From 437d35e7cbee7fb80de70884a366ac527c574bde Mon Sep 17 00:00:00 2001
From: Martin Liu <liumartin@google.com>
Date: Thu, 12 Dec 2024 10:09:30 +0000
Subject: [PATCH] allow power hal to access vendor_mm files

I auditd  : type=1400 audit(0.0:79): avc:  denied  { write } for  comm="NodeLooperThrea" name="vendor_mm" dev="sysfs" ino=56518 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_vendor_mm:s0 tclass=dir permissive=0

Bug: 357995885
Test: check avc error
Flag: EXEMPT adding avc rule
Change-Id: I1261aa14f2cd912ede51edc2e1a547d2e182ca46
Signed-off-by: Martin Liu <liumartin@google.com>
---
 performance/sepolicy/hal_power_default.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/performance/sepolicy/hal_power_default.te b/performance/sepolicy/hal_power_default.te
index 309e8f7..a8b5e05 100644
--- a/performance/sepolicy/hal_power_default.te
+++ b/performance/sepolicy/hal_power_default.te
@@ -1,3 +1,7 @@
+# allow power hal to access pa kill knobs
 allow hal_power_default sysfs_pakills:file rw_file_perms;
 allow hal_power_default sysfs_pakills:dir r_dir_perms;
 r_dir_file(hal_power_default, sysfs_vendor_mm);
+
+# allow power hal to access vendor_mm knobs
+allow hal_power_default sysfs_vendor_mm:file rw_file_perms;