7fa59c819c
Only audio HAL may access audio driver.
Only camera HAL may access camera driver.
Test: aosp_marlin and aosp_bullhead policy builds. Note: neverallow
rules are compile time assertions and do not change the
on-device policy.
Bug: 36185625
Change-Id: I1c9edf528080374f5f0d90d3c14d6c3b162484a3
43 lines
1.4 KiB
Text
43 lines
1.4 KiB
Text
# HwBinder IPC from client to server, and callbacks
|
|
binder_call(hal_audio_client, hal_audio_server)
|
|
binder_call(hal_audio_server, hal_audio_client)
|
|
|
|
# Both client and the server need to use hwallocator
|
|
hwallocator_use(hal_audio_client)
|
|
hwallocator_use(hal_audio_server)
|
|
|
|
allow hal_audio ion_device:chr_file r_file_perms;
|
|
|
|
allow hal_audio system_file:dir { open read };
|
|
|
|
userdebug_or_eng(`
|
|
# used for pcm capture for debug.
|
|
allow hal_audio audiohal_data_file:dir create_dir_perms;
|
|
allow hal_audio audiohal_data_file:file create_file_perms;
|
|
')
|
|
|
|
r_dir_file(hal_audio, proc)
|
|
allow hal_audio audio_device:dir r_dir_perms;
|
|
allow hal_audio audio_device:chr_file rw_file_perms;
|
|
|
|
# Needed to provide debug dump output via dumpsys' pipes.
|
|
allow hal_audio shell:fd use;
|
|
allow hal_audio shell:fifo_file write;
|
|
|
|
# Needed on some devices for playing audio on paired BT device,
|
|
# but seems appropriate for all devices.
|
|
unix_socket_connect(hal_audio, bluetooth, bluetooth)
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# Should never execute any executable without a domain transition
|
|
neverallow hal_audio { file_type fs_type }:file execute_no_trans;
|
|
|
|
# Should never need network access.
|
|
# Disallow network sockets.
|
|
neverallow hal_audio domain:{ tcp_socket udp_socket rawip_socket } *;
|
|
|
|
# Only audio HAL may directly access the audio hardware
|
|
neverallow { halserverdomain -hal_audio_server } audio_device:chr_file *;
|