Fix hal_keymint_citadel service access

10-20 10:24:31.155   432   432 E SELinux : avc:  denied  { find } for pid=481 uid=1064 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_keymint_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
Bug: 202907039
Test: boot to home with no keymint errors

Change-Id: I7935fe52a9774f8fca67336be9c9d47fe2675756

dauntless/hal_keymint_citadel.te

@@ -2,3 +2,7 @@ type hal_keymint_citadel, domain;
 type hal_keymint_citadel_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(hal_keymint_citadel)
+
+hal_server_domain(hal_keymint_citadel, hal_keymint)
+
+allow hal_keymint_citadel citadeld_service:service_manager find;

dauntless/service_contexts

@@ -0,0 +1,2 @@
+android.hardware.security.keymint.IKeyMintDevice/strongbox      u:object_r:hal_keymint_service:s0
+android.hardware.security.sharedsecret.ISharedSecret/strongbox  u:object_r:hal_sharedsecret_service:s0

tracking_denials/hal_keymint_citadel.te

@@ -1,2 +0,0 @@
-# b/202907039
-dontaudit hal_keymint_citadel default_android_vndservice:service_manager { find };