From 25996d65110620dcbdbe173e2dc5292aa42cedbb Mon Sep 17 00:00:00 2001 From: Boru Zhao Date: Sat, 18 Jan 2020 10:10:15 +0800 Subject: [PATCH] [ALPS04394576] mt6739:fix camera sepolicy issue [Detail] Add gpu_device:map in non_plat/mtk_hal_camera.te and non_plat/cameraserver MTK-Commit-Id: a3544387d9eb532f03a1fd0603f96b9cef46f1cf Change-Id: Ic3c0e82e87315c29bee5984ae74f579304710c9d CR-Id: ALPS04394576 Feature: [Android Default] Camera Application Basic Functions --- non_plat/cameraserver.te | 2 +- non_plat/mtk_hal_camera.te | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/non_plat/cameraserver.te b/non_plat/cameraserver.te index 3af0721..7c1f930 100644 --- a/non_plat/cameraserver.te +++ b/non_plat/cameraserver.te @@ -276,7 +276,7 @@ allow cameraserver tmpfs:dir search; # Operation : Migration # Purpose : EGL file access allow cameraserver system_file:dir { read open }; -allow cameraserver gpu_device:chr_file { read open write getattr ioctl }; +allow cameraserver gpu_device:chr_file rw_file_perms; allow cameraserver gpu_device:dir search; # Date : WK16.30 diff --git a/non_plat/mtk_hal_camera.te b/non_plat/mtk_hal_camera.te index d7eac6a..faa952b 100644 --- a/non_plat/mtk_hal_camera.te +++ b/non_plat/mtk_hal_camera.te @@ -237,7 +237,7 @@ allow mtk_hal_camera tmpfs:dir search; ## Purpose : EGL file access allow mtk_hal_camera system_file:dir { read open }; allow mtk_hal_camera gpu_device:dir search; -allow mtk_hal_camera gpu_device:chr_file { read open write getattr ioctl }; +allow mtk_hal_camera gpu_device:chr_file rw_file_perms; ## Purpose: Allow to access ged for gralloc_extra functions allow mtk_hal_camera proc_ged:file {open read write ioctl getattr};