thermal: move thermal selinux policy to Pixel-wide common Bug: 146390555 Test: No avc denied and thermal_logd can print when thermal-hal ativates Change-Id: I974d67866d48aad40ce5bed2715fd0e8f078c61f

commit: f532621bc8fcb776567efba891e295d097c41802 [log] [tgz]
author: mandyshen <mandyshen@google.com> Mon Mar 23 17:24:38 2020 +0800
committer: Mandy Shen <mandyshen@google.com> Thu Mar 26 19:55:18 2020 +0000
tree: 5e6ee6937bfde84a0acf67bda9d7cc3be9ef901a
parent: 8395f27ee88ef5a6b25dadcba2c4554094334de0 [diff] [blame]
diff --git a/thermal/init-thermal-logging.sh.te b/thermal/init-thermal-logging.sh.te
new file mode 100644
index 0000000..3da540e
--- /dev/null
+++ b/thermal/init-thermal-logging.sh.te

@@ -0,0 +1,10 @@
+type init-thermal-logging-sh, domain;
+type init-thermal-logging-sh_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-thermal-logging-sh)
+
+userdebug_or_eng(`
+  allow init-thermal-logging-sh vendor_toolbox_exec:file rx_file_perms;
+  allow init-thermal-logging-sh sysfs_thermal:dir r_dir_perms;
+  allow init-thermal-logging-sh sysfs_thermal:file r_file_perms;
+')
commit	f532621bc8fcb776567efba891e295d097c41802	[log] [tgz]
author	mandyshen <mandyshen@google.com>	Mon Mar 23 17:24:38 2020 +0800
committer	Mandy Shen <mandyshen@google.com>	Thu Mar 26 19:55:18 2020 +0000
tree	5e6ee6937bfde84a0acf67bda9d7cc3be9ef901a
parent	8395f27ee88ef5a6b25dadcba2c4554094334de0 [diff] [blame]