On 14 June 2018 at 00:44, Rob Herring <r...@kernel.org> wrote: > On Wed, Jun 13, 2018 at 12:19 PM, Amit Pundir <amit.pun...@linaro.org> wrote: >> On 13 June 2018 at 20:45, Rob Herring <r...@kernel.org> wrote: >>> >>> +Amit and John >>> >>> On Sat, Jun 9, 2018 at 11:27 AM, Robert Foss <robert.f...@collabora.com> >>> wrote: >>> > This patch both adds support for probing & filtering DRM nodes >>> > and switches away from using the GRALLOC_MODULE_PERFORM_GET_DRM_FD >>> > gralloc call. >>> > >>> > Currently the filtering is based just on the driver name, >>> > and the desired name is supplied using the "drm.gpu.vendor_name" >>> > Android property. >>> >>> There's a potential issue with this whole approach and that is >>> SELinux. With the way SELinux locks down accesses, getting probing >>> thru device files to work can be a pain. It may be better now than the >>> prior version because sysfs is not probed. I'll leave it to Amit or >>> John to comment. >> >> Right.. so ICYMI, this patch is already pulled into external/mesa3d >> project of AOSP and I stumbled upon one such /dev/dri/ access denial >> on db820c recently. > > A prior version of the patch series which accesses sysfs too (via libdrm). > >> >> In AOSP, zygote spawned apps already have access to GPU device nodes >> in the form of /dev/gpu_device file, but the missing part is the > > It's "gpu_device" in terms a a SELinux context, right? Not an actual /dev > path?
Yes in SELinux context, it is not an actual /dev/ path. Regards, Amit Pundir > >> open-read access to "/dev/dri/" which need to be allowed explicitly. > > Or we need a way to just open a specific device. > > Rob _______________________________________________ mesa-dev mailing list mesa-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/mesa-dev