surfaceflinger.te revision 8bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9
15d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# surfaceflinger - display compositor service 25d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 35d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubintype surfaceflinger_exec, exec_type, file_type; 4cc39f637734a8d84bc861b649bfd109290c06401dcashmaninit_daemon_domain(surfaceflinger) 55d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 65d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubintypeattribute surfaceflinger mlstrustedsubject; 75d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 85d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinread_runtime_log_tags(surfaceflinger) 95d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 105d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Perform HwBinder IPC. 115d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinhwbinder_use(surfaceflinger) 125d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, hal_graphics_allocator) 135d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, hal_graphics_composer) 145d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, hal_configstore) 155d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 165d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Perform Binder IPC. 175d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_use(surfaceflinger) 185d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, binderservicedomain) 195d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, appdomain) 205d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, bootanim) 215d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_service(surfaceflinger) 225d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 235d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Binder IPC to bu, presently runs in adbd domain. 245d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, adbd) 255d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 265d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Read /proc/pid files for Binder clients. 275d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, binderservicedomain) 285d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, appdomain) 295d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 305d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access the GPU. 315d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger gpu_device:chr_file rw_file_perms; 325d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 335d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access /dev/graphics/fb0. 345d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger graphics_device:dir search; 355d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger graphics_device:chr_file rw_file_perms; 365d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 375d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Access /dev/video1. 385d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger video_device:dir r_dir_perms; 395d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger video_device:chr_file rw_file_perms; 405d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 415d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Create and use netlink kobject uevent sockets. 425d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 435d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 445d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Set properties. 455d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinset_prop(surfaceflinger, system_prop) 465d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinset_prop(surfaceflinger, ctl_bootanim_prop) 475d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 485d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Use open files supplied by an app. 495d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger appdomain:fd use; 505d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger app_data_file:file { read write }; 515d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 525d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Allow a dumpstate triggered screenshot 535d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, dumpstate) 545d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinbinder_call(surfaceflinger, shell) 555d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, dumpstate) 565d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 575d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Needed on some devices for playing DRM protected content, 585d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# but seems expected and appropriate for all devices. 595d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger tee:unix_stream_socket connectto; 605d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger tee_device:chr_file rw_file_perms; 615d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 625d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 635d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# media.player service 645d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinadd_service(surfaceflinger, gpu_service) 655d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 665d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# do not use add_service() as hal_graphics_composer_default may be the 675d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# provider as well 685d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin#add_service(surfaceflinger, surfaceflinger_service) 695d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger surfaceflinger_service:service_manager { add find }; 705d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 715d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger mediaserver_service:service_manager find; 725d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger permission_service:service_manager find; 735d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger power_service:service_manager find; 748bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9Jeff Vander Stoepallow surfaceflinger vr_manager_service:service_manager find; 755d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger window_service:service_manager find; 765d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 778bf3b7a8656372c1dcead6aedbf1a96d0a3bf1d9Jeff Vander Stoep 785d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# allow self to set SCHED_FIFO 795d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger self:capability sys_nice; 805d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger proc_meminfo:file r_file_perms; 815d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, cgroup) 825d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, sysfs_type) 835d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinr_dir_file(surfaceflinger, system_file) 845d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger tmpfs:dir r_dir_perms; 855d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger system_server:fd use; 865d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinallow surfaceflinger ion_device:chr_file r_file_perms; 875d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 88084faf025903795fe223a31d7e626d0439b459c2Nick Bray# pdx IPC 89084faf025903795fe223a31d7e626d0439b459c2Nick Braypdx_server(surfaceflinger) 90084faf025903795fe223a31d7e626d0439b459c2Nick Bray 91084faf025903795fe223a31d7e626d0439b459c2Nick Brayuse_pdx(surfaceflinger, bufferhubd) 92084faf025903795fe223a31d7e626d0439b459c2Nick Brayuse_pdx(surfaceflinger, performanced) 93084faf025903795fe223a31d7e626d0439b459c2Nick Brayuse_pdx(surfaceflinger, sensord) 94084faf025903795fe223a31d7e626d0439b459c2Nick Bray 955d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### 965d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### Neverallow rules 975d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### 985d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin### surfaceflinger should NEVER do any of this 995d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin 1005d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# Do not allow accessing SDcard files as unsafe ejection could 1015d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubin# cause the kernel to kill the process. 1025d30beb1b234b31ccd6485d4bad5813103833794Alex Klyubinneverallow surfaceflinger sdcard_type:file rw_file_perms; 103