Remove mediacodec from binder violators.

The new binder_call() lines had to be added because this change removes mediacodec from binderservicedomain (on full-treble), hence domains that could previously reach mediacodec with binder_call(domain, binderservicedomain) now need explicit calls instead. Test: Youtube, Netflix, Maps, Chrome, Music Change-Id: I3325ce20d9304bc07659fd435554cbcbacbc9829

Remove mediacodec from binder violators.
The new binder_call() lines had to be added because this change removes mediacodec from binderservicedomain (on full-treble), hence domains that could previously reach mediacodec with binder_call(domain, binderservicedomain) now need explicit calls instead. Test: Youtube, Netflix, Maps, Chrome, Music Change-Id: I3325ce20d9304bc07659fd435554cbcbacbc9829
fc80f480 · Martijn Coenen · e506cda3 · fc80f480 · fc80f480 · fc80f480
Commit fc80f480 authored 7 years ago by Martijn Coenen
--- a/private/app.te
+++ b/private/app.te
@@ -273,6 +273,9 @@ get_prop({ appdomain -isolated_app }, hwservicemanager_prop);
 # Allow app to access the graphic allocator HAL
 binder_call({ appdomain -isolated_app }, hal_graphics_allocator)

+# Allow app access to mediacodec (IOMX HAL)
+binder_call({ appdomain -isolated_app }, mediacodec)
+
 # App can access configstore HAL which is read only
 binder_call({ appdomain -isolated_app }, hal_configstore)


--- a/private/system_server.te
+++ b/private/system_server.te
@@ -199,6 +199,8 @@ hal_client_domain(system_server, hal_wifi)

 hal_client_domain(system_server, hal_wifi_supplicant)

+binder_call(system_server, mediacodec)
+
 # Talk with graphics composer fences
 allow system_server hal_graphics_composer:fd use;


--- a/public/mediacodec.te
+++ b/public/mediacodec.te
@@ -15,19 +15,17 @@ full_treble_only(`
 not_full_treble(`
    # on legacy devices, continue to allow /dev/binder traffic
    binder_use(mediacodec)
+    binder_service(mediacodec)
+    add_service(mediacodec, mediacodec_service)
+    allow mediacodec mediametrics_service:service_manager find;
+    allow mediacodec surfaceflinger_service:service_manager find;
 ')
 binder_call(mediacodec, binderservicedomain)
 binder_call(mediacodec, appdomain)
-binder_service(mediacodec)

 # Allow mediacodec access to composer sync fences
 allow mediacodec hal_graphics_composer:fd use;

-# TODO(b/36604251): Remove this once OMX HAL stops using Binder
-typeattribute mediacodec binder_in_vendor_violators;
-add_service(mediacodec, mediacodec_service)
-allow mediacodec mediametrics_service:service_manager find;
-allow mediacodec surfaceflinger_service:service_manager find;
 allow mediacodec gpu_device:chr_file rw_file_perms;
 allow mediacodec video_device:chr_file rw_file_perms;
 allow mediacodec video_device:dir search;

--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -132,6 +132,8 @@ allow mediaserver system_server:fd use;

 hal_client_domain(mediaserver, hal_allocator)

+binder_call(mediaserver, mediacodec)
+
 ###
 ### neverallow rules
 ###