sepolicy: Add socket and file permissions to sensor1 clients

All sensor1 clients will now need create_socket_perms for QMI access, as well as read access to the Sensor settings file. Change-Id: I54691f00498a82b51092b3a7618d21d1fd4ea3e7 CRs-fixed: 996776
author: Ananda Kishore <kananda@codeaurora.org> 2016-05-18 18:58:52 +0530
committer: Ananda Kishore <kananda@codeaurora.org> 2016-05-27 00:25:57 +0530
commit: 464bd031d2bcda5570204f400e48054752b25557 (patch)
tree: 6a3362864a167d5fbd37f038ecd4d0b50713aeb8 /common/mm-qcamerad.te
parent: 7f683c16875d78cf795f07dfef93d53c7bf04af2 (diff)
download: android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.tar.gz
android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.tar.bz2
android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/common/mm-qcamerad.te b/common/mm-qcamerad.te
index 8d45213b..d6cbcd2b 100644
--- a/common/mm-qcamerad.te
+++ b/common/mm-qcamerad.te
@@ -30,6 +30,10 @@ allow mm-qcamerad system_server:unix_stream_socket rw_socket_perms;
 binder_call(mm-qcamerad, system_server);
 binder_use(mm-qcamerad);
 
+allow mm-qcamerad self:socket create_socket_perms;
+allow mm-qcamerad sensors_persist_file:dir r_dir_perms;
+allow mm-qcamerad sensors_persist_file:file r_file_perms;
+
 allow mm-qcamerad self:process execmem;
 
 # Interact with other media devices
author	Ananda Kishore <kananda@codeaurora.org>	2016-05-18 18:58:52 +0530
committer	Ananda Kishore <kananda@codeaurora.org>	2016-05-27 00:25:57 +0530
commit	464bd031d2bcda5570204f400e48054752b25557 (patch)
tree	6a3362864a167d5fbd37f038ecd4d0b50713aeb8 /common/mm-qcamerad.te
parent	7f683c16875d78cf795f07dfef93d53c7bf04af2 (diff)
download	android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.tar.gz android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.tar.bz2 android_device_qcom_sepolicy-464bd031d2bcda5570204f400e48054752b25557.zip