mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-06 17:31:01 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d/abstractions/opencl-intel
Vincas Dargis 2438179b76 Use @{sys} tunable in profiles and abstractions 
Commit aa06528790 made @{sys} tunable
available by default.

Update profiles and abstractions to actually use @{sys} tunable for
better confinement in the future (when @{sys} becomes kernel var).

Closes LP#1728551
2018-11-08 20:04:46 +02:00

17 lines
564 B
Text
Raw Blame History

# vim:syntax=apparmor
# OpenCL access requirements for Intel implementation
#include <abstractions/opencl-common>
# for libcl.so (libOpenCL.so -> beignet/libcl.so calls XOpenDisplay())
#include <abstractions/X>
# for libOpenCL.so -> beignet/libcl.so -> libpciaccess.so
#include <abstractions/dri-enumerate>
# System files
/dev/dri/card[0-9]* rw, # beignet/libcl.so
@{sys}/devices/pci[0-9]*/**/{class,config,resource,revision} r, # libcl.so -> libdrm_intel.so -> libpciaccess.so (move to dri-enumerate ?)
/usr/lib/@{multiarch}/beignet/** r,
Reference in a new issue View git blame Copy permalink