From 9730b3c65c24665e08e81688610af1e3db02d797 Mon Sep 17 00:00:00 2001
From: Kyle Harrison <khwebmail@gmail.com>
Date: Sat, 5 Jun 2021 15:47:44 +0800
Subject: [PATCH] sdm660-common: sepolicy: Fix exported_camera_prop denials

Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
---
 sepolicy/vendor/app.te           | 2 ++
 sepolicy/vendor/mediaprovider.te | 1 +
 sepolicy/vendor/platform_app.te  | 1 +
 sepolicy/vendor/zygote.te        | 2 ++
 4 files changed, 6 insertions(+)
 create mode 100644 sepolicy/vendor/platform_app.te

diff --git a/sepolicy/vendor/app.te b/sepolicy/vendor/app.te
index 971d3fa7..60618abd 100644
--- a/sepolicy/vendor/app.te
+++ b/sepolicy/vendor/app.te
@@ -3,3 +3,5 @@ get_prop({ appdomain -isolated_app }, mlipay_prop)
 
 allow { appdomain -isolated_app } adsprpcd_file:dir r_dir_perms;
 allow { appdomain -isolated_app } public_adsprpcd_file:file r_file_perms;
+
+get_prop(appdomain, exported_camera_prop)
diff --git a/sepolicy/vendor/mediaprovider.te b/sepolicy/vendor/mediaprovider.te
index 848822b2..3baaba48 100644
--- a/sepolicy/vendor/mediaprovider.te
+++ b/sepolicy/vendor/mediaprovider.te
@@ -1 +1,2 @@
 binder_call(mediaprovider, gpuservice)
+get_prop(mediaserver, exported_camera_prop)
diff --git a/sepolicy/vendor/platform_app.te b/sepolicy/vendor/platform_app.te
new file mode 100644
index 00000000..5d1eb0ba
--- /dev/null
+++ b/sepolicy/vendor/platform_app.te
@@ -0,0 +1 @@
+get_prop(platform_app, exported_camera_prop)
diff --git a/sepolicy/vendor/zygote.te b/sepolicy/vendor/zygote.te
index 30609bc2..383ec877 100644
--- a/sepolicy/vendor/zygote.te
+++ b/sepolicy/vendor/zygote.te
@@ -1 +1,3 @@
 allow zygote exported_camera_prop:file { open read getattr write };
+
+get_prop(zygote, exported_camera_prop)