From a17f9fcea7bb3f1e13c51a956e7968fe4b8cbda4 Mon Sep 17 00:00:00 2001 From: Demon000 Date: Thu, 5 Dec 2019 04:17:15 +0100 Subject: [PATCH] davinci: sepolicy: Create mi_thermald sepolicy Change-Id: I0848568bd68c51a981273ead7e103703ff31393f --- sepolicy/vendor/file_contexts | 4 ++++ sepolicy/vendor/mi_thermald.te | 38 +++++++++++++++++++++++++++++++ sepolicy/vendor/property_contexts | 3 +++ 3 files changed, 45 insertions(+) create mode 100644 sepolicy/vendor/mi_thermald.te diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 28a7ac8..00bbbee 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -21,3 +21,7 @@ # WiFi /vendor/bin/nv_mac u:object_r:wcnss_service_exec:s0 + +# Xiaomi thermal daemon +/vendor/bin/mi_thermald u:object_r:mi_thermald_exec:s0 +/data/vendor/thermal(/.*)? u:object_r:thermal_data_file:s0 diff --git a/sepolicy/vendor/mi_thermald.te b/sepolicy/vendor/mi_thermald.te new file mode 100644 index 0000000..0fb5422 --- /dev/null +++ b/sepolicy/vendor/mi_thermald.te @@ -0,0 +1,38 @@ +type mi_thermald, domain; +type mi_thermald_exec, exec_type, vendor_file_type, file_type; + +type thermal_normal_prop, property_type; +type thermal_data_file, data_file_type, file_type; + +init_daemon_domain(mi_thermald) + +set_prop(mi_thermald, thermal_normal_prop) + +allow mi_thermald thermal_data_file:dir rw_dir_perms; +allow mi_thermald thermal_data_file:file create_file_perms; + +allow mi_thermald self:capability { fsetid sys_boot }; +allow mi_thermald mi_thermald:capability { chown fowner }; +allow mi_thermald mi_thermald:capability2 { wake_alarm block_suspend }; + +allow mi_thermald sysfs_devices_system_cpu:file rw_file_perms; + +r_dir_file(mi_thermald, sysfs_thermal) +allow mi_thermald sysfs_thermal:file w_file_perms; + +r_dir_file(mi_thermald, sysfs) +allow mi_thermald sysfs:file w_file_perms; + +r_dir_file(mi_thermald, sysfs_leds) + +allow mi_thermald sysfs_kgsl:dir r_dir_perms; +allow mi_thermald sysfs_kgsl:file rw_file_perms; +allow mi_thermald sysfs_kgsl:lnk_file r_file_perms; + +allow mi_thermald sysfs_battery_supply:dir r_dir_perms; +allow mi_thermald sysfs_battery_supply:file rw_file_perms; +allow mi_thermald sysfs_battery_supply:lnk_file r_file_perms; + +allow mi_thermald sysfs_graphics:dir r_dir_perms; +allow mi_thermald sysfs_graphics:file rw_file_perms; +allow mi_thermald sysfs_graphics:lnk_file r_file_perms; diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts index e043ea7..9c77033 100644 --- a/sepolicy/vendor/property_contexts +++ b/sepolicy/vendor/property_contexts @@ -14,3 +14,6 @@ ro.boot.fpsensor u:object_r:vendor_fp_prop:s0 ro.hardware.fp u:object_r:vendor_fp_prop:s0 sys.panel.display u:object_r:vendor_fp_prop:s0 vendor.fps_hal. u:object_r:vendor_fp_prop:s0 + +# Xiaomi thermal daemon +sys.thermal. u:object_r:thermal_normal_prop:s0