Allow system_server to communicate with virtual_camera

and consitently name service and process as "virtual_camera" (with
underscore)

Test: Cts VirtalCameraTest
Bug: 270352264
Change-Id: I2c6c0c03aab47aa1795cbda19af25e6661a0bf4a
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index f336924..b84c5fa 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -464,7 +464,7 @@
 		"vibrator_manager":             EXCEPTION_NO_FUZZER,
 		"virtualdevice":                EXCEPTION_NO_FUZZER,
 		"virtualdevice_native":         EXCEPTION_NO_FUZZER,
-		"virtual_camera_service":       EXCEPTION_NO_FUZZER,
+		"virtual_camera":               EXCEPTION_NO_FUZZER,
 		"virtual_touchpad":             EXCEPTION_NO_FUZZER,
 		"voiceinteraction":             EXCEPTION_NO_FUZZER,
 		"vold":                         []string{"vold_native_service_fuzzer"},
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 74701df..26cff1f 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -172,7 +172,6 @@
 user=_app seinfo=platform name=com.android.traceur domain=traceur_app type=app_data_file levelFrom=all
 user=system seinfo=platform domain=system_app type=system_app_data_file
 user=system seinfo=platform isPrivApp=true name=com.android.DeviceAsWebcam domain=device_as_webcam type=system_app_data_file levelFrom=all
-user=system seinfo=platform isPrivApp=true name=com.android.virtualcamera domain=virtual_camera type=app_data_file levelFrom=all
 user=bluetooth seinfo=bluetooth domain=bluetooth type=bluetooth_data_file
 user=network_stack seinfo=network_stack domain=network_stack type=radio_data_file
 user=nfc seinfo=platform domain=nfc type=nfc_data_file
diff --git a/private/service_contexts b/private/service_contexts
index 898cb14..a803d51 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -438,6 +438,7 @@
 vibrator                                  u:object_r:vibrator_service:s0
 vibrator_control               	  	  u:object_r:vibrator_control_service:s0
 vibrator_manager                          u:object_r:vibrator_manager_service:s0
+virtual_camera                            u:object_r:virtual_camera_service:s0
 virtualdevice                             u:object_r:virtual_device_service:s0
 virtualdevice_native                      u:object_r:virtual_device_native_service:s0
 virtual_touchpad                          u:object_r:virtual_touchpad_service:s0
diff --git a/private/system_server.te b/private/system_server.te
index 97e64af..2a9da11 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -298,6 +298,7 @@
 binder_call(system_server, statsd)
 binder_call(system_server, storaged)
 binder_call(system_server, update_engine)
+binder_call(system_server, virtual_camera)
 binder_call(system_server, vold)
 binder_call(system_server, logd)
 binder_call(system_server, wificond)
diff --git a/private/virtual_camera.te b/private/virtual_camera.te
index 765a59f..c6a1abb 100644
--- a/private/virtual_camera.te
+++ b/private/virtual_camera.te
@@ -9,6 +9,8 @@
 # hal_server_domain(virtual_camera, hal_camera) macro but only the rules that
 # we actually need from halserverdomain and hal_camera_server:
 binder_use(virtual_camera)
+binder_call(virtual_camera, cameraserver)
+binder_call(virtual_camera, system_server)
 
 # Allow virtual_camera to use fd from apps
 allow virtual_camera { appdomain -isolated_app }:fd use;