6772cfb5ac55fca9a31ce6a91855f6e8d14e18be - android_frameworks_av

commit	6772cfb5ac55fca9a31ce6a91855f6e8d14e18be	[log] [tgz]
author	Iliyan Malchev <malchev@google.com>	Tue Apr 11 20:19:36 2017 -0700
committer	Iliyan Malchev <malchev@google.com>	Fri Apr 14 18:50:59 2017 +0000
tree	f8f3a2ecf2ac7dc70ffc76e151c8e986377d9beb
parent	d3721abf255250a0795eeddcf5b06f90d74893a9 [diff]

mediacodec: route all libbinder traffic to /dev/vndbinder

This CL provides additional sandboxing to ensure that the ban on using
/dev/binder to communicate between system and vendor is enforced (even
if SE policy might otherwise permit it.)  This is done only on
full-Treble devices.

b/36604251 OMX HAL (aka mediacodec) uses Binder and even exposes a
	   Binder service

Test: marlin

Change-Id: I344f5eb9d8719beec02207be65caca78336afff5
Signed-off-by: Iliyan Malchev <malchev@google.com>

services/mediacodec/main_codecservice.cpp[diff]

1 file changed

tree: f8f3a2ecf2ac7dc70ffc76e151c8e986377d9beb

Android.bp
CleanSpec.mk
MODULE_LICENSE_APACHE2
NOTICE
camera/
cmds/
drm/
include/
media/
radio/
services/
soundtrigger/
tools/