blob: f5f513f8cf11f3ace6267290973e33adf1e12689 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
# Qualcomm MSM camera
type camera, domain, domain_deprecated;
type camera_exec, exec_type, file_type;
# Started by init
init_daemon_domain(camera)
# Interact with other media devices
allow camera video_device:dir search;
allow camera { gpu_device video_device }:chr_file rw_file_perms;
allow camera { surfaceflinger mediaserver }:fd use;
# Create front and back camera sockets (/data/cam_socket[12])
type_transition camera system_data_file:sock_file camera_socket "cam_socket1";
type_transition camera system_data_file:sock_file camera_socket "cam_socket2";
allow camera camera_socket:sock_file { create unlink };
allow camera system_data_file:dir w_dir_perms;
allow camera system_data_file:sock_file unlink;
type_transition camera system_data_file:file camera_data_file "fdAlbum";
allow camera camera_data_file:file create_file_perms;
# Connect to sensor socket (/data/app/sensor_ctl_socket)
allow camera apk_data_file:dir r_dir_perms;
unix_socket_connect(camera, sensors, sensors)
allow camera sensors_socket:sock_file read;
allow camera sensors_device:chr_file rw_file_perms;
# Read camera files from persist filesystem
allow camera persist_file:dir search;
r_dir_file(camera, persist_camera_file)
|
