Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert^2 "New ArmNN AIDL SELinux permissions and settings"

Browse source 
58c26f2906

Compile ArmNN shim over the support library

This change adds the SELinux permissions for the new
ArmNN AIDL backend based on a shim over the NNAPI
Support Library.

Test: Local run of CtsNNAPITestCases
Test: Local run of VtsHalNeuralnetworksTargetTest
Test: Local run of MLTS Benchmark
Bug: 283724775
Change-Id: I24b69c4f6d65f45ec6935744717b66bed14cb236
This commit is contained in:
Renato Grottesi 2023-07-13 08:40:59 +00:00
parent 58c26f2906
commit 146e77649b
7 changed files with 31 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
edgetpu/sepolicy/hal_neuralnetworks_darwinn.te
View file

@ -7,7 +7,7 @@ init_daemon_domain(hal_neuralnetworks_darwinn)
# The TPU HAL looks for TPU instance in /dev/abrolhos # The TPU HAL looks for TPU instance in /dev/abrolhos
allow hal_neuralnetworks_darwinn edgetpu_device:chr_file rw_file_perms; allow hal_neuralnetworks_darwinn edgetpu_device:chr_file rw_file_perms;
# Allow DawriNN service to use a client-provided fd residing in /vendor/etc/. # Allow DarwiNN service to use a client-provided fd residing in /vendor/etc/.
allow hal_neuralnetworks_darwinn vendor_configs_file:file r_file_perms; allow hal_neuralnetworks_darwinn vendor_configs_file:file r_file_perms;
# Allow DarwiNN service to access data files. # Allow DarwiNN service to access data files.

1
gpu/gpu.mk
View file

@ -1,3 +1,4 @@
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gpu/sepolicy BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gpu/sepolicy
PRODUCT_PACKAGES += gpu_probe PRODUCT_PACKAGES += gpu_probe
PRODUCT_PACKAGES += android.hardware.neuralnetworks-shim-service-armnn

4
gpu/sepolicy/file_contexts
View file

@ -1 +1,3 @@
/vendor/bin/gpu_probe u:object_r:gpu_probe_exec:s0 /vendor/bin/gpu_probe u:object_r:gpu_probe_exec:s0
/vendor/bin/hw/android\.hardware\.neuralnetworks-shim-service-armnn u:object_r:hal_neuralnetworks_armnn_exec:s0

17
gpu/sepolicy/hal_neuralnetworks_armnn.te Normal file
View file

@ -0,0 +1,17 @@
type hal_neuralnetworks_armnn, domain;
hal_server_domain(hal_neuralnetworks_armnn, hal_neuralnetworks)
type hal_neuralnetworks_armnn_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_neuralnetworks_armnn)
add_service(hal_neuralnetworks_armnn, armnn_nnapi_service);
allow hal_neuralnetworks_armnn armnn_app_service:service_manager find;
get_prop(hal_neuralnetworks_armnn, hwservicemanager_prop)
allow isolated_app app_data_file:file setattr;
allow hal_neuralnetworks_armnn fwk_stats_service:service_manager find;
binder_call(hal_neuralnetworks_armnn, system_server);
binder_use(hal_neuralnetworks_armnn)

2
gpu/sepolicy/priv_app.te Normal file
View file

@ -0,0 +1,2 @@
allow priv_app armnn_app_service:service_manager find;
allow priv_app armnn_nnapi_service:service_manager find;

4
gpu/sepolicy/service.te Normal file
View file

@ -0,0 +1,4 @@
type armnn_nnapi_service, app_api_service, service_manager_type, isolated_compute_allowed_service;
type armnn_vendor_service, service_manager_type, hal_service_type;
type armnn_dba_service, app_api_service, service_manager_type, isolated_compute_allowed_service;
type armnn_app_service, service_manager_type;

3
gpu/sepolicy/service_contexts Normal file
View file

@ -0,0 +1,3 @@
com.google.armnn.IArmnnVendorService/default u:object_r:armnn_vendor_service:s0
android.hardware.neuralnetworks.IDevice/google-armnn u:object_r:armnn_nnapi_service:s0
com.google.armnn.IArmnnpAppService/default u:object_r:armnn_app_service:s0