From 66fd237730d460134dc77afc7fef3a3384d1b6e0 Mon Sep 17 00:00:00 2001
From: TeYuan Wang <kamewang@google.com>
Date: Wed, 14 Apr 2021 14:25:05 +0800
Subject: [PATCH] thermal: add sepolicy rule to access ODPM sysfs

Bug: 170653634
Test: test thermal behavior under enforcing mode
Change-Id: I37500de957cc2375213f1d0416a88356f36d2367
---
 whitechapel/vendor/google/hal_thermal_default.te | 2 ++
 whitechapel/vendor/google/vendor_init.te         | 1 +
 2 files changed, 3 insertions(+)

diff --git a/whitechapel/vendor/google/hal_thermal_default.te b/whitechapel/vendor/google/hal_thermal_default.te
index 66c3af87..491035ee 100644
--- a/whitechapel/vendor/google/hal_thermal_default.te
+++ b/whitechapel/vendor/google/hal_thermal_default.te
@@ -1 +1,3 @@
 allow hal_thermal_default self:netlink_generic_socket create_socket_perms_no_ioctl;
+allow hal_thermal_default sysfs_iio_devices:dir r_dir_perms;
+allow hal_thermal_default sysfs_odpm:file r_file_perms;
diff --git a/whitechapel/vendor/google/vendor_init.te b/whitechapel/vendor/google/vendor_init.te
index 0f20f4b5..fa4d5de8 100644
--- a/whitechapel/vendor/google/vendor_init.te
+++ b/whitechapel/vendor/google/vendor_init.te
@@ -11,6 +11,7 @@ set_prop(vendor_init, vendor_ro_config_default_prop)
 get_prop(vendor_init, vendor_touchpanel_prop)
 set_prop(vendor_init, vendor_edgetpu_service_prop)
 set_prop(vendor_init, vendor_tcpdump_log_prop)
+set_prop(vendor_init, vendor_thermal_prop)
 
 allow vendor_init proc_dirty:file w_file_perms;
 allow vendor_init proc_sched:file write;