# ============================================== # Policy File of /vendor/bin/hw/vendor.mediatek.hardware.gpu@1.0-service Executable File # ============================================== # Type Declaration # ============================================== type mtk_hal_gpu, domain; type mtk_hal_gpu_exec, exec_type, file_type, vendor_file_type; # ============================================== # MTK Policy Rule # ============================================== # Setup for domain transition init_daemon_domain(mtk_hal_gpu) # Allow to use HWBinder IPC hwbinder_use(mtk_hal_gpu); # Allow a set of permissions required for a domain to be a server which provides a HAL implementation over HWBinder. hal_server_domain(mtk_hal_gpu, hal_gpu) # add/find permission rule to hwservicemanager add_hwservice(hal_gpu, mtk_hal_gpu_hwservice) allow hal_gpu_client mtk_hal_gpu_hwservice:hwservice_manager find; # Allow to allocate hidl memory hal_client_domain(mtk_hal_gpu, hal_allocator) # Purpose : Allow to use kernel driver allow mtk_hal_gpu graphics_device:chr_file rw_file_perms; # Purpose : Allow property set allow mtk_hal_gpu init:unix_stream_socket connectto; allow mtk_hal_gpu property_socket:sock_file write; # Purpose : Allow permission to set pq property #set_prop(mtk_hal_gpu, mtk_gpu_prop) allow mtk_hal_gpu debugfs_ged:dir rw_dir_perms; allow mtk_hal_gpu debugfs_ged:file rw_file_perms; allow mtk_hal_gpu proc_ged:file rw_file_perms; allow mtk_hal_gpu hal_graphics_allocator_default:fd use; allow mtk_hal_gpu ion_device:chr_file r_file_perms; allow mtk_hal_gpu debugfs_ion:dir search; allowxperm mtk_hal_gpu proc_ged:file ioctl { GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_LOG_BUF_WRITE GED_BRIDGE_IO_LOG_BUF_RESET GED_BRIDGE_IO_BOOST_GPU_FREQ GED_BRIDGE_IO_MONITOR_3D_FENCE GED_BRIDGE_IO_QUERY_INFO GED_BRIDGE_IO_NOTIFY_VSYNC GED_BRIDGE_IO_DVFS_PROBE GED_BRIDGE_IO_DVFS_UM_RETURN GED_BRIDGE_IO_EVENT_NOTIFY GED_BRIDGE_IO_WAIT_HW_VSYNC GED_BRIDGE_IO_QUERY_TARGET_FPS GED_BRIDGE_IO_VSYNC_WAIT GED_BRIDGE_IO_GPU_HINT_TO_CPU GED_BRIDGE_IO_GE_ALLOC GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_GPU_TIMESTAMP GED_BRIDGE_IO_TARGET_FPS GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GPU_TUNER_STATUS }; allow mtk_hal_gpu merged_hal_service:fd use;