diff --git a/non_plat/attributes b/non_plat/attributes index 09e4003..eb869b1 100644 --- a/non_plat/attributes +++ b/non_plat/attributes @@ -76,3 +76,10 @@ attribute hal_mtkcodecservice; attribute hal_atci; attribute hal_atci_client; attribute hal_atci_server; + +# Date: 2019/04/19 +# GPU HIDL +attribute hal_gpu; +attribute hal_gpu_client; +attribute hal_gpu_server; + diff --git a/non_plat/file_contexts b/non_plat/file_contexts index 3004e23..5b20699 100644 --- a/non_plat/file_contexts +++ b/non_plat/file_contexts @@ -575,6 +575,9 @@ # MTK OMAPI for UICC /(system\/vendor|vendor)/bin/hw/android\.hardware\.secure_element@1\.0-service-mediatek u:object_r:mtk_hal_secure_element_exec:s0 +#gpu hal +/(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.gpu@1\.0-service u:object_r:mtk_hal_gpu_exec:s0 + ############################# # System/bin files @@ -613,6 +616,8 @@ /vendor/lib(64)?/vendor\.mediatek\.hardware\.pq@[0-9]\.[0-9]\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libpq_prot\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/vendor\.mediatek\.hardware\.gpu@1\.0.so u:object_r:same_process_hal_file:s0 + /vendor/lib(64)?/libladder\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libtflite_mtk.so u:object_r:same_process_hal_file:s0 diff --git a/non_plat/hal_gpu.te b/non_plat/hal_gpu.te new file mode 100644 index 0000000..6020588 --- /dev/null +++ b/non_plat/hal_gpu.te @@ -0,0 +1,6 @@ +# HwBinder IPC from clients into server, and callbacks +binder_call(hal_gpu_client, hal_gpu_server) +binder_call(hal_gpu_server, hal_gpu_client) + +# give permission for hal client +allow hal_gpu_client mtk_hal_gpu_hwservice :hwservice_manager find; diff --git a/non_plat/hwservice.te b/non_plat/hwservice.te index 368dc3a..4c7f095 100644 --- a/non_plat/hwservice.te +++ b/non_plat/hwservice.te @@ -49,3 +49,8 @@ type mtk_hal_mms_hwservice, hwservice_manager_type; type hal_atci_hwservice, hwservice_manager_type; type mtk_hal_keymanage_hwservice, hwservice_manager_type; + +# Date: 2019/04/26 +# GPU HIDL +type mtk_hal_gpu_hwservice, hwservice_manager_type; + diff --git a/non_plat/hwservice_contexts b/non_plat/hwservice_contexts index cd6e9b6..5d9cc1a 100644 --- a/non_plat/hwservice_contexts +++ b/non_plat/hwservice_contexts @@ -56,3 +56,8 @@ vendor.mediatek.hardware.engineermode::IEmd u:object_r:mtk_hal_em_hwservice:s0 # Date : 2018/07/02 # MMS HIDL vendor.mediatek.hardware.mms::IMms u:object_r:mtk_hal_mms_hwservice:s0 + +# Date : 2019/04/19 +# GPU HIDL +vendor.mediatek.hardware.gpu::IGraphicExt u:object_r:mtk_hal_gpu_hwservice:s0 + diff --git a/non_plat/mtk_hal_gpu.te b/non_plat/mtk_hal_gpu.te new file mode 100644 index 0000000..5b414eb --- /dev/null +++ b/non_plat/mtk_hal_gpu.te @@ -0,0 +1,51 @@ +# ============================================== +# Policy File of /vendor/bin/hw/vendor.mediatek.hardware.gpu@1.0-service Executable File + +# ============================================== +# Type Declaration +# ============================================== + +type mtk_hal_gpu, domain; +type mtk_hal_gpu_exec, exec_type, file_type, vendor_file_type; + +# ============================================== +# MTK Policy Rule +# ============================================== + +# Setup for domain transition +init_daemon_domain(mtk_hal_gpu) + +# Allow to use HWBinder IPC +hwbinder_use(mtk_hal_gpu); + +# Allow a set of permissions required for a domain to be a server which provides a HAL implementation over HWBinder. +hal_server_domain(mtk_hal_gpu, hal_gpu) + +# add/find permission rule to hwservicemanager +add_hwservice(hal_gpu, mtk_hal_gpu_hwservice) +allow hal_gpu_client mtk_hal_gpu_hwservice:hwservice_manager find; + +# Allow to allocate hidl memory +hal_client_domain(mtk_hal_gpu, hal_allocator) + +# Purpose : Allow to use kernel driver +allow mtk_hal_gpu graphics_device:chr_file rw_file_perms; + +# Purpose : Allow property set +allow mtk_hal_gpu init:unix_stream_socket connectto; +allow mtk_hal_gpu property_socket:sock_file write; + + +# Purpose : Allow permission to set pq property +#set_prop(mtk_hal_gpu, mtk_gpu_prop) + +allow mtk_hal_gpu debugfs_ged:dir rw_dir_perms; +allow mtk_hal_gpu debugfs_ged:file rw_file_perms; +allow mtk_hal_gpu proc_ged:file rw_file_perms; + +allow mtk_hal_gpu hal_graphics_allocator_default:fd use; +allow mtk_hal_gpu ion_device:chr_file r_file_perms; +allow mtk_hal_gpu debugfs_ion:dir search; + + +