• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Binder access (for display.qservice)
2vndbinder_use(hal_graphics_composer_default)
3allow hal_graphics_composer_default qdisplay_service:service_manager { add find };
4
5allow hal_graphics_composer_default sysfs_camera:dir search;
6allow hal_graphics_composer_default sysfs_camera:file r_file_perms;
7allow hal_graphics_composer_default sysfs_msm_subsys:dir search;
8allow hal_graphics_composer_default sysfs_msm_subsys:file r_file_perms;
9allow hal_graphics_composer_default sysfs_mdss_mdp_caps:file r_file_perms;
10allow hal_graphics_composer_default mnt_vendor_file:dir search;
11allow hal_graphics_composer_default persist_file:dir search;
12
13userdebug_or_eng(`
14  allow hal_graphics_composer_default diag_device:chr_file rw_file_perms;
15')
16
17# Allow dir search in '/mnt/vendor'
18allow hal_graphics_composer_default mnt_vendor_file:dir search;
19allow hal_graphics_composer_default mnt_vendor_file:file r_file_perms;
20
21# Allow dir search in '/mnt/vendor/persist/display(/.*)?'
22allow hal_graphics_composer_default persist_display_file:dir r_dir_perms;
23allow hal_graphics_composer_default persist_display_file:file r_file_perms;
24
25# Allow dir search in '/oem'
26allow hal_graphics_composer_default oemfs:dir r_dir_perms;
27
28allow hal_graphics_composer_default hal_graphics_mapper_hwservice:hwservice_manager find;
29
30hal_client_domain(hal_graphics_composer_default, hal_graphics_allocator)
31
32r_dir_file(hal_graphics_composer_default, sysfs_leds)
33
34allow hal_graphics_composer_default video_device:chr_file rw_file_perms;
35
36# HWC_UeventThread
37allow hal_graphics_composer_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
38
39# Access /sys/devices/virtual/graphics/fb0
40r_dir_file(hal_graphics_composer_default, sysfs_type)
41
42allow hal_graphics_composer_default display_vendor_data_file:dir create_dir_perms;
43allow hal_graphics_composer_default display_vendor_data_file:file create_file_perms;
44
45# Rule for pps socket usage
46unix_socket_connect(hal_graphics_composer_default, pps, mm-pp-daemon)
47
48# allow composer to register display config
49add_hwservice(hal_graphics_composer_default, hal_display_config_hwservice);
50
51#allow composer access hal_light
52hal_client_domain(hal_graphics_composer_default, hal_light);
53allow hal_graphics_composer_default hal_light_hwservice:hwservice_manager find;
54
55userdebug_or_eng(`
56        allow hal_graphics_composer_default debugfs_mdp:dir r_dir_perms;
57        allow hal_graphics_composer_default debugfs_mdp:file r_file_perms;
58')
59
60dontaudit hal_graphics_composer_default kernel:system module_request;
61
62dontaudit hal_graphics_composer_default vendor_display_prop:file r_file_perms;
63