From 76783cf7e2a4c5a7c49a2f26bfc239396c53933d Mon Sep 17 00:00:00 2001 From: Utku Utkan Date: Wed, 12 Jun 2024 23:51:53 +0000 Subject: [PATCH] Move definition for vendor_camera_cameraidremapper_service into product Following ag/25368073 as reference with the same justification. Bug: 312091052 Test: atest PersistentBackgroundCameraServicesTests Flag: EXEMPT SEPolicy refactoring to make CHD happy Change-Id: If8810323750c2149b4624f8deffee1cd5c1ce36e --- camera/sepolicy/product/private/service_contexts | 4 +++- camera/sepolicy/product/private/vendor_pbcs_app.te | 5 ++++- camera/sepolicy/product/private/vendor_pcs_app.te | 1 + camera/sepolicy/product/public/service.te | 4 +++- camera/sepolicy/vendor/service.te | 2 -- camera/sepolicy/vendor/service_contexts | 2 -- camera/sepolicy/vendor/vendor_pbcs_app.te | 2 +- camera/sepolicy/vendor/vendor_pcs_app.te | 2 +- 8 files changed, 13 insertions(+), 9 deletions(-) diff --git a/camera/sepolicy/product/private/service_contexts b/camera/sepolicy/product/private/service_contexts index fed03af..3d73df2 100644 --- a/camera/sepolicy/product/private/service_contexts +++ b/camera/sepolicy/product/private/service_contexts @@ -1 +1,3 @@ -com.google.pixel.camera.services.binder.IServiceBinder/default u:object_r:camera_binder_service:s0 \ No newline at end of file +com.google.pixel.camera.services.binder.IServiceBinder/default u:object_r:camera_binder_service:s0 + +com.google.pixel.camera.services.cameraidremapper.ICameraIdRemapper/default u:object_r:camera_cameraidremapper_service:s0 diff --git a/camera/sepolicy/product/private/vendor_pbcs_app.te b/camera/sepolicy/product/private/vendor_pbcs_app.te index 54bc0c0..d166b63 100644 --- a/camera/sepolicy/product/private/vendor_pbcs_app.te +++ b/camera/sepolicy/product/private/vendor_pbcs_app.te @@ -9,4 +9,7 @@ allow vendor_pbcs_app app_api_service:service_manager find; allow vendor_pbcs_app cameraserver_service:service_manager find; # Allow PBCS to add the ServiceBinder service to ServiceManager. -add_service(vendor_pbcs_app, camera_binder_service); \ No newline at end of file +add_service(vendor_pbcs_app, camera_binder_service); + +# Allow PBCS to add the CameraIdRemapper service to ServiceManager. +add_service(vendor_pbcs_app, camera_cameraidremapper_service); diff --git a/camera/sepolicy/product/private/vendor_pcs_app.te b/camera/sepolicy/product/private/vendor_pcs_app.te index 55eeee7..f18bbd0 100644 --- a/camera/sepolicy/product/private/vendor_pcs_app.te +++ b/camera/sepolicy/product/private/vendor_pcs_app.te @@ -8,6 +8,7 @@ allow vendor_pcs_app { app_api_service audioserver_service cameraserver_service + camera_cameraidremapper_service drmserver_service mediametrics_service mediaserver_service diff --git a/camera/sepolicy/product/public/service.te b/camera/sepolicy/product/public/service.te index f94fd9f..309e32f 100644 --- a/camera/sepolicy/product/public/service.te +++ b/camera/sepolicy/product/public/service.te @@ -1 +1,3 @@ -type camera_binder_service, hal_service_type, protected_service, service_manager_type; \ No newline at end of file +type camera_binder_service, hal_service_type, protected_service, service_manager_type; + +type camera_cameraidremapper_service, hal_service_type, protected_service, service_manager_type; diff --git a/camera/sepolicy/vendor/service.te b/camera/sepolicy/vendor/service.te index 35887ba..232c33a 100644 --- a/camera/sepolicy/vendor/service.te +++ b/camera/sepolicy/vendor/service.te @@ -4,6 +4,4 @@ type vendor_camera_lyricconfigprovider_service, hal_service_type, protected_serv type vendor_camera_isp_service, hal_service_type, protected_service, service_manager_type; -type vendor_camera_cameraidremapper_service, hal_service_type, protected_service, service_manager_type; - type vendor_image_processing_hal_service, hal_service_type, protected_service, service_manager_type; diff --git a/camera/sepolicy/vendor/service_contexts b/camera/sepolicy/vendor/service_contexts index 9f5e335..acf628a 100644 --- a/camera/sepolicy/vendor/service_contexts +++ b/camera/sepolicy/vendor/service_contexts @@ -4,6 +4,4 @@ com.google.pixel.camera.services.lyricconfigprovider.ILyricConfigProvider/defaul com.google.pixel.camera.isp.IIspService/default u:object_r:vendor_camera_isp_service:s0 -com.google.pixel.camera.services.cameraidremapper.ICameraIdRemapper/default u:object_r:vendor_camera_cameraidremapper_service:s0 - com.google.android.imageprocessing.IImageProcessingHal u:object_r:vendor_image_processing_hal_service:s0 diff --git a/camera/sepolicy/vendor/vendor_pbcs_app.te b/camera/sepolicy/vendor/vendor_pbcs_app.te index b25c9a2..8da191e 100644 --- a/camera/sepolicy/vendor/vendor_pbcs_app.te +++ b/camera/sepolicy/vendor/vendor_pbcs_app.te @@ -3,7 +3,7 @@ add_service(vendor_pbcs_app, camera_binder_service); # Allow PBCS to add the LyricConfigProvider service to ServiceManager. add_service(vendor_pbcs_app, vendor_camera_lyricconfigprovider_service); # Allow PBCS to add the CameraIdRemapper service to ServiceManager. -add_service(vendor_pbcs_app, vendor_camera_cameraidremapper_service); +add_service(vendor_pbcs_app, camera_cameraidremapper_service); # Allow PBCS to read debug system properties of the form vendor.camera.pbcs.debug.* # and persist.vendor.camera.pbcs.debug.* diff --git a/camera/sepolicy/vendor/vendor_pcs_app.te b/camera/sepolicy/vendor/vendor_pcs_app.te index b4d71b5..9f27128 100644 --- a/camera/sepolicy/vendor/vendor_pcs_app.te +++ b/camera/sepolicy/vendor/vendor_pcs_app.te @@ -1,6 +1,6 @@ allow vendor_pcs_app { vendor_camera_lyricconfigprovider_service - vendor_camera_cameraidremapper_service + camera_cameraidremapper_service edgetpu_app_service }:service_manager find;