Cameraserver: Allow cameraserver to access /data/misc/cameraserver Test: Cameraserver writes/reads/overwrites files in the folder Bug: 79465976 Change-Id: I76460844a8e02e4c6ce704b85c72e57f861f5b18

commit: 4e1497c7c0cc0a0a8e15bfd6b9fda8ac083a5d10 [log] [tgz]
author: Shuzhen Wang <shuzhenwang@google.com> Fri Jan 25 09:29:45 2019 -0800
committer: Shuzhen Wang <shuzhenwang@google.com> Mon Jan 28 07:32:00 2019 -0800
tree: 93be3529dcf7f50b863debb6a61a8903fe8af4cf
parent: 8db7e4a7fac828960c9e86830a48f4330c79f2b8 [diff]
diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index e8ac336..d43705f 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil

@@ -22,6 +22,7 @@
     biometric_service
     bpf_progs_loaded_prop
     bugreport_service
+    cameraserver_data_file
     content_capture_service
     content_suggestions_service
     cpu_variant_prop

diff --git a/private/file_contexts b/private/file_contexts
index 01c5bb0..af9572d 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -456,6 +456,7 @@
 /data/misc/bluedroid/\.a2dp_ctrl u:object_r:bluetooth_socket:s0
 /data/misc/bluedroid/\.a2dp_data u:object_r:bluetooth_socket:s0
 /data/misc/camera(/.*)?         u:object_r:camera_data_file:s0
+/data/misc/cameraserver(/.*)?   u:object_r:cameraserver_data_file:s0
 /data/misc/carrierid(/.*)?      u:object_r:radio_data_file:s0
 /data/misc/dhcp(/.*)?           u:object_r:dhcp_data_file:s0
 /data/misc/dhcp-6\.8\.2(/.*)?     u:object_r:dhcp_data_file:s0

diff --git a/public/cameraserver.te b/public/cameraserver.te
index 4e28298..fee4bdb 100644
--- a/public/cameraserver.te
+++ b/public/cameraserver.te

@@ -62,6 +62,11 @@
 hal_client_domain(cameraserver, hal_omx)
 hal_client_domain(cameraserver, hal_allocator)
 
+userdebug_or_eng(`
+  allow cameraserver cameraserver_data_file:dir { add_name write search remove_name };
+  allow cameraserver cameraserver_data_file:file { create write open read unlink };
+')
+
 # Allow shell commands from ADB for CTS testing/dumping
 userdebug_or_eng(`
   allow cameraserver su:fd use;

diff --git a/public/file.te b/public/file.te
index 2d26610..e0f67a4 100644
--- a/public/file.te
+++ b/public/file.te

@@ -291,6 +291,7 @@
 type bootstat_data_file, file_type, data_file_type, core_data_file_type;
 type boottrace_data_file, file_type, data_file_type, core_data_file_type;
 type camera_data_file, file_type, data_file_type, core_data_file_type;
+type cameraserver_data_file, file_type, data_file_type, core_data_file_type;
 type gatekeeper_data_file, file_type, data_file_type, core_data_file_type;
 type incident_data_file, file_type, data_file_type, core_data_file_type;
 type keychain_data_file, file_type, data_file_type, core_data_file_type;
commit	4e1497c7c0cc0a0a8e15bfd6b9fda8ac083a5d10	[log] [tgz]
author	Shuzhen Wang <shuzhenwang@google.com>	Fri Jan 25 09:29:45 2019 -0800
committer	Shuzhen Wang <shuzhenwang@google.com>	Mon Jan 28 07:32:00 2019 -0800
tree	93be3529dcf7f50b863debb6a61a8903fe8af4cf
parent	8db7e4a7fac828960c9e86830a48f4330c79f2b8 [diff]