blob: 86e46182c4a0752e63a8eef069f553916aae64c8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
allow surfaceflinger sysfs_graphics:file rw_file_perms;
# Allow reading/writing to 'persist/display/*'
allow surfaceflinger persist_display_file:dir rw_dir_perms;
allow surfaceflinger persist_display_file:file create_file_perms;
# Allow only directory search to '/persist'
allow surfaceflinger persist_file:dir search;
# Use open file provided by poweroffhandler
binder_call(surfaceflinger, poweroffhandler);
binder_call(surfaceflinger, location)
binder_call(surfaceflinger, tee)
hal_client_domain(surfaceflinger, hal_display_config)
# access to /data/misc/display for dumping input frames
allow surfaceflinger display_misc_file:dir create_dir_perms;
allow surfaceflinger display_misc_file:file create_file_perms;
# Allows access to dpps daemon in calibration mode
#unix_socket_connect(surfaceflinger, pps, mm-pp-daemon)
r_dir_file(surfaceflinger, firmware_file)
#Allow access to fastmmi
binder_call(surfaceflinger, mmi)
#Allow access to cameraserver service
allow surfaceflinger cameraserver_service:service_manager find;
#Allow access to binder callback's to camera hal
binder_call(surfaceflinger, hal_camera_default)
#diag
userdebug_or_eng(`
diag_use(surfaceflinger)
')
allow surfaceflinger {
debug_gralloc_prop
sdm_idle_time_prop
sf_lcd_density_prop
}:file r_file_perms;
#set qemu.gles prop
set_prop(surfaceflinger, qemu_gles_prop)
|
