1# /proc/config.gz 2type config_gz, fs_type, proc_type; 3 4# /sys/fs/bpf/<dir> for mainline tethering use 5# TODO: move S+ fs_bpf_tethering here from public/file.te 6type fs_bpf_net_private, fs_type, bpffs_type; 7type fs_bpf_net_shared, fs_type, bpffs_type; 8type fs_bpf_netd_readonly, fs_type, bpffs_type; 9type fs_bpf_netd_shared, fs_type, bpffs_type; 10 11# /data/misc/storaged 12type storaged_data_file, file_type, data_file_type, core_data_file_type; 13 14# /data/misc/wmtrace for wm traces 15type wm_trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 16 17# /data/misc/a11ytrace for accessibility traces 18type accessibility_trace_data_file, file_type, data_file_type, core_data_file_type; 19 20# /data/misc/perfetto-traces for perfetto traces 21type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type; 22 23# /data/misc/perfetto-traces/bugreport for perfetto traces for bugreports. 24type perfetto_traces_bugreport_data_file, file_type, data_file_type, core_data_file_type; 25 26# /data/misc/perfetto-configs for perfetto configs 27type perfetto_configs_data_file, file_type, data_file_type, core_data_file_type; 28 29# /data/misc_{ce/de}/<user>/sdksandbox root data directory for sdk sandbox processes 30type sdk_sandbox_system_data_file, file_type, data_file_type, core_data_file_type; 31# /data/misc_{ce/de}/<user>/sdksandbox/<app-name>/* subdirectory for sdk sandbox processes 32type sdk_sandbox_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 33 34# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds. 35type debugfs_kcov, fs_type, debugfs_type; 36 37# App executable files in /data/data directories 38type app_exec_data_file, file_type, data_file_type, core_data_file_type; 39typealias app_exec_data_file alias rs_data_file; 40 41# /data/misc_[ce|de]/rollback : Used by installd to store snapshots 42# of application data. 43type rollback_data_file, file_type, data_file_type, core_data_file_type; 44 45# /data/misc_ce/checkin for checkin apps. 46type checkin_data_file, file_type, data_file_type, core_data_file_type; 47 48# /data/gsi/ota 49type ota_image_data_file, file_type, data_file_type, core_data_file_type; 50 51# /data/gsi_persistent_data 52type gsi_persistent_data_file, file_type, data_file_type, core_data_file_type; 53 54# /data/misc/emergencynumberdb 55type emergency_data_file, file_type, data_file_type, core_data_file_type; 56 57# /data/misc/profcollectd 58type profcollectd_data_file, file_type, data_file_type, core_data_file_type; 59 60# /data/misc/apexdata/com.android.art 61type apex_art_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 62 63# /data/misc/apexdata/com.android.art/staging 64type apex_art_staging_data_file, file_type, data_file_type, core_data_file_type; 65 66# /data/misc/apexdata/com.android.compos 67type apex_compos_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 68 69# legacy labels for various /data/misc[_ce|_de]/*/apexdata directories - retained 70# for backward compatibility b/217581286 71type apex_appsearch_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 72type apex_permission_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 73type apex_scheduling_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 74type apex_tethering_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 75type apex_wifi_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 76 77# /data/font/files 78type font_data_file, file_type, data_file_type, core_data_file_type; 79 80# /data/misc/dmesgd 81type dmesgd_data_file, file_type, data_file_type, core_data_file_type; 82 83# /data/misc/odrefresh 84type odrefresh_data_file, file_type, data_file_type, core_data_file_type; 85 86# /data/misc/odsign 87type odsign_data_file, file_type, data_file_type, core_data_file_type; 88 89# /data/misc/odsign_metrics 90type odsign_metrics_file, file_type, data_file_type, core_data_file_type; 91 92# /data/misc/virtualizationservice 93type virtualizationservice_data_file, file_type, data_file_type, core_data_file_type; 94 95# /data/system/environ 96type environ_system_data_file, file_type, data_file_type, core_data_file_type; 97 98# /data/bootanim 99type bootanim_data_file, file_type, data_file_type, core_data_file_type; 100 101# /dev/kvm 102type kvm_device, dev_type; 103 104# /apex/com.android.virt/bin/fd_server 105type fd_server_exec, system_file_type, exec_type, file_type; 106 107# /apex/com.android.compos/bin/compsvc 108type compos_exec, exec_type, file_type, system_file_type; 109# /apex/com.android.compos/bin/compos_key_helper 110type compos_key_helper_exec, exec_type, file_type, system_file_type; 111 112# /metadata/sepolicy 113type sepolicy_metadata_file, file_type; 114 115# /dev/selinux/test - used to verify that apex sepolicy is loaded and 116# property labeled. 117type sepolicy_test_file, file_type; 118 119# Filesystem entry for for PRNG seeder socket. Processes require 120# write permission on this to connect, and needs to be mlstrustedobject 121# in to satisfy MLS constraints for trusted domains. 122type prng_seeder_socket, file_type, coredomain_socket, mlstrustedobject; 123