Add incident command and incidentd daemon se policy.

Test: adb shell incident
Bug: 31122534
Change-Id: I4ac9c9ab86867f09b63550707673149fe60f1906
diff --git a/private/incident.te b/private/incident.te
new file mode 100644
index 0000000..084bd5d
--- /dev/null
+++ b/private/incident.te
@@ -0,0 +1,23 @@
+type incident_exec, exec_type, file_type;
+
+# switch to incident domain for incident command
+domain_auto_trans(shell, incident_exec, incident)
+
+# allow incident access to stdout from its parent shell.
+allow incident shell:fd use;
+
+# allow incident to communicate use, read and write over the adb
+# connection.
+allow incident adbd:fd use;
+allow incident adbd:unix_stream_socket { read write };
+
+# allow adbd to reap incident
+allow incident adbd:process { sigchld };
+
+# Allow the incident command to talk to the incidentd over the binder, and get
+# back the incident report data from a ParcelFileDescriptor.
+binder_use(incident)
+allow incident incident_service:service_manager find;
+binder_call(incident, incidentd)
+allow incident incidentd:fifo_file write;
+