PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Transcoding: Add file read/write permission to service.

Browse Source 
This is needed for the transcoding service to read from the
source fd and write to destination fd.

Bug: 145628554
Test: atest MediaTranscodeManagerTest
Change-Id: Icffed1e402bc2fb593e925de0742c0d7552b50bc
This commit is contained in:
hkuang 2020-05-12 09:50:24 -07:00
parent 4e622b28ed
commit c7f42b2b80
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
public/mediatranscoding.te
View File

@ -12,6 +12,11 @@ allow mediatranscoding system_server:fd use;
allow mediatranscoding activity_service:service_manager find;
allow mediatranscoding untrusted_app:binder call;
# allow mediatranscoding service read/write permissions for file sources
allow mediatranscoding sdcardfs:file { getattr read write };
allow mediatranscoding media_rw_data_file:file { getattr read write };
allow mediatranscoding apk_data_file:file { getattr read };
# mediatranscoding should never execute any executable without a
# domain transition
neverallow mediatranscoding { file_type fs_type }:file execute_no_trans;