diff --git a/sepolicy/ohos_policy/drivers/peripheral/camera/vendor/camera_host.te b/sepolicy/ohos_policy/drivers/peripheral/camera/vendor/camera_host.te index 755e7b4b6342805f159cb76f7ed048a9e7cf4325..c80df28755ac485fb6fd17a8882a5291f9cefd2f 100644 --- a/sepolicy/ohos_policy/drivers/peripheral/camera/vendor/camera_host.te +++ b/sepolicy/ohos_policy/drivers/peripheral/camera/vendor/camera_host.te @@ -116,6 +116,6 @@ debug_only(` allowxperm camera_host dev_dri_file:chr_file ioctl { 0x641f 0x642d 0x642e 0x64b2 0x64b4 }; allowxperm camera_host dev_hdf_kevent:chr_file ioctl { 0x6201 0x6202 0x6203 }; allowxperm camera_host dev_mpp:chr_file ioctl { 0x7601 }; -allowxperm camera_host dev_rga:chr_file ioctl { 0x5017 0x5019 0x601b }; +allowxperm camera_host dev_rga:chr_file ioctl { 0x5017 0x5019 0x601b 0x7201 0x7202 0x7203 }; allowxperm camera_host dev_video_file:chr_file ioctl { 0x5600 0x5605 0x5608 0x5609 0x560f 0x5611 0x5612 0x5613 0x561b 0x564a 0x5602 0x5624 0x564b 0x5625 0x5616 }; allowxperm camera_host hidumper_file:file ioctl 0x5413; diff --git a/sepolicy/ohos_policy/drivers/peripheral/display/vendor/composer_host.te b/sepolicy/ohos_policy/drivers/peripheral/display/vendor/composer_host.te index 51444b769722f0d29c0c0b40ec2b65504e39cc8a..8d4b10a13e3d73b51b837c2f2ee51754d63a9cbe 100644 --- a/sepolicy/ohos_policy/drivers/peripheral/display/vendor/composer_host.te +++ b/sepolicy/ohos_policy/drivers/peripheral/display/vendor/composer_host.te @@ -92,6 +92,6 @@ debug_only(` allowxperm composer_host dev_dri_file:chr_file ioctl { 0x6409 0x640d 0x6411 0x641e 0x641f 0x642d 0x642e 0x643a 0x64a0 0x64a1 0x64a6 0x64a7 0x64aa 0x64af 0x64b2 0x64b4 0x64b5 0x64b6 0x64b8 0x64b9 0x64bc 0x64bd 0x64be }; allowxperm composer_host dev_graphics_file:chr_file ioctl { 0x4611 }; allowxperm composer_host dev_hdf_kevent:chr_file ioctl { 0x6201 0x6202 0x6203 }; -allowxperm composer_host dev_rga:chr_file ioctl { 0x5017 0x601b }; +allowxperm composer_host dev_rga:chr_file ioctl { 0x5017 0x601b 0x7203 0x7201 0x7202 0x7204 }; allow composer_host composer_host:capability {sys_nice}; allow composer_host hdf_devhost_exec:file { getattr open }; diff --git a/sepolicy/ohos_policy/multimedia/player/system/codec_host.te b/sepolicy/ohos_policy/multimedia/player/system/codec_host.te index 24778d63f9d415bec415dc311ec02d4db2a082c3..f31bc66aa8291595954428ada7f52efd6cf09056 100644 --- a/sepolicy/ohos_policy/multimedia/player/system/codec_host.te +++ b/sepolicy/ohos_policy/multimedia/player/system/codec_host.te @@ -37,7 +37,7 @@ allow codec_host dev_mpp:chr_file { read write }; #avc: denied { ioctl } for pid=413 comm="omx_dec_output" path="/dev/rga" dev="tmpfs" ino=169 ioctlcmd=0x5017 scontext=u:r:codec_host:s0 tcontext=u:object_r:dev_rga:s0 tclass=chr_file permissive=1 allow codec_host dev_rga:chr_file { ioctl }; -allowxperm codec_host dev_rga:chr_file ioctl { 0x5017 0x601b }; +allowxperm codec_host dev_rga:chr_file ioctl { 0x5017 0x601b 0x7203 0x7201 0x7202 }; #avc: denied { use } for pid=2003 comm="src:src" path="/dmabuf:" dev="dmabuf" ino=37677 scontext=u:r:codec_host:s0 tcontext=u:r:allocator_host:s0 tclass=fd permissive=1