5183d7fb36
Energy aware feature control is previously done through debugfs,
which will be deprecated, so move the control to sysctl. Added
permisson for it, and removed the one unused.
[ 1.460128] audit: type=1400 audit(2753763.033:8): avc: denied { write } for pid=537 comm="init" name="energy_aware" dev="proc" ino=21663 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0
10-05 16:49:18.933 820 820 W NodeLooperThrea: type=1400 audit(0.0:1097): avc: denied { write } for name="energy_aware" dev="proc" ino=66567 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0
10-05 17:00:15.726 822 822 W NodeLooperThrea: type=1400 audit(0.0:262): avc: denied { open } for path="/proc/sys/kernel/energy_aware" dev="proc" ino=51228 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0
Bug: 141333728
Test: function works as expected
Change-Id: I2b4eda73bfa34824244e21d804b48eee49a71eae
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
18 lines
608 B
Text
18 lines
608 B
Text
typeattribute vendor_init data_between_core_and_vendor_violators;
|
|
|
|
allow vendor_init {
|
|
camera_data_file
|
|
system_data_file
|
|
tombstone_data_file
|
|
}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom };
|
|
|
|
allow vendor_init tee_device:chr_file getattr;
|
|
allow vendor_init persist_file:lnk_file read;
|
|
allow vendor_init proc:file w_file_perms;
|
|
allow vendor_init proc_sched_energy_aware:file w_file_perms;
|
|
|
|
get_prop(vendor_init, hal_fingerprint_prop)
|
|
|
|
set_prop(vendor_init, camera_prop)
|
|
set_prop(vendor_init, vendor_freq_prop)
|
|
set_prop(vendor_init, vendor_power_prop)
|