1 # Qualcomm MSM camera 2 type camera, domain; 3 type camera_exec, exec_type, file_type; 4 5 # Started by init 6 init_daemon_domain(camera) 7 8 # Interact with other media devices 9 allow camera camera_device:dir search; 10 allow camera { gpu_device video_device camera_device }:chr_file rw_file_perms; 11 allow camera { surfaceflinger mediaserver }:fd use; 12 13 # Create front and back camera sockets (/data/cam_socket[12]) 14 type_transition camera system_data_file:sock_file camera_socket "cam_socket1"; 15 type_transition camera system_data_file:sock_file camera_socket "cam_socket2"; 16 allow camera camera_socket:sock_file { create unlink }; 17 allow camera system_data_file:dir w_dir_perms; 18 allow camera system_data_file:sock_file unlink; 19 20 type_transition camera system_data_file:file camera_data_file "fdAlbum"; 21 allow camera camera_data_file:file create_file_perms; 22 23 # Connect to sensor socket (/data/app/sensor_ctl_socket) 24 allow camera apk_data_file:dir r_dir_perms; 25 unix_socket_connect(camera, sensors, sensors) 26 allow camera sensors_socket:sock_file read; 27 28 allow camera sensors_device:chr_file rw_file_perms; 29 30 # Read camera files from persist filesystem 31 allow camera persist_file:dir search; 32 r_dir_file(camera, persist_camera_file) 33