Transition mediacodec to /dev/hwbinder and /dev/vndbinder This change disables /dev/binder access to and by mediacodec on full-Treble devices. b/36604251 OMX HAL (aka mediacodec) uses Binder and even exposes a Binder service Test: marlin Change-Id: I1e30a6c56950728f36351c41b2859221753fd91a Signed-off-by: Iliyan Malchev <malchev@google.com>

commit: 56cdcd48d583b4cef4f63c3f7a1088dbd01cc932 [log] [tgz]
author: Iliyan Malchev <malchev@google.com> Tue Apr 11 20:01:51 2017 -0700
committer: Iliyan Malchev <malchev@google.com> Fri Apr 14 18:50:40 2017 +0000
tree: 6f2f5438bf9a1c2a064f98bce5508ead0e8a8576
parent: 31c55240a83bd7975a3df3928a1adb29a397c987 [diff]
diff --git a/public/mediacodec.te b/public/mediacodec.te
index b8cde80..c67078b 100644
--- a/public/mediacodec.te
+++ b/public/mediacodec.te

@@ -8,7 +8,14 @@
 # and use macro hal_server_domain
 get_prop(mediacodec, hwservicemanager_prop)
 
-binder_use(mediacodec)
+full_treble_only(`
+    # on full-Treble devices, route all /dev/binder traffic to /dev/vndbinder
+    vndbinder_use(mediacodec)
+')
+not_full_treble(`
+    # on legacy devices, continue to allow /dev/binder traffic
+    binder_use(mediacodec)
+')
 binder_call(mediacodec, binderservicedomain)
 binder_call(mediacodec, appdomain)
 binder_service(mediacodec)
commit	56cdcd48d583b4cef4f63c3f7a1088dbd01cc932	[log] [tgz]
author	Iliyan Malchev <malchev@google.com>	Tue Apr 11 20:01:51 2017 -0700
committer	Iliyan Malchev <malchev@google.com>	Fri Apr 14 18:50:40 2017 +0000
tree	6f2f5438bf9a1c2a064f98bce5508ead0e8a8576
parent	31c55240a83bd7975a3df3928a1adb29a397c987 [diff]