commit 702797d6e8df725258a20b6fcbbf3e94f1e89ce7
author Sandeep Bandaru <sandeepbandaru@google.com> Fri Sep 20 14:55:25 2024 +0000
committer Sandeep Bandaru <sandeepbandaru@google.com> Fri Sep 20 14:55:25 2024 +0000
tree 9a77796b08f9bf596f71c25690b36d15627b6717
parent c9bfd8c6da70ea49f72956c69b4bdd1a361f7c73

Add gpu_device access to isolated_compute_app

Currently all apps except `isolated_app_all` already have this access. Since `isolated_compute_app` is a special case of `isolated_app` with relaxed security restrictions to allow hardware acceleration use cases - it is safe to extend the same access as rest of the apps(system/sepolicy/private/app.te;l=389-394), to `isolated_compute_app`.

Test: tested with latest build, gpu inference works without any permission denials.
Bug: 368056520
Change-Id: I5b512cff0d2e68efc03fdc626970b29546ed9f7b

private/isolated_app_all.te

diff --git a/private/isolated_app_all.te b/private/isolated_app_all.te
index 12b1794..43f1ac6 100644
--- a/private/isolated_app_all.te
+++ b/private/isolated_app_all.te
@@ -70,7 +70,7 @@
 }:service_manager find;
 
 # Isolated apps shouldn't be able to access the driver directly.
-neverallow isolated_app_all gpu_device:chr_file { rw_file_perms execute };
+neverallow { isolated_app_all -isolated_compute_app } gpu_device:chr_file { rw_file_perms execute };
 
 # Do not allow isolated_apps access to /cache
 neverallow isolated_app_all cache_file:dir ~{ r_dir_perms };

private/isolated_compute_app.te

diff --git a/private/isolated_compute_app.te b/private/isolated_compute_app.te
index 5d4070d..f34850e 100644
--- a/private/isolated_compute_app.te
+++ b/private/isolated_compute_app.te
@@ -32,6 +32,12 @@
 # Allow access to the toybox: b/275024392
 allow isolated_compute_app toolbox_exec:file rx_file_perms;
 
+# Grant GPU access to isolated_compute_app as it is required for acceleration.
+allow isolated_compute_app gpu_device:chr_file rw_file_perms;
+allow isolated_compute_app gpu_device:dir r_dir_perms;
+allow isolated_compute_app sysfs_gpu:file r_file_perms;
+
+
 #####
 ##### Neverallow
 #####

public/device.te

diff --git a/public/device.te b/public/device.te
index beafdf2..835b532 100644
--- a/public/device.te
+++ b/public/device.te
@@ -25,7 +25,7 @@
 type console_device, dev_type;
 type fscklogs, dev_type;
 # GPU (used by most UI apps)
-type gpu_device, dev_type, mlstrustedobject;
+type gpu_device, dev_type, mlstrustedobject, isolated_compute_allowed_device;
 type graphics_device, dev_type;
 type hw_random_device, dev_type;
 type input_device, dev_type;

tests/sepolicy_tests.py

diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index bc3ed3d..2791c53 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py
@@ -186,6 +186,7 @@
         # access given from technical_debt.cil
         "codec2_config_prop" : ["file"],
         "device_config_nnapi_native_prop":["file"],
+        "gpu_device": ["dir"],
         "hal_allocator_default":["binder", "fd"],
         "hal_codec2": ["binder", "fd"],
         "hal_codec2_hwservice":["hwservice_manager"],
@@ -210,6 +211,7 @@
         "media_variant_prop":["file"],
         "nnapi_ext_deny_product_prop":["file"],
         "servicemanager":["fd"],
+        "sysfs_gpu": ["file"],
         "toolbox_exec": ["file"],
         # extra types being granted to isolated_compute_app
         "isolated_compute_allowed":["service_manager", "chr_file"],