1# Binder access (for display.qservice) 2vndbinder_use(hal_graphics_composer_default) 3allow hal_graphics_composer_default qdisplay_service:service_manager { add find }; 4 5allow hal_graphics_composer_default persist_display_file:dir search; 6allow hal_graphics_composer_default persist_display_file:file r_file_perms; 7 8allow hal_graphics_composer_default sysfs_camera:dir search; 9allow hal_graphics_composer_default sysfs_camera:file r_file_perms; 10allow hal_graphics_composer_default sysfs_msm_subsys:dir search; 11allow hal_graphics_composer_default sysfs_msm_subsys:file r_file_perms; 12allow hal_graphics_composer_default sysfs_mdss_mdp_caps:file r_file_perms; 13allow hal_graphics_composer_default persist_file:dir search; 14 15allow hal_graphics_composer_default hal_graphics_mapper_hwservice:hwservice_manager find; 16 17r_dir_file(hal_graphics_composer_default, sysfs_leds) 18 19allow hal_graphics_composer_default video_device:chr_file rw_file_perms; 20 21# HWC_UeventThread 22allow hal_graphics_composer_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 23 24# Access /sys/devices/virtual/graphics/fb0 25r_dir_file(hal_graphics_composer_default, sysfs_type) 26 27allow hal_graphics_composer_default display_vendor_data_file:dir create_dir_perms; 28allow hal_graphics_composer_default display_vendor_data_file:file create_file_perms; 29 30userdebug_or_eng(` 31 allow hal_graphics_composer_default debugfs_mdp:dir r_dir_perms; 32 allow hal_graphics_composer_default debugfs_mdp:file r_file_perms; 33 allow hal_graphics_composer_default diag_device:chr_file rw_file_perms; 34') 35dontaudit hal_graphics_composer_default diag_device:chr_file rw_file_perms; 36 37dontaudit hal_graphics_composer_default kernel:system module_request; 38