allow perfd sysfs_devices_system_iosched:file rw_file_perms;
unix_socket_connect(perfd, thermal, thermal-engine)

# read mediaserver status
allow perfd mediaserver:file { read open };