On Wed, Jun 13, 2018 at 12:19 PM, Amit Pundir <amit.pun...@linaro.org> wrote:
> On 13 June 2018 at 20:45, Rob Herring <r...@kernel.org> wrote:
>> +Amit and John
>> On Sat, Jun 9, 2018 at 11:27 AM, Robert Foss <robert.f...@collabora.com>
>> > This patch both adds support for probing & filtering DRM nodes
>> > and switches away from using the GRALLOC_MODULE_PERFORM_GET_DRM_FD
>> > gralloc call.
>> > Currently the filtering is based just on the driver name,
>> > and the desired name is supplied using the "drm.gpu.vendor_name"
>> > Android property.
>> There's a potential issue with this whole approach and that is
>> SELinux. With the way SELinux locks down accesses, getting probing
>> thru device files to work can be a pain. It may be better now than the
>> prior version because sysfs is not probed. I'll leave it to Amit or
>> John to comment.
> Right.. so ICYMI, this patch is already pulled into external/mesa3d
> project of AOSP and I stumbled upon one such /dev/dri/ access denial
> on db820c recently.
A prior version of the patch series which accesses sysfs too (via libdrm).
> In AOSP, zygote spawned apps already have access to GPU device nodes
> in the form of /dev/gpu_device file, but the missing part is the
It's "gpu_device" in terms a a SELinux context, right? Not an actual /dev path?
> open-read access to "/dev/dri/" which need to be allowed explicitly.
Or we need a way to just open a specific device.
mesa-dev mailing list