1# HwBinder IPC from client to server, and callbacks 2binder_call(hal_graphics_composer_client, hal_graphics_composer_server) 3binder_call(hal_graphics_composer_server, hal_graphics_composer_client) 4allow hal_graphics_composer_client hal_graphics_composer_server_tmpfs:file { getattr map read write }; 5allow hal_graphics_composer_server hal_graphics_composer_client_tmpfs:file { getattr map read write }; 6 7hal_attribute_hwservice(hal_graphics_composer, hal_graphics_composer_hwservice) 8 9# Coordinate with hal_graphics_mapper 10allow hal_graphics_composer_server hal_graphics_mapper_hwservice:hwservice_manager find; 11 12# GPU device access 13allow hal_graphics_composer gpu_device:chr_file rw_file_perms; 14allow hal_graphics_composer gpu_device:dir r_dir_perms; 15allow hal_graphics_composer ion_device:chr_file r_file_perms; 16allow hal_graphics_composer dmabuf_system_heap_device:chr_file r_file_perms; 17allow hal_graphics_composer hal_graphics_allocator:fd use; 18 19# Access /dev/graphics/fb0. 20allow hal_graphics_composer graphics_device:dir search; 21allow hal_graphics_composer graphics_device:chr_file rw_file_perms; 22 23# Fences 24allow hal_graphics_composer system_server:fd use; 25allow hal_graphics_composer bootanim:fd use; 26allow hal_graphics_composer appdomain:fd use; 27 28# allow self to set SCHED_FIFO 29allow hal_graphics_composer self:global_capability_class_set sys_nice; 30 31# allow surfaceflinger to use a pipe for dumpsys output 32allow hal_graphics_composer_server hal_graphics_composer_client:fifo_file write; 33 34 35binder_call(hal_graphics_composer_client, servicemanager) 36binder_call(hal_graphics_composer_server, servicemanager) 37 38hal_attribute_service(hal_graphics_composer, hal_graphics_composer_service) 39