15d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# surfaceflinger - display compositor service 25d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 3f5446eb1486816c00136b2b5f0a3cc4a01706000Alex Klyubintypeattribute surfaceflinger coredomain; 4f5446eb1486816c00136b2b5f0a3cc4a01706000Alex Klyubin 55d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubintype surfaceflinger_exec, exec_type, file_type; 6cc39f637734a8d84bc861b649bfd109290c06401dcashmaninit_daemon_domain(surfaceflinger) 75d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 85d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubintypeattribute surfaceflinger mlstrustedsubject; 9e8ab0020ba58978e8d7f8b1b77ae36da1f3bffa0Steven Morelandtypeattribute surfaceflinger display_service_server; 105d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 115d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinread_runtime_log_tags(surfaceflinger) 125d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 135d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Perform HwBinder IPC. 149e6b24c6a5dc026924b2ab983d6644063585cd9cAlex Klyubinhal_client_domain(surfaceflinger, hal_graphics_allocator) 159e6b24c6a5dc026924b2ab983d6644063585cd9cAlex Klyubinhal_client_domain(surfaceflinger, hal_graphics_composer) 169e6b24c6a5dc026924b2ab983d6644063585cd9cAlex Klyubinhal_client_domain(surfaceflinger, hal_configstore) 1753656c1742c126c92df178ee143dec5dcf93c88aAlex Klyubinallow surfaceflinger hidl_token_hwservice:hwservice_manager find; 185d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 195d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Perform Binder IPC. 205d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_use(surfaceflinger) 215d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, binderservicedomain) 225d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, appdomain) 235d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, bootanim) 245d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_service(surfaceflinger) 255d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 265d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Binder IPC to bu, presently runs in adbd domain. 275d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, adbd) 285d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 295d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Read /proc/pid files for Binder clients. 305d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, binderservicedomain) 315d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, appdomain) 325d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 335d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access the GPU. 345d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger gpu_device:chr_file rw_file_perms; 355d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 365d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access /dev/graphics/fb0. 375d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger graphics_device:dir search; 385d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger graphics_device:chr_file rw_file_perms; 395d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 405d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access /dev/video1. 415d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger video_device:dir r_dir_perms; 425d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger video_device:chr_file rw_file_perms; 435d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 445d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Create and use netlink kobject uevent sockets. 455d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 465d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 475d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Set properties. 485d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinset_prop(surfaceflinger, system_prop) 49e49714542ee846a7b14c8edb78303ec94cb4836eJaekyun Seokset_prop(surfaceflinger, exported_system_prop) 50e49714542ee846a7b14c8edb78303ec94cb4836eJaekyun Seokset_prop(surfaceflinger, exported2_system_prop) 51e49714542ee846a7b14c8edb78303ec94cb4836eJaekyun Seokset_prop(surfaceflinger, exported3_system_prop) 525d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinset_prop(surfaceflinger, ctl_bootanim_prop) 535d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 545d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Use open files supplied by an app. 555d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger appdomain:fd use; 565d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger app_data_file:file { read write }; 575d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 582d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nair# Allow writing surface traces to /data/misc/wmtrace. 592d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nairuserdebug_or_eng(` 602d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nair allow surfaceflinger wm_trace_data_file:dir rw_dir_perms; 612d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nair allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms }; 622d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nair') 632d6942d397f446fe080d6c97c21235124900f7d5Vishnu Nair 64676003cf3aa1b42c9efb7f287a507ebc40b51548Chris Forbes# Use socket supplied by adbd, for cmd gpu vkjson etc. 65676003cf3aa1b42c9efb7f287a507ebc40b51548Chris Forbesallow surfaceflinger adbd:unix_stream_socket { read write getattr }; 66676003cf3aa1b42c9efb7f287a507ebc40b51548Chris Forbes 675d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Allow a dumpstate triggered screenshot 685d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, dumpstate) 695d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, shell) 705d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, dumpstate) 715d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 725d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Needed on some devices for playing DRM protected content, 735d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# but seems expected and appropriate for all devices. 745d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger tee_device:chr_file rw_file_perms; 755d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 765d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 775d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# media.player service 785d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinadd_service(surfaceflinger, gpu_service) 795d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 805d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# do not use add_service() as hal_graphics_composer_default may be the 815d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# provider as well 825d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin#add_service(surfaceflinger, surfaceflinger_service) 835d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger surfaceflinger_service:service_manager { add find }; 845d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 855d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger mediaserver_service:service_manager find; 865d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger permission_service:service_manager find; 875d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger power_service:service_manager find; 888bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9Jeff Vander Stoepallow surfaceflinger vr_manager_service:service_manager find; 895d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger window_service:service_manager find; 905d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 918bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9Jeff Vander Stoep 925d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# allow self to set SCHED_FIFO 939b2e0cbeeaae560b07e4ffa6e5b8e505699e4a76Benjamin Gordonallow surfaceflinger self:global_capability_class_set sys_nice; 945d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger proc_meminfo:file r_file_perms; 955d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, cgroup) 965d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, system_file) 975d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger tmpfs:dir r_dir_perms; 985d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger system_server:fd use; 995d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger ion_device:chr_file r_file_perms; 1005d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 101084faf025903795fe223a31d7e626d0439b459c2Nick Bray# pdx IPC 10241daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_server(surfaceflinger, display_client) 10341daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_server(surfaceflinger, display_manager) 10441daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_server(surfaceflinger, display_screenshot) 10541daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_server(surfaceflinger, display_vsync) 10641daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenko 10741daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_client(surfaceflinger, bufferhub_client) 10841daa7f859be06a49e4770a1f1d33b0d3070fa5aAlex Vakulenkopdx_client(surfaceflinger, performance_client) 109084faf025903795fe223a31d7e626d0439b459c2Nick Bray 1105d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### 1115d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### Neverallow rules 1125d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### 1135d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### surfaceflinger should NEVER do any of this 1145d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 1155d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Do not allow accessing SDcard files as unsafe ejection could 1165d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# cause the kernel to kill the process. 1175d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinneverallow surfaceflinger sdcard_type:file rw_file_perms; 118f7ec413844ad691c0c4863de4cc7a0719b12dc8eJoel Galenson 119f7ec413844ad691c0c4863de4cc7a0719b12dc8eJoel Galenson# b/68864350 120f7ec413844ad691c0c4863de4cc7a0719b12dc8eJoel Galensondontaudit surfaceflinger unlabeled:dir search; 121