# Grant access to Qualcomm MSM Interface (QMI) audio sockets to mediaserver qmux_socket(mediaserver) # Permit mediaserver to create sockets with no specific SELinux class. # TODO: Investigate the specific type of socket. allow mediaserver self:socket create_socket_perms; allow mediaserver mpdecision_socket:dir r_dir_perms; unix_socket_send(mediaserver, mpdecision, mpdecision) binder_call(mediaserver, rild) unix_socket_send(mediaserver, camera, camera) unix_socket_connect(mediaserver, adspd, adspd) allow mediaserver audio_cutback_data_file:dir search; allow mediaserver audio_cutback_data_file:sock_file write; # needed for widevine classic allow mediaserver tee_device:chr_file { ioctl open read write };