Move vdc commands over to Binder.

Use nice clean AIDL instead of dirty sockets.

avc: denied { call } for pid=603 comm="vdc" scontext=u:r:vdc:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

Test: vdc cryptfs init_user0
Bug: 13758960
Change-Id: I8b0e63adad8c4c7e2b5e6aca48386d1b371ea6a5

public/vdc.te

@@ -8,16 +8,20 @@
 type vdc, domain;
 type vdc_exec, exec_type, file_type;
 
+# TODO: remove as part of 13758960
 unix_socket_connect(vdc, vold, vold)
 
 # vdc sends information back to dumpstate when "adb bugreport" is used
+# TODO: remove as part of 13758960
 allow vdc dumpstate:fd use;
 allow vdc dumpstate:unix_stream_socket { read write getattr };
 
 # vdc information is written to shell owned bugreport files
+# TODO: remove as part of 13758960
 allow vdc shell_data_file:file { write getattr };
 
 # Why?
+# TODO: remove as part of 13758960
 allow vdc dumpstate:unix_dgram_socket { read write };
 
 # vdc can be invoked with logwrapper, so let it write to pty
@@ -25,3 +29,8 @@ allow vdc devpts:chr_file rw_file_perms;
 
 # vdc writes directly to kmsg during the boot process
 allow vdc kmsg_device:chr_file w_file_perms;
+
+# vdc talks to vold over Binder
+binder_use(vdc)
+binder_call(vdc, vold)
+allow vdc vold_service:service_manager find;

public/vold.te

@@ -198,8 +198,8 @@ neverallow { domain -vold -init } vold_data_file:dir *;
 neverallow { domain -vold -init -kernel } vold_data_file:notdevfile_class_set *;
 neverallow { domain -vold -init } restorecon_prop:property_service set;
 
-# Only system_server can interact with vold over binder
-neverallow { domain -system_server -vold } vold_service:service_manager find;
+# Only system_server and vdc can interact with vold over binder
+neverallow { domain -system_server -vdc -vold } vold_service:service_manager find;
 neverallow vold {
   domain
   -hal_keymaster