Exploring options for customizing SeLinux policy ( SePolicy to enable bind-mounting ) , including kernel recompilation

As I realized selinux for Android is more than tad bit different creature than what I can get done on Linux . I need SeLinux policy to be modified so I can bind mount my folders. Unless that happens I dont want to root my phone. The below was when I temp magisk rooted my Samsing M20 in permissive
Here are the issues I encountered trying to achieve 👆🏻 the above.
-- AVC denials aren't logged into my Logcat. Why is that ? and should I be looking at some other file to get these. If they are disabled how can that be reversed. This is a Samsung Exynos Chipset. root@m20lte:/ # logcat -d | grep -i AVC 06-23 03:38:03.046 4392 19898 I OMXMaster: makeComponentInstance(OMX.Exynos.AVC.Encoder) in android.hardwar process 06-23 03:38:03.112 12145 12164 I ACodec : [OMX.Exynos.AVC.Encoder] Now Loaded 06-23 03:38:03.128 12145 12164 I ACodec : setupAVCEncoderParame
--- Can I just modify the Sepolicy file at or entire kernel needs to be recompiled /sys/fs/selinux/policy . How many files need to change for a modfied custom SePolicy to be in effect
-- If changing Sepolicy isn't that simple & you need to recompile the Sepolicy in kernel. How do I go about doing that and before re-compile how do I test that it works for my goal
Here is what i did.
--- I pulled up the SePolicy which was in binary and ran it through sepolicy command on linux . No luck. mnt/sda2 # sepolicy -P policy Traceback (most recent call last): File "/usr/bin/sepolicy", line 692, in args.func(args) AttributeError: 'Namespace' object has no attribute 'func' -- before that obviously I tried a low hanging fruit given by this guide where I tried using bindfs with various userids and grouoids including the ones exemplied in the post but I still got errors. AVC errors not being logged I can figure our what caused these