1# communicate with perfd 2allow cameraserver perfd_data_file:dir search; 3allow cameraserver perfd:unix_stream_socket connectto; 4allow cameraserver perfd_data_file:sock_file write; 5 6# communicate with camera 7allow cameraserver camera:unix_dgram_socket sendto; 8allow cameraserver camera_data_file:sock_file write; 9allow cameraserver camera_device:chr_file rw_file_perms; 10 11allow cameraserver gpu_device:chr_file rw_file_perms; 12 13# access to /dev/input/event{5,10} 14allow cameraserver input_device:dir r_dir_perms; 15allow cameraserver input_device:chr_file r_file_perms; 16 17set_prop(cameraserver, camera_prop) 18 19allow cameraserver sysfs_enable_ps_sensor:file w_file_perms; 20r_dir_file(cameraserver, sysfs_type) 21# find libraries 22allow cameraserver system_file:dir r_dir_perms; 23 24# talk to system_server 25allow cameraserver system_server:unix_stream_socket { read write }; 26 27allow cameraserver sensorservice_service:service_manager find; 28 29allow cameraserver self:socket { create ioctl read write }; 30 31# Grant access to Qualcomm MSM Interface (QMI) radio sockets 32qmux_socket(cameraserver) 33 34# allow cameraserver to call some socket ioctls 35allowxperm cameraserver self:socket ioctl { IPC_ROUTER_IOCTL_LOOKUP_SERVER IPC_ROUTER_IOCTL_BIND_CONTROL_PORT }; 36 37