common/perfd.te - fp2-dev/device/qcom/sepolicy - Gitiles

 type perfd, domain, mlstrustedsubject;
 type perfd_exec, exec_type, file_type;

 init_daemon_domain(perfd)

 allow perfd self:capability { net_admin chown dac_override fsetid };
 allow perfd {
     sysfs_devices_system_cpu
     sysfs_cpu_online
     proc
     sysfs
 }:file rw_file_perms;

 allow perfd self:{ netlink_kobject_uevent_socket socket} create_socket_perms;

 # mpctl socket
 allow perfd mpctl_socket:sock_file rw_file_perms;

 # default_values file
 allow perfd mpctl_data_file:dir rw_dir_perms;
 allow perfd mpctl_data_file:file create_file_perms;

 # Allow poll of system_server status
 r_dir_file(perfd, system_server)

 # Allow access to thermal sysfs entry
 r_dir_file(perfd, sysfs_thermal)
 allow perfd sysfs_thermal:file write;

 # IRQbalancer access
 unix_socket_connect(perfd, msm_irqbalance, msm_irqbalanced);

 # Thermal lib access
 unix_socket_connect(perfd, thermal, thermal-engine);

 # Access device nodes inside /dev/cpuctl
 allow perfd cpuctl_device:chr_file rw_file_perms;
	type perfd, domain, mlstrustedsubject;
	type perfd_exec, exec_type, file_type;

	init_daemon_domain(perfd)

	allow perfd self:capability { net_admin chown dac_override fsetid };
	allow perfd {
	sysfs_devices_system_cpu
	sysfs_cpu_online
	proc
	sysfs
	}:file rw_file_perms;

	allow perfd self:{ netlink_kobject_uevent_socket socket} create_socket_perms;

	# mpctl socket
	allow perfd mpctl_socket:sock_file rw_file_perms;

	# default_values file
	allow perfd mpctl_data_file:dir rw_dir_perms;
	allow perfd mpctl_data_file:file create_file_perms;

	# Allow poll of system_server status
	r_dir_file(perfd, system_server)

	# Allow access to thermal sysfs entry
	r_dir_file(perfd, sysfs_thermal)
	allow perfd sysfs_thermal:file write;

	# IRQbalancer access
	unix_socket_connect(perfd, msm_irqbalance, msm_irqbalanced);

	# Thermal lib access
	unix_socket_connect(perfd, thermal, thermal-engine);

	# Access device nodes inside /dev/cpuctl
	allow perfd cpuctl_device:chr_file rw_file_perms;