| // Copyright 2022 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| { |
| include: [ |
| "inspect/client.shard.cml", |
| "syslog/client.shard.cml", |
| ], |
| program: { |
| runner: "elf", |
| binary: "bin/session_manager", |
| }, |
| collections: [ |
| // Holds all the sessions this session_manager will create. Capabilities |
| // offered to and exposed by sessions should be routed here. |
| { |
| name: "session", |
| durability: "transient", |
| persistent_storage: true, |
| allowed_offers: "static_and_dynamic", |
| }, |
| ], |
| capabilities: [ |
| { |
| protocol: [ |
| "fuchsia.session.Launcher", |
| "fuchsia.session.Lifecycle", |
| "fuchsia.session.power.Handoff", |
| "fuchsia.session.Restarter", |
| ], |
| }, |
| |
| // session_manager exposes protocols in /svc_from_session from the session. |
| // The session should expose these protocols in its manifest. |
| { |
| protocol: "fuchsia.element.Manager", |
| path: "/svc_from_session/fuchsia.element.Manager", |
| }, |
| { |
| protocol: "fuchsia.element.GraphicalPresenter", |
| path: "/svc_from_session/fuchsia.element.GraphicalPresenter", |
| }, |
| { |
| protocol: "fuchsia.web.Debug", |
| path: "/svc_from_session/fuchsia.web.Debug", |
| }, |
| { |
| protocol: "fuchsia.session.window.Manager", |
| path: "/svc_from_session/fuchsia.session.window.Manager", |
| }, |
| ], |
| use: [ |
| { |
| protocol: [ |
| "fuchsia.component.Realm", |
| "fuchsia.component.sandbox.CapabilityStore", |
| ], |
| from: "framework", |
| }, |
| { |
| protocol: [ "fuchsia.metrics.MetricEventLoggerFactory" ], |
| from: "parent", |
| }, |
| |
| // System power level controls. |
| { |
| protocol: [ |
| "fuchsia.power.broker.Topology", |
| "fuchsia.power.system.ActivityGovernor", |
| "fuchsia.power.system.BootControl", |
| ], |
| from: "parent", |
| availability: "optional", |
| }, |
| { |
| config: "fuchsia.session.SessionUrl", |
| key: "session_url", |
| type: "string", |
| max_size: 512, |
| }, |
| { |
| // If `session_url` is non-empty and `autolaunch` is true, |
| // `session_manager` will automatically launch the given `session_url` |
| // on device startup. |
| config: "fuchsia.session.AutoLaunch", |
| key: "autolaunch", |
| type: "bool", |
| }, |
| { |
| config: "fuchsia.power.SuspendEnabled", |
| key: "suspend_enabled", |
| type: "bool", |
| }, |
| ], |
| offer: [ |
| { |
| // Routed to session-manager via core realm shards. |
| // These protocols are not available on all products. |
| protocol: [ |
| "fuchsia.bluetooth.bredr.Profile", |
| "fuchsia.bluetooth.gatt.Server", |
| "fuchsia.bluetooth.gatt2.Server", |
| "fuchsia.bluetooth.le.Central", |
| "fuchsia.bluetooth.le.Peripheral", |
| "fuchsia.bluetooth.le.PrivilegedPeripheral", |
| "fuchsia.bluetooth.sys.Access", |
| "fuchsia.bluetooth.sys.AddressLookup", |
| "fuchsia.bluetooth.sys.HostWatcher", |
| "fuchsia.bluetooth.sys.Pairing", |
| "fuchsia.camera3.DeviceWatcher", |
| "fuchsia.cobalt.SystemDataUpdater", |
| "fuchsia.device.NameProvider", |
| "fuchsia.feedback.ComponentDataRegister", |
| "fuchsia.feedback.CrashReportingProductRegister", |
| "fuchsia.feedback.DataProvider", |
| "fuchsia.feedback.LastRebootInfoProvider", |
| "fuchsia.hardware.power.statecontrol.RebootMethodsWatcherRegister", |
| "fuchsia.hardware.radar.RadarBurstReaderProvider", |
| "fuchsia.hwinfo.Board", |
| "fuchsia.hwinfo.Device", |
| "fuchsia.hwinfo.Product", |
| "fuchsia.kernel.VmexResource", |
| "fuchsia.lightsensor.Sensor", |
| "fuchsia.location.namedplace.RegulatoryRegionConfigurator", |
| "fuchsia.location.namedplace.RegulatoryRegionWatcher", |
| "fuchsia.lowpan.bootstrap.Thread", |
| "fuchsia.media.SessionAudioConsumerFactory", |
| "fuchsia.media.sessions2.ActiveSession", |
| "fuchsia.media.sessions2.Discovery", |
| "fuchsia.media.sessions2.Publisher", |
| "fuchsia.media.sounds.Player", |
| "fuchsia.net.http.Loader", |
| "fuchsia.net.interfaces.State", |
| "fuchsia.net.mdns.Publisher", |
| "fuchsia.net.mdns.ServiceInstancePublisher", |
| "fuchsia.net.mdns.ServiceInstanceResolver", |
| "fuchsia.net.mdns.ServiceSubscriber2", |
| "fuchsia.net.mdns.Subscriber", |
| "fuchsia.net.reachability.Monitor", |
| "fuchsia.net.routes.State", |
| "fuchsia.net.routes.StateV4", |
| "fuchsia.net.routes.StateV6", |
| "fuchsia.net.stack.Stack", |
| "fuchsia.net.stackmigrationdeprecated.Control", |
| "fuchsia.net.stackmigrationdeprecated.State", |
| "fuchsia.paver.Paver", |
| "fuchsia.power.battery.BatteryManager", |
| "fuchsia.power.broker.Topology", |
| "fuchsia.power.button.Monitor", |
| "fuchsia.power.cpu.manager.Boost", |
| "fuchsia.power.profile.Watcher", |
| "fuchsia.power.system.ActivityGovernor", |
| "fuchsia.power.systemmode.ClientConfigurator", |
| "fuchsia.recovery.FactoryReset", |
| "fuchsia.sensors.Manager", |
| "fuchsia.settings.Accessibility", |
| "fuchsia.settings.Audio", |
| "fuchsia.settings.Display", |
| "fuchsia.settings.DoNotDisturb", |
| "fuchsia.settings.FactoryReset", |
| "fuchsia.settings.Input", |
| "fuchsia.settings.Intl", |
| "fuchsia.settings.Keyboard", |
| "fuchsia.settings.Light", |
| "fuchsia.settings.NightMode", |
| "fuchsia.settings.Privacy", |
| "fuchsia.settings.Setup", |
| "fuchsia.starnix.runner.Manager", |
| "fuchsia.thermal.ClientStateConnector", |
| "fuchsia.thermal.SensorManager", |
| "fuchsia.time.alarms.WakeAlarms", |
| "fuchsia.tracing.controller.Provisioner", |
| "fuchsia.tracing.perfetto.ProducerConnector", |
| "fuchsia.ultrasound.Factory", |
| "fuchsia.update.CommitStatusProvider", |
| "fuchsia.update.installer.Installer", |
| "fuchsia.web.ContextProvider", |
| "fuchsia.wlan.wlanix.Wlanix", |
| "google.cast.multizone.Leader", |
| "google.device.key.encryptor.DeviceKeyEncryptor", |
| "google.deviceproperty.Reader", |
| "google.deviceproperty.Writer", |
| "google.flashts.Reader", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| protocol: [ |
| "fuchsia.fshost.StarnixVolumeProvider", |
| "fuchsia.pkg.PackageCache", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "optional", |
| }, |
| { |
| // This directory provides access to the subset of block devices which the system is |
| // configured to expose to product components. The configuration is defined in assembly |
| // (storage.filesystems.block_devices). |
| // Specific block devices are exposed as sub-directories by a configurable label; |
| // generally, only sub-directories should be exposed to specific components as needed, |
| // rather than the entire directory. |
| directory: "block", |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via tee-clients.core_shard.cml |
| protocol: [ |
| "fuchsia.castauth.CastCertificateRetriever", |
| "fuchsia.castauth.CastKeySigner", |
| "fuchsia.media.drm.PlayReady", |
| "fuchsia.media.drm.Widevine", |
| "fuchsia.weave.FactoryDataManager", |
| "fuchsia.weave.Provisioner", |
| "fuchsia.weave.Signer", |
| "google.cast.cryptokey.NamedKeyProvider", |
| ], |
| from: "parent/tee-client-capabilities", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via factory_store_providers.core_shard.cml. |
| protocol: [ |
| "fuchsia.factory.AlphaFactoryStoreProvider", |
| "fuchsia.factory.CastCredentialsFactoryStoreProvider", |
| "fuchsia.factory.MiscFactoryStoreProvider", |
| "fuchsia.factory.PlayReadyFactoryStoreProvider", |
| "fuchsia.factory.WeaveFactoryStoreProvider", |
| "fuchsia.factory.WidevineFactoryStoreProvider", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via build_info.core_shard.cml. |
| protocol: [ "fuchsia.buildinfo.Provider" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via codec_factory.core_shard.cml. |
| protocol: [ "fuchsia.mediacodec.CodecFactory" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via wlancfg.core_shard.cml. |
| protocol: [ |
| "fuchsia.wlan.policy.AccessPointProvider", |
| "fuchsia.wlan.policy.ClientProvider", |
| "fuchsia.wlan.product.deprecatedclient.DeprecatedClient", |
| "fuchsia.wlan.product.deprecatedconfiguration.DeprecatedConfigurator", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via memory_pressure_signaler.core_shard.cml. |
| protocol: [ "fuchsia.memorypressure.Provider" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via session_manager.core_shard.cml. |
| protocol: [ |
| "fuchsia.memory.sampler.Sampler", |
| "fuchsia.power.CollaborativeRebootInitiator", |
| "fuchsia.update.channel.Provider", |
| "fuchsia.update.channelcontrol.ChannelControl", |
| "fuchsia.update.Manager", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via emergency.core_shard.cml |
| protocol: [ "fuchsia.location.position.EmergencyProvider" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via bt-a2dp-common.core_shard.cml |
| protocol: [ "fuchsia.bluetooth.a2dp.AudioMode" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via bt-hfp-audio-gateway.core_shard.cml |
| protocol: [ "fuchsia.bluetooth.hfp.Hfp" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via product-specific core shard. |
| protocol: [ |
| "fuchsia.update.config.OptOut", |
| "fuchsia.update.config.OptOutAdmin", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via product-specific core shard. |
| protocol: [ "fuchsia.bluetooth.sys.Bootstrap" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via product-specific core shard. |
| protocol: [ |
| "fuchsia.weave.Bootstrap", |
| "fuchsia.weave.Stack", |
| "fuchsia.weave.StackProvider", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via lowpanservice.core_shard.cml |
| protocol: [ |
| "fuchsia.lowpan.device.CountersConnector", |
| "fuchsia.lowpan.device.DeviceConnector", |
| "fuchsia.lowpan.device.DeviceExtraConnector", |
| "fuchsia.lowpan.device.EnergyScanConnector", |
| "fuchsia.lowpan.DeviceWatcher", |
| "fuchsia.lowpan.thread.CapabilitiesConnector", |
| "fuchsia.lowpan.thread.DatasetConnector", |
| "fuchsia.lowpan.thread.FeatureConnector", |
| "fuchsia.lowpan.thread.MeshcopConnector", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via account.core_shard.cml |
| protocol: [ |
| "fuchsia.identity.account.AccountManager", |
| "fuchsia.identity.account.DeprecatedAccountManager", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via activity.core_shard.cml |
| protocol: [ |
| "fuchsia.ui.activity.control.Control", |
| "fuchsia.ui.activity.Provider", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via ui.core_shard.cml |
| protocol: [ |
| "fuchsia.accessibility.gesture.ListenerRegistry", |
| "fuchsia.accessibility.semantics.SemanticsManager", |
| "fuchsia.accessibility.tts.EngineRegistry", |
| "fuchsia.accessibility.tts.TtsManager", |
| "fuchsia.accessibility.virtualkeyboard.Registry", |
| "fuchsia.element.GraphicalPresenter", |
| "fuchsia.input.interaction.Notifier", |
| "fuchsia.input.virtualkeyboard.ControllerCreator", |
| "fuchsia.input.virtualkeyboard.Manager", |
| "fuchsia.recovery.policy.Device", |
| "fuchsia.recovery.ui.FactoryResetCountdown", |
| "fuchsia.session.scene.Manager", |
| "fuchsia.ui.brightness.ColorAdjustment", |
| "fuchsia.ui.brightness.ColorAdjustmentHandler", |
| "fuchsia.ui.brightness.Control", |
| "fuchsia.ui.composition.Allocator", |
| "fuchsia.ui.composition.Flatland", |
| "fuchsia.ui.composition.internal.ScreenCapture", |
| "fuchsia.ui.composition.ScreenCapture", |
| "fuchsia.ui.composition.Screenshot", |
| "fuchsia.ui.composition.TrustedFlatlandFactory", |
| "fuchsia.ui.display.internal.DisplayPower", |
| "fuchsia.ui.display.singleton.DisplayPower", |
| "fuchsia.ui.display.singleton.Info", |
| "fuchsia.ui.display.singleton.VsyncSource", |
| "fuchsia.ui.focus.FocusChainListenerRegistry", |
| "fuchsia.ui.input.ImeService", |
| "fuchsia.ui.input3.Keyboard", |
| "fuchsia.ui.input3.KeyEventInjector", |
| "fuchsia.ui.keyboard.focus.Controller", |
| "fuchsia.ui.pointerinjector.Registry", |
| "fuchsia.ui.policy.DeviceListenerRegistry", |
| "fuchsia.ui.policy.DisplayBacklight", |
| "fuchsia.ui.views.ViewRefInstalled", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via audio_core |
| protocol: [ |
| "fuchsia.media.ActivityReporter", |
| "fuchsia.media.Audio", |
| "fuchsia.media.audio.EffectsController", |
| "fuchsia.media.AudioCore", |
| "fuchsia.media.AudioDeviceEnumerator", |
| "fuchsia.media.ProfileProvider", |
| "fuchsia.media.tuning.AudioTuner", |
| "fuchsia.media.UsageGainReporter", |
| "fuchsia.media.UsageReporter", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager via audio_device_registry |
| protocol: [ |
| "fuchsia.audio.device.ControlCreator", |
| "fuchsia.audio.device.Provider", |
| "fuchsia.audio.device.Registry", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // Routed to session-manager from core.cml in all products. |
| // i.e. not via a core realm shard. |
| protocol: [ |
| "fuchsia.feedback.CrashReporter", |
| "fuchsia.fonts.Provider", |
| "fuchsia.hardware.power.statecontrol.Admin", |
| "fuchsia.intl.PropertyProvider", |
| "fuchsia.intl.TimeZones", |
| "fuchsia.metrics.MetricEventLoggerFactory", |
| "fuchsia.net.name.Lookup", |
| "fuchsia.posix.socket.Provider", |
| "fuchsia.process.Launcher", |
| "fuchsia.scheduler.RoleManager", |
| "fuchsia.sysmem.Allocator", |
| "fuchsia.sysmem2.Allocator", |
| "fuchsia.tracing.provider.Registry", |
| "fuchsia.vsock.Connector", |
| "fuchsia.vulkan.loader.Loader", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| service: "fuchsia.power.broker.ElementInfoProviderService", |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| dictionary: "driver-services", |
| from: "parent", |
| to: "#session", |
| }, |
| { |
| storage: [ |
| "cache", |
| "data", |
| "tmp", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| directory: [ |
| "config-data", |
| "dev-class-radar", |
| "dev-hrtimer", |
| "dev-input-report", |
| "root-ssl-certificates", |
| |
| // `tzdata-icu` offers /config/tzdata/icu. |
| // `tzdata-icu-44-le` offers /config/tzdata/icu/44/le only. |
| "tzdata-icu", |
| "tzdata-icu-44-le", |
| ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| // TODO(https://fxbug.dev/42057100): These additional `directory` offers to |
| // the `#session` collection are only required by the `terminal` |
| // component. `terminal` is launched as a member of the `elements` |
| // collection of the application shell (a descendent of the |
| // workstation session, which is launched as a member of the |
| // `#session` collection). If/when there is a way to route |
| // capabilities to specific descendents (and specific collection |
| // members), these directories should be routed only to terminal. |
| // |
| // Other (current and future) components launched under the |
| // `#session` collection should not `use` these directories without |
| // first getting a security policy review. |
| directory: [ |
| "bin", |
| "boot-bin", |
| ], |
| from: "parent", |
| to: [ "#session" ], |
| }, |
| { |
| dictionary: [ |
| "diagnostics", |
| "diagnostics-accessors", |
| ], |
| from: "parent", |
| to: "#session", |
| }, |
| { |
| // TODO(https://fxbug.dev/324273348): Remove this capability once the clients have |
| // been migrated to services. The service capability has been added below. |
| directory: [ |
| "dev-backlight", |
| "dev-battery", |
| "dev-gpu", |
| "dev-light", |
| "dev-power-sensor", |
| "dev-temperature", |
| "dev-thermal", |
| "dev-trippoint", |
| ], |
| from: "parent", |
| to: "#session", |
| }, |
| { |
| // TODO(https://fxbug.dev/324273348): Remove this capability once the clients have |
| // been migrated to services. The service capability has been added below. |
| directory: [ "dev-bt-hci" ], |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| |
| // Allow components in the session to restart it (the session). |
| { |
| protocol: "fuchsia.session.Restarter", |
| from: "self", |
| to: "#session", |
| }, |
| |
| // Allow components in the session to take the power lease. |
| { |
| protocol: "fuchsia.session.power.Handoff", |
| from: "self", |
| to: "#session", |
| }, |
| |
| // Window manager configs. |
| { |
| config: [ |
| "fuchsia.session.window.Collection", |
| "fuchsia.session.window.InitialElementUrl", |
| "fuchsia.session.window.InitialViewIdAnnotation", |
| "fuchsia.time.config.WritableUTCTime", |
| "fuchsia.ui.VisualDebuggingLevel", |
| ], |
| from: "parent", |
| to: "#session", |
| }, |
| |
| // Proprietary TEE manager's session capabilitites. |
| { |
| dictionary: "tee_session", |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| { |
| config: "fuchsia.power.cpu.BoostEnabled", |
| from: "parent", |
| to: "#session", |
| availability: "same_as_target", |
| }, |
| ], |
| expose: [ |
| // Served by session_manager. |
| { |
| protocol: [ |
| "fuchsia.session.Launcher", |
| "fuchsia.session.Lifecycle", |
| "fuchsia.session.power.Handoff", |
| "fuchsia.session.Restarter", |
| ], |
| from: "self", |
| }, |
| |
| // Exposed from the session. |
| { |
| protocol: [ |
| "fuchsia.element.GraphicalPresenter", |
| "fuchsia.element.Manager", |
| "fuchsia.session.window.Manager", |
| "fuchsia.web.Debug", |
| ], |
| from: "self", |
| }, |
| ], |
| } |
