platform_system_sepolicy/private/mediaserver.te

36 lines
1.2 KiB
Text
Raw Normal View History

typeattribute mediaserver coredomain;
init_daemon_domain(mediaserver)
tmpfs_domain(mediaserver)
allow mediaserver appdomain_tmpfs:file { getattr map read write };
# allocate and use graphic buffers
hal_client_domain(mediaserver, hal_graphics_allocator)
hal_client_domain(mediaserver, hal_configstore)
hal_client_domain(mediaserver, hal_drm)
hal_client_domain(mediaserver, hal_omx)
hal_client_domain(mediaserver, hal_codec2)
set_prop(mediaserver, audio_prop)
get_prop(mediaserver, drm_service_config_prop)
get_prop(mediaserver, media_config_prop)
# Allow MediaCodec running on mediaserver to read media_native flags
get_prop(mediaserver, device_config_media_native_prop)
# Allow mediaserver to start media.transcoding service via ctl.start.
set_prop(mediaserver, ctl_mediatranscoding_prop);
# Allow mediaserver to read SDK sandbox data files
allow mediaserver sdk_sandbox_data_file:file { getattr read };
# Needed for stats callback registration to statsd.
allow mediaserver stats_service:service_manager find;
allow mediaserver statsmanager_service:service_manager find;
binder_call(mediaserver, statsd)
# Allow mediaserver to communicate with Surface provided
# by virtual camera.
binder_call(mediaserver, virtual_camera)