Merge changes I513cdbfd,Ia1fa1fd6

* changes:
  Allow mediaextractor to load libraries from apk_data_file
  Allow scanning extractor library directory

private/app_neverallows.te

@@ -243,3 +243,6 @@ full_treble_only(`
     -untrusted_app_visible_halserver
   }:binder { call transfer };
 ')
+
+# Untrusted apps are not allowed to find mediaextractor update service.
+neverallow all_untrusted_apps mediaextractor_update_service:service_manager find;

private/compat/26.0/26.0.ignore.cil

@@ -52,6 +52,7 @@
     lowpan_device
     lowpan_prop
     lowpan_service
+    mediaextractor_update_service
     mediaprovider_tmpfs
     netd_stable_secret_prop
     network_watchlist_data_file

private/service_contexts

@@ -88,6 +88,7 @@ media.log                                 u:object_r:audioserver_service:s0
 media.player                              u:object_r:mediaserver_service:s0
 media.metrics                             u:object_r:mediametrics_service:s0
 media.extractor                           u:object_r:mediaextractor_service:s0
+media.extractor.update                    u:object_r:mediaextractor_update_service:s0
 media.codec                               u:object_r:mediacodec_service:s0
 media.resource_manager                    u:object_r:mediaserver_service:s0
 media.sound_trigger_hw                    u:object_r:audioserver_service:s0

private/system_server.te

@@ -746,6 +746,11 @@ allow system_server netd:bpf { map_read map_write };
 allow system_server user_profile_data_file:dir { search };
 allow system_server user_profile_data_file:file { getattr open read };
 
+userdebug_or_eng(`
+  # Allow system server to notify mediaextractor of the plugin update.
+  allow system_server mediaextractor_update_service:service_manager find;
+')
+
 ###
 ### Neverallow rules
 ###

public/domain.te

@@ -416,6 +416,7 @@ neverallow {
     userdebug_or_eng(`-su')
     -webview_zygote
     -zygote
+    userdebug_or_eng(`-mediaextractor')
 } {
     file_type
     -system_file

public/mediaextractor.te

@@ -34,6 +34,18 @@ allow mediaextractor apk_data_file:file { read getattr };
 allow mediaextractor asec_apk_file:file { read getattr };
 allow mediaextractor ringtone_file:file { read getattr };
 
+# scan extractor library directory to dynamically load extractors
+allow mediaextractor system_file:dir { read open };
+
+userdebug_or_eng(`
+  # Allow extractor to add update service.
+  add_service(mediaextractor, mediaextractor_update_service)
+
+  # Allow extractor to load media extractor plugins from update apk.
+  allow mediaextractor apk_data_file:dir search;
+  allow mediaextractor apk_data_file:file { execute open };
+')
+
 ###
 ### neverallow rules
 ###
@@ -60,4 +72,5 @@ neverallow mediaextractor domain:{ tcp_socket udp_socket rawip_socket } *;
 neverallow mediaextractor {
   data_file_type
   -zoneinfo_data_file # time zone data from /data/misc/zoneinfo
+  userdebug_or_eng(`-apk_data_file') # for loading media extractor plugins
 }:file open;

public/service.te

@@ -16,6 +16,7 @@ type keystore_service,          service_manager_type;
 type mediaserver_service,       service_manager_type;
 type mediametrics_service,      service_manager_type;
 type mediaextractor_service,    service_manager_type;
+type mediaextractor_update_service, service_manager_type;
 type mediacodec_service,        service_manager_type;
 type mediadrmserver_service,    service_manager_type;
 type netd_service,              service_manager_type;