NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/thermal_manager.te
jerry-sc.wu aecfc15854 [ALPS04735619] Thermal: add file permission 
[Detail]
Add file permission for thermal manager.

MTK-Commit-Id: f28b99158ef677c1370a0bd92fbff8732756512b

Change-Id: I6c871f828fb0dee9f71254f15fb198889c7a0578
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
CR-Id: ALPS04735619
Feature: Thermal Management
(cherry picked from commit 2a10700b959d147f2db80be8143c2cd6f43ba2a9)
2020-01-18 10:18:30 +08:00

59 lines
2.1 KiB
Plaintext
Raw Blame History

# ==============================================
# Policy File of /system/bin/thermal_manager Executable File
# ==============================================
# Type Declaration
# ==============================================
type thermal_manager_exec , exec_type, file_type, vendor_file_type;
type thermal_manager ,domain;
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(thermal_manager)
allow thermal_manager proc_mtkcooler:dir search;
allow thermal_manager proc_mtktz:dir search;
allow thermal_manager proc_thermal:dir search;
allow thermal_manager proc_mtkcooler:file rw_file_perms;
allow thermal_manager proc_mtktz:file rw_file_perms;
allow thermal_manager proc_thermal:file rw_file_perms;
# Date : WK15.30
# Operation : Migration
# Purpose : Use file_type_auto_trans to specify label to avoid violated(never allow)
allow thermal_manager thermal_manager_data_file:file create_file_perms;
allow thermal_manager thermal_manager_data_file:dir { rw_dir_perms setattr };
allow thermal_manager mediaserver:fd use;
allow thermal_manager mediaserver:fifo_file { read write };
allow thermal_manager mediaserver:tcp_socket { read write };
# Date : WK16.30
# Operation : Migration
# Purpose : Use file_type_auto_trans to specify label to avoid violated(never allow)
allow thermal_manager camera_isp_device:chr_file { read write };
allow thermal_manager cameraserver:fd use;
allow thermal_manager kd_camera_hw_device:chr_file { read write };
allow thermal_manager MTK_SMI_device:chr_file read;
allow thermal_manager property_socket:sock_file write;
allow thermal_manager surfaceflinger:fd use;
allow thermal_manager init:unix_stream_socket connectto;
allow thermal_manager sysfs:file write;
# Date : WK17.12
# Operation : Migration
# Purpose : Allow thermal_manager to notify SPA.
allow thermal_manager mtk_thermal_config_prop:file { getattr open read };
allow thermal_manager mtk_thermal_config_prop:property_service set;
# Date : WK18.18
# Operation : P Migration
# Purpose : Allow thermal_manager to access vendor data file.
allow thermal_manager self:capability { fowner chown };
Reference in New Issue View Git Blame Copy Permalink