sepolicy: allow hal_omx to access audio devices
hal_omx needs to access audio devices to use OMX HW decoders and
encoders. Allow hal_omx to access audio devices.
authored-by: Banajit Goswami <bgoswami@codeaurora.org>
Bug: 133224154
Change-Id: I742c29c4105e5647ca1a7e017e311559a0567b52
(cherry picked from commit 155ca12879c8a1fcd78fa8ee684b289c572e30da)
diff --git a/prebuilts/api/29.0/public/hal_audio.te b/prebuilts/api/29.0/public/hal_audio.te
index a1c098f..bb9eec4 100644
--- a/prebuilts/api/29.0/public/hal_audio.te
+++ b/prebuilts/api/29.0/public/hal_audio.te
@@ -32,7 +32,7 @@
neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *;
# Only audio HAL may directly access the audio hardware
-neverallow { halserverdomain -hal_audio_server } audio_device:chr_file *;
+neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *;
get_prop(hal_audio, bluetooth_a2dp_offload_prop)
get_prop(hal_audio, bluetooth_audio_hal_prop)
diff --git a/public/hal_audio.te b/public/hal_audio.te
index a1c098f..bb9eec4 100644
--- a/public/hal_audio.te
+++ b/public/hal_audio.te
@@ -32,7 +32,7 @@
neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *;
# Only audio HAL may directly access the audio hardware
-neverallow { halserverdomain -hal_audio_server } audio_device:chr_file *;
+neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *;
get_prop(hal_audio, bluetooth_a2dp_offload_prop)
get_prop(hal_audio, bluetooth_audio_hal_prop)