1*e4a36f41SAndroid Build Coastguard Worker# Domain for DeviceAsWebcam Service 2*e4a36f41SAndroid Build Coastguard Workertype device_as_webcam, domain, coredomain, mlstrustedsubject; 3*e4a36f41SAndroid Build Coastguard Worker 4*e4a36f41SAndroid Build Coastguard Workerapp_domain(device_as_webcam) 5*e4a36f41SAndroid Build Coastguard Worker 6*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam system_app_data_file:dir create_dir_perms; 7*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam system_app_data_file:file create_file_perms; 8*e4a36f41SAndroid Build Coastguard Worker 9*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam { app_api_service cameraserver_service }:service_manager find; 10*e4a36f41SAndroid Build Coastguard Worker 11*e4a36f41SAndroid Build Coastguard Worker# Allow DeviceAsWebcam Service needs to access ro.usb.uvc.enabled property to 12*e4a36f41SAndroid Build Coastguard Worker# enale/disable itself 13*e4a36f41SAndroid Build Coastguard Workerget_prop(device_as_webcam, usb_uvc_enabled_prop) 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker# need to access /dev to list all devices 16*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam device:dir r_dir_perms; 17*e4a36f41SAndroid Build Coastguard Worker 18*e4a36f41SAndroid Build Coastguard Worker# UVC nodes are mounted as V4L2 nodes (/dev/video*) on the device. These need to 19*e4a36f41SAndroid Build Coastguard Worker# be accessed by the DeviceAsWebcam Service. 20*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam video_device:dir r_dir_perms; 21*e4a36f41SAndroid Build Coastguard Workerallow device_as_webcam video_device:chr_file rw_file_perms; 22