allow powerhal to access PA_KILL knobs
Bug: 322916612
Test: check avc logs
Change-Id: I637c6ad454b668f807b8d0eb4f66a83ca26dfa18
Signed-off-by: Martin Liu <liumartin@google.com>
diff --git a/performance/sepolicy/file.te b/performance/sepolicy/file.te
new file mode 100644
index 0000000..0357d51
--- /dev/null
+++ b/performance/sepolicy/file.te
@@ -0,0 +1 @@
+type sysfs_pakills, fs_type, sysfs_type;
diff --git a/performance/sepolicy/genfs_contexts b/performance/sepolicy/genfs_contexts
index 000c41b..07bcff9 100644
--- a/performance/sepolicy/genfs_contexts
+++ b/performance/sepolicy/genfs_contexts
@@ -1 +1,2 @@
genfscon proc /sys/kernel/sched_pelt_multiplier u:object_r:proc_sched:s0
+genfscon sysfs /kernel/vendor_mm/pa_kill u:object_r:sysfs_pakills:s0
diff --git a/performance/sepolicy/hal_power_default.te b/performance/sepolicy/hal_power_default.te
new file mode 100644
index 0000000..763862d
--- /dev/null
+++ b/performance/sepolicy/hal_power_default.te
@@ -0,0 +1,2 @@
+allow hal_power_default sysfs_pakills:file rw_file_perms;
+allow hal_power_default sysfs_pakills:dir r_dir_perms;