From 06a3bf4007c0400e71a11b407d46cf6d989134c2 Mon Sep 17 00:00:00 2001
From: zhw <quic_zhw@quicinc.com>
Date: Fri, 28 Jun 2024 10:26:48 +0800
Subject: [PATCH] Sepolicy_vndr: Move qvrcam socket from anorak/ to common/

The change 4961982 will cause other platform can't access qvrcam hal
service and socket, which is only defined in anorak target. So move the
socket of qvrcam from anroak/ to common/ in qvrd_vndr.te.

Change-Id: I50e128637b929946498005733ebc68a03d8e6769
---
 qva/vendor/anorak/qvrd_vndr.te | 1 -
 qva/vendor/common/qvrd_vndr.te | 2 ++
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/qva/vendor/anorak/qvrd_vndr.te b/qva/vendor/anorak/qvrd_vndr.te
index b55be740..b0ed3359 100644
--- a/qva/vendor/anorak/qvrd_vndr.te
+++ b/qva/vendor/anorak/qvrd_vndr.te
@@ -31,7 +31,6 @@ allow vendor_qvrd_vndr vendor_sysfs_ipd_distance:file rw_file_perms;
 
 
 # Allow to access qvr_vndr_cam
-allow vendor_qvrd_vndr vendor_qvrd_vndr_camera_socket:sock_file rw_file_perms;
 allow vendor_qvrd_vndr vendor_qvrd_vndr_cam:unix_stream_socket connectto;
 allow vendor_qvrd_vndr vendor_qvrd_vndr_cam:fd use;
 
diff --git a/qva/vendor/common/qvrd_vndr.te b/qva/vendor/common/qvrd_vndr.te
index 20a85673..9cff7e8b 100644
--- a/qva/vendor/common/qvrd_vndr.te
+++ b/qva/vendor/common/qvrd_vndr.te
@@ -195,3 +195,5 @@ get_prop(vendor_qvrd_vndr, vendor_mpctl_prop)
 allow vendor_qvrd_vndr proc_uptime:file r_file_perms;
 unix_socket_connect(vendor_qvrd_vndr, logdr, logd)
 
+allow vendor_qvrd_vndr vendor_qvrd_vndr_camera_socket:sock_file rw_file_perms;
+allow vendor_qvrd_vndr vendor_hal_qvrd_camservice:service_manager { add find };