logo

apparmor.d

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/apparmor.d.git

opencl-pocl (2912B)

    

  1. # vim:syntax=apparmor
  2. # OpenCL access requirements for POCL implementation
  4.   abi <abi/3.0>,
  6.   include <abstractions/opencl-common>
  8.   # Executables
  10.   /usr/bin/{,@{multiarch}-}ld.bfd Cx -> opencl_pocl_ld,
  11.   /usr/lib/llvm-[0-9]*.[0-9]*/bin/clang Cx -> opencl_pocl_clang,
  13.   # System files
  15.   / r, # libpocl.so -> libhwloc.so
  16.   @{sys}/bus/pci/slots/ r, # libpocl.so -> hwloc_topology_load() from libhwloc.so
  17.   @{sys}/bus/{cpu,node}/devices/ r, # libpocl.so -> libhwlock.so
  18.   @{sys}/class/net/ r, # libpocl.so -> hwloc_pci_traverse_lookuposdevices_cb() from libhwloc.so
  19.   @{sys}/devices/pci[0-9]*/**/ r, # for libpocl ->  hwloc_linux_lookup_block_class() from libhwloc.so
  20.   @{sys}/devices/pci[0-9]*/**/block/*/dev r, # libpocl.so -> hwloc_linux_lookup_host_block_class() from libhwloc.so
  21.   @{sys}/devices/pci[0-9]*/**/{class,local_cpus} r, # libpocl.so -> libhwlock.so
  22.   @{sys}/devices/pci[0-9]*/*/net/*/address r, # libpocl.so ->  hwloc_pci_traverse_lookuposdevices_cb() from libhwloc.so
  23.   @{sys}/devices/system/cpu/ r, # libpocl.so -> libnuma.so
  24.   @{sys}/devices/system/cpu/cpu[0-9]*/cache/index[0-9]*/* r, # libpocl.so -> libhwloc.so
  25.   @{sys}/devices/system/cpu/cpu[0-9]*/online r, # libpocl.so -> libhwlock.so
  26.   @{sys}/devices/system/cpu/cpu[0-9]*/topology/* r, # *_siblings, physical_package_id and lot's of others, for libpocl.so -> libhwloc.so
  27.   @{sys}/devices/system/cpu/cpufreq/policy[0-9]*/* r, # for clGetPlatformIDs() from libpocl.so
  28.   @{sys}/devices/system/cpu/possible r, # libpocl.so -> libhwloc.so
  29.   @{sys}/devices/virtual/dmi/id/{,*} r, # libpocl.so -> libhwloc.so
  30.   @{sys}/fs/cgroup/cpuset/cpuset.{cpus,mems} r, # libpocl.so -> libhwloc.so
  31.   @{sys}/kernel/mm/hugepages{/,/**} r, # libpocl.so -> libhwloc.so
  32.   /usr/share/pocl/** r,
  33.   @{run}/udev/data/*:* r, # libpocl.so -> hwloc_linux_block_class_fillinfos() from libhwloc.so
  35.   # User files
  37.   owner @{HOME}/.cache/pocl/ w,
  38.   owner @{HOME}/.cache/pocl/kcache/ w,
  39.   owner @{HOME}/.cache/pocl/kcache/** rw,
  40.   owner @{HOME}/.cache/pocl/kcache/**.so mrw, # dangerous!
  41.   owner @{PROC}/@{pid}/{cgroup,cpuset,status} r, # libpocl.so -> libhwloc.so, status for libpocl.so -> libnuma.so
  43.   # Child profiles
  45.   profile opencl_pocl_ld {
  46.     include <abstractions/base>
  48.     # Main executables
  50.     /usr/bin/{,@{multiarch}-}ld.bfd mr,
  52.     # User files
  54.     owner @{HOME}/.cache/pocl/kcache/tempfile*.so rw,
  55.     owner @{HOME}/.cache/pocl/kcache/**.so.o r,
  56.   }
  58.   profile opencl_pocl_clang {
  59.     include <abstractions/base>
  61.     # Main executables
  63.     /usr/lib/llvm-[0-9]*.[0-9]*/bin/clang mr,
  65.     # Additional executables
  67.     /usr/bin/{,@{multiarch}-}ld.bfd ix, # TODO: transfer to opencl_ld child profile?
  69.     # System files
  71.     /etc/debian-version r,
  72.     /etc/lsb-release r,
  74.     # User files
  76.     owner @{HOME}/.cache/pocl/kcache/*/*/*/*/*.so{,.o} rw,
  77.   }
  80.   # Include additions to the abstraction
  81.   include if exists <abstractions/opencl-pocl.d>