1*e4a36f41SAndroid Build Coastguard Worker# gpuservice - server for gpu stats and other gpu related services 2*e4a36f41SAndroid Build Coastguard Workertypeattribute gpuservice coredomain; 3*e4a36f41SAndroid Build Coastguard Workertype gpuservice_exec, system_file_type, exec_type, file_type; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Workerinit_daemon_domain(gpuservice) 6*e4a36f41SAndroid Build Coastguard Worker 7*e4a36f41SAndroid Build Coastguard Workerbinder_call(gpuservice, adbd) 8*e4a36f41SAndroid Build Coastguard Workerbinder_call(gpuservice, shell) 9*e4a36f41SAndroid Build Coastguard Workerbinder_call(gpuservice, system_server) 10*e4a36f41SAndroid Build Coastguard Workerbinder_use(gpuservice) 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# Access the GPU. 13*e4a36f41SAndroid Build Coastguard Workerallow gpuservice gpu_device:chr_file rw_file_perms; 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker# GPU service will need to load GPU driver, for example Vulkan driver in order 16*e4a36f41SAndroid Build Coastguard Worker# to get the capability of the driver. 17*e4a36f41SAndroid Build Coastguard Workerallow gpuservice same_process_hal_file:file { open read getattr execute map }; 18*e4a36f41SAndroid Build Coastguard Workerallow gpuservice ion_device:chr_file r_file_perms; 19*e4a36f41SAndroid Build Coastguard Workerget_prop(gpuservice, hwservicemanager_prop) 20*e4a36f41SAndroid Build Coastguard Workerhwbinder_use(gpuservice) 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# Access /dev/graphics/fb0. 23*e4a36f41SAndroid Build Coastguard Workerallow gpuservice graphics_device:dir search; 24*e4a36f41SAndroid Build Coastguard Workerallow gpuservice graphics_device:chr_file rw_file_perms; 25*e4a36f41SAndroid Build Coastguard Worker 26*e4a36f41SAndroid Build Coastguard Worker# Needed for dumpsys pipes. 27*e4a36f41SAndroid Build Coastguard Workerallow gpuservice shell:fifo_file write; 28*e4a36f41SAndroid Build Coastguard Worker 29*e4a36f41SAndroid Build Coastguard Worker# Needed for perfetto producer. 30*e4a36f41SAndroid Build Coastguard Workerperfetto_producer(gpuservice) 31*e4a36f41SAndroid Build Coastguard Worker 32*e4a36f41SAndroid Build Coastguard Worker# Use socket supplied by adbd, for cmd gpu vkjson etc. 33*e4a36f41SAndroid Build Coastguard Workerallow gpuservice adbd:unix_stream_socket { read write getattr }; 34*e4a36f41SAndroid Build Coastguard Worker 35*e4a36f41SAndroid Build Coastguard Worker# Needed for interactive shell 36*e4a36f41SAndroid Build Coastguard Workerallow gpuservice devpts:chr_file { read write getattr }; 37*e4a36f41SAndroid Build Coastguard Worker 38*e4a36f41SAndroid Build Coastguard Worker# Needed for dumpstate to dumpsys gpu. 39*e4a36f41SAndroid Build Coastguard Workerallow gpuservice dumpstate:fd use; 40*e4a36f41SAndroid Build Coastguard Workerallow gpuservice dumpstate:fifo_file write; 41*e4a36f41SAndroid Build Coastguard Worker 42*e4a36f41SAndroid Build Coastguard Worker# Needed for stats callback registration to statsd. 43*e4a36f41SAndroid Build Coastguard Workerallow gpuservice stats_service:service_manager find; 44*e4a36f41SAndroid Build Coastguard Workerallow gpuservice statsmanager_service:service_manager find; 45*e4a36f41SAndroid Build Coastguard Worker# TODO(b/146461633): remove this once native pullers talk to StatsManagerService 46*e4a36f41SAndroid Build Coastguard Workerbinder_call(gpuservice, statsd); 47*e4a36f41SAndroid Build Coastguard Worker 48*e4a36f41SAndroid Build Coastguard Worker# Needed for reading tracepoint ids in order to attach bpf programs. 49*e4a36f41SAndroid Build Coastguard Workerallow gpuservice debugfs_tracing:file r_file_perms; 50*e4a36f41SAndroid Build Coastguard Workerallow gpuservice self:perf_event { cpu kernel open write }; 51*e4a36f41SAndroid Build Coastguard Workerneverallow gpuservice self:perf_event ~{ cpu kernel open write }; 52*e4a36f41SAndroid Build Coastguard Worker 53*e4a36f41SAndroid Build Coastguard Worker# Needed for interact with bpf fs. 54*e4a36f41SAndroid Build Coastguard Workerallow gpuservice fs_bpf:dir search; 55*e4a36f41SAndroid Build Coastguard Workerallow gpuservice fs_bpf:file read; 56*e4a36f41SAndroid Build Coastguard Worker 57*e4a36f41SAndroid Build Coastguard Worker# Needed for enable the bpf program and read the map. 58*e4a36f41SAndroid Build Coastguard Workerallow gpuservice bpfloader:bpf { map_read prog_run }; 59*e4a36f41SAndroid Build Coastguard Worker 60*e4a36f41SAndroid Build Coastguard Worker# Needed for getting a prop to ensure bpf programs loaded. 61*e4a36f41SAndroid Build Coastguard Workerget_prop(gpuservice, bpf_progs_loaded_prop) 62*e4a36f41SAndroid Build Coastguard Worker 63*e4a36f41SAndroid Build Coastguard Workeradd_service(gpuservice, gpu_service) 64*e4a36f41SAndroid Build Coastguard Worker 65*e4a36f41SAndroid Build Coastguard Worker# Only uncomment below line when in development 66*e4a36f41SAndroid Build Coastguard Worker# userdebug_or_eng(`permissive gpuservice;') 67