[ALPS05003224] thermal hal service sepolicy

add sepolicy for thermal hal 2.0 service

Change-Id: Id6cbab5e82ceb415febe76e0ed16b930ec4a8b47
CR-Id: ALPS05003224
Feature: Thermal Management

2 files changed, 9 insertions, 0 deletions

diff --git a/non_plat/file_contexts b/non_plat/file_contexts
index d3618b8..051b949 100644
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@@ -537,6 +537,7 @@
 /(system\/vendor|vendor)/bin/slpd u:object_r:slpd_exec:s0
 /(system\/vendor|vendor)/bin/thermal_manager u:object_r:thermal_manager_exec:s0
 /(system\/vendor|vendor)/bin/thermalloadalgod u:object_r:thermalloadalgod_exec:s0
+/(system\/vendor|vendor)/bin/hw/android\.hardware\.thermal@2\.0-service\.mtk  u:object_r:hal_thermal_default_exec:s0
 /(system\/vendor|vendor)/bin/lbs_hidl_service u:object_r:lbs_hidl_service_exec:s0
 /(system\/vendor|vendor)/bin/meta_tst u:object_r:meta_tst_exec:s0
 /(system\/vendor|vendor)/bin/kisd u:object_r:kisd_exec:s0
diff --git a/non_plat/hal_thermal_default.te b/non_plat/hal_thermal_default.te
index 2a648fb..50e069c 100644
--- a/non_plat/hal_thermal_default.te
+++ b/non_plat/hal_thermal_default.te
@@ -6,3 +6,11 @@
 allow hal_thermal_default proc_mtktz:dir search;
 allow hal_thermal_default proc_mtktz:file {open read getattr};
 allow hal_thermal_default proc_stat:file {open read getattr };
+
+#for uevent handle
+allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+#for thermal sysfs
+allow hal_thermal_default sysfs_therm:file w_file_perms;
+allow hal_thermal_default sysfs_therm:file r_file_perms;
+allow hal_thermal_default sysfs_therm:dir search;
\ No newline at end of file