type init_power, domain;
type init_power_exec, exec_type, vendor_file_type, file_type;

init_daemon_domain(init_power)

allow init_power rootfs:file r_file_perms;
allow init_power vendor_shell_exec:file rx_file_perms;
allow init_power vendor_toolbox_exec:file rx_file_perms;

# files are created in /sys as this script executes. Grant
# access to all of /sys to make this robust.
r_dir_file(init_power, sysfs_type)
allow init_power sysfs:file { rw_file_perms relabelfrom };
allow init_power sysfs:dir { relabelfrom r_dir_perms };
allow init_power sysfs_devices_system_cpu:dir relabelto;
allow init_power sysfs_devices_system_cpu:file { relabelto w_file_perms };
allow init_power sysfs_msm_subsys:file w_file_perms;
allow init_power sysfs_thermal:file w_file_perms;
allow init_power sysfs_power_management:file write;

# write to files proc/sys/kernel/sched_*
allow init_power proc_kernel_sched:file w_file_perms;