diff --git a/board/sepolicy.mk b/board/sepolicy.mk index b7e4ebd..829c697 100644 --- a/board/sepolicy.mk +++ b/board/sepolicy.mk @@ -1,5 +1,5 @@ +include device/qcom/sepolicy/sepolicy.mk + # SELinux BOARD_SEPOLICY_DIRS += \ $(VENDOR_PATH)/sepolicy - -include device/qcom/sepolicy/sepolicy.mk diff --git a/sepolicy/camera.te b/sepolicy/camera.te index a5e8de9..3508368 100644 --- a/sepolicy/camera.te +++ b/sepolicy/camera.te @@ -1 +1,9 @@ +typeattribute mm-qcamerad binder_in_vendor_violators; +type_transition mm-qcamerad camera_data_file:sock_file camera_socket "cam_socket1"; +type_transition mm-qcamerad camera_data_file:sock_file camera_socket "cam_socket2"; allow mm-qcamerad { sysfs sysfs_graphics }:file r_file_perms; +allow mm-qcamerad camera_socket:sock_file { create unlink }; +allow mm-qcamerad binder_device:chr_file rw_file_perms; +allow mm-qcamerad sensorservice_service:service_manager find; +allow mm-qcamerad system_server:unix_stream_socket { read write }; +binder_use(mm-qcamerad)