blob: ff35984b763eae77daa89a282c5616dbb76c74b5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# thermal-engine daemon
type thermal-engine, domain;
type thermal-engine_exec, exec_type, file_type;
# Started by init
init_daemon_domain(thermal-engine)
#============= thermal-engine ==============
#This is to access thermal query device
allow thermal-engine thermal_device:chr_file rw_file_perms;
#This is required to access smem log device
allow thermal-engine smem_log_device:chr_file rw_file_perms;
allow thermal-engine self:capability { dac_read_search dac_override fsetid chown };
allow thermal-engine self:socket create_socket_perms;
#This is required to access thermal sockets
allow thermal-engine thermal_socket:dir w_dir_perms;
allow thermal-engine thermal_socket:sock_file { create setattr open read write unlink };
#This is required for thermal sysfs access
allow thermal-engine sysfs_thermal:dir r_dir_perms;
allow thermal-engine sysfs_thermal:file rw_file_perms;
allow thermal-engine sysfs_thermal:lnk_file read;
allow thermal-engine sysfs:file write;
#This is required for qmi access
qmux_socket(thermal-engine);
allow thermal-engine sysfs_mpdecision:file rw_file_perms;
r_dir_file(thermal-engine, sysfs_ssr);
#Label the thermal sockets correctly
type_transition thermal-engine socket_device:sock_file thermal_socket;
#Allow creation of the sockets in the socket dir
allow thermal-engine socket_device:dir { write add_name remove_name };
|
