Label /data/misc/media and allow mediaserver access to it.

Otherwise we get denials like these on 4.4: type=1400 audit(1383590170.360:29): avc: denied { write } for pid=61 comm="mediaserver" name="media" dev="mtdblock1" ino=6416 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir type=1400 audit(1383590170.360:29): avc: denied { add_name } for pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir type=1400 audit(1383590170.360:29): avc: denied { create } for pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file type=1400 audit(1383590170.360:29): avc: denied { write open } for pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file type=1400 audit(1383590255.100:231): avc: denied { write } for pid=832 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file type=1400 audit(1383590255.100:231): avc: denied { open } for pid=832 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file Change-Id: Ic374488f8b62bd4f8b3c90f30da0e8d1ed1a7343 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
author: Stephen Smalley <sds@tycho.nsa.gov> 2013-11-04 09:50:52 -0500
committer: Nick Kralevich <nnk@google.com> 2013-11-07 16:22:50 -0800
commit: a771671877d306804dbbf5a8e6baa03c877f890d (patch)
tree: 99f34e32cbb2dd676b07a96c1d5ceeb2b6ff60b7 /file.te
parent: ddf98fa8cf11000f91329945abc23ee791adfe69 (diff)
download: android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.tar.gz
android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.tar.bz2
android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/file.te b/file.te
index 51684f3..5b71f8b 100644
--- a/file.te
+++ b/file.te
@@ -51,6 +51,7 @@ type gps_data_file, file_type, data_file_type;
 # /data/misc subdirectories
 type audio_firmware_file, file_type, data_file_type;
 type bluetooth_data_file, file_type, data_file_type;
+type media_data_file, file_type, data_file_type;
 type keystore_data_file, file_type, data_file_type;
 type vpn_data_file, file_type, data_file_type;
 type systemkeys_data_file, file_type, data_file_type;
author	Stephen Smalley <sds@tycho.nsa.gov>	2013-11-04 09:50:52 -0500
committer	Nick Kralevich <nnk@google.com>	2013-11-07 16:22:50 -0800
commit	a771671877d306804dbbf5a8e6baa03c877f890d (patch)
tree	99f34e32cbb2dd676b07a96c1d5ceeb2b6ff60b7 /file.te
parent	ddf98fa8cf11000f91329945abc23ee791adfe69 (diff)
download	android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.tar.gz android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.tar.bz2 android_external_sepolicy-a771671877d306804dbbf5a8e6baa03c877f890d.zip