mediacodec: add seccomp filter for arm/arm64
mediacodec always runs in 32 bit mode so the arm seccomp filter is also
used on arm64 devices.
Tests: mediaserver CTS for bullhead, volantis and shamu
Add policy to log blocked syscalls to syslog and allow debuggerd attach
on mediacodec crash.
Bug: 27066802, 27064966
Change-Id: I4bdbba25b8847afa98d89b4b4ca863829fa19754
diff --git a/services/mediacodec/Android.mk b/services/mediacodec/Android.mk
index 239b4e1..a5f0751 100644
--- a/services/mediacodec/Android.mk
+++ b/services/mediacodec/Android.mk
@@ -14,8 +14,10 @@
# service executable
include $(CLEAR_VARS)
-LOCAL_SRC_FILES := main_codecservice.cpp
-LOCAL_SHARED_LIBRARIES := libmedia libmediacodecservice libbinder libutils liblog
+LOCAL_REQUIRED_MODULES_arm := mediacodec-seccomp.policy
+LOCAL_SRC_FILES := main_codecservice.cpp minijail/minijail.cpp
+LOCAL_SHARED_LIBRARIES := libmedia libmediacodecservice libbinder libutils \
+ liblog libminijail
LOCAL_C_INCLUDES := \
$(TOP)/frameworks/av/media/libstagefright \
$(TOP)/frameworks/native/include/media/openmax
@@ -24,4 +26,5 @@
LOCAL_INIT_RC := mediacodec.rc
include $(BUILD_EXECUTABLE)
+include $(call all-makefiles-under, $(LOCAL_PATH))