From ad0a033f97e2d517e2f5390fa1ec626fabb7d60e Mon Sep 17 00:00:00 2001 From: wenchangliu Date: Mon, 21 Feb 2022 03:42:32 +0000 Subject: [PATCH] Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device avc: denied { ioctl } for path="/dev/dma_heap/vframe-secure" dev="tmpfs" \ ino=801 ioctlcmd=0x4800 scontext=u:r:hal_graphics_allocator_default:s0 \ tcontext=u:object_r:dmabuf_system_secure_heap_device:s0 \ tclass=chr_file permissive=0 Bug: 199467922 Test: ExoPlayer secure playback Change-Id: I9e6e1bba6d01c1a416a440e8ad425a5cf2ac19c5 --- whitechapel_pro/hal_graphics_allocator_default.te | 1 + 1 file changed, 1 insertion(+) diff --git a/whitechapel_pro/hal_graphics_allocator_default.te b/whitechapel_pro/hal_graphics_allocator_default.te index 05f9508d..2889a800 100644 --- a/whitechapel_pro/hal_graphics_allocator_default.te +++ b/whitechapel_pro/hal_graphics_allocator_default.te @@ -1 +1,2 @@ allow hal_graphics_allocator_default sensor_direct_heap_device:chr_file r_file_perms; +allow hal_graphics_allocator_default dmabuf_system_secure_heap_device:chr_file r_file_perms;