From 7aed1b253f53705c7e9d16657199cdfac9463a17 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 9 Mar 2016 10:14:56 -0800
Subject: [PATCH] priv_app: allow access to mediadrmserver_service

Addresses:
avc:  denied  { find } for service=media.drm pid=6030 uid=10012
scontext=u:r:priv_app:s0:c512,c768
tcontext=u:object_r:mediadrmserver_service:s0 tclass=service_manager

Bug: 27553530
Change-Id: I060de7ee1f66c7a545076b7de8363bebaac61f2c
---
 priv_app.te | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/priv_app.te b/priv_app.te
index 235006c81..8d744f19e 100644
--- a/priv_app.te
+++ b/priv_app.te
@@ -22,9 +22,10 @@ create_pty(priv_app)
 allow priv_app audioserver_service:service_manager find;
 allow priv_app cameraserver_service:service_manager find;
 allow priv_app drmserver_service:service_manager find;
-allow priv_app mediaserver_service:service_manager find;
-allow priv_app mediaextractor_service:service_manager find;
 allow priv_app mediacodec_service:service_manager find;
+allow priv_app mediadrmserver_service:service_manager find;
+allow priv_app mediaextractor_service:service_manager find;
+allow priv_app mediaserver_service:service_manager find;
 allow priv_app nfc_service:service_manager find;
 allow priv_app radio_service:service_manager find;
 allow priv_app surfaceflinger_service:service_manager find;
-- 
GitLab