PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1a3ee382ec
android_system_sepolicy/private/mediaextractor.te
Jeff Vander Stoep 9f5d0d90a3 Initial selinux policy support for memfd 
Move all app tmpfs types to appdomain_tmpfs. These are still protected
by mls categories and DAC. TODO clean up other app tmpfs types in a
separate change.

Treble-ize tmpfs passing between graphics composer HAL and
surfaceflinger.

Bug: 122854450
Test: boot Blueline with memfd enabled.
Change-Id: Ib98aaba062f10972af6ae80fb85b7a0f60a32eee
2019-01-30 19:11:49 +00:00

8 lines
322 B
Plaintext
Raw Blame History

typeattribute mediaextractor coredomain;
init_daemon_domain(mediaextractor)
tmpfs_domain(mediaextractor)
allow mediaextractor appdomain_tmpfs:file { getattr map read write };
allow mediaextractor mediaserver_tmpfs:file { getattr map read write };
allow mediaextractor system_server_tmpfs:file { getattr map read write };
Reference in New Issue View Git Blame Copy Permalink