From 9e8bd699e9da6c7433963e888cb03440ad4317a4 Mon Sep 17 00:00:00 2001
From: Rick Yiu <rickyiu@google.com>
Date: Mon, 31 May 2021 21:59:59 +0800
Subject: [PATCH] gs101-sepolicy: Refine policy for sysfs_vendor_sched

Chagne it to directory based.

Bug: 182509410
Test: device boot normally
Change-Id: I1cfaa95cf07e1e829e747eb99ed39ab64d3ddac1
---
 whitechapel/vendor/google/domain.te      |  1 +
 whitechapel/vendor/google/genfs_contexts | 52 +-----------------------
 whitechapel/vendor/google/system_app.te  |  1 +
 3 files changed, 3 insertions(+), 51 deletions(-)

diff --git a/whitechapel/vendor/google/domain.te b/whitechapel/vendor/google/domain.te
index cffaf8cd..3e1cbbb7 100644
--- a/whitechapel/vendor/google/domain.te
+++ b/whitechapel/vendor/google/domain.te
@@ -1 +1,2 @@
+allow {domain -appdomain -rs} sysfs_vendor_sched:dir r_dir_perms;
 allow {domain -appdomain -rs} sysfs_vendor_sched:file w_file_perms;
diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts
index 287e92c2..998d6c6d 100644
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@@ -113,57 +113,7 @@ genfscon sysfs /devices/platform/1ce00000.abrolhos
 genfscon sysfs /devices/platform/abrolhos                                       u:object_r:sysfs_edgetpu:s0
 
 # Vendor sched files
-genfscon sysfs /kernel/vendor_sched/bg_prefer_high_cap                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/bg_prefer_idle                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/bg_task_spreading                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/bg_uclamp_max                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/bg_uclamp_min                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/cam_prefer_high_cap                        u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/cam_prefer_idle                            u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/cam_task_spreading                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/cam_uclamp_max                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/cam_uclamp_min                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/fg_prefer_high_cap                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/fg_prefer_idle                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/fg_task_spreading                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/fg_uclamp_max                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/fg_uclamp_min                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/ta_prefer_high_cap                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/ta_prefer_idle                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/ta_task_spreading                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/ta_uclamp_max                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/ta_uclamp_min                              u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sys_prefer_high_cap                        u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sys_prefer_idle                            u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sys_task_spreading                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sys_uclamp_max                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sys_uclamp_min                             u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sysbg_prefer_high_cap                      u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sysbg_prefer_idle                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sysbg_task_spreading                       u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sysbg_uclamp_max                           u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/sysbg_uclamp_min                           u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/nnapi_prefer_high_cap                      u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/nnapi_prefer_idle                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/nnapi_task_spreading                       u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/nnapi_uclamp_max                           u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/nnapi_uclamp_min                           u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/clear_group                                u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_bg                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_cam                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_fg                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_nnapi                       u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_sys                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_sysbg                       u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/set_task_group_ta                          u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/high_capacity_start_cpu                    u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/uclamp_effective_stats                     u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/reset_uclamp_stats                         u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/uclamp_stats                               u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/uclamp_threshold                           u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/uclamp_util_diff_stats                     u:object_r:sysfs_vendor_sched:s0
-genfscon sysfs /kernel/vendor_sched/util_threshold                             u:object_r:sysfs_vendor_sched:s0
-
+genfscon sysfs /kernel/vendor_sched                                            u:object_r:sysfs_vendor_sched:s0
 genfscon proc  /vendor_sched                                                   u:object_r:proc_vendor_sched:s0
 
 # GPS
diff --git a/whitechapel/vendor/google/system_app.te b/whitechapel/vendor/google/system_app.te
index b7542fd6..a9bab762 100644
--- a/whitechapel/vendor/google/system_app.te
+++ b/whitechapel/vendor/google/system_app.te
@@ -1,3 +1,4 @@
+allow system_app sysfs_vendor_sched:dir r_dir_perms;
 allow system_app sysfs_vendor_sched:file w_file_perms;
 
 allow system_app hal_wlc_hwservice:hwservice_manager find;