PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Give hal_drm_server appdomain fd access."

Browse Source 
am: 7d258073df

Change-Id: I82895792df44e2b3a1bfee6820cb05667a8f4a8c
This commit is contained in:
Joel Galenson 2019-06-10 11:38:53 -07:00 committed by android-build-merger
commit 2c465fa2bb
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
public/hal_drm.te
View File

@ -31,6 +31,8 @@ allow hal_drm sysfs:file r_file_perms;
allow hal_drm tee_device:chr_file rw_file_perms;
allow hal_drm_server { appdomain -isolated_app }:fd use;
# only allow unprivileged socket ioctl commands
allowxperm hal_drm self:{ rawip_socket tcp_socket udp_socket }
ioctl { unpriv_sock_ioctls unpriv_tty_ioctls };

1
vendor/hal_drm_default.te vendored
View File

@ -5,6 +5,5 @@ type hal_drm_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_drm_default)
allow hal_drm_default hal_omx_server:fd use;
allow hal_drm_default { appdomain -isolated_app }:fd use;
allow hal_drm_default hal_allocator_server:fd use;