NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS03867358] Thermal: P Migration

Browse Source 
[Detail]
In Android P, the main restriction is system and vendor cant
communicate with on-desk files.

[Solution]
1.Move thermal setting file to vendor.
2.Remove selinux violation policy.
3.Add thermal manager access vendor data file policy.

MTK-Commit-Id: e579309fd163aa58f632784ce9d594d09e673096

Change-Id: Ibdec1e275eccfbbbd697c413e70a57705e643817
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
This commit is contained in:
jerry-sc.wu 2020-01-18 09:42:39 +08:00 committed by Jerry-SC Wu
parent 664c95ece8
commit cbd89e878c
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
non_plat/thermal_manager.te
View File

@ -18,14 +18,12 @@ allow thermal_manager proc_thermal:dir search;
allow thermal_manager proc_mtkcooler:file rw_file_perms; allow thermal_manager proc_mtkcooler:file rw_file_perms;
allow thermal_manager proc_mtktz:file rw_file_perms; allow thermal_manager proc_mtktz:file rw_file_perms;
allow thermal_manager proc_thermal:file rw_file_perms; allow thermal_manager proc_thermal:file rw_file_perms;
typeattribute thermal_manager data_between_core_and_vendor_violators;
allow thermal_manager system_data_file:dir { write add_name };
#allow thermal_manager self:capability { fowner chown fsetid dac_override };
# Date : WK15.30 # Date : WK15.30
# Operation : Migration # Operation : Migration
# Purpose : Use file_type_auto_trans to specify label to avoid violated(never allow) # Purpose : Use file_type_auto_trans to specify label to avoid violated(never allow)
#allow thermal_manager thermal_manager_data_file:file { create write read open setattr write lock}; allow thermal_manager thermal_manager_data_file:file { create write read open setattr write lock};
allow thermal_manager thermal_manager_data_file:dir { rw_dir_perms setattr }; allow thermal_manager thermal_manager_data_file:dir { rw_dir_perms setattr };
allow thermal_manager mediaserver:fd use; allow thermal_manager mediaserver:fd use;
@ -50,3 +48,8 @@ allow thermal_manager sysfs:file write;
# Purpose : Allow thermal_manager to notify SPA. # Purpose : Allow thermal_manager to notify SPA.
allow thermal_manager mtk_thermal_config_prop:file { getattr open read }; allow thermal_manager mtk_thermal_config_prop:file { getattr open read };
allow thermal_manager mtk_thermal_config_prop:property_service set; allow thermal_manager mtk_thermal_config_prop:property_service set;
# Date : WK18.18
# Operation : P Migration
# Purpose : Allow thermal_manager to access vendor data file.
allow thermal_manager vendor_data_file:dir { write add_name };

6
non_plat/thermalloadalgod.te
View File

@ -11,7 +11,11 @@ type thermalloadalgod_exec , exec_type, file_type, vendor_file_type;
# MTK Policy Rule # MTK Policy Rule
# ============================================== # ==============================================
init_daemon_domain(thermalloadalgod) init_daemon_domain(thermalloadalgod)
file_type_auto_trans(thermal_manager, system_data_file, thermal_manager_data_file)
# Date : WK18.18
# Operation : P Migration
# Purpose : Allow thermal_manager to access vendor data file.
file_type_auto_trans(thermal_manager, vendor_data_file, thermal_manager_data_file)
# Data : WK14.43 # Data : WK14.43