From 1fa64096e935dbd73f616a6f956b3cb8a304a1c7 Mon Sep 17 00:00:00 2001 From: feiyuchen Date: Sun, 22 Jan 2023 09:55:25 +0000 Subject: [PATCH] Add android property vendor.edgetpu.tflite_delegate.force_disable_io_coherency because we need it for DarwinnDelegate to forcelly disable the cache coherency feature for debugging purpose. This sys prop should be readable by all Darwinn Delegate clients, but only modifiable by `adb root`. Test: Verified that both camera app and camera HAL can read the flag. See pending CL cl/507001854 and android_flag_permission_test.md Bug: 262420821 Change-Id: I0ae7e02f1d4805956a05afeb92f892cbac6d5213 --- edgetpu/edgetpu.mk | 3 +++ edgetpu/sepolicy/appdomain.te | 2 ++ edgetpu/sepolicy/edgetpu_dba_service.te | 3 +++ edgetpu/sepolicy/hal_camera_default.te | 2 ++ edgetpu/sepolicy/property.te | 3 +++ edgetpu/sepolicy/property_contexts | 2 ++ edgetpu/sepolicy/vendor_init.te | 2 ++ 7 files changed, 17 insertions(+) create mode 100644 edgetpu/sepolicy/appdomain.te create mode 100644 edgetpu/sepolicy/hal_camera_default.te create mode 100644 edgetpu/sepolicy/vendor_init.te diff --git a/edgetpu/edgetpu.mk b/edgetpu/edgetpu.mk index 7b93487..862de56 100644 --- a/edgetpu/edgetpu.mk +++ b/edgetpu/edgetpu.mk @@ -25,3 +25,6 @@ PRODUCT_PACKAGES += com.google.edgetpu.dba-service PRODUCT_PACKAGES += libedgetpu_dba.google BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/edgetpu/sepolicy + +# Tflite Darwinn delegate property +PRODUCT_VENDOR_PROPERTIES += vendor.edgetpu.tflite_delegate.force_disable_io_coherency=1 diff --git a/edgetpu/sepolicy/appdomain.te b/edgetpu/sepolicy/appdomain.te new file mode 100644 index 0000000..37cb1db --- /dev/null +++ b/edgetpu/sepolicy/appdomain.te @@ -0,0 +1,2 @@ +# Allow apps to read tflite Darwinn delegate properties +get_prop(appdomain, vendor_tflite_delegate_prop) diff --git a/edgetpu/sepolicy/edgetpu_dba_service.te b/edgetpu/sepolicy/edgetpu_dba_service.te index 2e8f908..dca4ac4 100644 --- a/edgetpu/sepolicy/edgetpu_dba_service.te +++ b/edgetpu/sepolicy/edgetpu_dba_service.te @@ -36,3 +36,6 @@ allow edgetpu_dba_server proc_version:file r_file_perms; # Allow EdgeTPU DBA service to send trace packets to Perfetto with SELinux enabled # under userdebug builds. userdebug_or_eng(`perfetto_producer(edgetpu_dba_server)') + +# Allow EdgeTPU DBA service to read tflite Darwinn delegate properties +get_prop(edgetpu_dba_server, vendor_tflite_delegate_prop) diff --git a/edgetpu/sepolicy/hal_camera_default.te b/edgetpu/sepolicy/hal_camera_default.te new file mode 100644 index 0000000..a8ea541 --- /dev/null +++ b/edgetpu/sepolicy/hal_camera_default.te @@ -0,0 +1,2 @@ +# Allow camera HAL to read tflite Darwinn delegate properties +get_prop(hal_camera_default, vendor_tflite_delegate_prop) diff --git a/edgetpu/sepolicy/property.te b/edgetpu/sepolicy/property.te index ed93d44..254d059 100644 --- a/edgetpu/sepolicy/property.te +++ b/edgetpu/sepolicy/property.te @@ -2,3 +2,6 @@ # since it lives under /system_ext/. system_public_prop(vendor_edgetpu_service_prop) +# Tflite Darwinn delegate properties are written once by vendor_init, +# and then read by apps, camera hal, and some Darwinn vendor services. +system_vendor_config_prop(vendor_tflite_delegate_prop) diff --git a/edgetpu/sepolicy/property_contexts b/edgetpu/sepolicy/property_contexts index 130cfef..56c2bf6 100644 --- a/edgetpu/sepolicy/property_contexts +++ b/edgetpu/sepolicy/property_contexts @@ -1,3 +1,5 @@ # for EdgeTPU vendor.edgetpu.service. u:object_r:vendor_edgetpu_service_prop:s0 +# for DarwinnDelegate +vendor.edgetpu.tflite_delegate. u:object_r:vendor_tflite_delegate_prop:s0 diff --git a/edgetpu/sepolicy/vendor_init.te b/edgetpu/sepolicy/vendor_init.te new file mode 100644 index 0000000..c9506f0 --- /dev/null +++ b/edgetpu/sepolicy/vendor_init.te @@ -0,0 +1,2 @@ +# Allow vendor_init to set tflite Darwinn delegate properties +set_prop(vendor_init, vendor_tflite_delegate_prop)