8c3b2b9643
* Update se policy prebuilts Test: build + boot bug:150281259 Change-Id: I0a0e94bc230f7726e7a9dd84b17c3a90e5601120
25 lines
868 B
Text
25 lines
868 B
Text
# bufferhubd
|
|
type bufferhubd, domain, mlstrustedsubject;
|
|
type bufferhubd_exec, system_file_type, exec_type, file_type;
|
|
|
|
hal_client_domain(bufferhubd, hal_graphics_allocator)
|
|
|
|
# TODO(b/112338294): remove these after migrate to Binder
|
|
pdx_server(bufferhubd, bufferhub_client)
|
|
pdx_client(bufferhubd, performance_client)
|
|
|
|
# Access the GPU.
|
|
allow bufferhubd gpu_device:chr_file rw_file_perms;
|
|
|
|
# Access /dev/ion
|
|
allow bufferhubd ion_device:chr_file r_file_perms;
|
|
|
|
# Receive sync fence FDs from hal_omx_server. Note that hal_omx_server never directly
|
|
# connects to bufferhubd via PDX. Instead, a VR app acts as a bridge between
|
|
# those two: it talks to hal_omx_server via Binder and talks to bufferhubd via PDX.
|
|
# Thus, there is no need to use pdx_client macro.
|
|
allow bufferhubd hal_omx_server:fd use;
|
|
|
|
# Codec2 is similar to OMX
|
|
allow bufferhubd hal_codec2_server:fd use;
|
|
|