From 97d3a8c84177c7b3886096d83ebae96b5d712aab Mon Sep 17 00:00:00 2001 From: henry huang Date: Tue, 10 Mar 2020 10:21:01 +0800 Subject: [ALPS05003224] thermal hal service sepolicy add sepolicy for thermal hal 2.0 service Change-Id: Id6cbab5e82ceb415febe76e0ed16b930ec4a8b47 CR-Id: ALPS05003224 Feature: Thermal Management --- non_plat/file_contexts | 1 + non_plat/hal_thermal_default.te | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/non_plat/file_contexts b/non_plat/file_contexts index d3618b8..051b949 100644 --- a/non_plat/file_contexts +++ b/non_plat/file_contexts @@ -537,6 +537,7 @@ /(system\/vendor|vendor)/bin/slpd u:object_r:slpd_exec:s0 /(system\/vendor|vendor)/bin/thermal_manager u:object_r:thermal_manager_exec:s0 /(system\/vendor|vendor)/bin/thermalloadalgod u:object_r:thermalloadalgod_exec:s0 +/(system\/vendor|vendor)/bin/hw/android\.hardware\.thermal@2\.0-service\.mtk u:object_r:hal_thermal_default_exec:s0 /(system\/vendor|vendor)/bin/lbs_hidl_service u:object_r:lbs_hidl_service_exec:s0 /(system\/vendor|vendor)/bin/meta_tst u:object_r:meta_tst_exec:s0 /(system\/vendor|vendor)/bin/kisd u:object_r:kisd_exec:s0 diff --git a/non_plat/hal_thermal_default.te b/non_plat/hal_thermal_default.te index 2a648fb..50e069c 100644 --- a/non_plat/hal_thermal_default.te +++ b/non_plat/hal_thermal_default.te @@ -6,3 +6,11 @@ allow hal_thermal_default proc_mtktz:dir search; allow hal_thermal_default proc_mtktz:file {open read getattr}; allow hal_thermal_default proc_stat:file {open read getattr }; + +#for uevent handle +allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; + +#for thermal sysfs +allow hal_thermal_default sysfs_therm:file w_file_perms; +allow hal_thermal_default sysfs_therm:file r_file_perms; +allow hal_thermal_default sysfs_therm:dir search; \ No newline at end of file -- cgit v1.2.3