NekoSakura/Android_Device_Mediatek_Sepolicy_Vndr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Android_Device_Mediatek_Sep.../basic/non_plat/mediaswcodec.te
SamarV-121 440f5f9ee7 sepolicy: basic: non_plat: Address mediaswcodec denials 
W oid.avc.decoder: type=1400 audit(0.0:642): avc: denied { connectto } for path="/dev/socket/logdr" scontext=u:r:mediaswcodec:s0 tcontext=u:r:logd:s0 tclass=unix_stream_socket permissive=0
I auditd  : type=1400 audit(0.0:1352): avc: denied { write } for comm="oid.avc.decoder" name="logdr" dev="tmpfs" ino=9467 scontext=u:r:mediaswcodec:s0 tcontext=u:object_r:logdr_socket:s0 tclass=sock_file permissive=0
crash log: https://pastebin.com/raw/Lhwhhbr0

Change-Id: Ia53ee584c82875e8bce032e0869ae58f60c52217
2023-01-02 23:49:54 +01:00

19 lines
663 B
Plaintext
Raw Blame History

# ==============================================
# Common SEPolicy Rule
# ==============================================
# Date : WK19.25
# Operation : Migration
# Purpose : [ALPS04669482] DRTS failed due to avc denied
allow mediaswcodec debugfs_ion:dir rw_dir_perms;
allow mediaswcodec gpu_device:dir rw_dir_perms;
allow mediaswcodec gpu_device:chr_file rw_file_perms;
allow mediaswcodec dri_device:chr_file rw_file_perms;
# Date : WK20.38
# Purpose: Allow to access ged for gralloc_extra functions
allow mediaswcodec proc_ged:file rw_file_perms;
allowxperm mediaswcodec proc_ged:file ioctl { proc_ged_ioctls };
unix_socket_connect(mediaswcodec, logdr, logd)
Reference in New Issue View Git Blame Copy Permalink