search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Make USB permissions work in the new permission message system
[chromium-blink-merge.git] / content / browser / gpu.sb
blobffcae8b4fad2f01f2587f6226c6bad0babca8eb5
1 ;;
2 ;; Copyright (c) 2011 The Chromium Authors. All rights reserved.
3 ;; Use of this source code is governed by a BSD-style license that can be
4 ;; found in the LICENSE file.
5 ;;
6
7 ; *** The contents of content/common/common.sb are implicitly included here. ***
8
9 ; Allow communication between the GPU process and the UI server.
10 (allow mach-lookup (global-name "com.apple.tsm.uiserver"))
11
12 (allow file-read-metadata (literal "/"))
13
14 ; Needed for WebGL on OS X 10.7 - crbug.com/75343
15 (if (param-true? lion-or-later)
16   (allow iokit-open
17     (iokit-connection "IOAccelerator")
18     (iokit-user-client-class "IOAccelerationUserClient")
19     (iokit-user-client-class "IOFramebufferSharedUserClient")
20     (iokit-user-client-class "AppleGraphicsControlClient")
21     (iokit-user-client-class "AGPMClient")
22     (iokit-user-client-class "IOHIDParamUserClient")
23     (iokit-user-client-class "RootDomainUserClient")
24     (iokit-user-client-class "IOSurfaceRootUserClient")
25     (iokit-user-client-class "IOSurfaceSendRight")))
26
27 ; https://crbug.com/515280
28 (if (param-true? elcap-or-later)
29   (allow file-read* (regex #"^/System/Library/Extensions($|/)")))