 
 
 # Devices

sepolicy/vendor/kernel.te

@@ -1,2 +1,3 @@
 allow kernel param_block_device:dir search;
 allow kernel param_block_device:blk_file rw_file_perms;
+allow kernel per_boot_file:file r_file_perms;