Gitiles
Code Review Sign In
review.blissroms.org / platform_device_qcom_sepolicy-legacy / refs/heads/t / . / common / mediaserver.te
blob: 1108551e9bd75f41ae4ef2c342eb7a453401edba [file] [log] [blame]
Avijit Kanti Das0196c6a2014-07-23 23:44:35 -0700[diff] [blame]1# allow mediaserver to communicate with cnd
Ravi Kumar Siddojigaric7def122017-06-13 00:49:19 +0530[diff] [blame]2#unix_socket_connect(mediaserver, cnd, cnd)
Avijit Kanti Das36fb2c12014-10-06 15:21:57 -0700[diff] [blame]3
Ravi Kumar Siddojigaric7def122017-06-13 00:49:19 +0530[diff] [blame]4#unix_socket_send(mediaserver, camera, mm-qcamerad)
Avijit Kanti Das226cc032014-10-06 19:09:05 -0700[diff] [blame]5
Dinesh K Garge5bafbf2014-10-22 00:13:49 -0700[diff] [blame]6allow mediaserver tee_device:chr_file rw_file_perms;
Naveen Kumar9f752942014-11-01 10:39:13 -0700[diff] [blame]7allow mediaserver qdsp_device:chr_file r_file_perms;
Biswajit Paul64f83f62014-10-13 14:36:16 -0700[diff] [blame]8
Biswajit Paul2d35d982017-02-01 17:40:10 -0800[diff] [blame]9allow mediaserver self:socket create_socket_perms_no_ioctl;
Biswajit Paul64f83f62014-10-13 14:36:16 -0700[diff] [blame]10
11binder_call(mediaserver, rild)
12
Ravi Kumar Siddojigaric7def122017-06-13 00:49:19 +0530[diff] [blame]13#qmux_socket(mediaserver)
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]14allow mediaserver camera_data_file:sock_file w_file_perms;
15
Jayasena Sangaraboinac9253472014-10-24 18:55:25 -0700[diff] [blame]16userdebug_or_eng(`
17 allow mediaserver camera_data_file:dir rw_dir_perms;
18 allow mediaserver camera_data_file:file create_file_perms;
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]19 # Access to audio
Ravi Kumar Siddojigari92eed182017-06-27 00:25:03 +0530[diff] [blame]20 allow mediaserver qti_debugfs:file rw_file_perms;
Jayasena Sangaraboinac9253472014-10-24 18:55:25 -0700[diff] [blame]21')
Avijit Kanti Dasfe61c2d2014-10-16 20:17:03 -0700[diff] [blame]22
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]23r_dir_file(mediaserver, sysfs_esoc)
David Nga658efb2016-10-07 11:38:22 -0700[diff] [blame]24#allow mediaserver system_app_data_file:file rw_file_perms;
Alexy Josepha2ff47f2015-01-07 15:15:05 -0800[diff] [blame]25
26# allow mediaserver to write DTS files
27allow mediaserver dts_data_file:dir rw_dir_perms;
28allow mediaserver dts_data_file:file create_file_perms;
29
c_yonggace732a22016-01-18 12:58:51 +0800[diff] [blame]30# allow poweroffhandler to binder mediaserver
31binder_call(mediaserver, poweroffhandler);
32
Kurva Harisha86fd522014-11-19 17:06:16 -0800[diff] [blame]33
34# for thermal sock files
Ravi Kumar Siddojigaric7def122017-06-13 00:49:19 +0530[diff] [blame]35#unix_socket_connect(mediaserver, thermal, thermal-engine)
Praveen Chavandfd0d6c2015-01-08 15:00:42 -0800[diff] [blame]36
Biswajit Paul28439f92015-07-15 13:28:27 -0700[diff] [blame]37#This is required for thermal sysfs access
38r_dir_file(mediaserver, sysfs_thermal);
39
Praveen Chavandfd0d6c2015-01-08 15:00:42 -0800[diff] [blame]40#allow mediaserver to communicate with timedaemon
Ravi Kumar Siddojigaric7def122017-06-13 00:49:19 +0530[diff] [blame]41#allow mediaserver time_daemon:unix_stream_socket connectto;
Ravit Denniseef34992014-10-29 20:09:18 +0200[diff] [blame]42
43# Allow mediaserver to create socket files for audio arbitration
44allow mediaserver audio_data_file:sock_file { create setattr unlink };
45allow mediaserver audio_data_file:dir remove_name;
Srikanth Uyyala79af9682014-11-12 18:16:10 +0530[diff] [blame]46
Dhananjay Kumar8a0fb732015-09-04 12:39:39 +0530[diff] [blame]47# Allow mediaserver to create audio pp files
48allow mediaserver audio_pp_data_file:dir rw_dir_perms;
49allow mediaserver audio_pp_data_file:file create_file_perms;
50
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]51#Allow mediaserver to set camera properties
Michael Bestasfc211fc2017-08-08 21:18:48 +0300[diff] [blame]52set_prop(mediaserver, camera_prop)
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]53
Mulu He2403ef92017-07-20 19:05:20 +0800[diff] [blame]54#Allow mediaserver access mmi_data_file
55allow mediaserver mmi_data_file:file r_file_perms;
56
Avijit Kanti Das441bad42015-05-12 14:07:41 -0700[diff] [blame]57#allow mediaserver to access wfdservice
58binder_call(mediaserver, wfdservice)
Manikanta Sivapala3c213112015-07-31 15:10:09 +0530[diff] [blame]59
60#allow mediaserver to access adsprpcd
61r_dir_file(mediaserver, adsprpcd_file);
Manikanta Sivapala40a38642015-02-08 00:04:32 +0530[diff] [blame]62
yongga1bf3ef52016-01-15 16:09:03 +0800[diff] [blame]63# allow mediaserver to communicate with bootanim
64binder_call(mediaserver, bootanim);
65
Rajeev Kulkarni05c02072015-10-29 16:37:49 -0700[diff] [blame]66allow mediaserver surfaceflinger:unix_stream_socket rw_socket_perms;