From b9f9cf202f17e32c29f8e6553ce4350921471da3 Mon Sep 17 00:00:00 2001
From: Arian <arian.kulmer@web.de>
Date: Tue, 30 Jan 2024 19:54:13 +0100
Subject: [PATCH] sm8450-common: sepolicy: Reduce mi_thermald permissions in
 sysfs

Change-Id: I0d16f1a1ed73c5089d9dc116e24b61d58da47b7a
---
 sepolicy/vendor/mi_thermald.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/vendor/mi_thermald.te b/sepolicy/vendor/mi_thermald.te
index 7eab53c..9c81035 100644
--- a/sepolicy/vendor/mi_thermald.te
+++ b/sepolicy/vendor/mi_thermald.te
@@ -3,10 +3,10 @@ type mi_thermald_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(mi_thermald)
 
+allow mi_thermald sysfs:dir { read open };
 allow mi_thermald sysfs_devices_system_cpu:file rw_file_perms;
 allow mi_thermald self:capability { fsetid sys_boot };
 allow mi_thermald sysfs_thermal:file w_file_perms;
-allow mi_thermald sysfs:file w_file_perms;
 allow mi_thermald vendor_sysfs_kgsl:dir r_dir_perms;
 allow mi_thermald vendor_sysfs_kgsl:file rw_file_perms;
 allow mi_thermald vendor_sysfs_kgsl:lnk_file r_file_perms;