1*e4a36f41SAndroid Build Coastguard Worker# /proc/config.gz 2*e4a36f41SAndroid Build Coastguard Workertype config_gz, fs_type, proc_type; 3*e4a36f41SAndroid Build Coastguard Worker 4*e4a36f41SAndroid Build Coastguard Worker# /sys/fs/bpf/<dir> for mainline tethering use 5*e4a36f41SAndroid Build Coastguard Worker# TODO: move S+ fs_bpf_tethering here from public/file.te 6*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_net_private, fs_type, bpffs_type; 7*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_net_shared, fs_type, bpffs_type; 8*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_netd_readonly, fs_type, bpffs_type; 9*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_netd_shared, fs_type, bpffs_type; 10*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_loader, fs_type, bpffs_type; 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# /data/misc/storaged 13*e4a36f41SAndroid Build Coastguard Workertype storaged_data_file, file_type, data_file_type, core_data_file_type; 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker# /data/misc/wmtrace for wm traces 16*e4a36f41SAndroid Build Coastguard Workertype wm_trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 17*e4a36f41SAndroid Build Coastguard Worker 18*e4a36f41SAndroid Build Coastguard Worker# /data/misc/a11ytrace for accessibility traces 19*e4a36f41SAndroid Build Coastguard Workertype accessibility_trace_data_file, file_type, data_file_type, core_data_file_type; 20*e4a36f41SAndroid Build Coastguard Worker 21*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-traces for perfetto traces 22*e4a36f41SAndroid Build Coastguard Workertype perfetto_traces_data_file, file_type, data_file_type, core_data_file_type; 23*e4a36f41SAndroid Build Coastguard Worker 24*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-traces/bugreport for perfetto traces for bugreports. 25*e4a36f41SAndroid Build Coastguard Workertype perfetto_traces_bugreport_data_file, file_type, data_file_type, core_data_file_type; 26*e4a36f41SAndroid Build Coastguard Worker 27*e4a36f41SAndroid Build Coastguard Worker# /data/misc/perfetto-configs for perfetto configs 28*e4a36f41SAndroid Build Coastguard Workertype perfetto_configs_data_file, file_type, data_file_type, core_data_file_type; 29*e4a36f41SAndroid Build Coastguard Worker 30*e4a36f41SAndroid Build Coastguard Worker# /data/misc_{ce/de}/<user>/sdksandbox root data directory for sdk sandbox processes 31*e4a36f41SAndroid Build Coastguard Workertype sdk_sandbox_system_data_file, file_type, data_file_type, core_data_file_type; 32*e4a36f41SAndroid Build Coastguard Worker# /data/misc_{ce/de}/<user>/sdksandbox/<app-name>/* subdirectory for sdk sandbox processes 33*e4a36f41SAndroid Build Coastguard Workertype sdk_sandbox_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 34*e4a36f41SAndroid Build Coastguard Worker 35*e4a36f41SAndroid Build Coastguard Worker# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds. 36*e4a36f41SAndroid Build Coastguard Workertype debugfs_kcov, fs_type, debugfs_type; 37*e4a36f41SAndroid Build Coastguard Worker 38*e4a36f41SAndroid Build Coastguard Worker# App executable files in /data/data directories 39*e4a36f41SAndroid Build Coastguard Workertype app_exec_data_file, file_type, data_file_type, core_data_file_type; 40*e4a36f41SAndroid Build Coastguard Workertypealias app_exec_data_file alias rs_data_file; 41*e4a36f41SAndroid Build Coastguard Worker 42*e4a36f41SAndroid Build Coastguard Worker# /data/misc_[ce|de]/rollback : Used by installd to store snapshots 43*e4a36f41SAndroid Build Coastguard Worker# of application data. 44*e4a36f41SAndroid Build Coastguard Workertype rollback_data_file, file_type, data_file_type, core_data_file_type; 45*e4a36f41SAndroid Build Coastguard Worker 46*e4a36f41SAndroid Build Coastguard Worker# /data/misc_ce/checkin for checkin apps. 47*e4a36f41SAndroid Build Coastguard Workertype checkin_data_file, file_type, data_file_type, core_data_file_type; 48*e4a36f41SAndroid Build Coastguard Worker 49*e4a36f41SAndroid Build Coastguard Worker# /data/gsi/ota 50*e4a36f41SAndroid Build Coastguard Workertype ota_image_data_file, file_type, data_file_type, core_data_file_type; 51*e4a36f41SAndroid Build Coastguard Worker 52*e4a36f41SAndroid Build Coastguard Worker# /data/gsi_persistent_data 53*e4a36f41SAndroid Build Coastguard Workertype gsi_persistent_data_file, file_type, data_file_type, core_data_file_type; 54*e4a36f41SAndroid Build Coastguard Worker 55*e4a36f41SAndroid Build Coastguard Worker# /data/misc/emergencynumberdb 56*e4a36f41SAndroid Build Coastguard Workertype emergency_data_file, file_type, data_file_type, core_data_file_type; 57*e4a36f41SAndroid Build Coastguard Worker 58*e4a36f41SAndroid Build Coastguard Worker# /data/misc/profcollectd 59*e4a36f41SAndroid Build Coastguard Workertype profcollectd_data_file, file_type, data_file_type, core_data_file_type; 60*e4a36f41SAndroid Build Coastguard Worker 61*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.art 62*e4a36f41SAndroid Build Coastguard Workertype apex_art_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 63*e4a36f41SAndroid Build Coastguard Worker 64*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.art/staging 65*e4a36f41SAndroid Build Coastguard Workertype apex_art_staging_data_file, file_type, data_file_type, core_data_file_type; 66*e4a36f41SAndroid Build Coastguard Worker 67*e4a36f41SAndroid Build Coastguard Worker# /data/misc/apexdata/com.android.compos 68*e4a36f41SAndroid Build Coastguard Workertype apex_compos_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 69*e4a36f41SAndroid Build Coastguard Worker 70*e4a36f41SAndroid Build Coastguard Worker# legacy labels for various /data/misc[_ce|_de]/*/apexdata directories - retained 71*e4a36f41SAndroid Build Coastguard Worker# for backward compatibility b/217581286 72*e4a36f41SAndroid Build Coastguard Workertype apex_appsearch_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 73*e4a36f41SAndroid Build Coastguard Workertype apex_permission_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 74*e4a36f41SAndroid Build Coastguard Workertype apex_scheduling_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 75*e4a36f41SAndroid Build Coastguard Workertype apex_tethering_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 76*e4a36f41SAndroid Build Coastguard Workertype apex_wifi_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 77*e4a36f41SAndroid Build Coastguard Worker 78*e4a36f41SAndroid Build Coastguard Worker# /data/font/files 79*e4a36f41SAndroid Build Coastguard Workertype font_data_file, file_type, data_file_type, core_data_file_type; 80*e4a36f41SAndroid Build Coastguard Worker 81*e4a36f41SAndroid Build Coastguard Worker# /data/misc/dmesgd 82*e4a36f41SAndroid Build Coastguard Workertype dmesgd_data_file, file_type, data_file_type, core_data_file_type; 83*e4a36f41SAndroid Build Coastguard Worker 84*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odrefresh 85*e4a36f41SAndroid Build Coastguard Workertype odrefresh_data_file, file_type, data_file_type, core_data_file_type; 86*e4a36f41SAndroid Build Coastguard Worker 87*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odsign 88*e4a36f41SAndroid Build Coastguard Workertype odsign_data_file, file_type, data_file_type, core_data_file_type; 89*e4a36f41SAndroid Build Coastguard Worker 90*e4a36f41SAndroid Build Coastguard Worker# /data/misc/odsign_metrics 91*e4a36f41SAndroid Build Coastguard Workertype odsign_metrics_file, file_type, data_file_type, core_data_file_type; 92*e4a36f41SAndroid Build Coastguard Worker 93*e4a36f41SAndroid Build Coastguard Worker# /data/misc/virtualizationservice 94*e4a36f41SAndroid Build Coastguard Worker# The type needs to be mlstrustedobject to allow for being accessed from 95*e4a36f41SAndroid Build Coastguard Worker# virtualizationmanager, which runs at a more constrained MLS level. 96*e4a36f41SAndroid Build Coastguard Workertype virtualizationservice_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 97*e4a36f41SAndroid Build Coastguard Worker 98*e4a36f41SAndroid Build Coastguard Worker# /data/system/environ 99*e4a36f41SAndroid Build Coastguard Workertype environ_system_data_file, file_type, data_file_type, core_data_file_type; 100*e4a36f41SAndroid Build Coastguard Worker 101*e4a36f41SAndroid Build Coastguard Worker# /data/bootanim 102*e4a36f41SAndroid Build Coastguard Workertype bootanim_data_file, file_type, data_file_type, core_data_file_type; 103*e4a36f41SAndroid Build Coastguard Worker 104*e4a36f41SAndroid Build Coastguard Worker# /dev/kvm 105*e4a36f41SAndroid Build Coastguard Worker# The type needs to be mlstrustedobject to allow for being accessed from 106*e4a36f41SAndroid Build Coastguard Worker# crosvm, which runs at a more constrained MLS level. 107*e4a36f41SAndroid Build Coastguard Workertype kvm_device, dev_type, mlstrustedobject, vm_manager_device_type; 108*e4a36f41SAndroid Build Coastguard Worker 109*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.virt/bin/fd_server 110*e4a36f41SAndroid Build Coastguard Workertype fd_server_exec, system_file_type, exec_type, file_type; 111*e4a36f41SAndroid Build Coastguard Worker 112*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.compos/bin/compsvc 113*e4a36f41SAndroid Build Coastguard Workertype compos_exec, exec_type, file_type, system_file_type; 114*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.compos/bin/compos_key_helper 115*e4a36f41SAndroid Build Coastguard Workertype compos_key_helper_exec, exec_type, file_type, system_file_type; 116*e4a36f41SAndroid Build Coastguard Worker 117*e4a36f41SAndroid Build Coastguard Worker# /metadata/sepolicy 118*e4a36f41SAndroid Build Coastguard Workertype sepolicy_metadata_file, file_type; 119*e4a36f41SAndroid Build Coastguard Worker 120*e4a36f41SAndroid Build Coastguard Worker# /dev/selinux/test - used to verify that apex sepolicy is loaded and 121*e4a36f41SAndroid Build Coastguard Worker# property labeled. 122*e4a36f41SAndroid Build Coastguard Workertype sepolicy_test_file, file_type; 123*e4a36f41SAndroid Build Coastguard Worker 124*e4a36f41SAndroid Build Coastguard Worker# /apex/com.android.art/bin/art_exec 125*e4a36f41SAndroid Build Coastguard Worker# This executable does not have its own domain because it is executed in the caller's domain. For 126*e4a36f41SAndroid Build Coastguard Worker# example, it is executed in the `artd` domain when artd calls it. 127*e4a36f41SAndroid Build Coastguard Workertype art_exec_exec, system_file_type, exec_type, file_type; 128*e4a36f41SAndroid Build Coastguard Worker 129*e4a36f41SAndroid Build Coastguard Worker# Filesystem entry for for PRNG seeder socket. Processes require 130*e4a36f41SAndroid Build Coastguard Worker# write permission on this to connect, and needs to be mlstrustedobject 131*e4a36f41SAndroid Build Coastguard Worker# in to satisfy MLS constraints for trusted domains. 132*e4a36f41SAndroid Build Coastguard Workertype prng_seeder_socket, file_type, coredomain_socket, mlstrustedobject; 133*e4a36f41SAndroid Build Coastguard Worker 134*e4a36f41SAndroid Build Coastguard Worker# /sys/firmware/devicetree/base/avf 135*e4a36f41SAndroid Build Coastguard Workertype sysfs_dt_avf, fs_type, sysfs_type; 136