sepolicy: changes for O

allow bootanim proc_ged:file r_file_perms;

# nvram

allow cameraserver nvdata_file:dir rw_dir_perms;

allow cameraserver nvdata_file:file create_file_perms;

allow cameraserver nvdata_file:lnk_file r_file_perms;

allow cameraserver ccci_device:chr_file rw_file_perms;

# camera

allow cameraserver system_server:unix_stream_socket { read write };

allow cameraserver camera_device:chr_file rw_file_perms;

allow cameraserver mtk_smi_device:chr_file rw_file_perms;

allow cameraserver proc:file { read ioctl open };

allow cameraserver devmap_device:chr_file r_file_perms;

allow cameraserver devmap_device:chr_file { ioctl };

allow cameraserver sysfs_devinfo:file rw_file_perms;

allow cameraserver sysfs_membw:file rw_file_perms;

allow cameraserver proc_meminfo:file { open read getattr };

allow cameraserver sysfs_boot_mode:file r_file_perms;

allow cameraserver sysfs_ddr_type:file r_file_perms;

allow cameraserver proc:file r_file_perms;

allow cameraserver proc_meminfo:file r_file_perms;

allow cameraserver proc_m4u:file r_file_perms;

allow cameraserver proc_mtk_cmdq:file r_file_perms;

allow cameraserver proc_ged:file r_file_perms;

# PQ

allow cameraserver pq_service:service_manager find;

type ccci_fsd_exec, exec_type, file_type;

type ccci_fsd, domain, domain_deprecated;

type ccci_fsd, domain;

init_daemon_domain(ccci_fsd)

type ccci_mdinit_exec, exec_type, file_type;

type ccci_mdinit, domain, domain_deprecated;

type ccci_mdinit, domain;

init_daemon_domain(ccci_mdinit)

type conn_launcher_exec, exec_type, file_type;

type conn_launcher, domain, domain_deprecated;

type conn_launcher, domain;

init_daemon_domain(conn_launcher)

allow conn_launcher stpwmt_device:chr_file rw_file_perms;

allow conn_launcher wmt_prop:property_service set;

allow conn_launcher vendor_file:dir r_file_perms;

unix_socket_connect(conn_launcher, property, init)