From fc80f4808289184f1cbb23cca54c4b4447c8bbb3 Mon Sep 17 00:00:00 2001
From: Martijn Coenen <maco@google.com>
Date: Sat, 15 Apr 2017 08:09:08 -0700
Subject: [PATCH] Remove mediacodec from binder violators.

The new binder_call() lines had to be added
because this change removes mediacodec from
binderservicedomain (on full-treble), hence
domains that could previously reach mediacodec
with binder_call(domain, binderservicedomain)
now need explicit calls instead.

Test: Youtube, Netflix, Maps, Chrome, Music
Change-Id: I3325ce20d9304bc07659fd435554cbcbacbc9829
---
 private/app.te           |  3 +++
 private/system_server.te |  2 ++
 public/mediacodec.te     | 10 ++++------
 public/mediaserver.te    |  2 ++
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/private/app.te b/private/app.te
index d6dc48cbb..2fddb444f 100644
--- a/private/app.te
+++ b/private/app.te
@@ -273,6 +273,9 @@ get_prop({ appdomain -isolated_app }, hwservicemanager_prop);
 # Allow app to access the graphic allocator HAL
 binder_call({ appdomain -isolated_app }, hal_graphics_allocator)
 
+# Allow app access to mediacodec (IOMX HAL)
+binder_call({ appdomain -isolated_app }, mediacodec)
+
 # App can access configstore HAL which is read only
 binder_call({ appdomain -isolated_app }, hal_configstore)
 
diff --git a/private/system_server.te b/private/system_server.te
index e200bef2d..0f0dcdc55 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -199,6 +199,8 @@ hal_client_domain(system_server, hal_wifi)
 
 hal_client_domain(system_server, hal_wifi_supplicant)
 
+binder_call(system_server, mediacodec)
+
 # Talk with graphics composer fences
 allow system_server hal_graphics_composer:fd use;
 
diff --git a/public/mediacodec.te b/public/mediacodec.te
index e4801b628..3445c7a62 100644
--- a/public/mediacodec.te
+++ b/public/mediacodec.te
@@ -15,19 +15,17 @@ full_treble_only(`
 not_full_treble(`
     # on legacy devices, continue to allow /dev/binder traffic
     binder_use(mediacodec)
+    binder_service(mediacodec)
+    add_service(mediacodec, mediacodec_service)
+    allow mediacodec mediametrics_service:service_manager find;
+    allow mediacodec surfaceflinger_service:service_manager find;
 ')
 binder_call(mediacodec, binderservicedomain)
 binder_call(mediacodec, appdomain)
-binder_service(mediacodec)
 
 # Allow mediacodec access to composer sync fences
 allow mediacodec hal_graphics_composer:fd use;
 
-# TODO(b/36604251): Remove this once OMX HAL stops using Binder
-typeattribute mediacodec binder_in_vendor_violators;
-add_service(mediacodec, mediacodec_service)
-allow mediacodec mediametrics_service:service_manager find;
-allow mediacodec surfaceflinger_service:service_manager find;
 allow mediacodec gpu_device:chr_file rw_file_perms;
 allow mediacodec video_device:chr_file rw_file_perms;
 allow mediacodec video_device:dir search;
diff --git a/public/mediaserver.te b/public/mediaserver.te
index 01cc4d8c7..8c9ef31f2 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -132,6 +132,8 @@ allow mediaserver system_server:fd use;
 
 hal_client_domain(mediaserver, hal_allocator)
 
+binder_call(mediaserver, mediacodec)
+
 ###
 ### neverallow rules
 ###
-- 
GitLab