surfaceflinger.te revision f5446eb1486816c00136b2b5f0a3cc4a01706000 
1# surfaceflinger - display compositor service
2
3typeattribute surfaceflinger coredomain;
4
5type surfaceflinger_exec, exec_type, file_type;
6init_daemon_domain(surfaceflinger)
7
8typeattribute surfaceflinger mlstrustedsubject;
9
10read_runtime_log_tags(surfaceflinger)
11
12# Perform HwBinder IPC.
13hwbinder_use(surfaceflinger)
14hal_client_domain(surfaceflinger, hal_graphics_allocator)
15binder_call(surfaceflinger, hal_graphics_composer)
16hal_client_domain(surfaceflinger, hal_graphics_composer)
17binder_call(surfaceflinger, hal_configstore)
18hal_client_domain(surfaceflinger, hal_configstore)
19
20# Perform Binder IPC.
21binder_use(surfaceflinger)
22binder_call(surfaceflinger, binderservicedomain)
23binder_call(surfaceflinger, appdomain)
24binder_call(surfaceflinger, bootanim)
25binder_service(surfaceflinger)
26
27# Binder IPC to bu, presently runs in adbd domain.
28binder_call(surfaceflinger, adbd)
29
30# Read /proc/pid files for Binder clients.
31r_dir_file(surfaceflinger, binderservicedomain)
32r_dir_file(surfaceflinger, appdomain)
33
34# Access the GPU.
35allow surfaceflinger gpu_device:chr_file rw_file_perms;
36
37# Access /dev/graphics/fb0.
38allow surfaceflinger graphics_device:dir search;
39allow surfaceflinger graphics_device:chr_file rw_file_perms;
40
41# Access /dev/video1.
42allow surfaceflinger video_device:dir r_dir_perms;
43allow surfaceflinger video_device:chr_file rw_file_perms;
44
45# Create and use netlink kobject uevent sockets.
46allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
47
48# Set properties.
49set_prop(surfaceflinger, system_prop)
50set_prop(surfaceflinger, ctl_bootanim_prop)
51
52# Use open files supplied by an app.
53allow surfaceflinger appdomain:fd use;
54allow surfaceflinger app_data_file:file { read write };
55
56# Allow a dumpstate triggered screenshot
57binder_call(surfaceflinger, dumpstate)
58binder_call(surfaceflinger, shell)
59r_dir_file(surfaceflinger, dumpstate)
60
61# Needed on some devices for playing DRM protected content,
62# but seems expected and appropriate for all devices.
63allow surfaceflinger tee:unix_stream_socket connectto;
64allow surfaceflinger tee_device:chr_file rw_file_perms;
65
66
67# media.player service
68add_service(surfaceflinger, gpu_service)
69
70# do not use add_service() as hal_graphics_composer_default may be the
71# provider as well
72#add_service(surfaceflinger, surfaceflinger_service)
73allow surfaceflinger surfaceflinger_service:service_manager { add find };
74
75allow surfaceflinger mediaserver_service:service_manager find;
76allow surfaceflinger permission_service:service_manager find;
77allow surfaceflinger power_service:service_manager find;
78allow surfaceflinger vr_manager_service:service_manager find;
79allow surfaceflinger window_service:service_manager find;
80
81
82# allow self to set SCHED_FIFO
83allow surfaceflinger self:capability sys_nice;
84allow surfaceflinger proc_meminfo:file r_file_perms;
85r_dir_file(surfaceflinger, cgroup)
86r_dir_file(surfaceflinger, sysfs_type)
87r_dir_file(surfaceflinger, system_file)
88allow surfaceflinger tmpfs:dir r_dir_perms;
89allow surfaceflinger system_server:fd use;
90allow surfaceflinger ion_device:chr_file r_file_perms;
91
92# pdx IPC
93pdx_server(surfaceflinger)
94
95use_pdx(surfaceflinger, bufferhubd)
96use_pdx(surfaceflinger, performanced)
97use_pdx(surfaceflinger, sensord)
98
99###
100### Neverallow rules
101###
102### surfaceflinger should NEVER do any of this
103
104# Do not allow accessing SDcard files as unsafe ejection could
105# cause the kernel to kill the process.
106neverallow surfaceflinger sdcard_type:file rw_file_perms;
107