cameraservice: Add selinux policy for vndk cameraservice.
This CL adds a new cameraservice type to allow vendor clients of
cameraservice to query and find the stable cameraservice
implementation.
Bug: 243593375
Test: Manually tested that cameraservice can register a vendor facing
instance.
Change-Id: I61499406d4811c898719abcb89c51b4b8a29f4a7
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 2ee0ae2..1da0aa3 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -118,6 +118,7 @@
"android.hardware.wifi.IWifi/default": EXCEPTION_NO_FUZZER,
"android.hardware.wifi.hostapd.IHostapd/default": EXCEPTION_NO_FUZZER,
"android.hardware.wifi.supplicant.ISupplicant/default": EXCEPTION_NO_FUZZER,
+ "android.frameworks.cameraservice.service.ICameraService/default": EXCEPTION_NO_FUZZER,
"android.frameworks.sensorservice.ISensorManager/default": []string{"libsensorserviceaidl_fuzzer"},
"android.frameworks.stats.IStats/default": EXCEPTION_NO_FUZZER,
"android.se.omapi.ISecureElementService/default": EXCEPTION_NO_FUZZER,
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 4e6c053..9d78291 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -12,6 +12,7 @@
device_config_memory_safety_native_prop
device_config_vendor_system_native_prop
devicelock_service
+ fwk_camera_service
fwk_sensor_service
hal_bootctl_service
hal_cas_service
diff --git a/private/service_contexts b/private/service_contexts
index e9fc83c..645e91c 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -1,3 +1,4 @@
+android.frameworks.cameraservice.service.ICameraService/default u:object_r:fwk_camera_service:s0
android.frameworks.stats.IStats/default u:object_r:fwk_stats_service:s0
android.frameworks.sensorservice.ISensorManager/default u:object_r:fwk_sensor_service:s0
android.hardware.audio.core.IConfig/default u:object_r:hal_audio_service:s0
diff --git a/public/cameraserver.te b/public/cameraserver.te
index d41339a..c88e3f0 100644
--- a/public/cameraserver.te
+++ b/public/cameraserver.te
@@ -19,6 +19,7 @@
allow cameraserver hal_graphics_composer:fd use;
add_service(cameraserver, cameraserver_service)
+add_service(cameraserver, fwk_camera_service)
add_hwservice(cameraserver, fwk_camera_hwservice)
allow cameraserver activity_service:service_manager find;
diff --git a/public/service.te b/public/service.te
index 1fcaaf1..c092be2 100644
--- a/public/service.te
+++ b/public/service.te
@@ -7,6 +7,7 @@
type batteryproperties_service, app_api_service, ephemeral_app_api_service, service_manager_type;
type bluetooth_service, service_manager_type;
type cameraserver_service, service_manager_type;
+type fwk_camera_service, service_manager_type;
type default_android_service, service_manager_type;
type dice_maintenance_service, service_manager_type;
type dice_node_service, service_manager_type;