Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
S
sepolicy
Manage
Activity
Members
Plan
Wiki
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Deploy
Releases
Package Registry
Model registry
Operate
Terraform modules
Analyze
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
CodeLinaro
public-release-test
platform
system
sepolicy
Commits
2ba80ab0
Commit
2ba80ab0
authored
8 years ago
by
Treehugger Robot
Committed by
Gerrit Code Review
8 years ago
Browse files
Options
Downloads
Plain Diff
Merge "Move surfaceflinger policy to private"
parents
432bc0e5
5d30beb1
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
private/surfaceflinger.te
+92
-2
92 additions, 2 deletions
private/surfaceflinger.te
public/surfaceflinger.te
+0
-90
0 additions, 90 deletions
public/surfaceflinger.te
with
92 additions
and
92 deletions
private/surfaceflinger.te
+
92
−
2
View file @
2ba80ab0
# type_transition must be private policy the domain_trans rules could stay
# surfaceflinger - display compositor service
# public, but conceptually should go with this
type surfaceflinger_exec, exec_type, file_type;
init_daemon_domain(surfaceflinger)
init_daemon_domain(surfaceflinger)
typeattribute surfaceflinger mlstrustedsubject;
read_runtime_log_tags(surfaceflinger)
# Perform HwBinder IPC.
hwbinder_use(surfaceflinger)
binder_call(surfaceflinger, hal_graphics_allocator)
binder_call(surfaceflinger, hal_graphics_composer)
binder_call(surfaceflinger, hal_configstore)
# Perform Binder IPC.
binder_use(surfaceflinger)
binder_call(surfaceflinger, binderservicedomain)
binder_call(surfaceflinger, appdomain)
binder_call(surfaceflinger, bootanim)
binder_service(surfaceflinger)
# Binder IPC to bu, presently runs in adbd domain.
binder_call(surfaceflinger, adbd)
# Read /proc/pid files for Binder clients.
r_dir_file(surfaceflinger, binderservicedomain)
r_dir_file(surfaceflinger, appdomain)
# Access the GPU.
allow surfaceflinger gpu_device:chr_file rw_file_perms;
# Access /dev/graphics/fb0.
allow surfaceflinger graphics_device:dir search;
allow surfaceflinger graphics_device:chr_file rw_file_perms;
# Access /dev/video1.
allow surfaceflinger video_device:dir r_dir_perms;
allow surfaceflinger video_device:chr_file rw_file_perms;
# Create and use netlink kobject uevent sockets.
allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, ctl_bootanim_prop)
# Use open files supplied by an app.
allow surfaceflinger appdomain:fd use;
allow surfaceflinger app_data_file:file { read write };
# Allow a dumpstate triggered screenshot
binder_call(surfaceflinger, dumpstate)
binder_call(surfaceflinger, shell)
r_dir_file(surfaceflinger, dumpstate)
# Needed on some devices for playing DRM protected content,
# but seems expected and appropriate for all devices.
allow surfaceflinger tee:unix_stream_socket connectto;
allow surfaceflinger tee_device:chr_file rw_file_perms;
# media.player service
add_service(surfaceflinger, gpu_service)
# do not use add_service() as hal_graphics_composer_default may be the
# provider as well
#add_service(surfaceflinger, surfaceflinger_service)
allow surfaceflinger surfaceflinger_service:service_manager { add find };
allow surfaceflinger mediaserver_service:service_manager find;
allow surfaceflinger permission_service:service_manager find;
allow surfaceflinger power_service:service_manager find;
allow surfaceflinger window_service:service_manager find;
# allow self to set SCHED_FIFO
allow surfaceflinger self:capability sys_nice;
allow surfaceflinger proc_meminfo:file r_file_perms;
r_dir_file(surfaceflinger, cgroup)
r_dir_file(surfaceflinger, sysfs_type)
r_dir_file(surfaceflinger, system_file)
allow surfaceflinger tmpfs:dir r_dir_perms;
allow surfaceflinger system_server:fd use;
allow surfaceflinger ion_device:chr_file r_file_perms;
###
### Neverallow rules
###
### surfaceflinger should NEVER do any of this
# Do not allow accessing SDcard files as unsafe ejection could
# cause the kernel to kill the process.
neverallow surfaceflinger sdcard_type:file rw_file_perms;
This diff is collapsed.
Click to expand it.
public/surfaceflinger.te
+
0
−
90
View file @
2ba80ab0
# surfaceflinger - display compositor service
# surfaceflinger - display compositor service
type surfaceflinger, domain;
type surfaceflinger, domain;
type surfaceflinger_exec, exec_type, file_type;
typeattribute surfaceflinger mlstrustedsubject;
read_runtime_log_tags(surfaceflinger)
# Perform HwBinder IPC.
hwbinder_use(surfaceflinger)
binder_call(surfaceflinger, hal_graphics_allocator)
binder_call(surfaceflinger, hal_graphics_composer)
binder_call(surfaceflinger, hal_configstore)
# Perform Binder IPC.
binder_use(surfaceflinger)
binder_call(surfaceflinger, binderservicedomain)
binder_call(surfaceflinger, appdomain)
binder_call(surfaceflinger, bootanim)
binder_service(surfaceflinger)
# Binder IPC to bu, presently runs in adbd domain.
binder_call(surfaceflinger, adbd)
# Read /proc/pid files for Binder clients.
r_dir_file(surfaceflinger, binderservicedomain)
r_dir_file(surfaceflinger, appdomain)
# Access the GPU.
allow surfaceflinger gpu_device:chr_file rw_file_perms;
# Access /dev/graphics/fb0.
allow surfaceflinger graphics_device:dir search;
allow surfaceflinger graphics_device:chr_file rw_file_perms;
# Access /dev/video1.
allow surfaceflinger video_device:dir r_dir_perms;
allow surfaceflinger video_device:chr_file rw_file_perms;
# Create and use netlink kobject uevent sockets.
allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, ctl_bootanim_prop)
# Use open files supplied by an app.
allow surfaceflinger appdomain:fd use;
allow surfaceflinger app_data_file:file { read write };
# Allow a dumpstate triggered screenshot
binder_call(surfaceflinger, dumpstate)
binder_call(surfaceflinger, shell)
r_dir_file(surfaceflinger, dumpstate)
# Needed on some devices for playing DRM protected content,
# but seems expected and appropriate for all devices.
allow surfaceflinger tee:unix_stream_socket connectto;
allow surfaceflinger tee_device:chr_file rw_file_perms;
# media.player service
add_service(surfaceflinger, gpu_service)
# do not use add_service() as hal_graphics_composer_default may be the
# provider as well
#add_service(surfaceflinger, surfaceflinger_service)
allow surfaceflinger surfaceflinger_service:service_manager { add find };
allow surfaceflinger mediaserver_service:service_manager find;
allow surfaceflinger permission_service:service_manager find;
allow surfaceflinger power_service:service_manager find;
allow surfaceflinger window_service:service_manager find;
# allow self to set SCHED_FIFO
allow surfaceflinger self:capability sys_nice;
allow surfaceflinger proc_meminfo:file r_file_perms;
r_dir_file(surfaceflinger, cgroup)
r_dir_file(surfaceflinger, sysfs_type)
r_dir_file(surfaceflinger, system_file)
allow surfaceflinger tmpfs:dir r_dir_perms;
allow surfaceflinger system_server:fd use;
allow surfaceflinger ion_device:chr_file r_file_perms;
###
### Neverallow rules
###
### surfaceflinger should NEVER do any of this
# Do not allow accessing SDcard files as unsafe ejection could
# cause the kernel to kill the process.
neverallow surfaceflinger sdcard_type:file rw_file_perms;
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
