1#####################################
2# gpu_access(client_domain)
3# Allow client_domain to communicate with the GPU
4define(`gpu_access', `
5allow $1 dri_device:dir { open read search };
6allow $1 sysfs_gpu:dir search;
7allow $1 gpu_device:chr_file { getattr ioctl map open read write };
8allow $1 graphics_device:chr_file { getattr };
9allow $1 sysfs_gpu:file { getattr open read };
10')
11