From c5181b42503d22b62491758ba7411cbd5bd7a518 Mon Sep 17 00:00:00 2001
From: Kane Jhang <kane.jhang@mediatek.com>
Date: Sat, 18 Jan 2020 10:10:51 +0800
Subject: [PATCH] [ALPS04393149] Add needed sepolicy for SF/HWC to use GED

[Detail] Add GED ioctl selinux policy to let SF and HWC
         that can use GED.

[Solution] Add needed sepolicy

MTK-Commit-Id: 26f1f2fa7735d91ccbb51643b1ed7d200a013988

Change-Id: Ie20589d100473578a8fc824d57718537d7102f07
CR-Id: ALPS04393149
Feature: [Module]SurfaceFlinger/HWComposer
---
 non_plat/hal_graphics_composer_default.te | 14 +++++++++++++-
 non_plat/surfaceflinger.te                |  6 ++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/non_plat/hal_graphics_composer_default.te b/non_plat/hal_graphics_composer_default.te
index efeb011..e2e5781 100644
--- a/non_plat/hal_graphics_composer_default.te
+++ b/non_plat/hal_graphics_composer_default.te
@@ -50,4 +50,16 @@ set_prop(hal_graphics_composer_default, graphics_hwc_latch_unsignaled_prop)
 #============= hal_graphics_composer_default ==============
 allow hal_graphics_composer_default mtk_mdp_device:chr_file { read write open ioctl };
 
-allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_LOG_BUF_WRITE };
+allowxperm hal_graphics_composer_default proc_ged:file ioctl {
+GED_BRIDGE_IO_LOG_BUF_GET
+GED_BRIDGE_IO_GE_INFO
+GED_BRIDGE_IO_GE_GET
+GED_BRIDGE_IO_GE_SET
+GED_BRIDGE_IO_LOG_BUF_WRITE
+GED_BRIDGE_IO_GE_ALLOC
+GED_BRIDGE_IO_BOOST_GPU_FREQ
+GED_BRIDGE_IO_IOCTLCMD_0F
+GED_BRIDGE_IO_IOCTLCMD_10
+GED_BRIDGE_IO_MONITOR_3D_FENCE
+GED_BRIDGE_IO_QUERY_INFO
+};
diff --git a/non_plat/surfaceflinger.te b/non_plat/surfaceflinger.te
index ff78250..fca1b5c 100644
--- a/non_plat/surfaceflinger.te
+++ b/non_plat/surfaceflinger.te
@@ -74,4 +74,10 @@ GED_BRIDGE_IO_BOOST_GPU_FREQ
 GED_BRIDGE_IO_QUERY_INFO
 GED_BRIDGE_IO_GE_GET
 GED_BRIDGE_IO_LOG_BUF_WRITE
+GED_BRIDGE_IO_GE_SET
+GED_BRIDGE_IO_GE_ALLOC
+GED_BRIDGE_IO_GE_INFO
+GED_BRIDGE_IO_IOCTLCMD_0F
+GED_BRIDGE_IO_IOCTLCMD_10
+GED_BRIDGE_IO_MONITOR_3D_FENCE
 };