NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/hal_graphics_composer_default.te
Juju Sung 0a3b110ac5 [ALPS04357449] Sepolicy: workaround for denied policy 
[Detail]
Set proc node specific node
- hraphic_composer
- bootanimation
- aee_core_forwarder
- surfaceflinger

MTK-Commit-Id: 46901e2900a497c472b8a7c01f1350bdd28bbdae

Change-Id: I89a1ab578a2841d3a16718153d5a716ad45c399b
CR-Id: ALPS04357449
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 10:09:09 +08:00

55 lines
2.1 KiB
Plaintext
Raw Blame History

vndbinder_use(hal_graphics_composer_default)
allow hal_graphics_composer_default debugfs_ged:dir search;
# Date : WK17.09
# Operation : Add sepolicy
# Purpose : Add polivy for hwc HIDL
allow hal_graphics_composer_default proc:file { read getattr open ioctl };
allow hal_graphics_composer_default proc_ged:file { read ioctl open };
allow hal_graphics_composer_default self:netlink_kobject_uevent_socket { read bind create setopt };
# Date : WK17.21
# Purpose: GPU driver required
allow hal_graphics_composer_default sw_sync_device:chr_file { read write open ioctl };
allow hal_graphics_composer_default hal_graphics_mapper_hwservice:hwservice_manager find;
# Date : W17.24
# Purpose: GPU driver required
allow hal_graphics_composer_default gpu_device:dir search;
#============= hal_graphics_composer_default ==============
allow hal_graphics_composer_default debugfs_ion:dir search;
#============= hal_graphics_composer_default ==============
allow hal_graphics_composer_default debugfs_tracing:file write;
#============= hal_graphics_composer_default ==============
allow hal_graphics_composer_default debugfs_tracing:file open;
# Date : WK17.30
# Operation : O Migration
# Purpose: Allow to access cmdq driver
allow hal_graphics_composer_default mtk_cmdq_device:chr_file { read ioctl open };
# Date : W17.30
# Add for control PowerHAL
allow hal_graphics_composer_default mtk_hal_power_hwservice:hwservice_manager find;
binder_call(hal_graphics_composer_default, mtk_hal_power)
# Date : WK17.32
# Operation : O Migration
# Purpose: Allow to access property
set_prop(hal_graphics_composer_default, graphics_hwc_pid_prop)
get_prop(hal_graphics_composer_default, graphics_hwc_pid_prop)
get_prop(hal_graphics_composer_default, graphics_debug_prop)
set_prop(hal_graphics_composer_default, graphics_hwc_latch_unsignaled_prop)
# Date : WK18.03
# Purpose: Allow to access property dev/mdp_sync
#============= hal_graphics_composer_default ==============
allow hal_graphics_composer_default mtk_mdp_device:chr_file { read write open ioctl };
allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET};
Reference in New Issue View Git Blame Copy Permalink