Additional rules to allow mediaserver to communicate with perfd.

Address the following denial: [ 61.389121] type=1400 audit(1439587763.514:35): avc: denied { connectto } for pid=3995 comm=736F756E6420747269676765722063 path="/data/misc/perfd/mpctl" scontext=u:r:mediaserver:s0 tcontext=u:r:perfd:s0 tclass=unix_stream_socket permissive=0 Bug: 22977937 Change-Id: I8340174dc6b3dbb9cf83af299e379450f8df8d33
author: dcashman <dcashman@google.com> 2015-08-14 16:08:26 -0700
committer: dcashman <dcashman@google.com> 2015-08-14 16:08:26 -0700
commit: 9ab901e00dbd1f410b387887ab9f1bcacd1ad910 (patch)
tree: 561bec59230db147c8ccc2ad86d19a06eefa7d35 /sepolicy
parent: 03cd75c8c1ef5dc976d77ecbb25235cde882f514 (diff)
download: bullhead-9ab901e00dbd1f410b387887ab9f1bcacd1ad910.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
index f3e52c0..aaeace5 100644
--- a/sepolicy/mediaserver.te
+++ b/sepolicy/mediaserver.te
@@ -5,4 +5,5 @@ allow mediaserver camera:unix_dgram_socket sendto;
 allow mediaserver camera_data_file:sock_file write;
 
 allow mediaserver mpctl_data_file:dir search;
+unix_socket_connect(mediaserver, mpctl, perfd)
 unix_socket_send(mediaserver, mpctl, perfd)
author	dcashman <dcashman@google.com>	2015-08-14 16:08:26 -0700
committer	dcashman <dcashman@google.com>	2015-08-14 16:08:26 -0700
commit	9ab901e00dbd1f410b387887ab9f1bcacd1ad910 (patch)
tree	561bec59230db147c8ccc2ad86d19a06eefa7d35 /sepolicy
parent	03cd75c8c1ef5dc976d77ecbb25235cde882f514 (diff)
download	bullhead-9ab901e00dbd1f410b387887ab9f1bcacd1ad910.tar.gz