legacy-common/perfd.te

type perfd, domain;
type perfd_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(perfd)

allow perfd self:capability { fsetid kill };

allow perfd {
    sysfs_devices_system_cpu
    sysfs_cpu_online
    sysfs_scsi_host
    proc
    sysfs
}:file rw_file_perms;

# Allow access to devfreq sysfs entry
r_dir_file(perfd, sysfs_devfreq)
allow perfd sysfs_devfreq:file write;

# Allow access to msm_perf sysfs entry
r_dir_file(perfd, sysfs_msm_perf)
allow perfd sysfs_msm_perf:file write;

# Allow access to msm_power sysfs entry
r_dir_file(perfd, sysfs_msm_power)
allow perfd sysfs_msm_power:file write;

# Allow access to lib sysfs entry
allow perfd sysfs_lib:file w_file_perms;

# Allow access to kgsl sysfs entry
r_dir_file(perfd, sysfs_kgsl)
allow perfd sysfs_kgsl:file write;

# Allow access to thermal sysfs entry
allow perfd sysfs_thermal:dir search;
allow perfd sysfs_thermal:file w_file_perms;

# mpctl socket
allow perfd mpctl_socket:dir rw_dir_perms;
allow perfd mpctl_socket:sock_file create_file_perms;

# default_values file
allow perfd mpctl_data_file:dir rw_dir_perms;
allow perfd mpctl_data_file:file create_file_perms;

# Thermal lib access
unix_socket_connect(perfd, thermal, thermal-engine)

# Allow perfd to check for existence of other processes
allow perfd domain:process signull;

# Allow perfd to set properties
set_prop(perfd, freq_prop)

allow perfd cgroup:file r_file_perms;
allow perfd sysfs:dir r_dir_perms;

r_dir_file(perfd, hal_power_default)