sanders: update sepolicy

* fix build with treble
2018-06-05 10:25:12 +02:00
parent 82db051a4e
commit 10188cc108
20 changed files with 75 additions and 67 deletions
--- a/sepolicy/vendor/mm-qcamerad.te
+++ b/sepolicy/vendor/mm-qcamerad.te
@@ -1,26 +1,25 @@
-binder_call(mm-qcamerad, servicemanager);
-binder_use(mm-qcamerad);
-binder_call(mm-qcamerad, binderservicedomain);
-binder_call(mm-qcamerad, appdomain);
-binder_call(mm-qcamerad, hal_sensors_default);
+# binder_call(mm-qcamerad, servicemanager);
+# binder_use(mm-qcamerad);
+# binder_call(mm-qcamerad, binderservicedomain);
+# binder_call(mm-qcamerad, appdomain);
+# binder_call(mm-qcamerad, hal_sensors_default);
 set_prop(mm-qcamerad, camera_prop);

 allow servicemanager mm-qcamerad:dir { search };
 allow servicemanager mm-qcamerad:file { read open };
 allow servicemanager mm-qcamerad:process { getattr };

-allow mm-qcamerad camera_data_file:sock_file { create unlink write };
-allow mm-qcamerad system_server:unix_stream_socket rw_socket_perms;
-allow mm-qcamerad sensorservice_service:service_manager find;
+# allow mm-qcamerad camera_data_file:sock_file { create unlink write };
+# allow mm-qcamerad system_server:unix_stream_socket rw_socket_perms;
+#allow mm-qcamerad sensorservice_service:service_manager find;
 allow mm-qcamerad vendor_camera_data_file:file rw_file_perms;
-allow mm-qcamerad permission_service:service_manager find;
+# allow mm-qcamerad permission_service:service_manager find;
 allow mm-qcamerad debug_prop:property_service set;
 allow mm-qcamerad persist_file:dir search;
 allow mm-qcamerad persist_file:file { read getattr open };
 allow mm-qcamerad system_data_file:dir read;

 allow mm-qcamerad init:unix_stream_socket { read write };
-allow mm-qcamerad sysfs_graphics:file { open read };

 allow mm-qcamerad hal_sensors_default:unix_stream_socket { read write };