Home | History | Annotate | Download | only in common 
      1 allow hal_camera self:capability sys_nice;
      2 
      3 # communicate with camera
      4 #allow hal_camera camera:unix_dgram_socket sendto;
      5 #allow hal_camera camera_data_file:sock_file write;
      6 #allow hal_camera camera_device:chr_file rw_file_perms;
      7 
      8 allow hal_camera gpu_device:chr_file rw_file_perms;
      9 
     10 # access to /dev/input/event{5,10}
     11 allow hal_camera input_device:dir r_dir_perms;
     12 allow hal_camera input_device:chr_file r_file_perms;
     13 
     14 set_prop(hal_camera, vendor_camera_prop)
     15 
     16 #allow hal_camera sysfs_enable_ps_sensor:file w_file_perms;
     17 r_dir_file(hal_camera, sysfs_type)
     18 # find libraries
     19 allow hal_camera system_file:dir r_dir_perms;
     20 
     21 allow hal_camera qdisplay_service:service_manager find;
     22 
     23 allow hal_camera_default mnt_vendor_file:lnk_file r_file_perms;
     24 allow hal_camera_default mnt_vendor_file:dir r_dir_perms;
     25 
     26 # access vd6281 rainbow sensor files
     27 allow hal_camera sysfs_camera:dir search;
     28 allow hal_camera sysfs_camera:file rw_file_perms;
     29 allow hal_camera audio_device:dir search;
     30 
     31 # talk to system_server
     32 
     33 allow hal_camera system_server:unix_stream_socket { read write };
     34 
     35 allow hal_camera self:socket { create ioctl read write };
     36 
     37 # allow hal_camera to call some socket ioctls
     38 allowxperm hal_camera self:socket ioctl { IPC_ROUTER_IOCTL_LOOKUP_SERVER IPC_ROUTER_IOCTL_BIND_CONTROL_PORT };
     39 
     40 # ignore spurious denial
     41 dontaudit hal_camera graphics_device:dir search;
     42 
     43 allow hal_camera camera_vendor_data_file:dir rw_dir_perms;
     44 allow hal_camera camera_vendor_data_file:file create_file_perms;
     45 
     46 userdebug_or_eng(`
     47   allow hal_camera diag_device:chr_file rw_file_perms;
     48 ')
     49 
     50 # access easel dev nodes
     51 allow hal_camera easel_device:chr_file rw_file_perms;
     52 allow hal_camera sysfs_easel:file rw_file_perms;
     53 
     54 # access hexagon
     55 allow hal_camera qdsp_device:chr_file r_file_perms;
     56 
     57 #dual front lens calibration file
     58 allow hal_camera persist_file:dir search;
     59 allow hal_camera persist_camera_file:dir search;
     60 allow hal_camera persist_camera_file:file { getattr open read };
     61