Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6772cfb5 authored by Iliyan Malchev's avatar Iliyan Malchev
Browse files

mediacodec: route all libbinder traffic to /dev/vndbinder 



This CL provides additional sandboxing to ensure that the ban on using
/dev/binder to communicate between system and vendor is enforced (even
if SE policy might otherwise permit it.)  This is done only on
full-Treble devices.

b/36604251 OMX HAL (aka mediacodec) uses Binder and even exposes a
	   Binder service

Test: marlin

Change-Id: I344f5eb9d8719beec02207be65caca78336afff5
Signed-off-by: default avatarIliyan Malchev <malchev@google.com>
parent d3721abf

services/mediacodec/main_codecservice.cpp

+6 −1
Original line number Diff line number Diff line
@@ -46,6 +46,11 @@ static const char kVendorSeccompPolicyPath[] = 
int main(int argc __unused, char** argv)

{

    LOG(INFO) << "mediacodecservice starting";

    bool treble = property_get_bool("persist.media.treble_omx", true);

    if (treble) {

      android::ProcessState::initWithDriver("/dev/vndbinder");

    }



    signal(SIGPIPE, SIG_IGN);

    SetUpMinijail(kSystemSeccompPolicyPath, kVendorSeccompPolicyPath);
@@ -54,7 +59,7 @@ int main(int argc __unused, char** argv) 
    ::android::hardware::configureRpcThreadpool(64, false);

    sp<ProcessState> proc(ProcessState::self());



    if (property_get_bool("persist.media.treble_omx", true)) {

    if (treble) {

        using namespace ::android::hardware::media::omx::V1_0;

        sp<IOmx> omx = new implementation::Omx();

        if (omx == nullptr) {