From 54f06d5d7cb06356a8a6706df9059626afd161e9 Mon Sep 17 00:00:00 2001 From: Aayush Gupta Date: Mon, 28 Dec 2020 16:24:31 +0530 Subject: [PATCH] non_plat: Label thermal binary and grant required perms Thermal binary is used to load, throttle, manage thermal profiles on MediaTek devices. Label it and grant required permissions for it to operate without any issues. Test: Boot and notice thermal has now a proper domain and works without an issues Signed-off-by: Aayush Gupta Change-Id: Ibbc7e0ce907cd5eedd7826c658e7ef9c2d7a907d --- non_plat/file_contexts | 3 +++ non_plat/thermal.te | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 non_plat/thermal.te diff --git a/non_plat/file_contexts b/non_plat/file_contexts index 6f77b25..a0f7234 100644 --- a/non_plat/file_contexts +++ b/non_plat/file_contexts @@ -688,3 +688,6 @@ # Camera data files /data/vendor/camera(/.*)? u:object_r:camera_vendor_data_file:s0 + +# Thermal +/(system\/vendor|vendor)/bin/thermal u:object_r:thermal_exec:s0 diff --git a/non_plat/thermal.te b/non_plat/thermal.te new file mode 100644 index 0000000..0e20163 --- /dev/null +++ b/non_plat/thermal.te @@ -0,0 +1,23 @@ +type thermal_exec , exec_type, file_type, vendor_file_type; +type thermal ,domain; + +init_daemon_domain(thermal) +net_domain(thermal) + +allow thermal mtkrild:unix_stream_socket connectto; +allow thermal proc_thermal:dir search; +allow thermal proc_thermal:file { read write open }; +allow thermal rild_oem_socket:sock_file write; +allow thermal netd_socket:sock_file write; +allow thermal netd:unix_stream_socket connectto; +allow thermal self:udp_socket create; +allow thermal self:udp_socket ioctl; +allow thermal rpc_socket:sock_file write; +allow thermal rild:unix_stream_socket connectto; +allow thermal thermal_manager_data_file:file rw_file_perms; +allow thermal thermalloadalgod:unix_stream_socket connectto; +allow thermal proc_mtkcooler:dir search; + +set_prop(thermal ,mtk_thermal_config_prop) + +vndbinder_use(thermal);