[ALPS03941128] Comment unused rules

Comment for Android P MTK-Commit-Id: 1368fff2508a51f016a815057477c056ce7627d6 Change-Id: I0be97764a2116c8a47b6ac243e318ebc86a0b47b CR-Id: ALPS03941128 Feature: [Android Default] Camera Application Basic Functions
2020-01-18 10:03:20 +08:00 · 2020-01-18 10:03:20 +08:00 · 51d7df5f8e
commit 51d7df5f8e
parent 1cc7505c70
1 changed files with 102 additions and 102 deletions
--- a/non_plat/cameraserver.te
+++ b/non_plat/cameraserver.te
@ -31,127 +31,127 @@ allow cameraserver mtkcam_prop:file { open read getattr };
 # Date : WK14.31
 # Operation : Migration
 # Purpose : camera devices access.
-allow cameraserver camera_isp_device:chr_file rw_file_perms;
+# allow cameraserver camera_isp_device:chr_file rw_file_perms;
-allow cameraserver ccu_device:chr_file rw_file_perms;
+# allow cameraserver ccu_device:chr_file rw_file_perms;
-allow cameraserver vpu_device:chr_file rw_file_perms;
+# allow cameraserver vpu_device:chr_file rw_file_perms;
-allow cameraserver kd_camera_hw_device:chr_file rw_file_perms;
+# allow cameraserver kd_camera_hw_device:chr_file rw_file_perms;
-allow cameraserver seninf_device:chr_file rw_file_perms;
+# allow cameraserver seninf_device:chr_file rw_file_perms;
-allow cameraserver self:capability { setuid ipc_lock sys_nice };
+# allow cameraserver self:capability { setuid ipc_lock sys_nice };
-allow cameraserver sysfs_wake_lock:file rw_file_perms;
+# allow cameraserver sysfs_wake_lock:file rw_file_perms;
-allow cameraserver MTK_SMI_device:chr_file r_file_perms;
+# allow cameraserver MTK_SMI_device:chr_file r_file_perms;
-allow cameraserver camera_pipemgr_device:chr_file r_file_perms;
+# allow cameraserver camera_pipemgr_device:chr_file r_file_perms;
-allow cameraserver kd_camera_flashlight_device:chr_file rw_file_perms;
+# allow cameraserver kd_camera_flashlight_device:chr_file rw_file_perms;
-allow cameraserver lens_device:chr_file rw_file_perms;
+# allow cameraserver lens_device:chr_file rw_file_perms;
-allow cameraserver nvdata_file:lnk_file read;
+# allow cameraserver nvdata_file:lnk_file read;
-allow cameraserver proc_meminfo:file { read getattr open };
+# allow cameraserver proc_meminfo:file { read getattr open };
 # Date : WK14.34
 # Operation : Migration
 # Purpose : nvram access (dumchar case for nand and legacy chip)
-allow cameraserver nvram_device:chr_file rw_file_perms;
+# allow cameraserver nvram_device:chr_file rw_file_perms;
 ### TBD, neverallowxperm on line 177 of system/sepolicy/public/domain.te
-#allow cameraserver self:netlink_kobject_uevent_socket { create setopt bind };
+# #allow cameraserver self:netlink_kobject_uevent_socket { create setopt bind };
-allow cameraserver self:capability { net_admin };
+# allow cameraserver self:capability { net_admin };
 # Date : WK14.34
 # Operation : Migration
 # Purpose : VP/VR
-allow cameraserver devmap_device:chr_file { ioctl };
+# allow cameraserver devmap_device:chr_file { ioctl };
 # Date : WK14.34
 # Operation : Migration
 # Purpose : Smartcard Service
 ### TBD, neverallowxperm on line 177 of system/sepolicy/public/domain.te
-#allow cameraserver self:netlink_kobject_uevent_socket read;
+# #allow cameraserver self:netlink_kobject_uevent_socket read;
-allow cameraserver system_data_file:file open;
+# allow cameraserver system_data_file:file open;
 # Date : WK14.36
 # Operation : Migration
 # Purpose : media server and bt process communication for A2DP data.and other control flow
-allow cameraserver bluetooth:unix_dgram_socket sendto;
+# allow cameraserver bluetooth:unix_dgram_socket sendto;
-allow cameraserver bt_a2dp_stream_socket:sock_file write;
+# allow cameraserver bt_a2dp_stream_socket:sock_file write;
-allow cameraserver bt_int_adp_socket:sock_file write;
+# allow cameraserver bt_int_adp_socket:sock_file write;
 # Date : WK14.37
 # Operation : Migration
 # Purpose : camera ioctl
-allow cameraserver camera_sysram_device:chr_file r_file_perms;
+# allow cameraserver camera_sysram_device:chr_file r_file_perms;
 # Date : WK14.36
 # Operation : Migration
 # Purpose : VDEC/VENC device node
-allow cameraserver Vcodec_device:chr_file rw_file_perms;
+# allow cameraserver Vcodec_device:chr_file rw_file_perms;
 # Date : WK14.36
 # Operation : Migration
 # Purpose :  access nvram, otp, ccci cdoec devices.
-allow cameraserver MtkCodecService:binder call;
+# allow cameraserver MtkCodecService:binder call;
-allow cameraserver ccci_device:chr_file rw_file_perms;
+# allow cameraserver ccci_device:chr_file rw_file_perms;
-allow cameraserver eemcs_device:chr_file rw_file_perms;
+# allow cameraserver eemcs_device:chr_file rw_file_perms;
-allow cameraserver devmap_device:chr_file r_file_perms;
+# allow cameraserver devmap_device:chr_file r_file_perms;
-allow cameraserver ebc_device:chr_file rw_file_perms;
+# allow cameraserver ebc_device:chr_file rw_file_perms;
-allow cameraserver nvram_device:blk_file rw_file_perms;
+# allow cameraserver nvram_device:blk_file rw_file_perms;
-allow cameraserver bootdevice_block_device:blk_file rw_file_perms;
+# allow cameraserver bootdevice_block_device:blk_file rw_file_perms;
 # Date : WK14.36
 # Operation : Migration
 # Purpose : for SW codec VP/VR
-allow cameraserver mtk_sched_device:chr_file rw_file_perms;
+# allow cameraserver mtk_sched_device:chr_file rw_file_perms;
 # Date : WK14.38
 # Operation : Migration
 # Purpose : NVRam access
-allow cameraserver block_device:dir { write search };
+# allow cameraserver block_device:dir { write search };
 # Date : WK14.38
 # Operation : Migration
 # Purpose : FM driver access
-allow cameraserver fm_device:chr_file rw_file_perms;
+# allow cameraserver fm_device:chr_file rw_file_perms;
 # Data : WK14.38
 # Operation : Migration
 # Purpose : for VP/VR
-allow cameraserver block_device:dir search;
+# allow cameraserver block_device:dir search;
-allow cameraserver FM50AF_device:chr_file rw_file_perms;
+# allow cameraserver FM50AF_device:chr_file rw_file_perms;
-allow cameraserver AD5820AF_device:chr_file rw_file_perms;
+# allow cameraserver AD5820AF_device:chr_file rw_file_perms;
-allow cameraserver DW9714AF_device:chr_file rw_file_perms;
+# allow cameraserver DW9714AF_device:chr_file rw_file_perms;
-allow cameraserver DW9814AF_device:chr_file rw_file_perms;
+# allow cameraserver DW9814AF_device:chr_file rw_file_perms;
-allow cameraserver AK7345AF_device:chr_file rw_file_perms;
+# allow cameraserver AK7345AF_device:chr_file rw_file_perms;
-allow cameraserver DW9714A_device:chr_file rw_file_perms;
+# allow cameraserver DW9714A_device:chr_file rw_file_perms;
-allow cameraserver LC898122AF_device:chr_file rw_file_perms;
+# allow cameraserver LC898122AF_device:chr_file rw_file_perms;
-allow cameraserver LC898212AF_device:chr_file rw_file_perms;
+# allow cameraserver LC898212AF_device:chr_file rw_file_perms;
-allow cameraserver BU6429AF_device:chr_file rw_file_perms;
+# allow cameraserver BU6429AF_device:chr_file rw_file_perms;
-allow cameraserver DW9718AF_device:chr_file rw_file_perms;
+# allow cameraserver DW9718AF_device:chr_file rw_file_perms;
-allow cameraserver BU64745GWZAF_device:chr_file rw_file_perms;
+# allow cameraserver BU64745GWZAF_device:chr_file rw_file_perms;
-allow cameraserver MAINAF_device:chr_file rw_file_perms;
+# allow cameraserver MAINAF_device:chr_file rw_file_perms;
-allow cameraserver MAIN2AF_device:chr_file rw_file_perms;
+# allow cameraserver MAIN2AF_device:chr_file rw_file_perms;
-allow cameraserver SUBAF_device:chr_file rw_file_perms;
+# allow cameraserver SUBAF_device:chr_file rw_file_perms;
 # Data : WK14.38
 # Operation : Migration
 # Purpose : for boot animation.
-allow cameraserver bootanim:binder { transfer call };
+# allow cameraserver bootanim:binder { transfer call };
-allow cameraserver mtkbootanimation:binder { transfer call };
+# allow cameraserver mtkbootanimation:binder { transfer call };
 # Data : WK14.38
 # Operation : Migration
 # Purpose : dump for debug
-allow cameraserver sdcard_type:file append;
+# allow cameraserver sdcard_type:file append;
 # Date : WK14.39
 # Operation : Migration
 # Purpose : FDVT Driver
-allow cameraserver camera_fdvt_device:chr_file rw_file_perms;
+# allow cameraserver camera_fdvt_device:chr_file rw_file_perms;
 # Date : WK14.39
 # Operation : Migration
 # Purpose : APE PLAYBACK
-binder_call(cameraserver,MtkCodecService)
+# binder_call(cameraserver, MtkCodecService)
 # Data : WK14.39
 # Operation : Migration
 # Purpose : HW encrypt SW codec
-allow cameraserver sec_device:chr_file r_file_perms;
+# allow cameraserver sec_device:chr_file r_file_perms;
 # Date : WK14.40
 # Operation : Migration
@ -161,111 +161,111 @@ allow cameraserver graphics_device:chr_file rw_file_perms;
 # Date : WK14.40
 # Operation : Migration
 # Purpose : Smartpa
-allow cameraserver smartpa_device:chr_file rw_file_perms;
+# allow cameraserver smartpa_device:chr_file rw_file_perms;
 # Date : WK14.40
 # Operation : Migration
 # Purpose : mtk_jpeg
-allow cameraserver mtk_jpeg_device:chr_file r_file_perms;
+# allow cameraserver mtk_jpeg_device:chr_file r_file_perms;
 # Date : WK14.41
 # Operation : Migration
 # Purpose : WFD HID Driver
-allow cameraserver uhid_device:chr_file rw_file_perms;
+# allow cameraserver uhid_device:chr_file rw_file_perms;
 # Date : WK14.41
 # Operation : Migration
 # Purpose : Camera EEPROM Calibration
-allow cameraserver CAM_CAL_DRV_device:chr_file rw_file_perms;
+# allow cameraserver CAM_CAL_DRV_device:chr_file rw_file_perms;
-allow cameraserver CAM_CAL_DRV1_device:chr_file rw_file_perms;
+# allow cameraserver CAM_CAL_DRV1_device:chr_file rw_file_perms;
-allow cameraserver CAM_CAL_DRV2_device:chr_file rw_file_perms;
+# allow cameraserver CAM_CAL_DRV2_device:chr_file rw_file_perms;
 # Date : WK14.43
 # Operation : Migration
 # Purpose : VOW
-allow cameraserver vow_device:chr_file rw_file_perms;
+# allow cameraserver vow_device:chr_file rw_file_perms;
 # Date: WK14.44
 # Operation : Migration
 # Purpose : EVDO
-allow cameraserver rpc_socket:sock_file write;
+# allow cameraserver rpc_socket:sock_file write;
-allow cameraserver ttySDIO_device:chr_file rw_file_perms;
+# allow cameraserver ttySDIO_device:chr_file rw_file_perms;
 # Data: WK14.44
 # Operation : Migration
 # Purpose : VP
-allow cameraserver surfaceflinger:file getattr;
+# allow cameraserver surfaceflinger:file getattr;
 # Data: WK14.44
 # Operation : Migration
 # Purpose : for low SD card latency issue
-allow cameraserver sysfs_lowmemorykiller:file { read open };
+# allow cameraserver sysfs_lowmemorykiller:file { read open };
 # Data: WK14.45
 # Operation : Migration
 # Purpose : for change thermal policy when needed
-allow cameraserver proc_mtkcooler:dir search;
+# allow cameraserver proc_mtkcooler:dir search;
-allow cameraserver proc_mtktz:dir search;
+# allow cameraserver proc_mtktz:dir search;
-allow cameraserver proc_thermal:dir search;
+# allow cameraserver proc_thermal:dir search;
 # Date : WK14.46
 # Operation : Migration
 # Purpose : for MTK Emulator HW GPU
-allow cameraserver qemu_pipe_device:chr_file rw_file_perms;
+# allow cameraserver qemu_pipe_device:chr_file rw_file_perms;
 # Date : WK14.46
 # Operation : Migration
 # Purpose : for camera init
-allow cameraserver system_server:unix_stream_socket { read write };
+# allow cameraserver system_server:unix_stream_socket { read write };
 # Data : WK14.46
 # Operation : Migration
 # Purpose : for SMS app
-allow cameraserver radio_data_file:dir search;
+# allow cameraserver radio_data_file:dir search;
-allow cameraserver radio_data_file:file open;
+# allow cameraserver radio_data_file:file open;
 # Data : WK14.47
 # Operation : Launch camcorder from MMS
 # Purpose : Camcorder
-allow cameraserver radio_data_file:file open;
+# allow cameraserver radio_data_file:file open;
 # Data : WK14.47
 # Operation : CTS
 # Purpose : cts search strange app
-allow cameraserver untrusted_app:dir search;
+# allow cameraserver untrusted_app:dir search;
 # Date : WK15.03
 # Operation : Migration
 # Purpose : offloadservice
-allow cameraserver offloadservice_device:chr_file rw_file_perms;
+# allow cameraserver offloadservice_device:chr_file rw_file_perms;
 # Date : WK15.32
 # Operation : Pre-sanity
 # Purpose : 3A algorithm need to access sensor service
-allow cameraserver sensorservice_service:service_manager find;
+# allow cameraserver sensorservice_service:service_manager find;
 # Date : WK15.34
 # Operation : Migration
 # Purpose: for camera middleware dump image buffer to sdcard & audio frameworks dump
-allow cameraserver system_data_file:dir write;
+# allow cameraserver system_data_file:dir write;
-allow cameraserver storage_file:lnk_file {read write};
+# allow cameraserver storage_file:lnk_file {read write};
-allow cameraserver mnt_user_file:dir {write read search};
+# allow cameraserver mnt_user_file:dir {write read search};
-allow cameraserver mnt_user_file:lnk_file {read write};
+# allow cameraserver mnt_user_file:lnk_file {read write};
 # Date : WK15.35
 # Operation : Migration
 # Purpose: Allow cameraserver to read binder from surfaceflinger
-allow cameraserver surfaceflinger:fifo_file {read write};
+# allow cameraserver surfaceflinger:fifo_file {read write};
 # Date : WK15.46
 # Operation : Migration
 # Purpose : DPE Driver
-allow cameraserver camera_dpe_device:chr_file rw_file_perms;
+# allow cameraserver camera_dpe_device:chr_file rw_file_perms;
 # Date : WK15.46
 # Operation : Migration
 # Purpose : TSF Driver
-allow cameraserver camera_tsf_device:chr_file rw_file_perms;
+# allow cameraserver camera_tsf_device:chr_file rw_file_perms;
 # Date : WK16.20
 # Operation : Migration
@ -282,15 +282,15 @@ allow cameraserver gpu_device:dir search;
 # Date : WK16.30
 # Operation : Migration
 # Purpose :  Use file_type_auto_trans to specify label to avoid violated(never allow)
-allow cameraserver property_socket:sock_file write;
+# allow cameraserver property_socket:sock_file write;
-allow cameraserver proc:file getattr;
+# allow cameraserver proc:file getattr;
-allow cameraserver shell_exec:file { execute read getattr open};
+# allow cameraserver shell_exec:file { execute read getattr open};
-allow cameraserver init:unix_stream_socket connectto;
+# allow cameraserver init:unix_stream_socket connectto;
 # Date : WK16.32
 # Operation : Migration
 # Purpose : RSC Driver
-allow cameraserver camera_rsc_device:chr_file rw_file_perms;
+# allow cameraserver camera_rsc_device:chr_file rw_file_perms;
 # Date : WK16.33
 # Purpose: Allow to access ged for gralloc_extra functions
@ -299,29 +299,29 @@ allow cameraserver proc_ged:file {open read write ioctl getattr};
 # Date : WK16.33
 # Operation : Migration
 # Purpose : GEPF Driver
-allow cameraserver camera_gepf_device:chr_file rw_file_perms;
+# allow cameraserver camera_gepf_device:chr_file rw_file_perms;
 # Date : WK16.35
 # Operation : Migration
 # Purpose : Update camera flashlight driver device file
-allow cameraserver flashlight_device:chr_file rw_file_perms;
+# allow cameraserver flashlight_device:chr_file rw_file_perms;
 # Data : WK16.42
 # Operator: Whitney bring up
 # Purpose: call surfaceflinger due to powervr
-allow cameraserver surfaceflinger:fifo_file rw_file_perms;
+# allow cameraserver surfaceflinger:fifo_file rw_file_perms;
 # Date : WK16.43
 # Operation : Migration
 # Purpose : WPE Driver
-allow cameraserver camera_wpe_device:chr_file rw_file_perms;
+# allow cameraserver camera_wpe_device:chr_file rw_file_perms;
 # Date : WK16.49
 # Operation : label aee_aed sockets
 # Purpose : Engineering mode need access for aee commmand
-userdebug_or_eng(`
+# userdebug_or_eng(`
-allow cameraserver aee_aed:unix_stream_socket connectto;
+# allow cameraserver aee_aed:unix_stream_socket connectto;
-')
+# ')
 # Purpose: Allow to access debugfs_ion dir.
 allow cameraserver system_data_file:lnk_file read;
@ -329,7 +329,7 @@ allow cameraserver system_data_file:lnk_file read;
 # Date : WK17.19
 # Operation : Migration
 # Purpose : OWE Driver
-allow cameraserver camera_owe_device:chr_file rw_file_perms;
+# allow cameraserver camera_owe_device:chr_file rw_file_perms;
 # Date : WK17.25
 # Operation : Migration
@ -338,24 +338,24 @@ allow cameraserver debugfs_ion:dir search;
 # Date : WK17.30
 # Operation : O Migration
 # Purpose: Allow to access cmdq driver
-allow cameraserver mtk_cmdq_device:chr_file { read ioctl open };
+# allow cameraserver mtk_cmdq_device:chr_file { read ioctl open };
 # Date : WK17.28
 # Operation : MT6757 SQC
 # Purpose : Change thermal config
-typeattribute cameraserver system_writes_vendor_properties_violators;
+# typeattribute cameraserver system_writes_vendor_properties_violators;
-allow cameraserver mtk_thermal_config_prop:file { getattr open read };
+# allow cameraserver mtk_thermal_config_prop:file { getattr open read };
 # Date : WK17.44
 # Operation : Migration
 # Purpose : DIP Driver
-allow cameraserver camera_dip_device:chr_file rw_file_perms;
+# allow cameraserver camera_dip_device:chr_file rw_file_perms;
 # Date : WK17.44
 # Operation : Migration
 # Purpose : MFB Driver
-allow cameraserver camera_mfb_device:chr_file rw_file_perms;
+# allow cameraserver camera_mfb_device:chr_file rw_file_perms;
 # Date : WK17.49
 # Operation : MT6771 SQC