From 168dfe22c0a85d399444bda21b92b95fb3af2aa3 Mon Sep 17 00:00:00 2001
From: Vaisakh Murali <mvaisakh@statixos.com>
Date: Wed, 5 Oct 2022 20:43:23 +0100
Subject: [PATCH] sepolicy: Initial sepolicy for power-libperfmgr

Change-Id: Id2f47056b9e25e3663281b4cbe210e7715969d9d
---
 basic/non_plat/file_contexts        | 1 +
 basic/non_plat/hal_power_default.te | 4 ++++
 basic/non_plat/property.te          | 1 +
 basic/non_plat/property_contexts    | 3 +++
 basic/non_plat/vendor_init.te       | 3 +++
 5 files changed, 12 insertions(+)
 create mode 100644 basic/non_plat/hal_power_default.te

diff --git a/basic/non_plat/file_contexts b/basic/non_plat/file_contexts
index fee8755..8370596 100644
--- a/basic/non_plat/file_contexts
+++ b/basic/non_plat/file_contexts
@@ -986,4 +986,5 @@
 /dev/ccci_vts u:object_r:ccci_vts_device:s0
 
 # Power
+/(vendor|system/vendor)/bin/hw/android\.hardware\.power-service\.mediatek-libperfmgr      u:object_r:hal_power_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.mediatek\.hardware\.mtkpower@1\.2-service\.stub    u:object_r:mtk_hal_power_exec:s0
diff --git a/basic/non_plat/hal_power_default.te b/basic/non_plat/hal_power_default.te
new file mode 100644
index 0000000..7012ba4
--- /dev/null
+++ b/basic/non_plat/hal_power_default.te
@@ -0,0 +1,4 @@
+allow hal_power_default proc_perfmgr:dir search;
+allow hal_power_default proc_perfmgr:file rw_file_perms;
+
+set_prop(hal_power_default, vendor_power_prop)
diff --git a/basic/non_plat/property.te b/basic/non_plat/property.te
index 09e42d1..70fe1e1 100644
--- a/basic/non_plat/property.te
+++ b/basic/non_plat/property.te
@@ -25,6 +25,7 @@ vendor_internal_prop(vendor_mtk_wfc_serv_prop)
 vendor_internal_prop(vendor_mtk_factory_prop)
 vendor_internal_prop(vendor_mtk_factory_start_prop)
 vendor_internal_prop(vendor_mtk_eara_io_prop)
+vendor_internal_prop(vendor_power_prop)
 
 # Properties which can't be written outside vendor
 vendor_restricted_prop(vendor_mtk_aal_ro_prop)
diff --git a/basic/non_plat/property_contexts b/basic/non_plat/property_contexts
index 4db69c1..72bafdd 100644
--- a/basic/non_plat/property_contexts
+++ b/basic/non_plat/property_contexts
@@ -406,3 +406,6 @@ persist.vendor.xfrm_support u:object_r:vendor_mtk_xfrm_support_prop:s0
 mtk.vendor.omx.core.log         u:object_r:vendor_mtk_omx_core_prop:s0
 ro.mtk_crossmount_support       u:object_r:vendor_mtk_crossmount_prop:s0
 ro.mtk_deinterlace_support      u:object_r:vendor_mtk_deinterlace_prop:s0
+
+# Power
+vendor.mediatek.powerhal.    u:object_r:vendor_power_prop:s0
diff --git a/basic/non_plat/vendor_init.te b/basic/non_plat/vendor_init.te
index 944299b..d8dcb08 100644
--- a/basic/non_plat/vendor_init.te
+++ b/basic/non_plat/vendor_init.te
@@ -162,3 +162,6 @@ set_prop(vendor_init, vendor_mtk_neuropilot_flag_prop)
 # Purpose: for non-5G GKI platform
 set_prop(vendor_init, vendor_mtk_mdrsra_v2_support_prop)
 set_prop(vendor_init, vendor_mtk_xfrm_support_prop)
+
+# Power
+set_prop(vendor_init, vendor_power_prop)