| vndbinder_use(hal_camera_default); |
| allow hal_camera_default sysfs_soc:dir search; |
| allow hal_camera_default sysfs_soc:file r_file_perms; |
| allow hal_camera_default sysfs_ssr:file r_file_perms; |
| allow hal_camera_default gpu_device:chr_file rw_file_perms; |
| |
| # For camera hal to use factory calibration data |
| allow hal_camera_default mnt_vendor_file:dir search; |
| allow hal_camera_default persist_file:lnk_file read; |
| allow hal_camera_default persist_file:dir search; |
| allow hal_camera_default persist_camera_file:dir search; |
| allow hal_camera_default persist_camera_file:file r_file_perms; |
| |
| # For camera hal to use system property |
| get_prop(hal_camera_default, vendor_display_prop) |
| set_prop(hal_camera_default, camera_prop) |
| get_prop(hal_camera_default, camera_ro_prop) |
| |
| # For camera hal to talk with rlsservice |
| allow hal_camera_default rls_service:service_manager find; |
| binder_call(hal_camera_default, rlsservice) |
| |
| # For camera hal to talk with gralloc |
| hal_client_domain(hal_camera_default, hal_graphics_composer) |
| allow hal_camera_default hal_graphics_mapper_hwservice:hwservice_manager find; |
| |
| # For camera hal to communicate with with power HAL |
| hal_client_domain(hal_camera_default, hal_power) |
| |
| # For camera hal to communicate with the thermal HAL. |
| hal_client_domain(hal_camera_default, hal_thermal) |
| |
| # For camera hal to control priority of current process |
| hal_client_domain(hal_camera_default, hal_configstore) |
| allow hal_camera_default self:capability sys_nice; |
| allow hal_camera_default self:qipcrtr_socket create_socket_perms_no_ioctl; |
| |
| # For camera hal to talk with system server (for sensor access) |
| binder_call(hal_camera_default, sensor_service_server) |
| |
| # For camera hal to talk with GPU and dontaudit unnecessary files in /sys |
| dontaudit hal_camera_default sysfs_msm_subsys:dir search; |
