From e42d1c571f85e97f0eccca80f16b5fa89b564a96 Mon Sep 17 00:00:00 2001
From: Albert I <kras@raphielgang.org>
Date: Wed, 7 Jul 2021 04:30:48 +0800
Subject: [PATCH] sm6250-common: sepolicy: Allow apps and camera HAL access to
 secure ADSP domain

Signed-off-by: Albert I <kras@raphielgang.org>
Change-Id: Ibb1071299632ab53726638dbcc134d4bca59fc52
---
 sepolicy/vendor/app.te                | 1 +
 sepolicy/vendor/hal_camera_default.te | 1 +
 2 files changed, 2 insertions(+)

diff --git a/sepolicy/vendor/app.te b/sepolicy/vendor/app.te
index 1d7fae3..8f27966 100644
--- a/sepolicy/vendor/app.te
+++ b/sepolicy/vendor/app.te
@@ -1,5 +1,6 @@
 allow { appdomain -isolated_app } adsprpcd_file:dir r_dir_perms;
 allow { appdomain -isolated_app } public_adsprpcd_file:file r_file_perms;
+allow { appdomain -isolated_app } vendor_xdsp_device:chr_file r_file_perms;
 
 get_prop({ appdomain -isolated_app }, vendor_fp_prop)
 get_prop({ appdomain -isolated_app }, vendor_tee_listener_prop)
diff --git a/sepolicy/vendor/hal_camera_default.te b/sepolicy/vendor/hal_camera_default.te
index 2ae8360..892d7ec 100644
--- a/sepolicy/vendor/hal_camera_default.te
+++ b/sepolicy/vendor/hal_camera_default.te
@@ -17,3 +17,4 @@ allow hal_camera_default socket_device:sock_file write;
 allow hal_camera_default proc_stat:file { open };
 
 allow hal_camera_default public_adsprpcd_file:file r_file_perms;
+allow hal_camera_default vendor_xdsp_device:chr_file r_file_perms;