Add policies for manual use of root shell

[slifox]

These permissions are required for various manual use of a root shell (e.g. 'su' from 'adb shell'):

Access to /data/local/tmp -- this is used immediately after running 'su', but it can also be a convenient place to store temp files while working:

allow su shell_data_file dir "read write search getattr open add_name remove_name create unlink"
allow su shell_data_file file "read write getattr open create unlink"

Access to /proc for 'ps', among other things:

allow su init dir "getattr search"
allow su kernel dir "getattr search"
allow su init file "read open"
allow su kernel file "read open"

Access to /sdcard (which is often a symlink to the actual mountpoint):

allow su storage_file dir "search"
allow su storage_file lnk_file "read"
allow su mnt_user_file dir "search"
allow su mnt_user_file lnk_file "read"
allow su fuse dir "search read open getattr"
allow su fuse file "read open getattr ioctl"

Mounting ("ioctl" is likely needed on the mount source, also):

allow su system_file file "mounton"
allow su su capability "sys_admin"

Unmounting:

allow su labeledfs filesystem "unmount"
allow su block_device dir "search"

Remounting (e.g. mount -o remount,rw /system):

allow su labeledfs filesystem "remount"
allow su block_device dir "search"

[phhusson]

I'll need a function for "full dir/symlink/file read/write access to X context".

Ok for shell_data_file access Ok for ps stuff. I think for ps stuff I need read access to all domains, I'll check.

I think /sdcard's context is not so easy, I've seen it depending on the OEM. I'll also grant write access to /sdcard, and also to underlying sdcard (ie before sdcard daemon)

What's left (sys_admin, mounton system_file, remounting) is way too dangerous. I don't think there is any use of having such capabilities without having full SELinux rights (ie permissive mode).

[phhusson]

Added "levels". The too dangerous things are in L8/L9, only enabled in eng mode.