android_device_qcom_sepolicy/common/mpdecision.te

type mpdecision, domain;
type mpdecision_exec, exec_type, file_type;

init_daemon_domain(mpdecision)

allow mpdecision sysfs_mpdecision:file rw_file_perms;
allow mpdecision sysfs_devices_system_cpu:file rw_file_perms;
allow mpdecision sysfs_rqstats:file w_file_perms;
allow mpdecision sysfs_cpu_online:file rw_file_perms;
# For the KSM tunables
allow mpdecision sysfs_writable:file rw_file_perms;
#Allow mpdecision set cpu affinity
allow mpdecision kernel:process setsched;
#Allow writes to /dev/cpu_dma_latency
allow mpdecision self:netlink_kobject_uevent_socket { create read setopt bind };
allow mpdecision self:socket create_socket_perms;
allow mpdecision device_latency:chr_file w_file_perms;

allow mpdecision sysfs_rqstats:dir search;
allow mpdecision sysfs_thermal:dir search;

#policies for mpctl
#mpctl socket
allow mpdecision self:capability { net_admin chown dac_override fsetid sys_nice };
allow mpdecision mpctl_socket:dir rw_dir_perms;
allow mpdecision mpctl_socket:sock_file { create_file_perms unlink };

allow mpdecision sysfs:file write;

#default_values file
allow mpdecision mpctl_data_file:dir rw_dir_perms;
allow mpdecision mpctl_data_file:file { create_file_perms unlink };

#allow poll of system_server status
allow mpdecision system_server:dir search;
allow mpdecision system_server:file { open read };

#cm extra opts
allow mpdecision thermal-engine:unix_stream_socket connectto;
allow mpdecision thermal_socket:sock_file write;
allow mpdecision sysfs_thermal:file rw_file_perms;
allow mpdecision sysfs_devices_system_iosched:file rw_file_perms;