From d2dbc8994c768984934b068bc592f710d010a26a Mon Sep 17 00:00:00 2001
From: Jeff Tinker <jtinker@google.com>
Date: Wed, 13 Jul 2016 14:30:27 -0700
Subject: [PATCH] Fix SELinux denials for protected content playback

bug: 30087072
bug: 29937024
Change-Id: I8bf3032b8455556ff5332f538f43aeb514d3b290
---
 mediadrmserver.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mediadrmserver.te b/mediadrmserver.te
index cfa4b282d..d9368ad37 100644
--- a/mediadrmserver.te
+++ b/mediadrmserver.te
@@ -49,6 +49,7 @@ allow mediadrmserver tee:unix_stream_socket connectto;
 allow mediadrmserver mediadrmserver_service:service_manager { add find };
 allow mediadrmserver mediaserver_service:service_manager { add find };
 allow mediadrmserver processinfo_service:service_manager find;
+allow mediadrmserver surfaceflinger_service:service_manager find;
 
 # only allow unprivileged socket ioctl commands
 allowxperm mediadrmserver self:{ rawip_socket tcp_socket udp_socket }
-- 
GitLab