From ce9fc898656e9a33698ac96cb3c76894b18f846e Mon Sep 17 00:00:00 2001 From: Vignesh Kulothungan Date: Mon, 18 Mar 2019 17:21:17 -0700 Subject: [PATCH] sepolicy: allow hal_omx to access audio devices hal_omx needs to access audio devices to use OMX HW decoders and encoders. Allow hal_omx to access audio devices. authored-by: Banajit Goswami Bug: 133224154 Change-Id: I742c29c4105e5647ca1a7e017e311559a0567b52 (cherry picked from commit 155ca12879c8a1fcd78fa8ee684b289c572e30da) --- prebuilts/api/29.0/public/hal_audio.te | 2 +- public/hal_audio.te | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/prebuilts/api/29.0/public/hal_audio.te b/prebuilts/api/29.0/public/hal_audio.te index a1c098f62..bb9eec42c 100644 --- a/prebuilts/api/29.0/public/hal_audio.te +++ b/prebuilts/api/29.0/public/hal_audio.te @@ -32,7 +32,7 @@ neverallow hal_audio_server { file_type fs_type }:file execute_no_trans; neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *; # Only audio HAL may directly access the audio hardware -neverallow { halserverdomain -hal_audio_server } audio_device:chr_file *; +neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *; get_prop(hal_audio, bluetooth_a2dp_offload_prop) get_prop(hal_audio, bluetooth_audio_hal_prop) diff --git a/public/hal_audio.te b/public/hal_audio.te index a1c098f62..bb9eec42c 100644 --- a/public/hal_audio.te +++ b/public/hal_audio.te @@ -32,7 +32,7 @@ neverallow hal_audio_server { file_type fs_type }:file execute_no_trans; neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *; # Only audio HAL may directly access the audio hardware -neverallow { halserverdomain -hal_audio_server } audio_device:chr_file *; +neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *; get_prop(hal_audio, bluetooth_a2dp_offload_prop) get_prop(hal_audio, bluetooth_audio_hal_prop)