1 # Temperature sensor daemon (root process) 2 type thermald, domain, domain_deprecated; 3 type thermald_exec, exec_type, file_type; 4 5 # Started by init 6 init_daemon_domain(thermald) 7 8 allow thermald shared_log_device:chr_file rw_file_perms; 9 10 allow thermald self:capability { dac_override fsetid chown }; 11 12 # Access to /dev/msm_thermal_query 13 allow thermald thermal_engine_device:chr_file rw_file_perms; 14 15 # Talk to qmuxd (/dev/socket/qmux_radio) 16 qmux_socket(thermald) 17 18 # Create and access to /dev/socket/thermal-.* 19 type_transition thermald socket_device:sock_file thermald_socket; 20 allow thermald socket_device:dir w_dir_perms; 21 allow thermald thermald_socket:sock_file create_file_perms; 22 23 allow thermald self:socket create_socket_perms; 24 25 # Writes to /sys/module/msm_thermal/core_control/cpus_offlined 26 allow thermald sysfs_mpdecision:file rw_file_perms; 27 28 # TODO specify specific labels for /sys/ files 29 allow thermald sysfs:file write; 30 allow thermald sysfs_usb:file write; 31 allow thermald sysfs_batteryinfo:file r_file_perms; 32
