7ad3357d31
[Detail] SurfaceFlinger need to add sepolicy to do ioctl with ged node [Solution] Add SurfaceFlinger sepolicy MTK-Commit-Id: 8f848c40c9443a959fe564875aa5046458219ae5 Change-Id: Id88cd8d31f66bbdcb7df6e48127e789d341772ac CR-Id: ALPS04384473 Feature: [Module]SurfaceFlinger/HWComposer
78 lines
2.2 KiB
Plaintext
78 lines
2.2 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ============
|
|
|
|
# Data : WK14.42
|
|
# Operation : Migration
|
|
# Purpose : Video playback
|
|
allow surfaceflinger sw_sync_device:chr_file { rw_file_perms };
|
|
allow surfaceflinger debug_prop:property_service set;
|
|
|
|
# Date : WK16.33
|
|
# Purpose: Allow to access ged for gralloc_extra functions
|
|
allow surfaceflinger proc_ged:file {open read write ioctl getattr};
|
|
|
|
# Date : W16.42
|
|
# Operation : Integration
|
|
# Purpose : DRM / DRI GPU driver required
|
|
|
|
allow surfaceflinger gpu_device:dir search;
|
|
|
|
# Date : WK17.12
|
|
# Purpose: Fix bootup fail
|
|
allow surfaceflinger proc_bootprof:file r_file_perms;
|
|
|
|
#============= surfaceflinger ==============
|
|
allow surfaceflinger debugfs_ion:dir search;
|
|
|
|
# Date : WK17.30
|
|
# Operation : O Migration
|
|
# Purpose: Allow to access cmdq driver
|
|
allow surfaceflinger mtk_cmdq_device:chr_file { read ioctl open };
|
|
|
|
# Date : W17.39
|
|
# Perform Binder IPC.
|
|
binder_use(surfaceflinger)
|
|
binder_call(surfaceflinger, binderservicedomain)
|
|
binder_call(surfaceflinger, appdomain)
|
|
binder_call(surfaceflinger, mtkbootanimation)
|
|
binder_service(surfaceflinger)
|
|
|
|
allow surfaceflinger mtkbootanimation:dir search;
|
|
allow surfaceflinger mtkbootanimation:file { read getattr open };
|
|
|
|
# Date : W17.43
|
|
# Operation : Migration
|
|
# Purpose: Allow to access perfmgr
|
|
allow surfaceflinger proc_perfmgr:dir {read search};
|
|
allow surfaceflinger proc_perfmgr:file {open read ioctl};
|
|
allowxperm surfaceflinger proc_perfmgr:file ioctl {
|
|
FPSGO_QUEUE
|
|
FPSGO_DEQUEUE
|
|
FPSGO_QUEUE_CONNECT
|
|
FPSGO_BQID
|
|
FPSGO_VSYNC
|
|
};
|
|
|
|
# Date : WK17.43
|
|
# Operation : Debug
|
|
# Purpose: Allow to dump HWC backtrace
|
|
get_prop(surfaceflinger, graphics_hwc_pid_prop)
|
|
get_prop(surfaceflinger, graphics_hwc_latch_unsignaled_prop)
|
|
allow surfaceflinger hal_graphics_composer_default:dir search;
|
|
allow surfaceflinger hal_graphics_composer_default:lnk_file read;
|
|
|
|
# Date : WK18.36
|
|
# Operation : Debug
|
|
# Purpose: Allow to dump buffer queue
|
|
get_prop(surfaceflinger, debug_bq_dump_prop)
|
|
|
|
allowxperm surfaceflinger proc_perfmgr:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_BOOST_GPU_FREQ GED_BRIDGE_IO_QUERY_INFO};
|
|
allowxperm surfaceflinger proc_ged:file ioctl {
|
|
GED_BRIDGE_IO_LOG_BUF_GET
|
|
GED_BRIDGE_IO_BOOST_GPU_FREQ
|
|
GED_BRIDGE_IO_QUERY_INFO
|
|
GED_BRIDGE_IO_GE_GET
|
|
GED_BRIDGE_IO_LOG_BUF_WRITE
|
|
};
|