6730c591ad
camera_device didn't really offer much in terms of control considering that most domains that need camera_device, also need video_device and vice versa. Thus, drop camera_device from the policy. Change-Id: If438610ac6998399719ab375210c023320d0b7ed
124 lines
4.3 KiB
Text
124 lines
4.3 KiB
Text
# audioserver - audio services daemon
|
|
type audioserver, domain, domain_deprecated;
|
|
type audioserver_exec, exec_type, file_type;
|
|
|
|
typeattribute audioserver mlstrustedsubject;
|
|
|
|
net_domain(audioserver)
|
|
init_daemon_domain(audioserver)
|
|
|
|
r_dir_file(audioserver, sdcard_type)
|
|
|
|
binder_use(audioserver)
|
|
binder_call(audioserver, binderservicedomain)
|
|
binder_call(audioserver, { appdomain autoplay_app })
|
|
binder_service(audioserver)
|
|
|
|
# Required by Widevine DRM (b/22990512)
|
|
allow audioserver self:process execmem;
|
|
|
|
allow audioserver kernel:system module_request;
|
|
allow audioserver media_data_file:dir create_dir_perms;
|
|
allow audioserver media_data_file:file create_file_perms;
|
|
allow audioserver app_data_file:dir search;
|
|
allow audioserver app_data_file:file rw_file_perms;
|
|
allow audioserver sdcard_type:file write;
|
|
allow audioserver gpu_device:chr_file rw_file_perms;
|
|
allow audioserver video_device:dir r_dir_perms;
|
|
allow audioserver video_device:chr_file rw_file_perms;
|
|
allow audioserver audio_device:dir r_dir_perms;
|
|
allow audioserver tee_device:chr_file rw_file_perms;
|
|
|
|
set_prop(audioserver, audio_prop)
|
|
|
|
# Access audio devices at all.
|
|
allow audioserver audio_device:chr_file rw_file_perms;
|
|
|
|
# XXX Label with a specific type?
|
|
allow audioserver sysfs:file r_file_perms;
|
|
|
|
# Read resources from open apk files passed over Binder.
|
|
allow audioserver apk_data_file:file { read getattr };
|
|
allow audioserver asec_apk_file:file { read getattr };
|
|
|
|
# Read /data/data/com.android.providers.telephony files passed over Binder.
|
|
allow audioserver radio_data_file:file { read getattr };
|
|
|
|
# Use pipes passed over Binder from app domains.
|
|
allow audioserver { appdomain autoplay_app }:fifo_file { getattr read write };
|
|
|
|
# Access camera device.
|
|
allow audioserver rpmsg_device:chr_file rw_file_perms;
|
|
|
|
# Inter System processes communicate over named pipe (FIFO)
|
|
allow audioserver system_server:fifo_file r_file_perms;
|
|
|
|
# Camera data
|
|
r_dir_file(audioserver, camera_data_file)
|
|
r_dir_file(audioserver, media_rw_data_file)
|
|
|
|
# Grant access to audio files to audioserver
|
|
allow audioserver audio_data_file:dir ra_dir_perms;
|
|
allow audioserver audio_data_file:file create_file_perms;
|
|
|
|
# Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid
|
|
allow audioserver qtaguid_proc:file rw_file_perms;
|
|
allow audioserver qtaguid_device:chr_file r_file_perms;
|
|
|
|
# Allow abstract socket connection
|
|
allow audioserver rild:unix_stream_socket { connectto read write setopt };
|
|
|
|
# Needed on some devices for playing DRM protected content,
|
|
# but seems expected and appropriate for all devices.
|
|
unix_socket_connect(audioserver, drmserver, drmserver)
|
|
|
|
# Needed on some devices for playing audio on paired BT device,
|
|
# but seems appropriate for all devices.
|
|
unix_socket_connect(audioserver, bluetooth, bluetooth)
|
|
|
|
# Connect to tee service.
|
|
allow audioserver tee:unix_stream_socket connectto;
|
|
|
|
allow audioserver activity_service:service_manager find;
|
|
allow audioserver appops_service:service_manager find;
|
|
allow audioserver audioserver_service:service_manager { add find };
|
|
allow audioserver cameraproxy_service:service_manager find;
|
|
allow audioserver batterystats_service:service_manager find;
|
|
allow audioserver drmserver_service:service_manager find;
|
|
allow audioserver mediaextractor_service:service_manager find;
|
|
allow audioserver mediaserver_service:service_manager find;
|
|
allow audioserver permission_service:service_manager find;
|
|
allow audioserver power_service:service_manager find;
|
|
allow audioserver processinfo_service:service_manager find;
|
|
allow audioserver scheduling_policy_service:service_manager find;
|
|
allow audioserver surfaceflinger_service:service_manager find;
|
|
|
|
# /oem access
|
|
allow audioserver oemfs:dir search;
|
|
allow audioserver oemfs:file r_file_perms;
|
|
|
|
use_drmservice(audioserver)
|
|
allow audioserver drmserver:drmservice {
|
|
consumeRights
|
|
setPlaybackStatus
|
|
openDecryptSession
|
|
closeDecryptSession
|
|
initializeDecryptUnit
|
|
decrypt
|
|
finalizeDecryptUnit
|
|
pread
|
|
};
|
|
|
|
# only allow unprivileged socket ioctl commands
|
|
allowxperm audioserver self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_ioctls;
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# audioserver should never execute any executable without a
|
|
# domain transition
|
|
neverallow audioserver { file_type fs_type }:file execute_no_trans;
|
|
|
|
# do not allow privileged socket ioctl commands
|
|
neverallowxperm audioserver domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
|