2018-09-20 12:07:44 -07:00
|
|
|
type mediaswcodec, domain;
|
|
|
|
type mediaswcodec_exec, system_file_type, exec_type, file_type;
|
|
|
|
|
2019-04-30 05:09:28 -07:00
|
|
|
hal_server_domain(mediaswcodec, hal_codec2)
|
|
|
|
|
|
|
|
# mediaswcodec may use an input surface from a different Codec2 service or an
|
|
|
|
# OMX service
|
|
|
|
hal_client_domain(mediaswcodec, hal_codec2)
|
|
|
|
hal_client_domain(mediaswcodec, hal_omx)
|
2018-09-20 12:07:44 -07:00
|
|
|
|
|
|
|
hal_client_domain(mediaswcodec, hal_allocator)
|
|
|
|
hal_client_domain(mediaswcodec, hal_graphics_allocator)
|
|
|
|
|
2023-11-06 15:10:09 -08:00
|
|
|
# get aac_drc_* properties
|
|
|
|
get_prop(mediaswcodec, aac_drc_prop)
|
|
|
|
|
2019-04-30 05:09:28 -07:00
|
|
|
crash_dump_fallback(mediaswcodec)
|
|
|
|
|
|
|
|
# mediaswcodec_server should never execute any executable without a
|
|
|
|
# domain transition
|
|
|
|
neverallow mediaswcodec { file_type fs_type }:file execute_no_trans;
|
|
|
|
|
|
|
|
# Media processing code is inherently risky and thus should have limited
|
|
|
|
# permissions and be isolated from the rest of the system and network.
|
|
|
|
# Lengthier explanation here:
|
|
|
|
# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
|
2023-08-21 18:10:35 -07:00
|
|
|
neverallow mediaswcodec domain:{ udp_socket rawip_socket } *;
|
|
|
|
neverallow mediaswcodec { domain userdebug_or_eng(`-su') }:tcp_socket *;
|
2019-04-30 05:09:28 -07:00
|
|
|
|
2020-09-11 14:00:59 -07:00
|
|
|
allow mediaswcodec dmabuf_system_heap_device:chr_file r_file_perms;
|
2021-01-12 12:05:20 -08:00
|
|
|
allow mediaswcodec dmabuf_system_secure_heap_device:chr_file r_file_perms;
|
2022-02-24 10:32:16 -08:00
|
|
|
allow mediaswcodec gpu_device:chr_file rw_file_perms;
|
|
|
|
allow mediaswcodec gpu_device:dir r_dir_perms;
|