private: hal_widevine_system: support private storage - mediadrm_system_data_file file type - make it private to hal_widevine_system Bug: 371777025 Test: lunch qemu_trusty_arm64-trunk_staging-userdebug Change-Id: I5bd28eb4f2eaa44bb0b5a934b7919d2b959ec098

commit: 967f71811b10a54589cb6b91009b2ff1ad0f8c0d [log] [tgz]
author: Armelle Laine <armellel@google.com> Mon Mar 17 10:28:50 2025 +0000
committer: Armelle Laine <armellel@google.com> Mon Mar 17 10:32:27 2025 +0000
tree: 6e1d7498e1b115f8b1bd54d737b2a8e1076cf1e7
parent: 267e4b211f636b2d5af74e566b0d0a67025b13f2 [diff] [blame]
diff --git a/private/app.te b/private/app.te
index a32cdb2..3219fbe 100644
--- a/private/app.te
+++ b/private/app.te

@@ -609,6 +609,8 @@
     { create write setattr relabelfrom relabelto append unlink link rename };
 
 # Write to various other parts of /data.
+neverallow appdomain mediadrm_system_data_file:dir_file_class_set
+    { create write setattr relabelfrom relabelto append unlink link rename };
 neverallow appdomain drm_data_file:dir_file_class_set
     { create write setattr relabelfrom relabelto append unlink link rename };
 neverallow { appdomain -platform_app }
commit	967f71811b10a54589cb6b91009b2ff1ad0f8c0d	[log] [tgz]
author	Armelle Laine <armellel@google.com>	Mon Mar 17 10:28:50 2025 +0000
committer	Armelle Laine <armellel@google.com>	Mon Mar 17 10:32:27 2025 +0000
tree	6e1d7498e1b115f8b1bd54d737b2a8e1076cf1e7
parent	267e4b211f636b2d5af74e566b0d0a67025b13f2 [diff] [blame]