platform_system_sepolicy/public/hal_camera.te
Eino-Ville Talvala 815affc8da hal_camera: Don't allow access to /data/misc/camera
HALs are supposed to only access /data/vendor/*

Test: Camera CTS/ITS on walleye
Bug: 36601397
Change-Id: I8f586938127b5a9acaace4d5b8c3fc42ab13e0cf
(cherry picked from commit d7241d627d)
2017-11-10 14:15:04 -08:00

32 lines
1.3 KiB
Text

# HwBinder IPC from clients to server and callbacks
binder_call(hal_camera_client, hal_camera_server)
binder_call(hal_camera_server, hal_camera_client)
add_hwservice(hal_camera_server, hal_camera_hwservice)
allow hal_camera_client hal_camera_hwservice:hwservice_manager find;
allow hal_camera video_device:dir r_dir_perms;
allow hal_camera video_device:chr_file rw_file_perms;
allow hal_camera camera_device:chr_file rw_file_perms;
allow hal_camera ion_device:chr_file rw_file_perms;
# Both the client and the server need to use the graphics allocator
allow { hal_camera_client hal_camera_server } hal_graphics_allocator:fd use;
# Allow hal_camera to use fd from app,gralloc,and ashmem HAL
allow hal_camera { appdomain -isolated_app }:fd use;
allow hal_camera surfaceflinger:fd use;
allow hal_camera hal_allocator_server:fd use;
###
### neverallow rules
###
# hal_camera should never execute any executable without a
# domain transition
neverallow hal_camera { file_type fs_type }:file execute_no_trans;
# hal_camera should never need network access. Disallow network sockets.
neverallow hal_camera domain:{ tcp_socket udp_socket rawip_socket } *;
# Only camera HAL may directly access the camera hardware
neverallow { halserverdomain -hal_camera_server } camera_device:chr_file *;