From af2679a76c5f8ffc8a82c87660c46a2bdb5850ce Mon Sep 17 00:00:00 2001
From: bengris32 <bengris32@protonmail.ch>
Date: Mon, 15 Aug 2022 20:55:55 +0100
Subject: [PATCH] rosemary: sepolicy: Allow vendor_init to adjust vm and sched
 parameters

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I3854b84b8d98bc9a7098bb202cd56112742b5aaf
---
 sepolicy/vendor/file.te        | 4 ++++
 sepolicy/vendor/genfs_contexts | 3 +++
 sepolicy/vendor/vendor_init.te | 3 +++
 3 files changed, 10 insertions(+)
 create mode 100644 sepolicy/vendor/genfs_contexts

diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index c39d356..e72d5c0 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -1,3 +1,7 @@
 # Fingerprint
 type vendor_fingerprint_data_file, data_file_type, file_type;
 type vendor_fingerprint_device, dev_type;
+
+# Performance
+type proc_vm_dirty, fs_type, proc_type;
+type proc_sched_stune, fs_type, proc_type;
diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts
new file mode 100644
index 0000000..3131cad
--- /dev/null
+++ b/sepolicy/vendor/genfs_contexts
@@ -0,0 +1,3 @@
+# Performance
+genfscon proc /sys/vm/dirty_writeback_centisecs      										u:object_r:proc_vm_dirty:s0
+genfscon proc /sys/kernel/sched_stune_task_threshold 										u:object_r:proc_sched_stune:s0
diff --git a/sepolicy/vendor/vendor_init.te b/sepolicy/vendor/vendor_init.te
index d7db4e5..ba6fe1e 100644
--- a/sepolicy/vendor/vendor_init.te
+++ b/sepolicy/vendor/vendor_init.te
@@ -1,3 +1,6 @@
 get_prop(vendor_init, vts_status_prop)
 
 allow vendor_init nfc_data_file:dir { r_dir_perms create_dir_perms };
+
+allow vendor_init proc_sched_stune:file w_file_perms;
+allow vendor_init proc_vm_dirty:file w_file_perms;