Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL.
Note that this only adds permission to GCARelease and GCADogfood, while GCANext and GCAEng are still untrusted app on zuma now and after this change GCANext and GCAEng will still be denied. Bug: 264490031 Test: Portrait processing in GCARelease didn't get denial message when accessing PowerHAL after this change (https://cnsviewer-static.corp.google.com/cns/md-d/home/pixel-camera-data-readers/acat/hwandy/ag/22215364?user=pixel-camera-data-readers). Change-Id: Ia4a4c2f24215b9da9db7985cf67112997df355fa
This commit is contained in:
Andy Hsu
parent
e0adad9eb0
commit
9c91ba1a2f
1 changed files with 3 additions and 0 deletions
3
vendor/google_camera_app.te
vendored
3
vendor/google_camera_app.te
vendored
|
|
@ -3,3 +3,6 @@ app_domain(google_camera_app)
|
|||
|
||||
# Allows camera app to access the GXP device.
|
||||
allow google_camera_app gxp_device:chr_file rw_file_perms;
|
||||
|
||||
# Allows camera app to access the PowerHAL.
|
||||
hal_client_domain(google_camera_app, hal_power)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue