From a7c8ea864ee9f82ca7aeb8e0bc13af72fcf6e096 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Wed, 6 Nov 2013 13:00:52 -0500
Subject: [PATCH] Move audio_firmware_file and /data/misc/audio entry to core
 sepolicy.

Change-Id:  Ib8c96ab9e19d34e8e34a4c859528345763be4906
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 file.te        | 1 +
 file_contexts  | 1 +
 mediaserver.te | 4 ++++
 3 files changed, 6 insertions(+)

diff --git a/file.te b/file.te
index 24420e930..51684f324 100644
--- a/file.te
+++ b/file.te
@@ -49,6 +49,7 @@ type shell_data_file, file_type, data_file_type;
 # /data/gps
 type gps_data_file, file_type, data_file_type;
 # /data/misc subdirectories
+type audio_firmware_file, file_type, data_file_type;
 type bluetooth_data_file, file_type, data_file_type;
 type keystore_data_file, file_type, data_file_type;
 type vpn_data_file, file_type, data_file_type;
diff --git a/file_contexts b/file_contexts
index 89a8cf7b1..d09d42743 100644
--- a/file_contexts
+++ b/file_contexts
@@ -168,6 +168,7 @@
 /data/tombstones(/.*)?	u:object_r:tombstone_data_file:s0
 /data/local/tmp(/.*)?	u:object_r:shell_data_file:s0
 # Misc data
+/data/misc/audio(/.*)?          u:object_r:audio_firmware_file:s0
 /data/misc/bluetooth(/.*)?	u:object_r:bluetooth_data_file:s0
 /data/misc/bluedroid(/.*)?	u:object_r:bluetooth_data_file:s0
 /data/misc/keystore(/.*)?	u:object_r:keystore_data_file:s0
diff --git a/mediaserver.te b/mediaserver.te
index 1a065b070..6904f821c 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -49,6 +49,10 @@ allow mediaserver system_server:fifo_file r_file_perms;
 allow mediaserver camera_calibration_file:dir r_dir_perms;
 allow mediaserver camera_calibration_file:file r_file_perms;
 
+# Grant access to audio firmware files to mediaserver
+allow mediaserver audio_firmware_file:dir ra_dir_perms;
+allow mediaserver audio_firmware_file:file create_file_perms;
+
 # Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid
 allow mediaserver qtaguid_proc:file rw_file_perms;
 allow mediaserver qtaguid_device:chr_file r_file_perms;
-- 
GitLab