From 879ea7ad597670140be5d0d18dc296f3595dc3a0 Mon Sep 17 00:00:00 2001
From: Albert I <kras@raphielgang.org>
Date: Wed, 7 Jul 2021 04:30:48 +0800
Subject: [PATCH] sepolicy: Address denials for secure ADSP domain

Allow apps and camera HAL access to secure ADSP domain

Change-Id: Ibb1071299632ab53726638dbcc134d4bca59fc52
Signed-off-by: Adithya R <gh0strider.2k18.reborn@gmail.com>
---
 sepolicy/vendor/app.te                | 1 +
 sepolicy/vendor/hal_camera_default.te | 1 +
 2 files changed, 2 insertions(+)

diff --git a/sepolicy/vendor/app.te b/sepolicy/vendor/app.te
index bb8de86..d6b1f35 100644
--- a/sepolicy/vendor/app.te
+++ b/sepolicy/vendor/app.te
@@ -1,2 +1,3 @@
 allow { appdomain -isolated_app } adsprpcd_file:dir r_dir_perms;
 allow { appdomain -isolated_app } public_adsprpcd_file:file r_file_perms;
+allow { appdomain -isolated_app } vendor_xdsp_device:chr_file r_file_perms;
diff --git a/sepolicy/vendor/hal_camera_default.te b/sepolicy/vendor/hal_camera_default.te
index 6907001..7e1356c 100644
--- a/sepolicy/vendor/hal_camera_default.te
+++ b/sepolicy/vendor/hal_camera_default.te
@@ -1 +1,2 @@
 allow hal_camera_default public_adsprpcd_file:file r_file_perms;
+allow hal_camera_default vendor_xdsp_device:chr_file r_file_perms;