• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# EdgeTPU app server process which runs the EdgeTPU binder service.
2type edgetpu_app_server, coredomain, domain;
3type edgetpu_app_server_exec, exec_type, system_file_type, file_type;
4init_daemon_domain(edgetpu_app_server)
5
6# The server will use binder calls.
7binder_use(edgetpu_app_server);
8
9# The server will serve a binder service.
10binder_service(edgetpu_app_server);
11
12# EdgeTPU server to register the service to service_manager.
13add_service(edgetpu_app_server, edgetpu_app_service);
14
15# EdgeTPU service needs to access /dev/abrolhos.
16allow edgetpu_app_server edgetpu_device:chr_file rw_file_perms;
17allow edgetpu_app_server sysfs_edgetpu:dir r_dir_perms;
18allow edgetpu_app_server sysfs_edgetpu:file rw_file_perms;
19
20# Applications are not allowed to open the EdgeTPU device directly.
21neverallow appdomain edgetpu_device:chr_file { open };
22
23# Allow EdgeTPU service to access the Package Manager service.
24allow edgetpu_app_server package_native_service:service_manager find;
25binder_call(edgetpu_app_server, system_server);
26
27# Allow EdgeTPU service to read EdgeTPU service related system properties.
28get_prop(edgetpu_app_server, vendor_edgetpu_service_prop);
29
30# Allow EdgeTPU service to generate Perfetto traces.
31perfetto_producer(edgetpu_app_server);
32
33# Allow EdgeTPU service to connect to the EdgeTPU vendor version of the service.
34allow edgetpu_app_server edgetpu_vendor_service:service_manager find;
35binder_call(edgetpu_app_server, edgetpu_vendor_server);
36
37# Allow EdgeTPU service to log to stats service. (metrics)
38allow edgetpu_app_server fwk_stats_service:service_manager find;
39