1.废话少说先上pach,目录:device/mediatek/sepolicy/bsp/non_plat/
diff --git a/mediatek/sepolicy/bsp/non_plat/domain.te b/mediatek/sepolicy/bsp/non_plat/domain.te
index c216ca1..4bb4e84 100644
--- a/mediatek/sepolicy/bsp/non_plat/domain.te
+++ b/mediatek/sepolicy/bsp/non_plat/domain.te
@@ -21,3 +21,6 @@ allow domain aee_aedv:process sigchld;
# Operation : Migration
# Purpose : for CTS android.os.cts.SecurityPatchTest
get_prop(domain, vendor_security_patch_level_prop)
+
+#AIWORK
+get_prop(domain, aiworks_system_prop)
diff --git a/mediatek/sepolicy/bsp/non_plat/mtk_hal_camera.te b/mediatek/sepolicy/bsp/non_plat/mtk_hal_camera.te
index c1d8b2c..4b0629e 100644
--- a/mediatek/sepolicy/bsp/non_plat/mtk_hal_camera.te
+++ b/mediatek/sepolicy/bsp/non_plat/mtk_hal_camera.te
@@ -104,3 +104,6 @@ hal_client_domain(mtk_hal_camera, hal_capi)
# Date : WK19.08 2019/02/21
# Purpose : allow map operation from gpunn to gpu device
allow mtk_hal_camera gpu_device:chr_file rw_file_perms;
+
+#AIWORK add
+get_prop(mtk_hal_camera, aiworks_system_prop)
diff --git a/mediatek/sepolicy/bsp/non_plat/platform_app.te b/mediatek/sepolicy/bsp/non_plat/platform_app.te
index f91e465..702739f 100644
--- a/mediatek/sepolicy/bsp/non_plat/platform_app.te
+++ b/mediatek/sepolicy/bsp/non_plat/platform_app.te
@@ -180,3 +180,10 @@ allow platform_app vpu_device:chr_file { ioctl open read write };
# Purpose: Allow platform app to use HIDL and access to mtk_hal_dplanner
allow platform_app mtk_hal_dplanner_hwservice:hwservice_manager find;
allow platform_app mtk_hal_dplanner:binder { call transfer };
+
+#AIWORK add
+set_prop(platform_app, system_prop)
+allow platform_app property_socket:sock_file {read write};
+allow platform_app system_prop:property_service set;
+set_prop(platform_app, aiworks_system_prop)
+typeattribute platform_app system_writes_vendor_properties_violators;
diff --git a/mediatek/sepolicy/bsp/non_plat/property.te b/mediatek/sepolicy/bsp/non_plat/property.te
index 836df58..5d9160e 100644
--- a/mediatek/sepolicy/bsp/non_plat/property.te
+++ b/mediatek/sepolicy/bsp/non_plat/property.te
@@ -298,3 +298,6 @@ type mtk_gwsd_prop, property_type, mtk_core_property_type;
#=============jpeg decode sw opt. property============
type mtk_jpeg_opt_prop, property_type, mtk_core_property_type;
+
+#AIWORK add
+type aiworks_system_prop, property_type;
diff --git a/mediatek/sepolicy/bsp/non_plat/property_contexts b/mediatek/sepolicy/bsp/non_plat/property_contexts
index a3bd601..fbbe3e7 100644
--- a/mediatek/sepolicy/bsp/non_plat/property_contexts
+++ b/mediatek/sepolicy/bsp/non_plat/property_contexts
@@ -423,3 +423,6 @@ persist.vendor.mtk_gwsd_mode u:object_r:mtk_gwsd_prop:s0
#============allow jpeg dec opt. property=========
ro.vendor.jpeg_decode_sw_opt u:object_r:mtk_jpeg_opt_prop:s0
+
+#AIWORK
+persist.aiworks.dualcam.cali u:object_r:aiworks_system_prop:s0
2.APK一定要签名,untrusted_app不行,要platform_app。如果是system_app也行。
3.hal层使用方法:MINT32 cali_flag = ::property_get_int32("persist.aiworks.dualcam.cali", 0);