| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 1 | # Thermal-engine daemon |
| Biswajit Paul | 6786a92 | 2017-03-16 11:53:53 -0700 | [diff] [blame] | 2 | type thermal-engine, domain; |
| Ravi Kumar Siddojigari | c7def12 | 2017-06-13 00:49:19 +0530 | [diff] [blame] | 3 | type thermal-engine_exec, exec_type, vendor_file_type, file_type; |
| Shiju Mathew | 30dea98 | 2014-04-11 11:51:53 -0400 | [diff] [blame] | 4 | |
| 5 | # Started by init |
| 6 | init_daemon_domain(thermal-engine) |
| 7 | |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 8 | # Allow to read and write cpufreq sysfs |
| 9 | allow thermal-engine sysfs_devices_system_cpu:file rw_file_perms; |
| 10 | |
| 11 | # This is to access thermal query device and smem log device |
| 12 | allow thermal-engine { thermal_device smem_log_device }:chr_file rw_file_perms; |
| 13 | |
| 14 | allow thermal-engine self:capability { |
| 15 | dac_read_search |
| 16 | dac_override |
| 17 | fsetid |
| 18 | sys_boot |
| 19 | }; |
| 20 | |
| Biswajit Paul | f63bd14 | 2017-03-16 16:41:02 -0700 | [diff] [blame] | 21 | allow thermal-engine self:socket create_socket_perms; |
| 22 | # ioctlcmd=c304 |
| 23 | allowxperm thermal-engine self:socket ioctl msm_sock_ipc_ioctls; |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 24 | |
| 25 | # This is required to access thermal sockets |
| Shiju Mathew | 990d746 | 2014-12-03 18:57:59 -0500 | [diff] [blame] | 26 | allow thermal-engine thermal_socket:dir w_dir_perms; |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 27 | allow thermal-engine thermal_socket:sock_file create_file_perms; |
| Shiju Mathew | 990d746 | 2014-12-03 18:57:59 -0500 | [diff] [blame] | 28 | allow thermal-engine socket_device:dir w_dir_perms; |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 29 | |
| 30 | # This is required for thermal sysfs access |
| 31 | r_dir_file(thermal-engine, sysfs_thermal) |
| 32 | allow thermal-engine { sysfs_thermal sysfs }:file w_file_perms; |
| 33 | |
| 34 | # This is required for qmi access |
| Biswajit Paul | 64f83f6 | 2014-10-13 14:36:16 -0700 | [diff] [blame] | 35 | qmux_socket(thermal-engine); |
| Biswajit Paul | 977e506 | 2014-10-14 20:34:55 -0700 | [diff] [blame] | 36 | allow thermal-engine sysfs_mpdecision:file rw_file_perms; |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 37 | |
| Avijit Kanti Das | d01b3b3 | 2014-10-21 10:30:09 -0700 | [diff] [blame] | 38 | r_dir_file(thermal-engine, sysfs_ssr); |
| Biswajit Paul | f63bd14 | 2017-03-16 16:41:02 -0700 | [diff] [blame] | 39 | r_dir_file(thermal-engine, sysfs) |
| 40 | r_dir_file(thermal-engine, sysfs_leds) |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 41 | |
| 42 | # This is required for wake alarm access |
| Shiju Mathew | 82e497f | 2015-01-20 14:18:16 -0500 | [diff] [blame] | 43 | allow thermal-engine self:capability2 wake_alarm; |
| Avijit Kanti Das | 441bad4 | 2015-05-12 14:07:41 -0700 | [diff] [blame] | 44 | |
| Biswajit Paul | 28439f9 | 2015-07-15 13:28:27 -0700 | [diff] [blame] | 45 | #This is to allow access to uio device |
| 46 | allow thermal-engine uio_device:chr_file rw_file_perms; |
| Biswajit Paul | 277acbb | 2016-07-20 12:02:14 -0700 | [diff] [blame] | 47 | |
| 48 | userdebug_or_eng(` |
| 49 | diag_use(thermal-engine) |
| 50 | ') |
| Ram Chandrasekar | 3b6ed5d | 2017-04-25 16:47:39 -0600 | [diff] [blame] | 51 | |
| Manaf Meethalavalappu Pallikunhi | 0d88423 | 2017-07-17 23:40:20 +0530 | [diff] [blame] | 52 | # To search, read and write kgsl sysfs |
| 53 | allow thermal-engine sysfs_kgsl:dir r_dir_perms; |
| 54 | allow thermal-engine sysfs_kgsl:file rw_file_perms; |
| 55 | allow thermal-engine sysfs_kgsl:lnk_file r_file_perms; |
| 56 | |
| Sunmeet Gill | 575d249 | 2017-05-22 19:03:52 -0700 | [diff] [blame] | 57 | allow thermal-engine sysfs_data:file r_file_perms; |
| Ram Chandrasekar | 3b6ed5d | 2017-04-25 16:47:39 -0600 | [diff] [blame] | 58 | |
| 59 | # netlink access |
| 60 | allow thermal-engine self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; |
| Manaf Meethalavalappu Pallikunhi | 0d88423 | 2017-07-17 23:40:20 +0530 | [diff] [blame] | 61 | |
| 62 | # This is required read and write battery power supply sysfs |
| 63 | allow thermal-engine sysfs_battery_supply:dir r_dir_perms; |
| 64 | allow thermal-engine sysfs_battery_supply:file rw_file_perms; |
| 65 | allow thermal-engine sysfs_battery_supply:lnk_file r_file_perms; |
| 66 | |
| 67 | # This is required to read and write lcd-backlight sysfs |
| 68 | allow thermal-engine sysfs_graphics:dir r_dir_perms; |
| 69 | allow thermal-engine sysfs_graphics:file rw_file_perms; |
| 70 | allow thermal-engine sysfs_graphics:lnk_file r_file_perms; |
| Rashed Abdel-Tawab | b1ebb77 | 2018-01-26 16:39:23 -0800 | [diff] [blame] | 71 | |
| 72 | r_dir_file(thermal-engine, sysfs_uio) |
| 73 | r_dir_file(thermal-engine, sysfs_uio_file) |