Skip to content
Snippets Groups Projects
Commit 7cbe44f2 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

drmserver: allow looking in efs_file directories 

We can read any efs_files, but can't look in the directory
containing them. Allow it.

Without this patch, high resolution movie playback is broken.

Addresses the following denial:

[  276.780046] type=1400 audit(1391105234.431:5): avc:  denied  { search } for  pid=125 comm="drmserver" name="/" dev="mmcblk0p1" ino=2 scontext=u:r:drmserver:s0 tcontext=u:object_r:efs_file:s0 tclass=dir

Bug: 12819852

Change-Id: Ie9d13a224cef5e229de1bdb78d605841ed387a21
parent 8d9ef067
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
drmserver.te
+ 1
1
View file @ 7cbe44f2
...@@ -23,7 +23,7 @@ allow drmserver tee_device:chr_file rw_file_perms; ...@@ -23,7 +23,7 @@ allow drmserver tee_device:chr_file rw_file_perms;
allow drmserver platform_app_data_file:file { read write getattr }; allow drmserver platform_app_data_file:file { read write getattr };
allow drmserver { app_data_file asec_apk_file }:file { read write getattr }; allow drmserver { app_data_file asec_apk_file }:file { read write getattr };
allow drmserver sdcard_type:file { read write getattr }; allow drmserver sdcard_type:file { read write getattr };
allow drmserver efs_file:file { open read getattr }; r_dir_file(drmserver, efs_file)
type drmserver_socket, file_type; type drmserver_socket, file_type;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment