diff options
| author | TeYuan Wang <kamewang@google.com> | 2022-01-05 15:22:54 +0800 |
|---|---|---|
| committer | TeYuan Wang <kamewang@google.com> | 2022-01-06 10:09:58 +0800 |
| commit | 95955a39b041fb0ea2d10473b05f1b09017d0b72 (patch) | |
| tree | 0c3f2b3cfe051eb034e69ec645f21766e1a6357c | |
| parent | 11d9a4d2c5266716585c394fbbbd67674b658c5f (diff) | |
| download | pixel-sepolicy-95955a39b041fb0ea2d10473b05f1b09017d0b72.tar.gz | |
thermal: bringup thermal_controld sepolicy rules
Bug: 202805103
Test: switch thermal tj property and check thermal threshold
Change-Id: I351dfd300186a6de8bdcf1edfcb7a461e80670cd
| -rw-r--r-- | thermal/file_contexts | 1 | ||||
| -rw-r--r-- | thermal/pixel-thermal-control.sh.te | 13 |
2 files changed, 14 insertions, 0 deletions
diff --git a/thermal/file_contexts b/thermal/file_contexts index 40e00a9..acd360f 100644 --- a/thermal/file_contexts +++ b/thermal/file_contexts @@ -1,4 +1,5 @@ /vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.pixel u:object_r:hal_thermal_default_exec:s0 /vendor/bin/thermal_logd u:object_r:init-thermal-logging-sh_exec:s0 +/vendor/bin/thermal_controld u:object_r:pixel-thermal-control-sh_exec:s0 /vendor/bin/thermal_symlinks u:object_r:init-thermal-symlinks-sh_exec:s0 /dev/thermal(/.*)? u:object_r:thermal_link_device:s0 diff --git a/thermal/pixel-thermal-control.sh.te b/thermal/pixel-thermal-control.sh.te new file mode 100644 index 0000000..a6430f1 --- /dev/null +++ b/thermal/pixel-thermal-control.sh.te @@ -0,0 +1,13 @@ +type pixel-thermal-control-sh, domain; +type pixel-thermal-control-sh_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(pixel-thermal-control-sh) + +userdebug_or_eng(` + allow pixel-thermal-control-sh vendor_toolbox_exec:file execute_no_trans; + allow pixel-thermal-control-sh sysfs_thermal:dir r_dir_perms; + allow pixel-thermal-control-sh sysfs_thermal:file rw_file_perms; + allow pixel-thermal-control-sh sysfs_thermal:lnk_file r_file_perms; + allow pixel-thermal-control-sh thermal_link_device:dir r_dir_perms; + get_prop(pixel-thermal-control-sh, vendor_thermal_prop) +') |