From 217b4fa94876507f77ea3f1d2f0d9ef5c5d01d53 Mon Sep 17 00:00:00 2001
From: mtk03805 <marx.chiu@mediatek.com>
Date: Sat, 18 Jan 2020 10:09:39 +0800
Subject: [PATCH] [ALPS04377757] Fix camera sepolicy issue

[Detail]
Fix camera sepolicy issue

[Solution]
Add following to mtk_hal_camera.
GED_BRIDGE_IO_GE_GET
GED_BRIDGE_IO_GE_SET

MTK-Commit-Id: 37a5c97590fe0d61c553d282e6c79cfa96a71dc9

Change-Id: I6c32d4345296182274a1c24852a87b0b9eb8fd25
CR-Id: ALPS04377757
Feature: Camcorder Application
---
 non_plat/mtk_hal_camera.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/non_plat/mtk_hal_camera.te b/non_plat/mtk_hal_camera.te
index f7b193b..d7eac6a 100644
--- a/non_plat/mtk_hal_camera.te
+++ b/non_plat/mtk_hal_camera.te
@@ -57,6 +57,7 @@ allow mtk_hal_camera fwk_sensor_hwservice:hwservice_manager find;
 allow mtk_hal_camera mtk_hal_power_hwservice:hwservice_manager find;
 allow mtk_hal_camera nvram_data_file:lnk_file { read write getattr setattr read create open };
 allow mtk_hal_camera nvdata_file:lnk_file { read write getattr setattr read create open };
+hal_client_domain(mtk_hal_camera, hal_graphics_allocator)
 
 # -----------------------------------
 # Purpose: Camera-related devices (driver)
@@ -240,6 +241,7 @@ allow mtk_hal_camera gpu_device:chr_file { read open write getattr ioctl };
 
 ## Purpose: Allow to access ged for gralloc_extra functions
 allow mtk_hal_camera proc_ged:file {open read write ioctl getattr};
+allowxperm mtk_hal_camera proc_ged:file ioctl { GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET};
 
 ################################################################################
 # Date : WK17