b086e609ac
[Detail] Because "ro.vendor.net.upload.benchmark.default" is unlabeled property, so all use it will have name of vendor_default_prop [Solution] Need owner to relabel the property of "ro.vendor.net.upload.benchmark.default" MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248 Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
62 lines
1.8 KiB
Plaintext
62 lines
1.8 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ============
|
|
|
|
# Data : WK14.42
|
|
# Operation : Migration
|
|
# Purpose : Video playback
|
|
allow surfaceflinger sw_sync_device:chr_file { rw_file_perms };
|
|
allow surfaceflinger debug_prop:property_service set;
|
|
|
|
# Date : WK16.33
|
|
# Purpose: Allow to access ged for gralloc_extra functions
|
|
allow surfaceflinger proc_ged:file {open read write ioctl getattr};
|
|
|
|
# Date : W16.42
|
|
# Operation : Integration
|
|
# Purpose : DRM / DRI GPU driver required
|
|
|
|
allow surfaceflinger gpu_device:dir search;
|
|
|
|
# Date : WK17.12
|
|
# Purpose: Fix bootup fail
|
|
allow surfaceflinger proc_bootprof:file r_file_perms;
|
|
|
|
#============= surfaceflinger ==============
|
|
allow surfaceflinger debugfs_ion:dir search;
|
|
|
|
#============= surfaceflinger ==============
|
|
#allow surfaceflinger debugfs_tracing:file write;
|
|
|
|
#============= surfaceflinger ==============
|
|
#allow surfaceflinger debugfs_tracing:file open;
|
|
|
|
# Date : WK17.30
|
|
# Operation : O Migration
|
|
# Purpose: Allow to access cmdq driver
|
|
allow surfaceflinger mtk_cmdq_device:chr_file { read ioctl open };
|
|
|
|
# Date : W17.39
|
|
# Perform Binder IPC.
|
|
binder_use(surfaceflinger)
|
|
binder_call(surfaceflinger, binderservicedomain)
|
|
binder_call(surfaceflinger, appdomain)
|
|
binder_call(surfaceflinger, mtkbootanimation)
|
|
binder_service(surfaceflinger)
|
|
|
|
allow surfaceflinger mtkbootanimation:dir search;
|
|
allow surfaceflinger mtkbootanimation:file { read getattr open };
|
|
|
|
# Date : W17.43
|
|
# Operation : Migration
|
|
# Purpose: Allow to access perfmgr
|
|
allow surfaceflinger proc_perfmgr:dir {read search};
|
|
allow surfaceflinger proc_perfmgr:file {open read ioctl};
|
|
|
|
# Date : WK17.43
|
|
# Operation : Debug
|
|
# Purpose: Allow to dump HWC backtrace
|
|
get_prop(surfaceflinger, graphics_hwc_pid_prop)
|
|
allow surfaceflinger hal_graphics_composer_default:dir search;
|
|
allow surfaceflinger hal_graphics_composer_default:lnk_file read;
|