From 0bbabe482919a0cc2c2e2ef2c94555b5a64b080b Mon Sep 17 00:00:00 2001
From: wenchangliu <wenchangliu@google.com>
Date: Wed, 1 Apr 2020 22:40:49 +0800
Subject: [PATCH] sunfish: Add seccomp policy for Codec2 process

Add seccomp policy for Codec2 process.

Bug: 149511958
Test: adb shell killall media.hwcodec
Change-Id: I5ffe82e527008cd595988308588ed0aa7ae84abb
---
 device.mk                               | 5 +++--
 seccomp_policy/codec2.vendor.ext.policy | 9 ---------
 2 files changed, 3 insertions(+), 11 deletions(-)
 delete mode 100644 seccomp_policy/codec2.vendor.ext.policy

diff --git a/device.mk b/device.mk
index 8e9bc822..d85ec0e8 100644
--- a/device.mk
+++ b/device.mk
@@ -423,7 +423,9 @@ PRODUCT_PACKAGES += \
 PRODUCT_PACKAGES += \
     libqcodec2 \
     vendor.qti.media.c2@1.0-service \
-    media_codecs_c2.xml
+    media_codecs_c2.xml \
+    codec2.vendor.ext.policy \
+    codec2.vendor.base.policy
 
 PRODUCT_PROPERTY_OVERRIDES += \
     debug.stagefright.omx_default_rank=512
@@ -621,7 +623,6 @@ PRODUCT_COPY_FILES += \
 
 # Vendor seccomp policy files for media components:
 PRODUCT_COPY_FILES += \
-    $(LOCAL_PATH)/seccomp_policy/codec2.vendor.ext.policy:$(TARGET_COPY_OUT_VENDOR)/etc/seccomp_policy/codec2.vendor.ext.policy \
     $(LOCAL_PATH)/seccomp_policy/mediacodec.policy:$(TARGET_COPY_OUT_VENDOR)/etc/seccomp_policy/mediacodec.policy
 
 PRODUCT_PROPERTY_OVERRIDES += \
diff --git a/seccomp_policy/codec2.vendor.ext.policy b/seccomp_policy/codec2.vendor.ext.policy
deleted file mode 100644
index 07b7bf70..00000000
--- a/seccomp_policy/codec2.vendor.ext.policy
+++ /dev/null
@@ -1,9 +0,0 @@
-# device specific syscalls
-pselect6: 1
-eventfd2: 1
-sendto: 1
-recvfrom: 1
-_llseek: 1
-sysinfo: 1
-getcwd: 1
-getdents64: 1