fff3fe2f08
Copy the final system sepolicy from oc-dev to its prebuilt dir
corresponding to its version (26.0) so that we can uprev policy and
start maintaining compatibility files, as well as use it for CTS
tests targeting future platforms.
(cherry-pick of commit: 5c6a227ebb)
Bug: 37896931
Bug: 37916906
Test: none, this just copies the old policy.
Change-Id: Ib069d505e42595c467e5d1164fb16fcb0286ab93
39 lines
1.3 KiB
Plaintext
39 lines
1.3 KiB
Plaintext
# mediametrics - daemon for collecting media.metrics data
|
|
type mediametrics, domain;
|
|
type mediametrics_exec, exec_type, file_type;
|
|
|
|
|
|
binder_use(mediametrics)
|
|
binder_call(mediametrics, binderservicedomain)
|
|
binder_service(mediametrics)
|
|
|
|
add_service(mediametrics, mediametrics_service)
|
|
|
|
allow mediametrics system_server:fd use;
|
|
|
|
r_dir_file(mediametrics, cgroup)
|
|
allow mediametrics proc_meminfo:file r_file_perms;
|
|
|
|
# allows interactions with dumpsys to GMScore
|
|
allow mediametrics app_data_file:file write;
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# mediametrics should never execute any executable without a
|
|
# domain transition
|
|
neverallow mediametrics { file_type fs_type }:file execute_no_trans;
|
|
|
|
# The goal of the mediaserver split is to place media processing code into
|
|
# restrictive sandboxes with limited responsibilities and thus limited
|
|
# permissions. Example: Audioserver is only responsible for controlling audio
|
|
# hardware and processing audio content. Cameraserver does the same for camera
|
|
# hardware/content. Etc.
|
|
#
|
|
# Media processing code is inherently risky and thus should have limited
|
|
# permissions and be isolated from the rest of the system and network.
|
|
# Lengthier explanation here:
|
|
# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
|
|
neverallow mediametrics domain:{ tcp_socket udp_socket rawip_socket } *;
|