ff0f79c195
Also allow adb shell dumpsys gpu to not return error. Bug: 120095213 Test: flash non-eng build and adb shell cmd gpu vkjson Change-Id: Ia4a50a475ce76ec35e082dd52d4a6c80dde7f571
34 lines
1 KiB
Text
34 lines
1 KiB
Text
# gpu service
|
|
type gpuservice, domain, coredomain;
|
|
type gpuservice_exec, system_file_type, exec_type, file_type;
|
|
|
|
init_daemon_domain(gpuservice)
|
|
|
|
binder_call(gpuservice, adbd)
|
|
binder_call(gpuservice, shell)
|
|
binder_use(gpuservice)
|
|
|
|
# Access the GPU.
|
|
allow gpuservice gpu_device:chr_file rw_file_perms;
|
|
|
|
# GPU service will need to load GPU driver, for example Vulkan driver in order
|
|
# to get the capability of the driver.
|
|
allow gpuservice same_process_hal_file:file { open read getattr execute map };
|
|
allow gpuservice ion_device:chr_file r_file_perms;
|
|
get_prop(gpuservice, hwservicemanager_prop)
|
|
hwbinder_use(gpuservice)
|
|
|
|
# Access /dev/graphics/fb0.
|
|
allow gpuservice graphics_device:dir search;
|
|
allow gpuservice graphics_device:chr_file rw_file_perms;
|
|
|
|
# Needed for dumpsys pipes.
|
|
allow gpuservice shell:fifo_file write;
|
|
|
|
# Use socket supplied by adbd, for cmd gpu vkjson etc.
|
|
allow gpuservice adbd:unix_stream_socket { read write getattr };
|
|
|
|
add_service(gpuservice, gpu_service)
|
|
|
|
# Only uncomment below line when in development
|
|
# userdebug_or_eng(`permissive gpuservice;')
|