84aa699ac8
This commit makes following changes: - Add selinux policies for GCA-Eng & GCA-Next to access GXP device & edgetpu services. - Refactor code to push policies for Google Camera app from legacy/whitechapel_pro/* to vendor/* Tested: - flashed both GCA-Eng & GCA-Next apps and observed no crashes due to gxp or edgetpu. - scontext changed from "untrusted_app_32" to "debug_camera_app" in both cases. Bug: 264490031 Change-Id: I51f69168eebd6c7e54e512b7abde8dd6bbe7c443 Signed-off-by: Dinesh Yadav <dkyadav@google.com>
23 lines
948 B
Text
23 lines
948 B
Text
type debug_camera_app, domain, coredomain;
|
|
|
|
userdebug_or_eng(`
|
|
app_domain(debug_camera_app)
|
|
net_domain(debug_camera_app)
|
|
|
|
allow debug_camera_app app_api_service:service_manager find;
|
|
allow debug_camera_app audioserver_service:service_manager find;
|
|
allow debug_camera_app cameraserver_service:service_manager find;
|
|
allow debug_camera_app mediaextractor_service:service_manager find;
|
|
allow debug_camera_app mediametrics_service:service_manager find;
|
|
allow debug_camera_app mediaserver_service:service_manager find;
|
|
|
|
# Allows GCA-Eng & GCA-Next access the GXP device.
|
|
allow debug_camera_app gxp_device:chr_file rw_file_perms;
|
|
|
|
# Allows GCA-Eng & GCA-Next to find and access the EdgeTPU.
|
|
allow debug_camera_app edgetpu_app_service:service_manager find;
|
|
allow debug_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
|
|
|
|
# Allows GCA_Eng & GCA-Next to access the PowerHAL.
|
|
hal_client_domain(debug_camera_app, hal_power)
|
|
')
|