| # Grant access to Qualcomm MSM Interface (QMI) audio sockets to mediaserver |
| qmux_socket(mediaserver) |
| |
| # Permit mediaserver to create sockets with no specific SELinux class. |
| # TODO: Investigate the specific type of socket. |
| allow mediaserver self:socket create_socket_perms; |
| |
| allow mediaserver mpdecision_socket:dir r_dir_perms; |
| unix_socket_send(mediaserver, mpdecision, mpdecision) |
| |
| binder_call(mediaserver, rild) |
| |
| unix_socket_send(mediaserver, camera, camera) |
| unix_socket_connect(mediaserver, adspd, adspd) |
| allow mediaserver audio_cutback_data_file:dir search; |
| allow mediaserver audio_cutback_data_file:sock_file write; |
| |
| # needed for widevine classic |
| allow mediaserver tee_device:chr_file { ioctl open read write }; |
| |