1type mediaswcodec, domain; 2type mediaswcodec_exec, system_file_type, exec_type, file_type; 3 4hal_server_domain(mediaswcodec, hal_codec2) 5 6# mediaswcodec may use an input surface from a different Codec2 service or an 7# OMX service 8hal_client_domain(mediaswcodec, hal_codec2) 9hal_client_domain(mediaswcodec, hal_omx) 10 11hal_client_domain(mediaswcodec, hal_allocator) 12hal_client_domain(mediaswcodec, hal_graphics_allocator) 13 14# get aac_drc_* properties 15get_prop(mediaswcodec, aac_drc_prop) 16 17crash_dump_fallback(mediaswcodec) 18 19# mediaswcodec_server should never execute any executable without a 20# domain transition 21neverallow mediaswcodec { file_type fs_type }:file execute_no_trans; 22 23# Media processing code is inherently risky and thus should have limited 24# permissions and be isolated from the rest of the system and network. 25# Lengthier explanation here: 26# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html 27neverallow mediaswcodec domain:{ udp_socket rawip_socket } *; 28neverallow mediaswcodec { domain userdebug_or_eng(`-su') }:tcp_socket *; 29 30allow mediaswcodec dmabuf_system_heap_device:chr_file r_file_perms; 31allow mediaswcodec dmabuf_system_secure_heap_device:chr_file r_file_perms; 32allow mediaswcodec gpu_device:chr_file rw_file_perms; 33allow mediaswcodec gpu_device:dir r_dir_perms; 34