edgetpu/file_contexts
Signed-off-by: Hyunki00.koo <hyunki00.koo@samsung.com> Change-Id: I6dfa880a0d4ceb80a54de24e3817b6c880fea7ba
This commit is contained in:
Hyunki00.koo
Ivan Zaitsev
parent
c36c283704
commit
47c4e6c965
7 changed files with 0 additions and 113 deletions
|
|
@ -1,2 +0,0 @@
|
||||||
# EdgeTPU device (DarwiNN)
|
|
||||||
/dev/janeiro u:object_r:edgetpu_device:s0
|
|
||||||
|
|
@ -1,2 +0,0 @@
|
||||||
# EdgeTPU
|
|
||||||
genfscon sysfs /devices/platform/1ce00000.janeiro u:object_r:sysfs_edgetpu:s0
|
|
||||||
|
|
@ -1,3 +0,0 @@
|
||||||
# Allows GCA to find and access the EdgeTPU.
|
|
||||||
allow google_camera_app edgetpu_app_service:service_manager find;
|
|
||||||
allow google_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
|
|
||||||
|
|
@ -1,8 +1,4 @@
|
||||||
# b/209889068
|
# b/209889068
|
||||||
dontaudit google_camera_app edgetpu_app_service:service_manager { find };
|
|
||||||
dontaudit google_camera_app edgetpu_device:chr_file { ioctl };
|
|
||||||
dontaudit google_camera_app edgetpu_device:chr_file { map };
|
|
||||||
dontaudit google_camera_app edgetpu_device:chr_file { read write };
|
|
||||||
dontaudit google_camera_app vendor_default_prop:file { getattr };
|
dontaudit google_camera_app vendor_default_prop:file { getattr };
|
||||||
dontaudit google_camera_app vendor_default_prop:file { map };
|
dontaudit google_camera_app vendor_default_prop:file { map };
|
||||||
dontaudit google_camera_app vendor_default_prop:file { open };
|
dontaudit google_camera_app vendor_default_prop:file { open };
|
||||||
|
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
# b/205073167
|
|
||||||
dontaudit hal_neuralnetworks_armnn default_prop:file { open };
|
|
||||||
dontaudit hal_neuralnetworks_armnn default_prop:file { read };
|
|
||||||
# b/205202540
|
|
||||||
dontaudit hal_neuralnetworks_armnn default_prop:file { getattr };
|
|
||||||
dontaudit hal_neuralnetworks_armnn default_prop:file { map };
|
|
||||||
# b/205779871
|
|
||||||
dontaudit hal_neuralnetworks_armnn system_data_file:dir { search };
|
|
||||||
|
|
@ -1,93 +0,0 @@
|
||||||
type hal_camera_default_tmpfs, file_type;
|
|
||||||
|
|
||||||
allow hal_camera_default self:global_capability_class_set sys_nice;
|
|
||||||
allow hal_camera_default kernel:process setsched;
|
|
||||||
|
|
||||||
binder_use(hal_camera_default);
|
|
||||||
vndbinder_use(hal_camera_default);
|
|
||||||
|
|
||||||
allow hal_camera_default lwis_device:chr_file rw_file_perms;
|
|
||||||
allow hal_camera_default gpu_device:chr_file rw_file_perms;
|
|
||||||
allow hal_camera_default sysfs_chip_id:file r_file_perms;
|
|
||||||
|
|
||||||
# Face authentication code that is part of the camera HAL needs to allocate
|
|
||||||
# dma_bufs and access the Trusted Execution Environment device node
|
|
||||||
allow hal_camera_default dmabuf_system_heap_device:chr_file r_file_perms;
|
|
||||||
allow hal_camera_default tee_device:chr_file rw_file_perms;
|
|
||||||
|
|
||||||
# Allow the camera hal to access the EdgeTPU service and the
|
|
||||||
# Android shared memory allocated by the EdgeTPU service for
|
|
||||||
# on-device compilation.
|
|
||||||
allow hal_camera_default edgetpu_device:chr_file rw_file_perms;
|
|
||||||
allow hal_camera_default sysfs_edgetpu:dir r_dir_perms;
|
|
||||||
allow hal_camera_default sysfs_edgetpu:file r_file_perms;
|
|
||||||
allow hal_camera_default edgetpu_vendor_service:service_manager find;
|
|
||||||
binder_call(hal_camera_default, edgetpu_vendor_server)
|
|
||||||
|
|
||||||
# Allow the camera hal to access the GXP device.
|
|
||||||
allow hal_camera_default gxp_device:chr_file rw_file_perms;
|
|
||||||
|
|
||||||
# Allow access to data files used by the camera HAL
|
|
||||||
allow hal_camera_default mnt_vendor_file:dir search;
|
|
||||||
allow hal_camera_default persist_file:dir search;
|
|
||||||
allow hal_camera_default persist_camera_file:dir rw_dir_perms;
|
|
||||||
allow hal_camera_default persist_camera_file:file create_file_perms;
|
|
||||||
allow hal_camera_default vendor_camera_data_file:dir rw_dir_perms;
|
|
||||||
allow hal_camera_default vendor_camera_data_file:file create_file_perms;
|
|
||||||
|
|
||||||
# Allow creating dump files for debugging in non-release builds
|
|
||||||
userdebug_or_eng(`
|
|
||||||
allow hal_camera_default vendor_camera_data_file:dir create_dir_perms;
|
|
||||||
allow hal_camera_default vendor_camera_data_file:file create_file_perms;
|
|
||||||
')
|
|
||||||
|
|
||||||
# tmpfs is used by google3 prebuilts linked by the HAL to unpack data files
|
|
||||||
# compiled into the shared libraries with cc_embed_data rules
|
|
||||||
tmpfs_domain(hal_camera_default);
|
|
||||||
|
|
||||||
# Allow access to camera-related system properties
|
|
||||||
set_prop(hal_camera_default, vendor_camera_prop);
|
|
||||||
set_prop(hal_camera_default, log_tag_prop);
|
|
||||||
get_prop(hal_camera_default, vendor_camera_debug_prop);
|
|
||||||
userdebug_or_eng(`
|
|
||||||
set_prop(hal_camera_default, vendor_camera_fatp_prop);
|
|
||||||
set_prop(hal_camera_default, vendor_camera_debug_prop);
|
|
||||||
')
|
|
||||||
|
|
||||||
# For camera hal to talk with rlsservice
|
|
||||||
allow hal_camera_default rls_service:service_manager find;
|
|
||||||
binder_call(hal_camera_default, rlsservice)
|
|
||||||
|
|
||||||
hal_client_domain(hal_camera_default, hal_graphics_allocator);
|
|
||||||
hal_client_domain(hal_camera_default, hal_graphics_composer)
|
|
||||||
hal_client_domain(hal_camera_default, hal_power);
|
|
||||||
hal_client_domain(hal_camera_default, hal_thermal);
|
|
||||||
|
|
||||||
# Allow access to sensor service for sensor_listener
|
|
||||||
binder_call(hal_camera_default, system_server);
|
|
||||||
|
|
||||||
# Allow Binder calls to ECO service, needed by Entropy-Aware Filtering
|
|
||||||
allow hal_camera_default eco_service:service_manager find;
|
|
||||||
binder_call(hal_camera_default, mediacodec);
|
|
||||||
binder_call(hal_camera_default, mediacodec_samsung);
|
|
||||||
|
|
||||||
# Allow camera HAL to query preferred camera frequencies from the radio HAL
|
|
||||||
# extensions to avoid interference with cellular antennas.
|
|
||||||
allow hal_camera_default hal_radioext_hwservice:hwservice_manager find;
|
|
||||||
binder_call(hal_camera_default, hal_radioext_default);
|
|
||||||
|
|
||||||
# Allow camera HAL to connect to the stats service.
|
|
||||||
allow hal_camera_default fwk_stats_service:service_manager find;
|
|
||||||
|
|
||||||
# For observing apex file changes
|
|
||||||
allow hal_camera_default apex_info_file:file r_file_perms;
|
|
||||||
|
|
||||||
# Allow camera HAL to query current device clock frequencies.
|
|
||||||
allow hal_camera_default sysfs_devfreq_cur:file r_file_perms;
|
|
||||||
|
|
||||||
# Allow camera HAL to read backlight of display
|
|
||||||
allow hal_camera_default sysfs_leds:dir r_dir_perms;
|
|
||||||
allow hal_camera_default sysfs_leds:file r_file_perms;
|
|
||||||
|
|
||||||
# Allow camera HAL to send trace packets to Perfetto
|
|
||||||
userdebug_or_eng(`perfetto_producer(hal_camera_default)')
|
|
||||||
|
|
@ -5,7 +5,6 @@ r_dir_file(hal_power_stats_default, sysfs_aoc)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_aoc_dumpstate)
|
r_dir_file(hal_power_stats_default, sysfs_aoc_dumpstate)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_acpm_stats)
|
r_dir_file(hal_power_stats_default, sysfs_acpm_stats)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_cpu)
|
r_dir_file(hal_power_stats_default, sysfs_cpu)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_edgetpu)
|
|
||||||
r_dir_file(hal_power_stats_default, sysfs_iio_devices)
|
r_dir_file(hal_power_stats_default, sysfs_iio_devices)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_leds)
|
r_dir_file(hal_power_stats_default, sysfs_leds)
|
||||||
r_dir_file(hal_power_stats_default, sysfs_odpm)
|
r_dir_file(hal_power_stats_default, sysfs_odpm)
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue