sepolicy: Add rules for data/vendor/camera

Enabling SE Linux policies for /data/vendor/camera
for filecreate and read permission

Change-Id: I971d74f76461b502911a4fabb2753d7b537845c0

vendor/common/file.te

@@ -86,7 +86,7 @@ type persist_bluetooth_file, file_type;
 type netmgr_data_file, file_type, data_file_type;
 type ipa_vendor_data_file, file_type, data_file_type;
 
-type camera_vendor_data_file, file_type, data_file_type;
+type vendor_camera_data_file, file_type, data_file_type;
 type display_vendor_data_file, file_type, data_file_type;
 type nfc_vendor_data_file, file_type, data_file_type;
 type radio_vendor_data_file, file_type, data_file_type, mlstrustedobject;

vendor/common/file_contexts

@@ -195,7 +195,7 @@
 /data/vendor/netmgr(/.*)?              u:object_r:netmgr_data_file:s0
 /data/vendor/location(/.*)?            u:object_r:location_data_file:s0
 /data/nfc(/.*)?                        u:object_r:nfc_data_file:s0
-/data/vendor/camera(/.*)?              u:object_r:camera_vendor_data_file:s0
+/data/vendor/camera(/.*)?              u:object_r:vendor_camera_data_file:s0
 /data/vendor/display(/.*)?             u:object_r:display_vendor_data_file:s0
 /data/vendor/nfc(/.*)?                 u:object_r:nfc_vendor_data_file:s0
 /data/vendor/radio(/.*)?               u:object_r:radio_vendor_data_file:s0

vendor/common/hal_camera.te

@@ -35,6 +35,10 @@ allowxperm hal_camera self:socket ioctl { IPC_ROUTER_IOCTL_LOOKUP_SERVER IPC_ROU
 # ignore spurious denial
 dontaudit hal_camera graphics_device:dir search;
 
+
+allow hal_camera vendor_camera_data_file:dir rw_dir_perms;
+allow hal_camera vendor_camera_data_file:file create_file_perms;
+
 userdebug_or_eng(`
   allow hal_camera diag_device:chr_file rw_file_perms;
 ')

vendor/common/vendor_init.te

@@ -64,7 +64,7 @@ allow vendor_init vendor_file:system module_load;
 
 allow vendor_init {
     bluetooth_data_file
-    camera_data_file
+    vendor_camera_data_file
     dhcp_data_file
     media_rw_data_file
     nfc_data_file