diff options
author | Przemyslaw Szczepaniak <pszczepaniak@google.com> | 2019-05-17 20:59:04 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2019-05-17 20:59:04 +0000 |
commit | fff96ed82eeaea69b69c858eebbd3ad8a6bac628 (patch) | |
tree | f10e83ec0c3a671ebbbae815f8837b614612f8c8 | |
parent | 0025dfd7a685a873f45e37f1c6e531a25c76cf0f (diff) | |
parent | f7ae900b9b7ca5de13f8d3a6b11b8ca403997d48 (diff) | |
download | ml-fff96ed82eeaea69b69c858eebbd3ad8a6bac628.tar.gz |
Merge "Document how to use NNAPI Vendor extension allowlist." into qt-dev
-rw-r--r-- | nn/extensions/README.md | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/nn/extensions/README.md b/nn/extensions/README.md index 2b5d13cef..b50d6a51c 100644 --- a/nn/extensions/README.md +++ b/nn/extensions/README.md @@ -8,10 +8,24 @@ by supporting corresponding vendor extensions. Note that extensions do not modify behavior of existing operations. -TODO(pszczepaniak): Which apps can use vendor extensions? - This document explains how to create and use extensions. +## Extensions usage allowlist + +Vendor extensions can only be used by explicitly specified Android apps and +native binaries on the /product, /vendor, /odm, and /data partitions. It's not possible to +specify an app or a native binary located on the /system partition. + +The allowlist is stored in `/vendor/etc/nnapi_extensions_app_allowlist`, and contains +a list of Android apps and binaries permitted to use NNAPI vendor extensions. +Each line of the file contains a new entry. If an entry is prefixed by '/', +then it's a native binary path (e.g. '/data/foo'). If not, it's a name of an Android +app package (e.g. 'com.foo.bar'). + +Allowlist is enforced from the NNAPI runtime shared library. It protects +against accidental usage, but not against deliberate circumvention by directly +using the NNAPI driver HAL interface. + ## Vendor extension definition The vendor is expected to create and maintain a header file with the |