d64cf75c48
Adds a policy to run the virtual_camera process which: - registers a service implementing the camera HAL - registers a service to reveive communicate with virtual cameras via system_server Bug: 253991421 Test: CTS test android.virtualdevice.cts.VirtualDeviceManagerBasicTest#createDevice_createCamera Change-Id: I772d176919b8dcd3b73946935ed439207c948f2b
16 lines
654 B
Text
16 lines
654 B
Text
# virtual_camera - virtual camera daemon
|
|
|
|
type virtual_camera, domain, coredomain;
|
|
|
|
app_domain(virtual_camera)
|
|
|
|
allow virtual_camera system_app_data_file:dir create_dir_perms;
|
|
allow virtual_camera system_app_data_file:file create_file_perms;
|
|
|
|
allow virtual_camera activity_service:service_manager find;
|
|
|
|
# hal_server_domain adds this rule to prevent any other domain from adding
|
|
# a virtual_camera_service. We cannot mix app_domain and hal_server_domain
|
|
# so we use app_domain and manully add the neverallow
|
|
allow virtual_camera virtual_camera_service:service_manager add;
|
|
neverallow { domain -virtual_camera} virtual_camera_service:service_manager add;
|