-
Notifications
You must be signed in to change notification settings - Fork 98
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Tracked-On: OAM-123406 Signed-off-by: Long, Hanyu <[email protected]>
- Loading branch information
Showing
4 changed files
with
26 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| type mediadrm_vendor_data_file, file_type, data_file_type; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| /(vendor|system/vendor)/bin/hw/android\.hardware\.drm-service\.widevine u:object_r:hal_drm_widevine_exec:s0 | ||
| /data/vendor/mediadrm(/.*)? u:object_r:mediadrm_vendor_data_file:s0 | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| type hal_drm_widevine, domain; | ||
| hal_server_domain(hal_drm_widevine, hal_drm) | ||
|
|
||
| type hal_drm_widevine_exec, exec_type, vendor_file_type, file_type; | ||
| init_daemon_domain(hal_drm_widevine) | ||
|
|
||
| allow hal_drm mediacodec:fd use; | ||
|
|
||
| # get_prop(ramdump, public_vendor_default_prop) | ||
|
|
||
| vndbinder_use(hal_drm_widevine) | ||
| hal_client_domain(hal_drm_widevine, hal_graphics_composer); | ||
| allow hal_drm_widevine servicemanager:binder { call transfer }; | ||
| allow hal_drm_widevine hal_drm_service:service_manager add; | ||
| allow hal_drm_widevine { appdomain -isolated_app_all }:fd use; | ||
| allow hal_drm_widevine hal_allocator_server:fd use; | ||
| allow hal_drm_widevine gpu_device:dir search; | ||
| allow hal_drm_widevine gpu_device:chr_file rw_file_perms; | ||
| allow hal_drm_widevine mediadrm_vendor_data_file:dir create_dir_perms; | ||
| allow hal_drm_widevine mediadrm_vendor_data_file:file create_file_perms; | ||
| allow hal_drm_widevine tmpfs:file { read write map }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| android.hardware.drm.IDrmFactory/widevine u:object_r:hal_drm_service:s0 |