systemd: allow non-root access to system dma-heap device

Non-root services such as camera-service and gstd cannot access
/dev/dma_heap/system because the device is created with restrictive
default permissions. This prevents these services from allocating
dma-heap buffers unless they run as root, which is undesirable.

To address this, introduce a dedicated 'dmaheap' system group and
provide a udev rule that assigns /dev/dma_heap/system to this group
with mode 0660. Services that require access can be assigned to this
group, allowing them to use the system dma-heap device without
requiring root privileges.

Signed-off-by: Murali Krishna Bellamkonda <murabell@qti.qualcomm.com>

Author: muralibell

recipes-core/systemd/systemd/99-dma-heap.rules

@@ -0,0 +1,2 @@
+# Assign /dev/dma_heap/system to the dmaheap group
+SUBSYSTEM=="dma_heap", KERNEL=="system", GROUP="dmaheap", MODE="0660"

recipes-core/systemd/systemd_%.bbappend

@@ -0,0 +1,15 @@
+FILESEXTRAPATHS:prepend:qcom := "${THISDIR}/${PN}:"
+
+SRC_URI:append:qcom = " file://99-dma-heap.rules"
+
+# Create a group dmaheap and add this group to /dev/dma_heap/system through
+# dma-heap rules.
+GROUPADD_PARAM:udev:append:qcom = "; -r dmaheap"
+
+do_install:append:qcom() {
+    install -d ${D}${nonarch_libdir}/udev/rules.d
+    install -m 0644 ${UNPACKDIR}/99-dma-heap.rules \
+        ${D}${nonarch_libdir}/udev/rules.d/
+}
+
+FILES:${PN}-udev-rules:append:qcom = " ${nonarch_libdir}/udev/rules.d/99-dma-heap.rules"