1typeattribute mediaswcodec coredomain; 2 3init_daemon_domain(mediaswcodec) 4 5get_prop(mediaswcodec, device_config_media_native_prop) 6get_prop(mediaswcodec, device_config_swcodec_native_prop) 7 8hal_server_domain(mediaswcodec, hal_codec2) 9 10# mediaswcodec may use an input surface from a different Codec2 service or an 11# OMX service 12hal_client_domain(mediaswcodec, hal_codec2) 13hal_client_domain(mediaswcodec, hal_omx) 14 15hal_client_domain(mediaswcodec, hal_allocator) 16hal_client_domain(mediaswcodec, hal_graphics_allocator) 17 18# get aac_drc_* properties 19get_prop(mediaswcodec, aac_drc_prop) 20 21crash_dump_fallback(mediaswcodec) 22 23allow mediaswcodec dmabuf_system_heap_device:chr_file r_file_perms; 24allow mediaswcodec dmabuf_system_secure_heap_device:chr_file r_file_perms; 25allow mediaswcodec gpu_device:chr_file rw_file_perms; 26allow mediaswcodec gpu_device:dir r_dir_perms; 27 28### 29### Neverallow rules 30### 31 32# mediaswcodec_server should never execute any executable without a 33# domain transition 34neverallow mediaswcodec { file_type fs_type }:file execute_no_trans; 35 36# Media processing code is inherently risky and thus should have limited 37# permissions and be isolated from the rest of the system and network. 38# Lengthier explanation here: 39# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html 40neverallow mediaswcodec domain:{ udp_socket rawip_socket } *; 41neverallow mediaswcodec { domain userdebug_or_eng(`-su') }:tcp_socket *; 42