diff options
| author | LuK1337 <priv.luk@gmail.com> | 2018-02-28 09:58:11 +0000 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2018-04-20 18:50:25 +0300 |
| commit | 443c0d84afb214207d28a8eb36942ed77eadadd1 (patch) | |
| tree | 97030360c4f29ad876bb500318530020d7702865 | |
| parent | c51e127991a0f62dd96af0490a0ffbadd2c0c33d (diff) | |
| download | android_device_qcom_sepolicy-443c0d84afb214207d28a8eb36942ed77eadadd1.tar.gz android_device_qcom_sepolicy-443c0d84afb214207d28a8eb36942ed77eadadd1.tar.bz2 android_device_qcom_sepolicy-443c0d84afb214207d28a8eb36942ed77eadadd1.zip | |
legacy: Address perfd denials
Change-Id: If569ce1cb560a19123b1b7bfae5e10e653825f35
| -rw-r--r-- | legacy-common/hal_audio_default.te | 1 | ||||
| -rw-r--r-- | legacy-common/hal_camera_default.te | 1 | ||||
| -rw-r--r-- | legacy-common/perfd.te | 8 |
3 files changed, 10 insertions, 0 deletions
diff --git a/legacy-common/hal_audio_default.te b/legacy-common/hal_audio_default.te new file mode 100644 index 00000000..ecb0204c --- /dev/null +++ b/legacy-common/hal_audio_default.te @@ -0,0 +1 @@ +allow hal_audio_default mpctl_socket:dir search; diff --git a/legacy-common/hal_camera_default.te b/legacy-common/hal_camera_default.te new file mode 100644 index 00000000..670d8bcc --- /dev/null +++ b/legacy-common/hal_camera_default.te @@ -0,0 +1 @@ +allow hal_camera_default mpctl_socket:dir search; diff --git a/legacy-common/perfd.te b/legacy-common/perfd.te index 5595fffa..0d2bed10 100644 --- a/legacy-common/perfd.te +++ b/legacy-common/perfd.te @@ -3,6 +3,8 @@ type perfd_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(perfd) +allow perfd self:capability fsetid; + allow perfd { sysfs_devices_system_cpu sysfs_cpu_online @@ -30,6 +32,10 @@ allow perfd sysfs_lib:file w_file_perms; r_dir_file(perfd, sysfs_kgsl) allow perfd sysfs_kgsl:file write; +# Allow access to thermal sysfs entry +allow perfd sysfs_thermal:dir search; +allow perfd sysfs_thermal:file w_file_perms; + # mpctl socket allow perfd mpctl_socket:dir rw_dir_perms; allow perfd mpctl_socket:sock_file create_file_perms; @@ -46,3 +52,5 @@ set_prop(perfd, freq_prop) allow perfd cgroup:file r_file_perms; allow perfd sysfs:dir r_dir_perms; + +r_dir_file(perfd, hal_power_default) |