devices: Add types for trusted execution environment interfaces.

These are interfaces for trusted OSes such as ARM TrustZone.

Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>

policy/modules/kernel/devices.fc

@@ -110,6 +110,8 @@
 /dev/snapshot		-c	gen_context(system_u:object_r:acpi_bios_t,s0)
 /dev/sndstat		-c	gen_context(system_u:object_r:sound_device_t,s0)
 /dev/sonypi		-c	gen_context(system_u:object_r:v4l_device_t,s0)
+/dev/tee[0-9]		-c	gen_context(system_u:object_r:tee_device_t,s0)
+/dev/teepriv[0-9]	-c	gen_context(system_u:object_r:tee_priv_device_t,s0)
 /dev/tlk[0-3]		-c	gen_context(system_u:object_r:v4l_device_t,s0)
 /dev/tpm[0-9]*		-c	gen_context(system_u:object_r:tpm_device_t,s0)
 /dev/tpmrm[0-9]*	-c	gen_context(system_u:object_r:tpm_device_t,s0)

policy/modules/kernel/devices.te

@@ -253,6 +253,15 @@ files_mountpoint(sysfs_t)
 fs_xattr_type(sysfs_t)
 genfscon sysfs / gen_context(system_u:object_r:sysfs_t,s0)
 
+#
+# Types for trusted execution environment interface
+#
+type tee_device_t;
+dev_node(tee_device_t)
+
+type tee_priv_device_t;
+dev_node(tee_priv_device_t)
+
 #
 # Type for /dev/tpm
 #