From c33a6e61155296e16f15fda4c2cde5927c3f07a1 Mon Sep 17 00:00:00 2001
From: Alexander Winkowski <dereference23@outlook.com>
Date: Fri, 5 Jan 2024 12:09:54 +0000
Subject: [PATCH] miuicamera: Create MiuiCamera SELinux domain

Change-Id: Ia104c810aa85491531931dc5bfbf8f787493b2c0
---
 products/board.mk                 |  2 ++
 sepolicy/vendor/miuicamera_app.te | 15 +++++++++++++++
 sepolicy/vendor/seapp_contexts    |  1 +
 3 files changed, 18 insertions(+)
 create mode 100644 sepolicy/vendor/miuicamera_app.te
 create mode 100644 sepolicy/vendor/seapp_contexts

diff --git a/products/board.mk b/products/board.mk
index 6cd70f6..e894b64 100644
--- a/products/board.mk
+++ b/products/board.mk
@@ -14,4 +14,6 @@
 # limitations under the License.
 #
 
+BOARD_VENDOR_SEPOLICY_DIRS += vendor/xiaomi/sweet-miuicamera/sepolicy/vendor
+
 include vendor/xiaomi/sweet-miuicamera/common/BoardConfigVendor.mk
diff --git a/sepolicy/vendor/miuicamera_app.te b/sepolicy/vendor/miuicamera_app.te
new file mode 100644
index 0000000..8ca7af5
--- /dev/null
+++ b/sepolicy/vendor/miuicamera_app.te
@@ -0,0 +1,15 @@
+type miuicamera_app, domain, coredomain;
+
+app_domain(miuicamera_app)
+net_domain(miuicamera_app)
+
+allow miuicamera_app {
+    app_api_service
+    audioserver_service
+    cameraserver_service
+    mediaextractor_service
+    mediametrics_service
+    mediaserver_service
+}:service_manager find;
+
+dontaudit miuicamera_app radio_service:service_manager find;
diff --git a/sepolicy/vendor/seapp_contexts b/sepolicy/vendor/seapp_contexts
new file mode 100644
index 0000000..6c10800
--- /dev/null
+++ b/sepolicy/vendor/seapp_contexts
@@ -0,0 +1 @@
+user=_app isPrivApp=true name=com.android.camera domain=miuicamera_app type=privapp_data_file levelFrom=all