| typeattribute hal_power_default mlstrustedsubject; |
| |
| allow hal_power_default sysfs_devices_system_cpu:file rw_file_perms; |
| allow hal_power_default latency_device:chr_file rw_file_perms; |
| allow hal_power_default cgroup:file r_file_perms; |
| |
| # To get/set powerhal state property |
| set_prop(hal_power_default, vendor_power_prop) |
| |
| # Rule for hal_power_default to access graphics composer process |
| unix_socket_connect(hal_power_default, pps, hal_graphics_composer_default); |
| |
| # Set scheduling info for apps (for adpf) |
| allow hal_power_default appdomain:process { getsched setsched }; |
| allow hal_power_default self:capability sys_nice; |
| |
| # Set scheduling info for surfaceflinger (for adpf) |
| allow hal_power_default surfaceflinger:process setsched; |
| |
| # Set scheduling info for HWC (for adpf) |
| allow hal_power_default hal_graphics_composer_default:process setsched; |
| |
| # Set scheduling info for system_server (for adpf) |
| allow hal_power_default system_server:process setsched; |
| |
| # Allow reading proc files for CPU statistics. |
| allow hal_power_default proc_stat:file r_file_perms; |
| allow hal_power_default proc_vendor_sched:dir r_dir_perms; |
| allow hal_power_default proc_vendor_sched:file r_file_perms; |
| |
| # Allow read/write thermal sysfs and property |
| allow hal_power_default thermal_link_device:dir r_dir_perms; |
| allow hal_power_default sysfs_thermal:dir r_dir_perms; |
| allow hal_power_default sysfs_thermal:file rw_file_perms; |
| allow hal_power_default sysfs_thermal:lnk_file r_file_perms; |
| set_prop(hal_power_default, vendor_thermal_prop) |
| |
| userdebug_or_eng(` |
| # Allow reading /data/vendor/* for debugging |
| allow hal_power_default vendor_data_file:file r_file_perms; |
| ') |
