• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Binder access (for display.qservice)
2vndbinder_use(hal_graphics_composer_default)
3allow hal_graphics_composer_default qdisplay_service:service_manager { add find };
4
5allow hal_graphics_composer_default sysfs_camera:dir search;
6allow hal_graphics_composer_default sysfs_camera:file r_file_perms;
7allow hal_graphics_composer_default sysfs_msm_subsys:dir search;
8allow hal_graphics_composer_default sysfs_msm_subsys:file r_file_perms;
9allow hal_graphics_composer_default sysfs_mdss_mdp_caps:file r_file_perms;
10allow hal_graphics_composer_default persist_file:dir search;
11
12userdebug_or_eng(`
13  allow hal_graphics_composer_default diag_device:chr_file rw_file_perms;
14')
15
16# Allow dir search in '/mnt/vendor'
17allow hal_graphics_composer_default mnt_vendor_file:dir search;
18allow hal_graphics_composer_default mnt_vendor_file:file r_file_perms;
19
20# Allow dir search in '/mnt/vendor/persist/display(/.*)?'
21allow hal_graphics_composer_default persist_display_file:dir r_dir_perms;
22allow hal_graphics_composer_default persist_display_file:file r_file_perms;
23
24# Allow dir search in '/oem'
25allow hal_graphics_composer_default oemfs:dir r_dir_perms;
26
27allow hal_graphics_composer_default hal_graphics_mapper_hwservice:hwservice_manager find;
28
29hal_client_domain(hal_graphics_composer_default, hal_graphics_allocator)
30
31r_dir_file(hal_graphics_composer_default, sysfs_leds)
32
33allow hal_graphics_composer_default video_device:chr_file rw_file_perms;
34
35# HWC_UeventThread
36allow hal_graphics_composer_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
37
38# Access /sys/devices/virtual/graphics/fb0
39r_dir_file(hal_graphics_composer_default, sysfs_type)
40
41allow hal_graphics_composer_default display_vendor_data_file:dir create_dir_perms;
42allow hal_graphics_composer_default display_vendor_data_file:file create_file_perms;
43
44# Rule for pps socket usage
45unix_socket_connect(hal_graphics_composer_default, pps, mm-pp-daemon)
46
47# allow composer to register display config
48add_hwservice(hal_graphics_composer_default, hal_display_config_hwservice);
49
50userdebug_or_eng(`
51        allow hal_graphics_composer_default debugfs_mdp:dir r_dir_perms;
52        allow hal_graphics_composer_default debugfs_mdp:file r_file_perms;
53')
54
55dontaudit hal_graphics_composer_default kernel:system module_request;
56
57dontaudit hal_graphics_composer_default vendor_display_prop:file r_file_perms;
58
59#allow composer access hal_light
60hal_client_domain(hal_graphics_composer_default, hal_light);
61allow hal_graphics_composer_default hal_light_hwservice:hwservice_manager find;
62