| Robert Craig | 3370c79 | 2013-09-26 06:36:55 -0400 | [diff] [blame] | 1 | # Qualcomm MSM camera |
| 2 | type camera, domain; |
| 3 | type camera_exec, exec_type, file_type; |
| 4 | |
| 5 | # Started by init |
| 6 | init_daemon_domain(camera) |
| 7 | |
| Stephen Smalley | 39efd26 | 2013-12-20 08:38:25 -0500 | [diff] [blame] | 8 | allow camera self:process execmem; |
| 9 | |
| Robert Craig | 2a15fb1 | 2013-11-04 17:56:03 -0500 | [diff] [blame] | 10 | # Interact with other media devices |
| 11 | allow camera camera_device:dir search; |
| 12 | allow camera { video_device camera_device }:chr_file rw_file_perms; |
| 13 | allow camera { surfaceflinger mediaserver }:fd use; |
| 14 | |
| 15 | # Create front and back camera sockets (/data/cam_socket[01]) |
| 16 | type_transition camera system_data_file:sock_file camera_socket "cam_socket0"; |
| 17 | type_transition camera system_data_file:sock_file camera_socket "cam_socket1"; |
| 18 | allow camera camera_socket:sock_file { create unlink }; |
| 19 | allow camera system_data_file:dir w_dir_perms; |
| 20 | allow camera system_data_file:sock_file unlink; |
| 21 | |
| Robert Craig | 183874e | 2014-01-30 13:25:36 -0500 | [diff] [blame] | 22 | type_transition camera system_data_file:file camera_data_file "fdAlbum"; |
| 23 | allow camera camera_data_file:file create_file_perms; |
| Robert Craig | 2a15fb1 | 2013-11-04 17:56:03 -0500 | [diff] [blame] | 24 | |
| 25 | # Connect to sensor socket (/data/app/sensor_ctl_socket) |
| 26 | unix_socket_connect(camera, sensors, sensors) |
| 27 | allow camera sensors_socket:sock_file read; |