From 815affc8daf3c08512d048606f2e536627349616 Mon Sep 17 00:00:00 2001
From: Eino-Ville Talvala <etalvala@google.com>
Date: Fri, 6 Oct 2017 13:29:49 -0700
Subject: [PATCH] hal_camera: Don't allow access to /data/misc/camera

HALs are supposed to only access /data/vendor/*

Test: Camera CTS/ITS on walleye
Bug: 36601397
Change-Id: I8f586938127b5a9acaace4d5b8c3fc42ab13e0cf
(cherry picked from commit d7241d627dc925c1ba6bb2f8638f7918d7c18e43)
---
 public/hal_camera.te | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/public/hal_camera.te b/public/hal_camera.te
index 413a057bc..d0824c347 100644
--- a/public/hal_camera.te
+++ b/public/hal_camera.te
@@ -5,10 +5,6 @@ binder_call(hal_camera_server, hal_camera_client)
 add_hwservice(hal_camera_server, hal_camera_hwservice)
 allow hal_camera_client hal_camera_hwservice:hwservice_manager find;
 
-# access /data/misc/camera
-allow hal_camera camera_data_file:dir create_dir_perms;
-allow hal_camera camera_data_file:file create_file_perms;
-
 allow hal_camera video_device:dir r_dir_perms;
 allow hal_camera video_device:chr_file rw_file_perms;
 allow hal_camera camera_device:chr_file rw_file_perms;
-- 
GitLab