1# Binder access (for display.qservice) 2vndbinder_use(hal_graphics_composer_default) 3allow hal_graphics_composer_default qdisplay_service:service_manager { add find }; 4 5allow hal_graphics_composer_default persist_display_file:dir search; 6allow hal_graphics_composer_default persist_display_file:file r_file_perms; 7 8allow hal_graphics_composer_default sysfs_camera:dir search; 9allow hal_graphics_composer_default sysfs_camera:file r_file_perms; 10allow hal_graphics_composer_default sysfs_msm_subsys:dir search; 11allow hal_graphics_composer_default sysfs_msm_subsys:file r_file_perms; 12allow hal_graphics_composer_default sysfs_mdss_mdp_caps:file r_file_perms; 13allow hal_graphics_composer_default persist_file:dir search; 14 15allow hal_graphics_composer_default hal_graphics_mapper_hwservice:hwservice_manager find; 16 17r_dir_file(hal_graphics_composer_default, sysfs_leds) 18 19# TODO(b/37666508): Remove the following line upon resolution of the bug 20allow hal_graphics_composer_default video_device:chr_file rw_file_perms; 21 22# HWC_UeventThread 23allow hal_graphics_composer_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 24 25# Access /sys/devices/virtual/graphics/fb0 26r_dir_file(hal_graphics_composer_default, sysfs_type) 27 28allow hal_graphics_composer_default display_vendor_data_file:dir create_dir_perms; 29allow hal_graphics_composer_default display_vendor_data_file:file create_file_perms; 30 31userdebug_or_eng(` 32 allow hal_graphics_composer_default debugfs_mdp:dir r_dir_perms; 33 allow hal_graphics_composer_default debugfs_mdp:file r_file_perms; 34 allow hal_graphics_composer_default diag_device:chr_file rw_file_perms; 35') 36dontaudit hal_graphics_composer_default diag_device:chr_file rw_file_perms; 37 38dontaudit hal_graphics_composer_default kernel:system module_request; 39