1*e4a36f41SAndroid Build Coastguard Worker# /proc/config.gz 2*e4a36f41SAndroid Build Coastguard Workertype config_gz, fs_type, proc_type; 3*e4a36f41SAndroid Build Coastguard Worker 4*e4a36f41SAndroid Build Coastguard Worker# /sys/fs/bpf/<dir> for mainline tethering use 5*e4a36f41SAndroid Build Coastguard Worker# TODO: move S+ fs_bpf_tethering here from public/file.te 6*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_net_private, fs_type, bpffs_type; 7*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_net_shared, fs_type, bpffs_type; 8*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_netd_readonly, fs_type, bpffs_type; 9*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_netd_shared, fs_type, bpffs_type; 10*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_loader, fs_type, bpffs_type; 11*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_uprobestats, fs_type, bpffs_type; 12*e4a36f41SAndroid Build Coastguard Worker 13*e4a36f41SAndroid Build Coastguard Worker# /data/misc/storaged 14*e4a36f41SAndroid Build Coastguard Workertype storaged_data_file, file_type, data_file_type, core_data_file_type; 15*e4a36f41SAndroid Build Coastguard Worker 16*e4a36f41SAndroid Build Coastguard Worker# /data/misc/wmtrace for wm traces 17*e4a36f41SAndroid Build Coastguard Workertype wm_trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 18*e4a36f41SAndroid Build Coastguard Worker 19*e4a36f41SAndroid Build Coastguard Worker# /data/misc/a11ytrace for accessibility traces 20*e4a36f41SAndroid Build Coastguard Workertype accessibility_trace_data_file, file_type, data_file_type, core_data_file_type; 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-traces for perfetto traces 23*e4a36f41SAndroid Build Coastguard Workertype perfetto_traces_data_file, file_type, data_file_type, core_data_file_type; 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-traces/bugreport for perfetto traces for bugreports. 26*e4a36f41SAndroid Build Coastguard Workertype perfetto_traces_bugreport_data_file, file_type, data_file_type, core_data_file_type; 27*e4a36f41SAndroid Build Coastguard Worker 28*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-traces/profiling for perfetto traces from profiling apis. 29*e4a36f41SAndroid Build Coastguard Workertype perfetto_traces_profiling_data_file, file_type, data_file_type, core_data_file_type; 30*e4a36f41SAndroid Build Coastguard Worker 31*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-configs for perfetto configs 32*e4a36f41SAndroid Build Coastguard Workertype perfetto_configs_data_file, file_type, data_file_type, core_data_file_type; 33*e4a36f41SAndroid Build Coastguard Worker 34*e4a36f41SAndroid Build Coastguard Worker# /data/misc/uprobestats-configs for uprobestats configs 35*e4a36f41SAndroid Build Coastguard Workertype uprobestats_configs_data_file, file_type, data_file_type, core_data_file_type; 36*e4a36f41SAndroid Build Coastguard Worker 37*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.art/bin/oatdump 38*e4a36f41SAndroid Build Coastguard Workertype oatdump_exec, system_file_type, exec_type, file_type; 39*e4a36f41SAndroid Build Coastguard Worker 40*e4a36f41SAndroid Build Coastguard Worker# /data/misc_{ce/de}/<user>/sdksandbox root data directory for sdk sandbox processes 41*e4a36f41SAndroid Build Coastguard Workertype sdk_sandbox_system_data_file, file_type, data_file_type, core_data_file_type; 42*e4a36f41SAndroid Build Coastguard Worker# /data/misc_{ce/de}/<user>/sdksandbox/<app-name>/* subdirectory for sdk sandbox processes 43*e4a36f41SAndroid Build Coastguard Workertype sdk_sandbox_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 44*e4a36f41SAndroid Build Coastguard Worker 45*e4a36f41SAndroid Build Coastguard Worker# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds. 46*e4a36f41SAndroid Build Coastguard Workertype debugfs_kcov, fs_type, debugfs_type; 47*e4a36f41SAndroid Build Coastguard Worker 48*e4a36f41SAndroid Build Coastguard Worker# App executable files in /data/data directories 49*e4a36f41SAndroid Build Coastguard Workertype app_exec_data_file, file_type, data_file_type, core_data_file_type; 50*e4a36f41SAndroid Build Coastguard Workertypealias app_exec_data_file alias rs_data_file; 51*e4a36f41SAndroid Build Coastguard Worker 52*e4a36f41SAndroid Build Coastguard Worker# /data/misc_[ce|de]/rollback : Used by installd to store snapshots 53*e4a36f41SAndroid Build Coastguard Worker# of application data. 54*e4a36f41SAndroid Build Coastguard Workertype rollback_data_file, file_type, data_file_type, core_data_file_type; 55*e4a36f41SAndroid Build Coastguard Worker 56*e4a36f41SAndroid Build Coastguard Worker# /data/misc_ce/checkin for checkin apps. 57*e4a36f41SAndroid Build Coastguard Workertype checkin_data_file, file_type, data_file_type, core_data_file_type; 58*e4a36f41SAndroid Build Coastguard Worker 59*e4a36f41SAndroid Build Coastguard Worker# /data/gsi/ota 60*e4a36f41SAndroid Build Coastguard Workertype ota_image_data_file, file_type, data_file_type, core_data_file_type; 61*e4a36f41SAndroid Build Coastguard Worker 62*e4a36f41SAndroid Build Coastguard Worker# /data/gsi_persistent_data 63*e4a36f41SAndroid Build Coastguard Workertype gsi_persistent_data_file, file_type, data_file_type, core_data_file_type; 64*e4a36f41SAndroid Build Coastguard Worker 65*e4a36f41SAndroid Build Coastguard Worker# /data/misc/emergencynumberdb 66*e4a36f41SAndroid Build Coastguard Workertype emergency_data_file, file_type, data_file_type, core_data_file_type; 67*e4a36f41SAndroid Build Coastguard Worker 68*e4a36f41SAndroid Build Coastguard Worker# /data/misc/profcollectd 69*e4a36f41SAndroid Build Coastguard Workertype profcollectd_data_file, file_type, data_file_type, core_data_file_type; 70*e4a36f41SAndroid Build Coastguard Worker 71*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.art 72*e4a36f41SAndroid Build Coastguard Workertype apex_art_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 73*e4a36f41SAndroid Build Coastguard Worker 74*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.art/staging 75*e4a36f41SAndroid Build Coastguard Workertype apex_art_staging_data_file, file_type, data_file_type, core_data_file_type; 76*e4a36f41SAndroid Build Coastguard Worker 77*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.compos 78*e4a36f41SAndroid Build Coastguard Workertype apex_compos_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 79*e4a36f41SAndroid Build Coastguard Worker 80*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.virt 81*e4a36f41SAndroid Build Coastguard Workertype apex_virt_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 82*e4a36f41SAndroid Build Coastguard Worker 83*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.tethering 84*e4a36f41SAndroid Build Coastguard Workertype apex_tethering_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 85*e4a36f41SAndroid Build Coastguard Worker 86*e4a36f41SAndroid Build Coastguard Worker# legacy labels for various /data/misc[_ce|_de]/*/apexdata directories - retained 87*e4a36f41SAndroid Build Coastguard Worker# for backward compatibility b/217581286 88*e4a36f41SAndroid Build Coastguard Workertype apex_appsearch_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 89*e4a36f41SAndroid Build Coastguard Workertype apex_permission_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 90*e4a36f41SAndroid Build Coastguard Workertype apex_scheduling_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 91*e4a36f41SAndroid Build Coastguard Workertype apex_wifi_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 92*e4a36f41SAndroid Build Coastguard Worker 93*e4a36f41SAndroid Build Coastguard Worker# /data/font/files 94*e4a36f41SAndroid Build Coastguard Workertype font_data_file, file_type, data_file_type, core_data_file_type; 95*e4a36f41SAndroid Build Coastguard Worker 96*e4a36f41SAndroid Build Coastguard Worker# /data/misc/dmesgd 97*e4a36f41SAndroid Build Coastguard Workertype dmesgd_data_file, file_type, data_file_type, core_data_file_type; 98*e4a36f41SAndroid Build Coastguard Worker 99*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odrefresh 100*e4a36f41SAndroid Build Coastguard Workertype odrefresh_data_file, file_type, data_file_type, core_data_file_type; 101*e4a36f41SAndroid Build Coastguard Worker 102*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odsign 103*e4a36f41SAndroid Build Coastguard Workertype odsign_data_file, file_type, data_file_type, core_data_file_type; 104*e4a36f41SAndroid Build Coastguard Worker 105*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odsign_metrics 106*e4a36f41SAndroid Build Coastguard Workertype odsign_metrics_file, file_type, data_file_type, core_data_file_type; 107*e4a36f41SAndroid Build Coastguard Worker 108*e4a36f41SAndroid Build Coastguard Worker# /data/misc/virtualizationservice 109*e4a36f41SAndroid Build Coastguard Worker# The type needs to be mlstrustedobject to allow for being accessed from 110*e4a36f41SAndroid Build Coastguard Worker# virtualizationmanager, which runs at a more constrained MLS level. 111*e4a36f41SAndroid Build Coastguard Workertype virtualizationservice_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 112*e4a36f41SAndroid Build Coastguard Worker 113*e4a36f41SAndroid Build Coastguard Worker# /data/system/environ 114*e4a36f41SAndroid Build Coastguard Workertype environ_system_data_file, file_type, data_file_type, core_data_file_type; 115*e4a36f41SAndroid Build Coastguard Worker 116*e4a36f41SAndroid Build Coastguard Worker# /data/misc/bootanim 117*e4a36f41SAndroid Build Coastguard Workertype bootanim_data_file, file_type, data_file_type, core_data_file_type; 118*e4a36f41SAndroid Build Coastguard Worker 119*e4a36f41SAndroid Build Coastguard Worker# /dev/kvm 120*e4a36f41SAndroid Build Coastguard Worker# The type needs to be mlstrustedobject to allow for being accessed from 121*e4a36f41SAndroid Build Coastguard Worker# crosvm, which runs at a more constrained MLS level. 122*e4a36f41SAndroid Build Coastguard Workertype kvm_device, dev_type, mlstrustedobject, vm_manager_device_type; 123*e4a36f41SAndroid Build Coastguard Worker 124*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.virt/bin/fd_server 125*e4a36f41SAndroid Build Coastguard Workertype fd_server_exec, system_file_type, exec_type, file_type; 126*e4a36f41SAndroid Build Coastguard Worker 127*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.compos/bin/compsvc 128*e4a36f41SAndroid Build Coastguard Workertype compos_exec, exec_type, file_type, system_file_type; 129*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.compos/bin/compos_key_helper 130*e4a36f41SAndroid Build Coastguard Workertype compos_key_helper_exec, exec_type, file_type, system_file_type; 131*e4a36f41SAndroid Build Coastguard Worker 132*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.art/bin/art_exec 133*e4a36f41SAndroid Build Coastguard Worker# This executable does not have its own domain because it is executed in the caller's domain. For 134*e4a36f41SAndroid Build Coastguard Worker# example, it is executed in the `artd` domain when artd calls it. 135*e4a36f41SAndroid Build Coastguard Workertype art_exec_exec, system_file_type, exec_type, file_type; 136*e4a36f41SAndroid Build Coastguard Worker 137*e4a36f41SAndroid Build Coastguard Worker# Filesystem entry for for PRNG seeder socket. Processes require 138*e4a36f41SAndroid Build Coastguard Worker# write permission on this to connect, and needs to be mlstrustedobject 139*e4a36f41SAndroid Build Coastguard Worker# in to satisfy MLS constraints for trusted domains. 140*e4a36f41SAndroid Build Coastguard Workertype prng_seeder_socket, file_type, coredomain_socket, mlstrustedobject; 141*e4a36f41SAndroid Build Coastguard Worker 142*e4a36f41SAndroid Build Coastguard Worker# /proc/device-tree/avf and /sys/firmware/devicetree/base/avf 143*e4a36f41SAndroid Build Coastguard Workertype sysfs_dt_avf, fs_type, sysfs_type; 144*e4a36f41SAndroid Build Coastguard Workertype proc_dt_avf, fs_type, proc_type; 145*e4a36f41SAndroid Build Coastguard Worker 146*e4a36f41SAndroid Build Coastguard Worker# Type for /system/fonts/font_fallback.xm 147*e4a36f41SAndroid Build Coastguard Workertype system_font_fallback_file, system_file_type, file_type; 148*e4a36f41SAndroid Build Coastguard Worker 149*e4a36f41SAndroid Build Coastguard Worker# Type for /sys/devices/uprobe. 150*e4a36f41SAndroid Build Coastguard Workertype sysfs_uprobe, fs_type, sysfs_type; 151*e4a36f41SAndroid Build Coastguard Worker 152*e4a36f41SAndroid Build Coastguard Worker# Type for aconfig daemon socket 153*e4a36f41SAndroid Build Coastguard Workertype aconfigd_socket, file_type, coredomain_socket; 154*e4a36f41SAndroid Build Coastguard Worker 155*e4a36f41SAndroid Build Coastguard Worker# Type for /(system|system_ext|product)/etc/aconfig 156*e4a36f41SAndroid Build Coastguard Workertype system_aconfig_storage_file, system_file_type, file_type; 157*e4a36f41SAndroid Build Coastguard Worker 158*e4a36f41SAndroid Build Coastguard Worker# Type for /vendor/etc/aconfig 159*e4a36f41SAndroid Build Coastguard Workertype vendor_aconfig_storage_file, vendor_file_type, file_type; 160