diff --git a/apparmor.d/profiles-s-z/tlp b/apparmor.d/profiles-s-z/tlp index 03230f8bb..c802461ce 100644 --- a/apparmor.d/profiles-s-z/tlp +++ b/apparmor.d/profiles-s-z/tlp @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles -# Copyright (C) 2024 Barmogund +# Copyright (C) 2021-2024 Alexandre Pujol +# Copyright (C) 2024 Barmogund # SPDX-License-Identifier: GPL-2.0-only abi , @@ -14,6 +15,7 @@ profile tlp @{exec_path} flags=(attach_disconnected) { include include include + include capability dac_read_search, capability net_admin, @@ -23,6 +25,8 @@ profile tlp @{exec_path} flags=(attach_disconnected) { network netlink raw, + ptrace read peer=unconfined, + @{exec_path} mr, @{bin}/systemctl rix, @@ -69,6 +73,24 @@ profile tlp @{exec_path} flags=(attach_disconnected) { owner @{run}/tlp/lock_tlp rwk, owner @{run}/udev/data/b@{int}:@{int} r, + @{sys}/class/net/ r, + @{sys}/class/power_supply/ r, + @{sys}/bus/pci/drivers/mei_me/ r, + @{sys}/bus/pci/drivers/nouveau/ r, + @{sys}/bus/pci/drivers/xhci_hcd/ r, + @{sys}/devices/LNXSYSTM:@{rand2}/**/power_supply/BAT@{int}/type r, + @{sys}/devices/LNXSYSTM:@{rand2}/**/**/power_supply/BAT@{int}/type r, + @{sys}/devices/LNXSYSTM:@{rand2}/**/**/power_supply/BAT@{int}/present r, + @{sys}/devices/@{pci}/ r, + @{sys}/devices/@{pci}/power/control rw, + @{sys}/devices/platform/**/power_supply/ADP@{int}/online r, + @{sys}/devices/platform/**/power_supply/ADP@{int}/type r, + @{sys}/devices/system/cpu/cpufreq/policy@{int}/energy_performance_preference rw, + @{sys}/devices/virtual/dmi/id/product_version r, + @{sys}/devices/virtual/net/lo/uevent r, + @{sys}/module/pcie_aspm/parameters/policy rw, + @{sys}/module/snd_hda_intel/parameters/power_save rw, + @{sys}/module/snd_hda_intel/parameters/power_save_controller rw, @{sys}/firmware/acpi/platform_profile* rw, @{sys}/firmware/acpi/pm_profile* rw,