sepolicy: add support for limits-cdsp sepolicy context

Add limits_block_device file contexts for limits partitions
and allow thermal-engine to access this partition.

Add lmh-cdsp sysfs file to sysfs_thermal file context.

Change-Id: I9c18c9d862f5e99ca36cb8c38acd98ac4f152ebf

5 files changed, 20 insertions, 0 deletions

diff --git a/generic/vendor/common/device.te b/generic/vendor/common/device.te
index e9ab593b..124a9594 100644
--- a/generic/vendor/common/device.te
+++ b/generic/vendor/common/device.te
@@ -39,6 +39,7 @@ type hbtp_device, dev_type;
 type hvdcp_device, dev_type;
 type ipa_dev, dev_type;
 type latency_device, dev_type;
+type limits_block_device, dev_type;
 type modem_block_device, dev_type;
 type modem_efs_partition_device, dev_type;
 type mdtp_device, dev_type;
diff --git a/generic/vendor/common/file_contexts b/generic/vendor/common/file_contexts
index 4f8addb7..8d4a3e63 100644
--- a/generic/vendor/common/file_contexts
+++ b/generic/vendor/common/file_contexts
@@ -474,3 +474,6 @@
 /(vendor|system/vendor)/bin/init\.qcom\.wifi\.sh        u:object_r:qti_init_shell_exec:s0
 /(vendor|system/vendor)/bin/init\.qti\.ims\.sh          u:object_r:init-qti-ims-sh_exec:s0
 /(vendor|system/vendor)/bin/qca6234-service.sh          u:object_r:qti_init_shell_exec:s0
+
+#Limits sysfs node
+/sys/module/msm_isense_cdsp/data                        u:object_r:sysfs_thermal:s0
diff --git a/generic/vendor/common/thermal-engine.te b/generic/vendor/common/thermal-engine.te
index 786812ab..aeea5272 100644
--- a/generic/vendor/common/thermal-engine.te
+++ b/generic/vendor/common/thermal-engine.te
@@ -101,3 +101,7 @@ allow thermal-engine ion_device:chr_file r_file_perms;
 allow thermal-engine sysfs_devfreq:dir r_dir_perms;
 allow thermal-engine sysfs_devfreq:file r_file_perms;
 allow thermal-engine sysfs_devfreq:lnk_file r_file_perms;
+
+#This is required to write into limits-cdsp partition
+allow thermal-engine block_device:dir r_dir_perms;
+allow thermal-engine limits_block_device:blk_file rw_file_perms;
diff --git a/generic/vendor/kona/file_contexts b/generic/vendor/kona/file_contexts
index f5eb09f3..cc0689cc 100644
--- a/generic/vendor/kona/file_contexts
+++ b/generic/vendor/kona/file_contexts
@@ -100,3 +100,7 @@
 # Same process file
 /vendor/lib(64)?/hw/gralloc\.kona\.so                               u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/hw/vulkan\.kona\.so                                u:object_r:same_process_hal_file:s0
+
+# limits Partitions
+/dev/block/platform/soc/1d84000.ufshc/by-name/limits                u:object_r:limits_block_device:s0
+/dev/block/platform/soc/1d84000.ufshc/by-name/limits-cdsp           u:object_r:limits_block_device:s0
diff --git a/qva/vendor/lito/file_contexts b/qva/vendor/lito/file_contexts
index e63d855b..44ece1a3 100644
--- a/qva/vendor/lito/file_contexts
+++ b/qva/vendor/lito/file_contexts
@@ -95,6 +95,10 @@
 # Block devices for the drive that holds the xbl_a and xbl_b partitions.
 /dev/block/platform/soc/1d84000.ufshc/sd[bc]                 u:object_r:xbl_block_device:s0
 
+# limits Partitions
+/dev/block/platform/soc/1d84000.ufshc/by-name/limits            u:object_r:limits_block_device:s0
+/dev/block/platform/soc/1d84000.ufshc/by-name/limits-cdsp       u:object_r:limits_block_device:s0
+
 ##################################
 # non-hlos mount points
 /firmware                  u:object_r:firmware_file:s0
@@ -160,6 +164,10 @@
 #rawdump partition
 /dev/block/platform/soc/7c4000.sdhci/by-name/rawdump                            u:object_r:rawdump_block_device:s0
 
+# limits Partitions
+/dev/block/platform/soc/7c4000.sdhci/by-name/limits                             u:object_r:limits_block_device:s0
+/dev/block/platform/soc/7c4000.sdhci/by-name/limits-cdsp                        u:object_r:limits_block_device:s0
+
 # FBE
 /(vendor|system/vendor)/bin/init.qti.qseecomd.sh                                u:object_r:init-qti-fbe-sh_exec:s0
 /(vendor|system/vendor)/bin/init\.qti\.can\.sh                                  u:object_r:qti_init_shell_exec:s0