From cc8a09f5ce4259f431bed8e994e2c2d347f126a7 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Sat, 23 Apr 2016 16:34:03 -0700
Subject: [PATCH] Re-introduce camera_device type

camera_device was previously removed in AOSP commit: b7aace2d
"camera_device: remove type and add typealias" because the
same domains required access to both without exception, meaning
there was no benefit to distinguishing between the two. However,
with the split up of mediaserver this is no longer the case and
distinguishing between the camera and video  provides a legitimate
security benefit. For example, the mediacodec domain requires access
to the video_device for access to hardware accelerated codecs but does
not require access to the camera.

Bug: 28359909
Change-Id: I8a4592722d8e6391c0e91b440914284b7245e232
---
 app.te    | 5 +++--
 device.te | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app.te b/app.te
index c4ebdf65f..56cecb52e 100644
--- a/app.te
+++ b/app.te
@@ -279,11 +279,12 @@ neverallow appdomain dev_type:blk_file { read write };
 # Access to any of the following character devices.
 neverallow appdomain {
     audio_device
-    video_device
+    camera_device
     dm_device
-    radio_device
     gps_device
+    radio_device
     rpmsg_device
+    video_device
 }:chr_file { read write };
 
 # Note: Try expanding list of app domains in the future.
diff --git a/device.te b/device.te
index 0fc90c51d..06006b26d 100644
--- a/device.te
+++ b/device.te
@@ -6,6 +6,7 @@ type ashmem_device, dev_type, mlstrustedobject;
 type audio_device, dev_type;
 type binder_device, dev_type, mlstrustedobject;
 type block_device, dev_type;
+type camera_device, dev_type;
 type dm_device, dev_type;
 type loop_device, dev_type;
 type pmsg_device, dev_type, mlstrustedobject;
-- 
GitLab