| type camera, domain; |
| type camera_exec, exec_type, vendor_file_type, file_type; |
| |
| # Started by init |
| init_daemon_domain(camera) |
| |
| allow camera self:capability sys_nice; |
| |
| # TODO(b/36569525): Remove this once camera no longer uses Binder |
| typeattribute camera binder_in_vendor_violators; |
| binder_use(camera) |
| binder_call(camera, system_server) |
| binder_call(camera, cameraserver) |
| allow camera system_server:unix_stream_socket { read write }; |
| |
| allow camera ion_device:chr_file rw_file_perms; |
| allow camera sysfs_msm_subsys:file r_file_perms; |
| allow camera camera_device:chr_file rw_file_perms; |
| allow camera gpu_device:chr_file rw_file_perms; |
| allow camera graphics_device:chr_file rw_file_perms; |
| allow camera video_device:chr_file rw_file_perms; |
| allow camera sysfs_camera:dir search; |
| allow camera sysfs_camera:file rw_file_perms; |
| allow camera sysfs_video:dir search; |
| allow camera sysfs_video:file r_file_perms; |
| allow camera system_file:dir r_dir_perms; |
| allow camera sensorservice_service:service_manager find; |
| |
| set_prop(camera, camera_prop) |
| |
| allow camera surfaceflinger:fd use; |
| allow camera hal_graphics_allocator:fd use; |
| allow camera cameraserver:fd use; |
| |
| # TODO(b/36663461): Remove once camera no longer accesses data outside |
| # /data/vendor |
| typeattribute camera coredata_in_vendor_violators; |
| allow camera camera_data_file:dir rw_dir_perms; |
| allow camera camera_data_file:sock_file { create unlink }; |
| |
| allow camera input_device:dir r_dir_perms; |
| allow camera input_device:chr_file r_file_perms; |
| |
| # TODO(b/34274385): Remove this once Camera HAL is guaranteed to not be run in passthrough mode |
| # What's going on here is that Camera HAL os talking over sockets to camera daemon, which is |
| # permitted. However, those rules target hal_camera rather than hal_camera_server and thus are also |
| # granted to all clients of Camera HAL (e.g., cameraserver) which are core components, and |
| # socket communications between system components and vendor components are not permted. |
| # Once we switch full Treble devices to binderized only mode, this issue will disappear. |
| typeattribute camera socket_between_core_and_vendor_violators; |