From 391f954d5d6fe39547e5984e006b96565c93aba4 Mon Sep 17 00:00:00 2001
From: feiyuchen <feiyuchen@google.com>
Date: Tue, 4 Apr 2023 21:31:28 +0000
Subject: [PATCH] Allow camera HAL to access edgetpu_app_service in gs101

We are seeing SELinux error b/276911450. It turns out that I only added the SE policy for 2023 device ag/22248613, but I forgot to add it for gs101 and gs201. So I created this CL.

See more background in ag/22248613.

Test: For gs201, I tested on my Pixel7 and I saw no more error. For gs101, I just did mm.
Bug: 275016466
Bug: 276911450
Change-Id: I3d691128daa2d7115f80c378f7b42de334cd8ed5
---
 whitechapel/vendor/google/hal_camera_default.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/whitechapel/vendor/google/hal_camera_default.te b/whitechapel/vendor/google/hal_camera_default.te
index d78cf7ad..07789692 100644
--- a/whitechapel/vendor/google/hal_camera_default.te
+++ b/whitechapel/vendor/google/hal_camera_default.te
@@ -23,6 +23,10 @@ allow hal_camera_default sysfs_edgetpu:dir r_dir_perms;
 allow hal_camera_default sysfs_edgetpu:file r_file_perms;
 allow hal_camera_default edgetpu_vendor_service:service_manager find;
 binder_call(hal_camera_default, edgetpu_vendor_server)
+# Allow edgetpu_app_service as well, due to the EdgeTpu metrics logging
+# library has a dependency on edgetpu_app_service, see b/275016466.
+allow hal_camera_default edgetpu_app_service:service_manager find;
+binder_call(hal_camera_default, edgetpu_app_server)
 
 # Allow access to data files used by the camera HAL
 allow hal_camera_default mnt_vendor_file:dir search;