From 440f5f9ee70a52a995325b0205fca7d877abeb7e Mon Sep 17 00:00:00 2001
From: SamarV-121 <samarvispute121@pm.me>
Date: Thu, 15 Sep 2022 11:07:05 +0530
Subject: [PATCH] sepolicy: basic: non_plat: Address mediaswcodec denials

W oid.avc.decoder: type=1400 audit(0.0:642): avc: denied { connectto } for path="/dev/socket/logdr" scontext=u:r:mediaswcodec:s0 tcontext=u:r:logd:s0 tclass=unix_stream_socket permissive=0
I auditd  : type=1400 audit(0.0:1352): avc: denied { write } for comm="oid.avc.decoder" name="logdr" dev="tmpfs" ino=9467 scontext=u:r:mediaswcodec:s0 tcontext=u:object_r:logdr_socket:s0 tclass=sock_file permissive=0
crash log: https://pastebin.com/raw/Lhwhhbr0

Change-Id: Ia53ee584c82875e8bce032e0869ae58f60c52217
---
 basic/non_plat/mediaswcodec.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/basic/non_plat/mediaswcodec.te b/basic/non_plat/mediaswcodec.te
index d5ed060..151bce1 100644
--- a/basic/non_plat/mediaswcodec.te
+++ b/basic/non_plat/mediaswcodec.te
@@ -14,3 +14,5 @@ allow mediaswcodec dri_device:chr_file rw_file_perms;
 # Purpose: Allow to access ged for gralloc_extra functions
 allow mediaswcodec proc_ged:file rw_file_perms;
 allowxperm mediaswcodec proc_ged:file ioctl { proc_ged_ioctls };
+
+unix_socket_connect(mediaswcodec, logdr, logd)