1 # Policy for /vendor/bin/thermal-engine 2 type thermal-engine, domain; 3 type thermal-engine_exec, exec_type, vendor_file_type, file_type; 4 5 init_daemon_domain(thermal-engine) 6 7 # Grant access to Qualcomm MSM Interface (QMI) radio sockets 8 qmux_socket(thermal-engine) 9 10 allow thermal-engine self:socket create_socket_perms; 11 allowxperm thermal-engine self:socket ioctl msm_sock_ipc_ioctls; 12 13 # /dev/msm_thermal_query 14 allow thermal-engine thermal_device:chr_file rw_file_perms; 15 16 # files in /sys/ 17 r_dir_file(thermal-engine, sysfs_type) 18 allow thermal-engine sysfs_msm_subsys:file write; 19 allow thermal-engine sysfs_thermal:file write; 20 21 allow thermal-engine uio_device:chr_file rw_file_perms; 22 23 # access to /dev/diag on debug builds 24 userdebug_or_eng(` 25 allow thermal-engine diag_device:chr_file rw_file_perms; 26 ') 27 28 # write proc/sysrq-trigger for remount r/o during reboot 29 allow thermal-engine proc_sysrq:file w_file_perms; 30 # reboot warnings and errors to kernel via klog 31 allow thermal-engine kmsg_device:chr_file w_file_perms; 32 33 # write file last_reboot_reason to inform of previous thermal shutdown 34 allow thermal-engine reboot_data_file:dir ra_dir_perms; 35 allow thermal-engine reboot_data_file:file create_file_perms; 36 37 # reboot/shutdown for thermal limits exceeded 38 set_prop(thermal-engine, powerctl_prop) 39
