1type hal_graphics_composer_server_tmpfs, file_type; 2attribute hal_graphics_composer_client_tmpfs; 3expandattribute hal_graphics_composer_client_tmpfs true; 4 5# HwBinder IPC from client to server, and callbacks 6binder_call(hal_graphics_composer_client, hal_graphics_composer_server) 7binder_call(hal_graphics_composer_server, hal_graphics_composer_client) 8allow hal_graphics_composer_client hal_graphics_composer_server_tmpfs:file { getattr map read write }; 9allow hal_graphics_composer_server hal_graphics_composer_client_tmpfs:file { getattr map read write }; 10 11hal_attribute_hwservice(hal_graphics_composer, hal_graphics_composer_hwservice) 12 13# Coordinate with hal_graphics_mapper 14allow hal_graphics_composer_server hal_graphics_mapper_hwservice:hwservice_manager find; 15 16# GPU device access 17allow hal_graphics_composer gpu_device:chr_file rw_file_perms; 18allow hal_graphics_composer ion_device:chr_file r_file_perms; 19allow hal_graphics_composer hal_graphics_allocator:fd use; 20 21# Access /dev/graphics/fb0. 22allow hal_graphics_composer graphics_device:dir search; 23allow hal_graphics_composer graphics_device:chr_file rw_file_perms; 24 25# Fences 26allow hal_graphics_composer system_server:fd use; 27allow hal_graphics_composer bootanim:fd use; 28allow hal_graphics_composer appdomain:fd use; 29 30# allow self to set SCHED_FIFO 31allow hal_graphics_composer self:global_capability_class_set sys_nice; 32