From bba18381039dbe45f6acce61d6be1ea7abb2fb06 Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Fri, 30 Jan 2015 17:17:04 -0800
Subject: [PATCH] Allow radio access to drmserver_service.

Address the following denial:
SELinux  E  avc:  denied  { find } for service=drm.drmManager scontext=u:r:radio:s0 tcontext=u:object_r:drmserver_service:s0

which occurs when a non-default SMS app sends an MMS. The message would be
stored into system automatically in MMS service (from phone process and phone
UID). The storing of the message involves the creation of
android.drm.DrmManagerClient instance.

Change-Id: Ic4e493f183c9ce7f7ac3f74f6ea062893ea67608
---
 radio.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/radio.te b/radio.te
index a21fd89c1..03d15805a 100644
--- a/radio.te
+++ b/radio.te
@@ -31,6 +31,7 @@ auditallow radio system_radio_prop:property_service set;
 # ctl interface
 allow radio ctl_rildaemon_prop:property_service set;
 
+allow radio drmserver_service:service_manager find;
 allow radio mediaserver_service:service_manager find;
 allow radio radio_service:service_manager { add find };
 allow radio surfaceflinger_service:service_manager find;
-- 
GitLab