SELinux policy for accessing audio firmware files.

Change-Id: I9a0467b16e7b0a4f6ca41bdd1a76971a3771112a
author: Alex Klyubin <klyubin@google.com> 2013-05-02 16:27:36 -0700
committer: Alex Klyubin <klyubin@google.com> 2013-05-02 16:27:36 -0700
commit: 387e7a004718469cc63ee8d867b7c490331a8e0e (patch)
tree: 9d22187a397fd2d989b07a60e0de42bef481cf02
parent: 9fa6d52eb5f170cd84d48df13cab641bf32fc76c (diff)
download: mako-387e7a004718469cc63ee8d867b7c490331a8e0e.tar.gz
3 files changed, 9 insertions, 0 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 77b0e1d..839b0a4 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -3,3 +3,5 @@ type qmux_audio_socket, file_type;
 type qmux_bluetooth_socket, file_type;
 type qmux_gps_socket, file_type;
 type qmux_radio_socket, file_type;
+
+type audio_firmware_file, file_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 02d1b24..5524e47 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -17,3 +17,6 @@
 
 # Qualcomm MSM Audio ACDB device
 /dev/msm_acdb       u:object_r:msm_acdb_device:s0
+
+# Qualcomm audio firmware files
+/data/misc/audio/*                 u:object_r:audio_firmware_file:s0
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
index 49e4d98..dacaacf 100644
--- a/sepolicy/mediaserver.te
+++ b/sepolicy/mediaserver.te
@@ -7,3 +7,7 @@ allow mediaserver qmux_audio_socket:dir rw_dir_perms;
 
 # Permit mediaserver to create sockets
 allow mediaserver self:socket create;
+
+# Grant access to audio firmware files to mediaserver
+allow mediaserver audio_firmware_file:dir ra_dir_perms;
+allow mediaserver audio_firmware_file:file create_file_perms;
author	Alex Klyubin <klyubin@google.com>	2013-05-02 16:27:36 -0700
committer	Alex Klyubin <klyubin@google.com>	2013-05-02 16:27:36 -0700
commit	387e7a004718469cc63ee8d867b7c490331a8e0e (patch)
tree	9d22187a397fd2d989b07a60e0de42bef481cf02
parent	9fa6d52eb5f170cd84d48df13cab641bf32fc76c (diff)
download	mako-387e7a004718469cc63ee8d867b7c490331a8e0e.tar.gz