commit 07caab5682c0f5de365de4b8e13e9fe3abccb05d
author maxwen <max.weninger@gmail.com> Thu Dec 11 01:39:44 2014 +0100
committer maxwen <max.weninger@gmail.com> Fri Dec 12 22:46:20 2014 +0100
tree c22fc0005a7ce2a3150fd24d52b3705fb25a64dd
parent ce83df42a74dbc615fba1a17c3c125a93476112b

sepolicy: allow access for perfomance settings

Change-Id: Id8b66ae5bd92ba301b3d652501aa27b0eadb36ea

sepolicy/file_contexts

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 122c980..7a24c06 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -2,10 +2,7 @@
 # OmniROM common sepolicy
 #
 
-# cache
-/cache/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0
-
 # performance-related sysfs files
-/sys/kernel/mm/ksm(/.*)?       --          u:object_r:sysfs_writable:s0
-/sys/devices/system/cpu.*/cpufreq(/.*)? --  u:object_r:sysfs_writable:s0
-/sys/block/mmcblk0/queue/scheduler  --    u:object_r:sysfs_writable:s0
+/sys/kernel/mm/ksm(/.*)?    u:object_r:sysfs_writable:s0
+/sys/block/mmcblk(/.*)?     u:object_r:sysfs_writable:s0
+/sys/block/zram(/.*)?       u:object_r:sysfs_writable:s0

sepolicy/sepolicy.mk

diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
index 56ef7ab..24617f9 100644
--- a/sepolicy/sepolicy.mk
+++ b/sepolicy/sepolicy.mk
@@ -6,10 +6,13 @@
 BOARD_SEPOLICY_DIRS += \
     vendor/omni/sepolicy
 
-#BOARD_SEPOLICY_UNION += \
-#    file_contexts \
+BOARD_SEPOLICY_UNION += \
+    file_contexts \
+    system_app.te \
+    system_server.te
+
 #    file.te \
 #    genfs_contexts \
 #    installd.te \
 #    mac_permissions.xml \
-#	vold.te
+#    vold.te

sepolicy/system_app.te

diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te
new file mode 100644
index 0000000..25aae95
--- /dev/null
+++ b/sepolicy/system_app.te
@@ -0,0 +1,12 @@
+###########################
+# OmniROM common sepolicy
+#
+
+# performance settings
+allow system_app sysfs_lowmemorykiller:file rw_file_perms;
+allow system_app sysfs_devices_system_cpu:file rw_file_perms;
+allow system_app sysfs_writable:file rw_file_perms;
+
+# Read /sys/kernel/debug/wakeup_sources.
+allow system_app debugfs:file r_file_perms;
+

sepolicy/system_server.te

diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
new file mode 100644
index 0000000..645f03e
--- /dev/null
+++ b/sepolicy/system_server.te
@@ -0,0 +1,6 @@
+###########################
+# OmniROM common sepolicy
+#
+
+allow system_server sysfs_lowmemorykiller:file rw_file_perms;
+allow system_server sysfs_devices_system_cpu:file rw_file_perms;