blob: 7a5e8bcf0d5efacfbbcf44e3a993b5ed4ea1c772 [file] [log] [blame]
Alex Klyubin238ce792017-02-07 10:47:18 -08001# audioserver - audio services daemon
2
Alex Klyubinf5446eb2017-03-23 14:27:32 -07003typeattribute audioserver coredomain;
4
Nick Kralevich5e372712018-09-27 10:21:37 -07005type audioserver_exec, exec_type, file_type, system_file_type;
dcashmancc39f632016-07-22 13:13:11 -07006init_daemon_domain(audioserver)
Jeff Vander Stoepe16fb912019-01-23 15:07:40 -08007tmpfs_domain(audioserver)
Alex Klyubin238ce792017-02-07 10:47:18 -08008
9r_dir_file(audioserver, sdcard_type)
ThiƩbaud Weksteen9ec53272021-06-23 10:21:49 +020010r_dir_file(audioserver, fuse)
Alex Klyubin238ce792017-02-07 10:47:18 -080011
12binder_use(audioserver)
13binder_call(audioserver, binderservicedomain)
14binder_call(audioserver, appdomain)
15binder_service(audioserver)
16
Alex Klyubin7cda44f2017-03-21 14:28:53 -070017hal_client_domain(audioserver, hal_allocator)
Alex Klyubin2d704462017-04-10 11:40:53 -070018# /system/lib64/hw for always-passthrough Allocator HAL ashmem / mapper .so
19r_dir_file(audioserver, system_file)
20
Alex Klyubinac2b4cd2017-02-13 14:40:49 -080021hal_client_domain(audioserver, hal_audio)
Alex Klyubin238ce792017-02-07 10:47:18 -080022
Alex Klyubin238ce792017-02-07 10:47:18 -080023userdebug_or_eng(`
24 # used for TEE sink - pcm capture for debug.
25 allow audioserver media_data_file:dir create_dir_perms;
26 allow audioserver audioserver_data_file:dir create_dir_perms;
27 allow audioserver audioserver_data_file:file create_file_perms;
28
29 # ptrace to processes in the same domain for memory leak detection
30 allow audioserver self:process ptrace;
31')
32
Alex Klyubin238ce792017-02-07 10:47:18 -080033add_service(audioserver, audioserver_service)
Svet Ganovb9a1e7b2018-01-16 21:14:34 -080034allow audioserver activity_service:service_manager find;
Alex Klyubin238ce792017-02-07 10:47:18 -080035allow audioserver appops_service:service_manager find;
36allow audioserver batterystats_service:service_manager find;
Michael Wrighte9f16682019-01-22 20:55:08 +000037allow audioserver external_vibrator_service:service_manager find;
Kevin Rocard25f60572019-02-23 11:41:26 -080038allow audioserver package_native_service:service_manager find;
Alex Klyubin238ce792017-02-07 10:47:18 -080039allow audioserver permission_service:service_manager find;
Svet Ganov365c57f2021-05-20 16:15:31 +000040allow audioserver permission_checker_service:service_manager find;
Alex Klyubin238ce792017-02-07 10:47:18 -080041allow audioserver power_service:service_manager find;
42allow audioserver scheduling_policy_service:service_manager find;
Ray Essickb85e3822018-05-07 13:30:53 -070043allow audioserver mediametrics_service:service_manager find;
Michael Groover1f6b9192018-12-17 21:33:15 -080044allow audioserver sensor_privacy_service:service_manager find;
Ytai Ben-Tsvi43a47422019-11-18 14:52:43 -080045allow audioserver soundtrigger_middleware_service:service_manager find;
Vlad Popa3fc7d832022-07-27 12:11:45 +000046allow audioserver audio_service:service_manager find;
Alex Klyubin238ce792017-02-07 10:47:18 -080047
Aniket Kumar Latad3d78002018-01-31 20:20:08 -080048# Allow read/write access to bluetooth-specific properties
Jaekyun Seok224921d2018-04-09 12:07:32 +090049set_prop(audioserver, bluetooth_a2dp_offload_prop)
Cheney Nie55a74b2019-03-18 11:07:32 +080050set_prop(audioserver, bluetooth_audio_hal_prop)
Aniket Kumar Latad3d78002018-01-31 20:20:08 -080051set_prop(audioserver, bluetooth_prop)
Jaekyun Seok224921d2018-04-09 12:07:32 +090052set_prop(audioserver, exported_bluetooth_prop)
Ajay Panickere32d9402018-02-27 11:43:23 -080053
Alex Klyubin238ce792017-02-07 10:47:18 -080054# Grant access to audio files to audioserver
55allow audioserver audio_data_file:dir ra_dir_perms;
56allow audioserver audio_data_file:file create_file_perms;
57
Phil Burk2b7f74e2017-04-19 13:21:27 -070058# allow access to ALSA MMAP FDs for AAudio API
59allow audioserver audio_device:chr_file { read write };
60
Joel Galenson6e8bfa22018-03-19 17:13:48 -070061not_full_treble(`allow audioserver audio_device:dir r_dir_perms;')
62not_full_treble(`allow audioserver audio_device:chr_file rw_file_perms;')
63
Mikhail Naganov9450a872017-04-27 18:54:52 -070064# For A2DP bridge which is loaded directly into audioserver
65unix_socket_connect(audioserver, bluetooth, bluetooth)
66
Mikhail Naganov05e12db2018-04-06 14:52:15 -070067# Allow shell commands from ADB and shell for CTS testing/dumping
Svet Ganovb9a1e7b2018-01-16 21:14:34 -080068allow audioserver adbd:fd use;
69allow audioserver adbd:unix_stream_socket { read write };
Mikhail Naganov05e12db2018-04-06 14:52:15 -070070allow audioserver shell:fifo_file { read write };
Svet Ganovb9a1e7b2018-01-16 21:14:34 -080071
72# Allow shell commands from ADB for CTS testing/dumping
73userdebug_or_eng(`
74 allow audioserver su:fd use;
75 allow audioserver su:fifo_file { read write };
76 allow audioserver su:unix_stream_socket { read write };
77')
78
Tomoharu Kasahara0a650412018-11-08 15:54:02 +090079# Allow write access to log tag property
80set_prop(audioserver, log_tag_prop);
81
Alex Klyubin238ce792017-02-07 10:47:18 -080082###
83### neverallow rules
84###
85
86# audioserver should never execute any executable without a
87# domain transition
88neverallow audioserver { file_type fs_type }:file execute_no_trans;
89
Nick Kralevich38c12822017-02-16 12:34:51 -080090# The goal of the mediaserver split is to place media processing code into
91# restrictive sandboxes with limited responsibilities and thus limited
92# permissions. Example: Audioserver is only responsible for controlling audio
93# hardware and processing audio content. Cameraserver does the same for camera
94# hardware/content. Etc.
95#
96# Media processing code is inherently risky and thus should have limited
97# permissions and be isolated from the rest of the system and network.
98# Lengthier explanation here:
99# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
Yifan Hongbe04b092021-06-07 12:37:31 -0700100neverallow audioserver domain:{ udp_socket rawip_socket } *;
101neverallow audioserver { domain userdebug_or_eng(`-su') }:tcp_socket *;
Tri Voef811022018-05-17 17:27:54 -0700102
103# Allow using wake locks
104wakelock_use(audioserver)
Inseob Kim4ce4e872020-05-06 19:17:42 +0900105
106# Allow reading audio config props, e.g. af.fast_track_multiplier
107get_prop(audioserver, audio_config_prop)