diff --git a/basic/non_plat/file_contexts b/basic/non_plat/file_contexts index 4a8d032..9614e2f 100644 --- a/basic/non_plat/file_contexts +++ b/basic/non_plat/file_contexts @@ -716,6 +716,10 @@ # Google Trusty system files /(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@3\.0-service\.trusty u:object_r:hal_keymaster_default_exec:s0 +# gpu hal +/(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.gpu@1\.0-service u:object_r:mtk_hal_gpu_exec:s0 +/vendor/lib(64)?/vendor\.mediatek\.hardware\.gpu@1\.0.so u:object_r:same_process_hal_file:s0 + # MTEE keymaster4.0/4.1 system files /(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.0-service\.mtee u:object_r:hal_keymaster_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.1-service\.mtee u:object_r:hal_keymaster_default_exec:s0 diff --git a/basic/non_plat/hal_gpu.te b/basic/non_plat/hal_gpu.te new file mode 100644 index 0000000..6020588 --- /dev/null +++ b/basic/non_plat/hal_gpu.te @@ -0,0 +1,6 @@ +# HwBinder IPC from clients into server, and callbacks +binder_call(hal_gpu_client, hal_gpu_server) +binder_call(hal_gpu_server, hal_gpu_client) + +# give permission for hal client +allow hal_gpu_client mtk_hal_gpu_hwservice :hwservice_manager find; diff --git a/basic/non_plat/hwservice.te b/basic/non_plat/hwservice.te index 4d59524..16bfdf4 100644 --- a/basic/non_plat/hwservice.te +++ b/basic/non_plat/hwservice.te @@ -74,3 +74,6 @@ type mtk_hal_bluetooth_audio_hwservice,hwservice_manager_type; # Date: 2021/06/30 # composer extension HIDL type mtk_hal_composer_ext_hwservice, hwservice_manager_type, protected_hwservice; + +# GPU HIDL +type mtk_hal_gpu_hwservice, hwservice_manager_type; diff --git a/basic/non_plat/hwservice_contexts b/basic/non_plat/hwservice_contexts index 5e5a37e..cffdba4 100644 --- a/basic/non_plat/hwservice_contexts +++ b/basic/non_plat/hwservice_contexts @@ -10,6 +10,9 @@ vendor.mediatek.hardware.radio::ISap u:object_r:m vendor.mediatek.hardware.interfaces_tc1.mtkradioex_tc1::IMtkRadioEx u:object_r:mtk_hal_rild_hwservice:s0 vendor.mediatek.hardware.radio_op::IRadioOp u:object_r:mtk_hal_rild_hwservice:s0 +# GPU HIDL +vendor.mediatek.hardware.gpu::IGraphicExt u:object_r:mtk_hal_gpu_hwservice:s0 + # Date: 2017/06/07 # power hidl vendor.mediatek.hardware.mtkpower::IMtkPerf u:object_r:hal_power_hwservice:s0 diff --git a/basic/non_plat/mtk_hal_gpu.te b/basic/non_plat/mtk_hal_gpu.te new file mode 100644 index 0000000..77c9a7b --- /dev/null +++ b/basic/non_plat/mtk_hal_gpu.te @@ -0,0 +1,30 @@ +type mtk_hal_gpu, domain; +type mtk_hal_gpu_exec, exec_type, file_type, vendor_file_type; + +# Setup for domain transition +init_daemon_domain(mtk_hal_gpu) + +# Allow to use HWBinder IPC +hwbinder_use(mtk_hal_gpu); + +# Allow a set of permissions required for a domain to be a server which provides a HAL implementation over HWBinder. +hal_server_domain(mtk_hal_gpu, hal_gpu) + +# add/find permission rule to hwservicemanager +add_hwservice(hal_gpu, mtk_hal_gpu_hwservice) +allow hal_gpu_client mtk_hal_gpu_hwservice:hwservice_manager find; + +# Allow to allocate hidl memory +hal_client_domain(mtk_hal_gpu, hal_allocator) + +# Purpose : Allow to use kernel driver +allow mtk_hal_gpu graphics_device:chr_file rw_file_perms; + +allow mtk_hal_gpu proc_ged:file rw_file_perms; +allowxperm mtk_hal_gpu proc_ged:file ioctl { proc_ged_ioctls }; + +allow mtk_hal_gpu hal_graphics_allocator_default:fd use; +allow mtk_hal_gpu ion_device:chr_file r_file_perms; +allow mtk_hal_gpu debugfs_ion:dir search; + +allow mtk_hal_gpu merged_hal_service:fd use; diff --git a/basic/plat_public/attributes b/basic/plat_public/attributes index 4c48837..07ef535 100644 --- a/basic/plat_public/attributes +++ b/basic/plat_public/attributes @@ -33,6 +33,11 @@ attribute hal_mtk_lbs; attribute hal_mtk_lbs_client; attribute hal_mtk_lbs_server; +# GPU HIDL +attribute hal_gpu; +attribute hal_gpu_client; +attribute hal_gpu_server; + # Date: 2017/06/27 # IMSA HIDL attribute hal_mtk_imsa; diff --git a/bsp/non_plat/camerapostalgo.te b/bsp/non_plat/camerapostalgo.te index 9023a6d..c5f6a5b 100644 --- a/bsp/non_plat/camerapostalgo.te +++ b/bsp/non_plat/camerapostalgo.te @@ -23,4 +23,5 @@ hal_client_domain(camerapostalgo, hal_mtk_mms) hal_client_domain(camerapostalgo, hal_graphics_allocator) allow camerapostalgo hal_graphics_mapper_hwservice:hwservice_manager find; allow camerapostalgo hal_configstore_default:binder call; +allow camerapostalgo mtk_hal_gpu_hwservice:hwservice_manager find;