From e7729bc10e47251bc4cde5b33b33fdd52124a0e5 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 10 May 2017 12:47:38 -0700
Subject: [PATCH] allow camera HAL to talk to perf

avc: denied { connectto } path="/dev/socket/perfd"
scontext=u:r:hal_camera_default:s0 tcontext=u:r:perfd:s0
tclass=unix_stream_socket

Bug: 38200564
Change-Id: Ib68364976474200420c1b0d1953167a8594d4763
Test: policy builds
---
 sepolicy/hal_camera.te | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sepolicy/hal_camera.te b/sepolicy/hal_camera.te
index 187a4736..61de147e 100644
--- a/sepolicy/hal_camera.te
+++ b/sepolicy/hal_camera.te
@@ -1,7 +1,6 @@
 # communicate with perfd
-#allow hal_camera perfd_data_file:dir search;
-#allow hal_camera perfd:unix_stream_socket connectto;
-#allow hal_camera perfd_data_file:sock_file write;
+allow hal_camera perfd:unix_stream_socket connectto;
+allow hal_camera perfd_socket:sock_file write;
 
 allow hal_camera self:capability sys_nice;