Adding devices needed by NVIDIA Tegra Chipset

NVIDIA Tegra comment on why these device are secure

/dev/tegra-throughput accepts a frame rate target
from onscreen EGL applications. The frame rate
target is used in gpu frequency scaling. This feature
applies only when running a single application. While
multiple clients are connected, gpu scaling does not
use the frame rate targets and falls back to load
based scaling instead. Since EGL applications aren’t
required to have any special permissions, this node
must be accessible to all clients. Abusing this
interface would be difficult in that no frame rate
information is available if no client is swapping
buffers, so writing a value would have no effect; at
most a malicious client could cause gpu frequency
scaling to fall back to load based scaling when a
single (legitimate) client is connected. Other than
the file open/ close operation it supports a
single ioctl. The ioctl parameter is cast to an
unsigned integer, and no further data is read. No
buffer overrun is possible.

/dev/nvhost-gpu, /dev/nvhost-as-gpu,
/dev/nvhost-ctrl-gpu are used by all GL applications
for accessing GPU. All GPU contexts are protected
from each other with GMMU (GPU Memory Management Unit)

/dev/nvhost-vic Each program that draws on screen
using acceleration sends the rendering commands to
kernel directly to maximize efficiency. This is why
access to nvhost-vic is required.

/dev/nvhost-dbg-gpu is used by the CUDA driver and
debugger for accessing registers on the GPU, changing
powergating state and getting notified about traps
on the GPU. The interface is secured by maintaining
a whitelist of registers that are allowed to be
accessed from usermode, maintaining a refcount so
that power features are restored once the usermode
process exits, and requiring the usermode process
to bind the graphics channel fd to the interface
via an ioctl.

/dev/nvhost-prof-gpu is also used by the CUDA
profiler for accessing registers on the GPU, changing
powergating state and getting notified about traps
on the GPU. The interface is secured by maintaining
a whitelist of registers that are allowed to be
accessed from usermode, maintaining a refcount so
that power features are restored once the usermode
process exits. This interface makes binding a channel
fd optional. In the absence of a bound channel fd,
userspace cannot access channel-specific contexts.

Confirmed that NVIDIA had thoughtfully reviewed these
interfaces in terms of security concern, and we are
very sure the devices are secure with current design.

Change-Id: If8c4557b9ca0c0fb039ca4c66b9169382f478d49