sepolicy: Permissions for v1.3 DRM and clearkey HALs

FR60432: OEMCrypto Version 16 support Allow v1.3 DRM and clearkey HALs in SEPolicy. Keep v1.2 HALs as well for backward compatibility. Change-Id: I5aeb50f80507143c8adcf597a78202590447149e
2020-03-03 12:16:54 +05:30
parent db681779a2
commit 70c453a603
4 changed files with 6 additions and 2 deletions
--- a/generic/vendor/common/file_contexts
+++ b/generic/vendor/common/file_contexts
@@ -172,6 +172,8 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.1-service.widevine    u:object_r:vendor_hal_drm_widevine_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.2-service.widevine    u:object_r:vendor_hal_drm_widevine_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.2-service-lazy.widevine    u:object_r:vendor_hal_drm_widevine_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.3-service.widevine    u:object_r:vendor_hal_drm_widevine_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.3-service-lazy.widevine    u:object_r:vendor_hal_drm_widevine_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.display\.allocator@1\.0-service   u:object_r:hal_graphics_allocator_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.display\.allocator-service   u:object_r:hal_graphics_allocator_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.display\.composer@1\.0-service   u:object_r:hal_graphics_composer_default_exec:s0
--- a/legacy/vendor/common/hal_drm_clearkey.te
+++ b/legacy/vendor/common/hal_drm_clearkey.te
@@ -25,7 +25,7 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-# policy for /vendor/bin/hw/android.hardware.drm@1.1-service.clearkey
+# policy for /vendor/bin/hw/android.hardware.drm@1.x-service.clearkey
 type hal_drm_clearkey, domain;
 type hal_drm_clearkey_exec, exec_type, vendor_file_type, file_type;

--- a/qva/vendor/common/file_contexts
+++ b/qva/vendor/common/file_contexts
@@ -67,6 +67,8 @@
 /vendor/bin/hw/vendor\.qti\.hardware\.cryptfshw@1\.0-service-qti                   u:object_r:vendor_hal_keymaster_qti_exec:s0
 /vendor/bin/hw/android\.hardware\.drm@1\.2-service.clearkey                        u:object_r:vendor_hal_drm_clearkey_exec:s0
 /vendor/bin/hw/android\.hardware\.drm@1\.2-service-lazy.clearkey                   u:object_r:vendor_hal_drm_clearkey_exec:s0
+/vendor/bin/hw/android\.hardware\.drm@1\.3-service.clearkey                        u:object_r:vendor_hal_drm_clearkey_exec:s0
+/vendor/bin/hw/android\.hardware\.drm@1\.3-service-lazy.clearkey                   u:object_r:vendor_hal_drm_clearkey_exec:s0
 /vendor/bin/hw/vendor\.nxp\.hardware\.nfc@1\.2-service                             u:object_r:hal_nfc_default_exec:s0
 /vendor/bin/hw/vendor\.nxp\.hardware\.nfc@2\.0-service                             u:object_r:hal_nfc_default_exec:s0
 /vendor/bin/hw/vendor\.qti\.hardware\.alarm@1\.0-service                           u:object_r:vendor_hal_alarm_qti_default_exec:s0
--- a/qva/vendor/common/hal_drm_clearkey.te
+++ b/qva/vendor/common/hal_drm_clearkey.te
@@ -25,7 +25,7 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-# policy for /vendor/bin/hw/android.hardware.drm@1.1-service.clearkey
+# policy for /vendor/bin/hw/android.hardware.drm@1.x-service.clearkey
 type vendor_hal_drm_clearkey, domain;
 type vendor_hal_drm_clearkey_exec, exec_type, vendor_file_type, file_type;