gpu: add SELinux policies for GPU probe.
Adds SELinux policies for gpu_probe service. These allow us to upload events to Perfetto. gpu_probe is an untrusted producer in Perfetto model, in same manner as traced_probes. Bug: 267669418 Test: see events produced when designating perfetto config. Change-Id: Id122870b14000288fc3c26aa3c49348a8f7322df
This commit is contained in:
Kevin DuBois
parent
1d0f49363e
commit
148a9232e1
3
gpu/gpu.mk
Normal file
3
gpu/gpu.mk
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gpu/sepolicy
|
||||||
|
|
||||||
|
PRODUCT_PACKAGES += gpu_probe
|
||||||
1
gpu/sepolicy/file_contexts
Normal file
1
gpu/sepolicy/file_contexts
Normal file
@ -0,0 +1 @@
|
|||||||
|
/vendor/bin/gpu_probe u:object_r:gpu_probe_exec:s0
|
||||||
8
gpu/sepolicy/gpu_probe.te
Normal file
8
gpu/sepolicy/gpu_probe.te
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# gpu_probe
|
||||||
|
type gpu_probe_exec, exec_type, vendor_file_type, file_type;
|
||||||
|
type gpu_probe, domain;
|
||||||
|
|
||||||
|
init_daemon_domain(gpu_probe)
|
||||||
|
allow gpu_probe gpu_device:chr_file rw_file_perms;
|
||||||
|
|
||||||
|
perfetto_producer(gpu_probe)
|
||||||
Loading…
x
Reference in New Issue
Block a user