type perfd, domain;
type perfd_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(perfd)

# perfd uses kill(pid, 0) to determine if a process exists.
# Determining if a process exists does not require the kill capability
# since a permission denied indicates the process exists.
dontaudit perfd self:capability kill;

allow perfd mediacodec:process signull;
allow perfd hal_power_default:process signull;

allow perfd cgroup:file rw_file_perms;

allow perfd proc:file rw_file_perms;
allow perfd sysfs_scsi_host:file r_file_perms;
r_dir_file(perfd, sysfs_graphics)
r_dir_file(perfd, sysfs_socinfo)

allow perfd sysfs_devices_system_cpu:file w_file_perms;

allow perfd perfd_socket:sock_file write;

allow perfd device_latency:chr_file w_file_perms;

# wahoo sysfs_msm_subsys is sysfs_devfreq + sysfs_kgsl
r_dir_file(perfd, sysfs_devfreq)
allow perfd sysfs_devfreq:file w_file_perms;

r_dir_file(perfd, sysfs_kgsl)
allow perfd sysfs_kgsl:file w_file_perms;

allow perfd sysfs_msm_perf:dir r_dir_perms;
allow perfd sysfs_msm_perf:file rw_file_perms;

get_prop(perfd, vendor_freq_prop)