From f34b903cf8c920e5822bed0bb789ecd5ca21832a Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Wed, 15 Feb 2017 12:46:52 -0800
Subject: [PATCH] Added file_contexts for more sysfs_camera files.

These should finish up the camera denials during boot:
denied { read } for pid=760 comm="cameraserver" name="name" dev="sysfs"
ino=42189 scontext=u:r:cameraserver:s0 tcontext=u:object_r:sysfs:s0
tclass=file

denied { open } for pid=757 comm="cameraserver"
path="/sys/devices/soc/caa4000.qcom,fd/video4linux/video2/name"
dev="sysfs" ino=42231 scontext=u:r:cameraserver:s0
tcontext=u:object_r:sysfs:s0 tclass=file

Bug: 34784662
Test: The above denials no longer appear during boot
Change-Id: I1ecf20215be36c2d34663cfa329988cf40422ae1
---
 sepolicy/file_contexts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index faef114..c4f0b78 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -50,6 +50,8 @@
 /sys/devices/virtual/graphics/fb([0-2])+/idle_time                  u:object_r:sysfs_graphics:s0
 /sys/devices/soc/8c0000\.qcom,msm-cam(/.*)?                         u:object_r:sysfs_camera:s0
 /sys/devices/soc0(/.*)?                                             u:object_r:sysfs_soc:s0
+/sys/devices/soc/caa0000\.qcom,jpeg(/.*)?                           u:object_r:sysfs_camera:s0
+/sys/devices/soc/caa4000\.qcom,fd(/.*)?                             u:object_r:sysfs_camera:s0
 
 # files in /system
 /system/bin/init\.power\.sh            u:object_r:init_power_exec:s0