wangxl | 5b6293a | 2015-02-03 21:10:20 +0800 | [diff] [blame^] | 1 | type perfd, domain; |
| 2 | type perfd_exec, exec_type, file_type; |
| 3 | |
| 4 | init_daemon_domain(perfd) |
| 5 | |
| 6 | allow perfd self:capability { net_admin chown dac_override fsetid }; |
| 7 | allow perfd sysfs_devices_system_cpu:file rw_file_perms; |
| 8 | allow perfd sysfs_cpu_online:file rw_file_perms; |
| 9 | allow perfd cpuctl_device:file rw_file_perms; |
| 10 | allow perfd self:netlink_kobject_uevent_socket { create read setopt bind }; |
| 11 | allow perfd self:socket create_socket_perms; |
| 12 | |
| 13 | #mpctl socket |
| 14 | allow perfd mpctl_socket:dir rw_dir_perms; |
| 15 | allow perfd mpctl_socket:sock_file { create_file_perms unlink }; |
| 16 | |
| 17 | allow perfd sysfs:file write; |
| 18 | |
| 19 | #default_values file |
| 20 | allow perfd mpctl_data_file:dir rw_dir_perms; |
| 21 | allow perfd mpctl_data_file:file { create_file_perms unlink }; |
| 22 | |
| 23 | #allow poll of system_server status |
| 24 | allow perfd system_server:dir search; |
| 25 | allow perfd system_server:file { open read }; |
| 26 | |
| 27 | allow perfd proc:file write; |
| 28 | |
| 29 | #KTM |
| 30 | allow perfd sysfs_thermal:dir search; |
| 31 | allow perfd sysfs_thermal:file { open write }; |