Loading sepolicy/vendor/cameraserver.te +6 −1 Original line number Diff line number Diff line Loading @@ -2,5 +2,10 @@ allow cameraserver hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find allow cameraserver init:unix_dgram_socket sendto; allow cameraserver qcamerasvr:unix_dgram_socket sendto; allow cameraserver qcamerasvr:unix_stream_socket connectto; allow cameraserver sysfs_graphics:file { getattr open read }; allow cameraserver sysfs_battery_supply:dir search; allow cameraserver sysfs_battery_supply:file r_file_perms; allow cameraserver sysfs_camera_torch:dir search; allow cameraserver sysfs_camera_torch:file rw_file_perms; allow cameraserver sysfs_camera_torch:lnk_file read; allow cameraserver sysfs_graphics:file r_file_perms; allow cameraserver ta_data_file:dir search; sepolicy/vendor/crash_dump.te +1 −0 Original line number Diff line number Diff line allow crash_dump camera_prop:file { getattr open }; allow crash_dump init:process ptrace; allow crash_dump keystore:process ptrace; sepolicy/vendor/fsck.te +1 −0 Original line number Diff line number Diff line allow fsck block_device:blk_file { read write }; allow fsck diag_partition_device:blk_file rw_file_perms; sepolicy/vendor/init.te +1 −0 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ allow init sysfs_msm_perf:file { open write }; allow init sysfs_thermal:file write; allow init sysfs_wake_lock:file { append open }; allow init system_data_file:file { ioctl lock }; allow init system_file:dir relabelfrom; allow init system_file:file execute_no_trans; allow init tee_device:chr_file { ioctl open read write }; allow init trim_area_partition_device:blk_file setattr; Loading sepolicy/vendor/qcamerasvr.te +4 −2 Original line number Diff line number Diff line Loading @@ -8,9 +8,11 @@ init_daemon_domain(qcamerasvr) allow qcamerasvr camera_data_file:dir { add_name remove_name search write }; allow qcamerasvr camera_data_file:sock_file { create unlink }; allow qcamerasvr camera_prop:file { getattr open read }; allow qcamerasvr camera_socket:sock_file unlink; allow qcamerasvr cameraserver:fd use; allow qcamerasvr ion_device:chr_file { open read }; allow qcamerasvr sysfs:file { open read }; allow qcamerasvr hal_graphics_allocator_default:fd use; allow qcamerasvr ion_device:chr_file r_file_perms; allow qcamerasvr sysfs:file rw_file_perms; allow qcamerasvr sysfs_graphics:file { open read }; allow qcamerasvr ta_data_file:dir search; allow qcamerasvr video_device:chr_file { ioctl open read write }; Loading
sepolicy/vendor/cameraserver.te +6 −1 Original line number Diff line number Diff line Loading @@ -2,5 +2,10 @@ allow cameraserver hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find allow cameraserver init:unix_dgram_socket sendto; allow cameraserver qcamerasvr:unix_dgram_socket sendto; allow cameraserver qcamerasvr:unix_stream_socket connectto; allow cameraserver sysfs_graphics:file { getattr open read }; allow cameraserver sysfs_battery_supply:dir search; allow cameraserver sysfs_battery_supply:file r_file_perms; allow cameraserver sysfs_camera_torch:dir search; allow cameraserver sysfs_camera_torch:file rw_file_perms; allow cameraserver sysfs_camera_torch:lnk_file read; allow cameraserver sysfs_graphics:file r_file_perms; allow cameraserver ta_data_file:dir search;
sepolicy/vendor/crash_dump.te +1 −0 Original line number Diff line number Diff line allow crash_dump camera_prop:file { getattr open }; allow crash_dump init:process ptrace; allow crash_dump keystore:process ptrace;
sepolicy/vendor/fsck.te +1 −0 Original line number Diff line number Diff line allow fsck block_device:blk_file { read write }; allow fsck diag_partition_device:blk_file rw_file_perms;
sepolicy/vendor/init.te +1 −0 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ allow init sysfs_msm_perf:file { open write }; allow init sysfs_thermal:file write; allow init sysfs_wake_lock:file { append open }; allow init system_data_file:file { ioctl lock }; allow init system_file:dir relabelfrom; allow init system_file:file execute_no_trans; allow init tee_device:chr_file { ioctl open read write }; allow init trim_area_partition_device:blk_file setattr; Loading
sepolicy/vendor/qcamerasvr.te +4 −2 Original line number Diff line number Diff line Loading @@ -8,9 +8,11 @@ init_daemon_domain(qcamerasvr) allow qcamerasvr camera_data_file:dir { add_name remove_name search write }; allow qcamerasvr camera_data_file:sock_file { create unlink }; allow qcamerasvr camera_prop:file { getattr open read }; allow qcamerasvr camera_socket:sock_file unlink; allow qcamerasvr cameraserver:fd use; allow qcamerasvr ion_device:chr_file { open read }; allow qcamerasvr sysfs:file { open read }; allow qcamerasvr hal_graphics_allocator_default:fd use; allow qcamerasvr ion_device:chr_file r_file_perms; allow qcamerasvr sysfs:file rw_file_perms; allow qcamerasvr sysfs_graphics:file { open read }; allow qcamerasvr ta_data_file:dir search; allow qcamerasvr video_device:chr_file { ioctl open read write };
