Skip to content

Commit

Permalink
garnet: sepolocy: Allow media components read access to media_data_file
Browse files Browse the repository at this point in the history 
- avc: denied { read } for pid=2818 comm="mediaextractor" path="/data/vendor/vdm/video.elf" dev="tmpfs" ino=2055 scontext=u:r:mediaextractor:s0 tcontext=u:object_r:media_data_file:s0 tclass=file
- avc: denied { read } for pid=2011 comm="qti-media" path="/data/vendor/misc/qp2d/mpeg4dec/so" dev="tmpfs" ino=2112 scontext=u:r:qti-media:s0 tcontext=u:object_r:media_data_file:s0 tclass=file
- avc: denied { read } for pid=3202 comm="mediacodec" path="/data/vendor/mediaproc" dev="tmpfs" ino=3154 scontext=u:r:mediacodec:s0 tcontext=u:object_r:media_data_file:s0 tclass=file

Signed-off-by: kleidione <kleidione@gmail.com>
  • Loading branch information
@kleidione
kleidione committed Jan 22, 2025
1 parent d894754 commit f2e8e00
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 0 deletions.
1 change: 1 addition & 0 deletions sepolicy/vendor/mediacodec.te
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
allow mediacodec hal_dms_hwservice:hwservice_manager find;
binder_call(mediacodec, hal_dms_default)
allow mediacodec media_data_file: file read;
1 change: 1 addition & 0 deletions sepolicy/vendor/mediaextractor.te
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
allow mediaextractor media_data_file: file read;
2 changes: 2 additions & 0 deletions sepolicy/vendor/qti-media.te
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
type qti-media, domain;
allow qti-media media_data_file: file read;

0 comments on commit f2e8e00

Please sign in to comment.