tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

mediaserver: grant perms from domain_deprecated

Browse source 
In preparation of removing permissions from domain_deprecated.

Addresses:
avc: denied { getattr } for path="/proc/self" dev="proc" ino=4026531841 scontext=u:r:mediaserver:s0 tcontext=u:object_r:proc:s0 tclass=lnk_file permissive=1
avc: denied { read } for name="mediadrm" dev="mmcblk0p24" ino=209 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=1
avc: denied { open } for path="/vendor/lib/mediadrm" dev="mmcblk0p24" ino=209 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=1

Change-Id: Ibffa0c9a31316b9a2f1912ae68a8dcd3a4e671b7
This commit is contained in:
Jeff Vander Stoep 2016-01-27 19:31:45 -08:00
parent cdae042a07
commit 72e78bfcac
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
mediaserver.te
View file

@ -9,6 +9,12 @@ init_daemon_domain(mediaserver)
r_dir_file(mediaserver, sdcard_type)
# stat /proc/self
allow mediaserver proc:lnk_file getattr;
# open /vendor/lib/mediadrm
allow mediaserver system_file:dir r_dir_perms;
binder_use(mediaserver)
binder_call(mediaserver, binderservicedomain)
binder_call(mediaserver, appdomain)