1 # Policy for /vendor/bin/thermal-engine 2 type thermal-engine, domain; 3 type thermal-engine_exec, exec_type, vendor_file_type, file_type; 4 5 init_daemon_domain(thermal-engine) 6 7 # Grant access to Qualcomm MSM Interface (QMI) radio sockets 8 qmux_socket(thermal-engine) 9 10 allow thermal-engine self:socket create_socket_perms; 11 allowxperm thermal-engine self:socket ioctl msm_sock_ipc_ioctls; 12 13 # /dev/msm_thermal_query 14 allow thermal-engine thermal_device:chr_file rw_file_perms; 15 16 # files in /sys/ 17 r_dir_file(thermal-engine, sysfs_type) 18 allow thermal-engine sysfs_msm_subsys:file write; 19 allow thermal-engine sysfs_thermal:file rw_file_perms; 20 allow thermal-engine sysfs_thermal:lnk_file read; 21 allow thermal-engine sysfs_thermal:dir search; 22 23 # /proc/stat 24 allow thermal-engine proc_stat:file { getattr open read }; 25 26 allow thermal-engine uio_device:chr_file rw_file_perms; 27 28 # access to /dev/diag on debug builds 29 userdebug_or_eng(` 30 allow thermal-engine diag_device:chr_file rw_file_perms; 31 ') 32 33 # reboot/shutdown for thermal limits exceeded 34 set_prop(thermal-engine, powerctl_prop) 35 36 # IThermal Thermal HAL 37 hal_server_domain(thermal-engine, hal_thermal) 38