Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / c80f9e037bedb09d08a261f255f87ea105fa371b / . / private / surfaceflinger.te
blob: f28e3fec1e226d35d39b835406235b2d7843940b [file] [log] [blame]
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]1# surfaceflinger - display compositor service
2
Alex Klyubinf5446eb2017-03-23 14:27:32 -0700[diff] [blame]3typeattribute surfaceflinger coredomain;
4
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]5type surfaceflinger_exec, exec_type, file_type;
dcashmancc39f632016-07-22 13:13:11 -0700[diff] [blame]6init_daemon_domain(surfaceflinger)
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]7
8typeattribute surfaceflinger mlstrustedsubject;
Steven Morelande8ab0022017-05-16 17:43:52 -0700[diff] [blame]9typeattribute surfaceflinger display_service_server;
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]10
11read_runtime_log_tags(surfaceflinger)
12
13# Perform HwBinder IPC.
Alex Klyubin9e6b24c2017-03-16 18:48:40 -0700[diff] [blame]14hal_client_domain(surfaceflinger, hal_graphics_allocator)
Alex Klyubin9e6b24c2017-03-16 18:48:40 -0700[diff] [blame]15hal_client_domain(surfaceflinger, hal_graphics_composer)
Alex Klyubin9e6b24c2017-03-16 18:48:40 -0700[diff] [blame]16hal_client_domain(surfaceflinger, hal_configstore)
Alex Klyubin53656c12017-04-13 19:05:27 -0700[diff] [blame]17allow surfaceflinger hidl_token_hwservice:hwservice_manager find;
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]18
19# Perform Binder IPC.
20binder_use(surfaceflinger)
21binder_call(surfaceflinger, binderservicedomain)
22binder_call(surfaceflinger, appdomain)
23binder_call(surfaceflinger, bootanim)
24binder_service(surfaceflinger)
25
26# Binder IPC to bu, presently runs in adbd domain.
27binder_call(surfaceflinger, adbd)
28
29# Read /proc/pid files for Binder clients.
30r_dir_file(surfaceflinger, binderservicedomain)
31r_dir_file(surfaceflinger, appdomain)
32
33# Access the GPU.
34allow surfaceflinger gpu_device:chr_file rw_file_perms;
35
36# Access /dev/graphics/fb0.
37allow surfaceflinger graphics_device:dir search;
38allow surfaceflinger graphics_device:chr_file rw_file_perms;
39
40# Access /dev/video1.
41allow surfaceflinger video_device:dir r_dir_perms;
42allow surfaceflinger video_device:chr_file rw_file_perms;
43
44# Create and use netlink kobject uevent sockets.
45allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
46
47# Set properties.
48set_prop(surfaceflinger, system_prop)
49set_prop(surfaceflinger, ctl_bootanim_prop)
50
51# Use open files supplied by an app.
52allow surfaceflinger appdomain:fd use;
53allow surfaceflinger app_data_file:file { read write };
54
Vishnu Nair2d6942d2017-11-17 08:23:32 -0800[diff] [blame]55# Allow writing surface traces to /data/misc/wmtrace.
56userdebug_or_eng(`
57 allow surfaceflinger wm_trace_data_file:dir rw_dir_perms;
58 allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms };
59')
60
Chris Forbes676003c2017-04-28 10:10:36 -0700[diff] [blame]61# Use socket supplied by adbd, for cmd gpu vkjson etc.
62allow surfaceflinger adbd:unix_stream_socket { read write getattr };
63
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]64# Allow a dumpstate triggered screenshot
65binder_call(surfaceflinger, dumpstate)
66binder_call(surfaceflinger, shell)
67r_dir_file(surfaceflinger, dumpstate)
68
69# Needed on some devices for playing DRM protected content,
70# but seems expected and appropriate for all devices.
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]71allow surfaceflinger tee_device:chr_file rw_file_perms;
72
73
74# media.player service
75add_service(surfaceflinger, gpu_service)
76
77# do not use add_service() as hal_graphics_composer_default may be the
78# provider as well
79#add_service(surfaceflinger, surfaceflinger_service)
80allow surfaceflinger surfaceflinger_service:service_manager { add find };
81
82allow surfaceflinger mediaserver_service:service_manager find;
83allow surfaceflinger permission_service:service_manager find;
84allow surfaceflinger power_service:service_manager find;
Jeff Vander Stoep8bf3b7a2017-02-10 13:33:56 -0800[diff] [blame]85allow surfaceflinger vr_manager_service:service_manager find;
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]86allow surfaceflinger window_service:service_manager find;
87
Jeff Vander Stoep8bf3b7a2017-02-10 13:33:56 -0800[diff] [blame]88
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]89# allow self to set SCHED_FIFO
Benjamin Gordon9b2e0cb2017-11-09 15:51:26 -0700[diff] [blame]90allow surfaceflinger self:global_capability_class_set sys_nice;
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]91allow surfaceflinger proc_meminfo:file r_file_perms;
92r_dir_file(surfaceflinger, cgroup)
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]93r_dir_file(surfaceflinger, system_file)
94allow surfaceflinger tmpfs:dir r_dir_perms;
95allow surfaceflinger system_server:fd use;
96allow surfaceflinger ion_device:chr_file r_file_perms;
97
Nick Bray084faf02017-02-09 15:15:11 -0800[diff] [blame]98# pdx IPC
Alex Vakulenko41daa7f2017-05-01 13:01:44 -0700[diff] [blame]99pdx_server(surfaceflinger, display_client)
100pdx_server(surfaceflinger, display_manager)
101pdx_server(surfaceflinger, display_screenshot)
102pdx_server(surfaceflinger, display_vsync)
Nick Bray084faf02017-02-09 15:15:11 -0800[diff] [blame]103
Alex Vakulenko41daa7f2017-05-01 13:01:44 -0700[diff] [blame]104pdx_client(surfaceflinger, bufferhub_client)
105pdx_client(surfaceflinger, performance_client)
Nick Bray084faf02017-02-09 15:15:11 -0800[diff] [blame]106
Alex Klyubin5d30beb2017-02-07 10:05:07 -0800[diff] [blame]107###
108### Neverallow rules
109###
110### surfaceflinger should NEVER do any of this
111
112# Do not allow accessing SDcard files as unsafe ejection could
113# cause the kernel to kill the process.
114neverallow surfaceflinger sdcard_type:file rw_file_perms;