tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/vendor
History
Jason Macnak a93398051c Adds GPU sepolicy to support devices with DRM gralloc/rendering 
... such as Cuttlefish (Cloud Android virtual device) which has a
DRM virtio-gpu based gralloc and (sometimes) DRM virtio-gpu based
rendering (when forwarding rendering commands to the host machine
with Mesa3D in the guest and virglrenderer on the host).

After this change is submitted, changes such as aosp/1997572 can
be submitted to removed sepolicy that is currently duplicated
across device/google/cuttlefish and device/linaro/dragonboard as
well.

Adds a sysfs_gpu type (existing replicated sysfs_gpu definitions
across several devices are removed in the attached topic). The
uses of `sysfs_gpu:file` comes from Mesa using libdrm's
`drmGetDevices2()` which calls into `drmParsePciDeviceInfo()` to
get vendor id, device id, version etc.

Bug: b/161819018
Test: launch_cvd
Test: launch_cvd --gpu_mode=gfxstream
Change-Id: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
Merged-In: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
2022-04-18 17:30:56 -07:00
..
file.te sepolicy(hostapd): Add a HIDL interface for hostapd 2018-05-04 21:36:24 +00:00
file_contexts Add AIDL audio HAL service to SEPolicy 2022-03-24 01:39:29 +00:00
hal_atrace_default.te Add atrace HAL 1.0 sepolicy 2018-09-27 23:18:29 +00:00
hal_audio_default.te hal_audio_default: allow audioserver fd for status dump 2018-09-14 13:50:44 -07:00
hal_audiocontrol_default.te Move automotive HALs sepolicy to system/ 2018-05-04 21:36:48 +00:00
hal_authsecret_default.te authsecret HAL policies. 2018-02-05 11:19:46 +00:00
hal_bluetooth_btlinux.te btlinux: Move HAL definitions from system/bt 2018-06-27 23:56:31 +00:00
hal_bluetooth_default.te
hal_bootctl_default.te Add rules for calling ReadDefaultFstab() 2021-03-29 15:23:29 +08:00
hal_broadcastradio_default.te
hal_camera_default.te Adds GPU sepolicy to support devices with DRM gralloc/rendering 2022-04-18 17:30:56 -07:00
hal_can_socketcan.te Enable CAN HAL to scan /sys/devices for USB CAN 2020-03-17 12:10:07 -07:00
hal_cas_default.te Use hidl memory from allocator in CAS 2018-12-17 22:49:18 +00:00
hal_configstore_default.te
hal_confirmationui_default.te Added default policy for Confirmation UI HAL 2018-01-24 10:22:40 -08:00
hal_contexthub_default.te
hal_dice_default.te Dice HAL: Add policy for dice HAL. 2021-11-17 13:36:18 -08:00
hal_drm_clearkey.te Add sepolicy for DRM AIDL HAL 2022-01-27 01:51:05 -08:00
hal_drm_default.te Allow drm hals to access allocator hal 2020-04-13 20:01:06 +00:00
hal_dumpstate_default.te
hal_evs_default.te Allow EVS HAL to use cardisplayproxyd 2022-03-23 12:35:28 +00:00
hal_face_default.te Added placeholder SELinux policy for the biometric face HAL. 2018-12-28 12:23:56 -08:00
hal_fingerprint_default.te
hal_gatekeeper_default.te
hal_gnss_default.te Add gnss_device dev_type 2020-03-17 20:25:51 +00:00
hal_graphics_allocator_default.te Properly Treble-ize tmpfs access 2019-01-26 17:30:41 +00:00
hal_graphics_composer_default.te Initial selinux policy support for memfd 2019-01-30 19:11:49 +00:00
hal_health_default.te Add sepolicies to allow hal_health_default to load BPFs. 2022-03-21 12:54:49 -07:00
hal_health_storage_default.te health.filesystem HAL renamed to health.storage 2018-09-20 04:12:45 +00:00
hal_identity_default.te Revert^2 "Allow default identity service to call keymint" 2022-01-25 23:04:37 +00:00
hal_input_classifier_default.te Permissions for InputClassifier HAL 2019-01-11 02:08:19 +00:00
hal_input_processor_default.te Add sepolicy for IInputProcessor HAL 2022-01-20 23:40:05 +00:00
hal_ir_default.te
hal_keymaster_default.te Adding ability for hal keymaster to read vendor SPL 2018-05-11 16:51:58 +00:00
hal_keymint_default.te The SE Policies to incorporate ISecureClock and ISharedSecret services along with IKeyMintDevice service into default keymint HAL Server. 2021-02-10 18:45:07 +00:00
hal_light_default.te
hal_lowpan_default.te
hal_memtrack_default.te
hal_nfc_default.te
hal_oemlock_default.te Add sepolicy for oemlock aidl HAL 2021-01-11 05:57:17 +00:00
hal_power_default.te
hal_power_stats_default.te Add power.stats HAL 1.0 sepolicy 2018-12-11 00:11:08 +00:00
hal_radio_config_default.te Add sepolicy for radio.config 2018-01-24 12:13:10 -08:00
hal_radio_default.te Add sepolicy for radio sap 1.2 2018-04-16 12:00:11 -07:00
hal_rebootescrow_default.te rebootescrow: allow use of block file 2020-01-27 12:28:44 -08:00
hal_secure_element_default.te Add secure_element_device 2018-03-07 13:54:21 -08:00
hal_sensors_default.te Add missing permission for accessing the DMA-BUF system heap 2021-03-03 14:22:48 -08:00
hal_tetheroffload_default.te
hal_thermal_default.te
hal_tv_cec_default.te
hal_tv_input_default.te
hal_tv_tuner_default.te Allow tuner default implementation to access /dev/dma_heap/system 2021-03-02 15:21:45 -08:00
hal_usb_default.te
hal_usb_gadget_default.te Add sepolicy for usb gadget hal v1.1 2020-01-15 16:44:39 +08:00
hal_uwb_default.te sepolicy: Add UWB HAL interface in AOSP 2021-08-24 20:10:21 -07:00
hal_vehicle_default.te Add hal_vehicle_service for AIDL VHAL service. 2021-12-07 22:23:50 -08:00
hal_vibrator_default.te
hal_vr_default.te
hal_weaver_default.te Add sepolicy for weaver aidl HAL service 2021-01-22 06:34:41 +00:00
hal_wifi_default.te
hal_wifi_hostapd_default.te sepolicy(hostapd): Add a HIDL interface for hostapd 2018-05-04 21:36:24 +00:00
hal_wifi_supplicant_default.te Allow wpa_supplicant to access Netlink Interceptor 2022-03-24 16:49:30 -07:00
keys.conf Copying platform seinfo into vendor partition 2020-06-04 17:27:15 +08:00
mac_permissions.xml Copying platform seinfo into vendor partition 2020-06-04 17:27:15 +08:00
mediacodec.te Adds GPU sepolicy to support devices with DRM gralloc/rendering 2022-04-18 17:30:56 -07:00
rild.te Revert "Revert "Move rild from public to vendor."" 2018-03-12 13:13:39 -07:00
tee.te Fix fingerprint failing to start on GSI images 2022-04-11 22:44:54 -07:00
vendor_install_recovery.te Moving recovery resources from /system to /vendor 2019-10-04 14:40:27 -07:00
vendor_misc_writer.te Add vendor_misc_writer. 2019-05-21 07:06:31 -07:00
vendor_modprobe.te Revert "Revert "Exclude vendor_modprobe from debugfs neverallow restrictions"" 2021-05-04 22:07:08 -07:00
vndservice_contexts Allow vndservicemanager to self-register. 2020-03-06 16:35:52 -08:00
vndservicemanager.te Allow vndservicemanager to self-register. 2020-03-06 16:35:52 -08:00