1# gpuservice - server for gpu stats and other gpu related services 2typeattribute gpuservice coredomain; 3type gpuservice_exec, system_file_type, exec_type, file_type; 4 5init_daemon_domain(gpuservice) 6 7binder_call(gpuservice, adbd) 8binder_call(gpuservice, shell) 9binder_call(gpuservice, system_server) 10binder_use(gpuservice) 11 12# Access the GPU. 13allow gpuservice gpu_device:chr_file rw_file_perms; 14 15# GPU service will need to load GPU driver, for example Vulkan driver in order 16# to get the capability of the driver. 17allow gpuservice same_process_hal_file:file { open read getattr execute map }; 18allow gpuservice ion_device:chr_file r_file_perms; 19get_prop(gpuservice, hwservicemanager_prop) 20hwbinder_use(gpuservice) 21 22# Access /dev/graphics/fb0. 23allow gpuservice graphics_device:dir search; 24allow gpuservice graphics_device:chr_file rw_file_perms; 25 26# Needed for dumpsys pipes. 27allow gpuservice shell:fifo_file write; 28 29# Use socket supplied by adbd, for cmd gpu vkjson etc. 30allow gpuservice adbd:unix_stream_socket { read write getattr }; 31 32# Needed for interactive shell 33allow gpuservice devpts:chr_file { read write getattr }; 34 35# Needed for dumpstate to dumpsys gpu. 36allow gpuservice dumpstate:fd use; 37allow gpuservice dumpstate:fifo_file write; 38 39# Needed for stats callback registration to statsd. 40allow gpuservice stats_service:service_manager find; 41allow gpuservice statsmanager_service:service_manager find; 42# TODO(b/146461633): remove this once native pullers talk to StatsManagerService 43binder_call(gpuservice, statsd); 44 45add_service(gpuservice, gpu_service) 46 47# Only uncomment below line when in development 48# userdebug_or_eng(`permissive gpuservice;') 49