c5a7f8cc0d
Add the following avc denial:
```
10-02 19:55:46.156 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=activity scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.258 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=netstats scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.263 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=content_capture scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.267 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=gpu scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:gpu_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.267 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=activity_task scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:activity_task_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.416 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=voiceinteraction scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.417 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=autofill scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.425 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=sensitive_content_protection_service scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.427 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=performance_hint scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
10-02 19:55:48.156 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=audio scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
10-02 19:55:53.869 402 402 E SELinux : avc: denied { find } for pid=6934 uid=10311 name=textservices scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:textservices_service:s0 tclass=service_manager permissive=1
```
Bug: 370472903
Test: locally on komodo
Flag: EXEMPT NDK
Change-Id: Ia1a8b42697e790f27a5da9aaa1f7c83fddf2a365
22 lines
1.1 KiB
Text
22 lines
1.1 KiB
Text
# Camera Debug Tool at google3/java/com/google/android/apps/camera/tools/propsetter/
|
|
|
|
type camera_propsetter_app, domain;
|
|
|
|
userdebug_or_eng(`
|
|
app_domain(camera_propsetter_app)
|
|
net_domain(camera_propsetter_app)
|
|
|
|
allow camera_propsetter_app activity_service:service_manager find;
|
|
allow camera_propsetter_app activity_task_service:service_manager find;
|
|
allow camera_propsetter_app autofill_service:service_manager find;
|
|
allow camera_propsetter_app audio_service:service_manager find;
|
|
allow camera_propsetter_app content_capture_service:service_manager find;
|
|
allow camera_propsetter_app gpu_service:service_manager find;
|
|
allow camera_propsetter_app hint_service:service_manager find;
|
|
allow camera_propsetter_app netstats_service:service_manager find;
|
|
allow camera_propsetter_app sensitive_content_protection_service:service_manager find;
|
|
allow camera_propsetter_app textservices_service:service_manager find;
|
|
allow camera_propsetter_app voiceinteraction_service:service_manager find;
|
|
|
|
set_prop(camera_propsetter_app, vendor_camera_prop)
|
|
')
|