From 483545ad297c149c98730074eaabb036634b6728 Mon Sep 17 00:00:00 2001
From: Arian <arian.kulmer@web.de>
Date: Fri, 27 Sep 2024 06:57:40 +0000
Subject: [PATCH] sky: Address power hal denials

---
 sepolicy/vendor/hal_power.te      | 13 +++++++++++++
 sepolicy/vendor/property.te       |  3 +++
 sepolicy/vendor/property_contexts |  3 +++
 sepolicy/vendor/vendor_init.te    |  2 ++
 4 files changed, 21 insertions(+)
 create mode 100644 sepolicy/vendor/vendor_init.te

diff --git a/sepolicy/vendor/hal_power.te b/sepolicy/vendor/hal_power.te
index 7d7f258..6a33404 100644
--- a/sepolicy/vendor/hal_power.te
+++ b/sepolicy/vendor/hal_power.te
@@ -1,3 +1,16 @@
 allow hal_power_default touchfeature_device:chr_file rw_file_perms;
 allow hal_power_default input_device:dir r_dir_perms;
 allow hal_power_default input_device:chr_file rw_file_perms;
+
+# To do powerhint on nodes defined in powerhint.json
+allow hal_power_default cgroup:dir search;
+allow hal_power_default cgroup:file rw_file_perms;
+allow hal_power_default proc_sched:file rw_file_perms;
+allow hal_power_default sysfs_devices_system_cpu:file rw_file_perms;
+allow hal_power_default vendor_latency_device:chr_file rw_file_perms;
+allow hal_power_default vendor_sysfs_devfreq:dir search;
+allow hal_power_default vendor_sysfs_devfreq:file rw_file_perms;
+allow hal_power_default vendor_sysfs_kgsl:file rw_file_perms;
+
+# To get/set powerhal state property
+set_prop(hal_power_default, vendor_power_prop)
diff --git a/sepolicy/vendor/property.te b/sepolicy/vendor/property.te
index f63590f..5e27d17 100644
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@@ -28,5 +28,8 @@ vendor_public_prop(vendor_nfc_mi_prop)
 # Panel
 vendor_public_prop(vendor_panel_info_prop)
 
+# Power HAL
+vendor_public_prop(vendor_power_prop);
+
 # Thermal
 vendor_public_prop(vendor_thermal_normal_prop)
diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts
index 77b0cfa..504967b 100644
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@@ -124,6 +124,9 @@ vendor.sys.rpmb_state u:object_r:vendor_payment_security_prop:s0
 ro.vendor.nfc. u:object_r:vendor_nfc_mi_prop:s0
 ro.vendor.se. u:object_r:vendor_nfc_mi_prop:s0
 
+# Power HAL
+vendor.powerhal.                   u:object_r:vendor_power_prop:s0
+
 # Sensors
 persist.vendor.sensors.ins. u:object_r:vendor_mi_ins_prop:s0
 persist.vendor.sensors.ins_debug u:object_r:vendor_mi_ins_prop:s0
diff --git a/sepolicy/vendor/vendor_init.te b/sepolicy/vendor/vendor_init.te
new file mode 100644
index 0000000..f48eff3
--- /dev/null
+++ b/sepolicy/vendor/vendor_init.te
@@ -0,0 +1,2 @@
+# To set powerhal init property
+set_prop(vendor_init, vendor_power_prop)