Merge "NNAPI property to disable extensions use on GSI/AOSP product partition."
This commit is contained in:
commit
d385346ada
@ -99,6 +99,7 @@
|
|||||||
network_stack
|
network_stack
|
||||||
network_stack_service
|
network_stack_service
|
||||||
network_stack_tmpfs
|
network_stack_tmpfs
|
||||||
|
nnapi_ext_deny_product_prop
|
||||||
overlayfs_file
|
overlayfs_file
|
||||||
password_slot_metadata_file
|
password_slot_metadata_file
|
||||||
permissionmgr_service
|
permissionmgr_service
|
||||||
|
@ -191,3 +191,7 @@ bpf.progs_loaded u:object_r:bpf_progs_loaded_prop:s0
|
|||||||
|
|
||||||
gsid. u:object_r:gsid_prop:s0
|
gsid. u:object_r:gsid_prop:s0
|
||||||
ro.gsid. u:object_r:gsid_prop:s0
|
ro.gsid. u:object_r:gsid_prop:s0
|
||||||
|
|
||||||
|
# Property for disabling NNAPI vendor extensions on product image (used on GSI /product image,
|
||||||
|
# which can't use NNAPI vendor extensions).
|
||||||
|
ro.nnapi.extensions.deny_on_product u:object_r:nnapi_ext_deny_product_prop:s0
|
||||||
|
@ -11,3 +11,11 @@ allow hal_neuralnetworks_server app_data_file:file { read write getattr map };
|
|||||||
|
|
||||||
# Allow NN HAL service to use a client-provided fd residing in /data/local/tmp/.
|
# Allow NN HAL service to use a client-provided fd residing in /data/local/tmp/.
|
||||||
allow hal_neuralnetworks_server shell_data_file:file { read write getattr map };
|
allow hal_neuralnetworks_server shell_data_file:file { read write getattr map };
|
||||||
|
|
||||||
|
# Allow NN HAL client to check the ro.nnapi.extensions.deny_on_product
|
||||||
|
# property to determine whether to deny NNAPI extensions use for apps
|
||||||
|
# on product partition (apps in GSI are not allowed to use NNAPI extensions).
|
||||||
|
get_prop(hal_neuralnetworks_client, nnapi_ext_deny_product_prop);
|
||||||
|
# This property is only expected to be found in /product/build.prop,
|
||||||
|
# allow to be set only by init.
|
||||||
|
neverallow { domain -init } nnapi_ext_deny_product_prop:property_service set;
|
||||||
|
@ -64,6 +64,7 @@ type net_dns_prop, property_type;
|
|||||||
type net_radio_prop, property_type, core_property_type;
|
type net_radio_prop, property_type, core_property_type;
|
||||||
type netd_stable_secret_prop, property_type;
|
type netd_stable_secret_prop, property_type;
|
||||||
type nfc_prop, property_type, core_property_type;
|
type nfc_prop, property_type, core_property_type;
|
||||||
|
type nnapi_ext_deny_product_prop, property_type;
|
||||||
type overlay_prop, property_type;
|
type overlay_prop, property_type;
|
||||||
type pan_result_prop, property_type, core_property_type;
|
type pan_result_prop, property_type, core_property_type;
|
||||||
type persist_debug_prop, property_type, core_property_type;
|
type persist_debug_prop, property_type, core_property_type;
|
||||||
|
@ -206,6 +206,7 @@ not_compatible_property(`
|
|||||||
-last_boot_reason_prop
|
-last_boot_reason_prop
|
||||||
-apexd_prop
|
-apexd_prop
|
||||||
-gsid_prop
|
-gsid_prop
|
||||||
|
-nnapi_ext_deny_product_prop
|
||||||
})
|
})
|
||||||
')
|
')
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user