Move camera HAL rules to device specific policy

Access to /data/misc/camera only applies to Angler/Bullhead. Remove access from core policy to device specific policy. Bug: 36601397 Test: build Change-Id: I998842431f45b5dea5639398034e9238a5bbb094
author: Jeff Vander Stoep <jeffv@google.com> 2017-11-10 14:18:45 -0800
committer: Jeff Vander Stoep <jeffv@google.com> 2017-11-10 14:35:37 -0800
commit: cbcac785eb9e62d818898afd6d91a4a8bd5cd80b (patch)
tree: 70f07635642cb862d594f55f88c4196a3363d52b
parent: 43b991ba9b764303d041af371d730c22dd91bb2f (diff)
download: angler-cbcac785eb9e62d818898afd6d91a4a8bd5cd80b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/sepolicy/hal_camera.te b/sepolicy/hal_camera.te
index 3aae732..5c37715 100644
--- a/sepolicy/hal_camera.te
+++ b/sepolicy/hal_camera.te
@@ -6,3 +6,7 @@ allow hal_camera camera_data_file:sock_file write;
 allow hal_camera perfd_data_file:dir search;
 allow hal_camera perfd:unix_stream_socket connectto;
 allow hal_camera perfd_data_file:sock_file write;
+
+# access /data/misc/camera
+allow hal_camera camera_data_file:dir create_dir_perms;
+allow hal_camera camera_data_file:file create_file_perms;
author	Jeff Vander Stoep <jeffv@google.com>	2017-11-10 14:18:45 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	2017-11-10 14:35:37 -0800
commit	cbcac785eb9e62d818898afd6d91a4a8bd5cd80b (patch)
tree	70f07635642cb862d594f55f88c4196a3363d52b
parent	43b991ba9b764303d041af371d730c22dd91bb2f (diff)
download	angler-cbcac785eb9e62d818898afd6d91a4a8bd5cd80b.tar.gz