| ;; |
| ;; Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| ;; Use of this source code is governed by a BSD-style license that can be |
| ;; found in the LICENSE file. |
| ;; |
| |
| ; *** The contents of content/common/common.sb are implicitly included here. *** |
| |
| ; Allow communication between the GPU process and the UI server. |
| (allow mach-lookup (global-name "com.apple.tsm.uiserver")) |
| |
| (allow file-read-metadata (literal "/")) |
| |
| ; Needed for WebGL on OS X 10.7 - crbug.com/75343 |
| (if (param-true? lion-or-later) |
| (allow iokit-open |
| (iokit-connection "IOAccelerator") |
| (iokit-user-client-class "IOAccelerationUserClient") |
| (iokit-user-client-class "IOFramebufferSharedUserClient") |
| (iokit-user-client-class "AppleGraphicsControlClient") |
| (iokit-user-client-class "AGPMClient") |
| (iokit-user-client-class "IOHIDParamUserClient") |
| (iokit-user-client-class "RootDomainUserClient") |
| (iokit-user-client-class "IOSurfaceRootUserClient") |
| (iokit-user-client-class "IOSurfaceSendRight"))) |
| |
| ; https://crbug.com/515280 |
| (if (param-true? elcap-or-later) |
| (allow file-read* (regex #"^/System/Library/Extensions($|/)"))) |
