From 8a583e33485adecab6da886ed48fc63dc4b1370d Mon Sep 17 00:00:00 2001 From: SamarV-121 Date: Tue, 13 Sep 2022 18:48:52 +0530 Subject: [PATCH] sepolicy: basic: non_plat: Allow mediacodec to read some props W omx@1.0-service: type=1400 audit(0.0:117): avc: denied { open } for path="/dev/__properties__/u:object_r:default_prop:s0" dev="tmpfs" ino=12368 scontext=u:r:mediacodec:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 W libc : Access denied finding property "ro.mtk_deinterlace_support" W libc : Access denied finding property "ro.mtk_crossmount_support" W libc : Access denied finding property "mtk.vendor.omx.core.log" Change-Id: I14cbe8a4e6a7892b0b34d05c86b68281291d6579 --- basic/non_plat/mediacodec.te | 4 ++++ basic/non_plat/property.te | 6 ++++++ basic/non_plat/property_contexts | 4 ++++ 3 files changed, 14 insertions(+) diff --git a/basic/non_plat/mediacodec.te b/basic/non_plat/mediacodec.te index c733874..a43f6c9 100644 --- a/basic/non_plat/mediacodec.te +++ b/basic/non_plat/mediacodec.te @@ -145,3 +145,7 @@ allow mediacodec sysfs_emi_ctrl_concurrency_scenario:dir search; # # Operation: SQC # # Purpose : Allow medicodec to control video mode property set_prop(mediacodec, vendor_mtk_video_prop) + +get_prop(mediacodec, vendor_mtk_crossmount_prop) +get_prop(mediacodec, vendor_mtk_deinterlace_prop) +get_prop(mediacodec, vendor_mtk_omx_core_prop) diff --git a/basic/non_plat/property.te b/basic/non_plat/property.te index fda3eec..b274d2b 100644 --- a/basic/non_plat/property.te +++ b/basic/non_plat/property.te @@ -124,6 +124,9 @@ vendor_restricted_prop(vendor_mtk_mdrsra_v2_support_prop) vendor_restricted_prop(vendor_mtk_xfrm_support_prop) vendor_restricted_prop(vendor_mtk_mdp_prop) vendor_restricted_prop(vendor_debug_logger_prop) +vendor_restricted_prop(vendor_mtk_crossmount_prop) +vendor_restricted_prop(vendor_mtk_deinterlace_prop) +vendor_restricted_prop(vendor_mtk_omx_core_prop) # Properties with can be read by all domains typeattribute vendor_mtk_aal_ro_prop mtk_core_property_type; @@ -202,3 +205,6 @@ typeattribute vendor_mtk_mdrsra_v2_support_prop mtk_core_property_type; typeattribute vendor_mtk_xfrm_support_prop mtk_core_property_type; typeattribute vendor_mtk_mdp_prop mtk_core_property_type; typeattribute vendor_debug_logger_prop mtk_core_property_type; +typeattribute vendor_mtk_crossmount_prop mtk_core_property_type; +typeattribute vendor_mtk_deinterlace_prop mtk_core_property_type; +typeattribute vendor_mtk_omx_core_prop mtk_core_property_type; diff --git a/basic/non_plat/property_contexts b/basic/non_plat/property_contexts index 7a2d5bf..4918de7 100644 --- a/basic/non_plat/property_contexts +++ b/basic/non_plat/property_contexts @@ -399,3 +399,7 @@ persist.vendor.eara_io. u:object_r:vendor_mtk_eara_io_prop:s0 # xfrm and mdrsra property for non 5G GKI platform persist.vendor.mdrsra_v2_support u:object_r:vendor_mtk_mdrsra_v2_support_prop:s0 persist.vendor.xfrm_support u:object_r:vendor_mtk_xfrm_support_prop:s0 + +mtk.vendor.omx.core.log u:object_r:vendor_mtk_omx_core_prop:s0 +ro.mtk_crossmount_support u:object_r:vendor_mtk_crossmount_prop:s0 +ro.mtk_deinterlace_support u:object_r:vendor_mtk_deinterlace_prop:s0