1*e4a36f41SAndroid Build Coastguard Worker# Filesystem types 2*e4a36f41SAndroid Build Coastguard Workertype labeledfs, fs_type; 3*e4a36f41SAndroid Build Coastguard Workertype pipefs, fs_type; 4*e4a36f41SAndroid Build Coastguard Workertype sockfs, fs_type; 5*e4a36f41SAndroid Build Coastguard Workertype rootfs, fs_type; 6*e4a36f41SAndroid Build Coastguard Workertype proc, fs_type, proc_type; 7*e4a36f41SAndroid Build Coastguard Workertype binderfs, fs_type; 8*e4a36f41SAndroid Build Coastguard Workertype binderfs_logs, fs_type; 9*e4a36f41SAndroid Build Coastguard Workertype binderfs_logs_proc, fs_type; 10*e4a36f41SAndroid Build Coastguard Workertype binderfs_features, fs_type; 11*e4a36f41SAndroid Build Coastguard Worker# Security-sensitive proc nodes that should not be writable to most. 12*e4a36f41SAndroid Build Coastguard Workertype proc_security, fs_type, proc_type; 13*e4a36f41SAndroid Build Coastguard Workertype proc_drop_caches, fs_type, proc_type; 14*e4a36f41SAndroid Build Coastguard Workertype proc_overcommit_memory, fs_type, proc_type; 15*e4a36f41SAndroid Build Coastguard Workertype proc_min_free_order_shift, fs_type, proc_type; 16*e4a36f41SAndroid Build Coastguard Workertype proc_kpageflags, fs_type, proc_type; 17*e4a36f41SAndroid Build Coastguard Workertype proc_watermark_boost_factor, fs_type, proc_type; 18*e4a36f41SAndroid Build Coastguard Worker# proc, sysfs, or other nodes that permit configuration of kernel usermodehelpers. 19*e4a36f41SAndroid Build Coastguard Workertype usermodehelper, fs_type, proc_type; 20*e4a36f41SAndroid Build Coastguard Workertype sysfs_usermodehelper, fs_type, sysfs_type; 21*e4a36f41SAndroid Build Coastguard Workertype proc_qtaguid_ctrl, fs_type, mlstrustedobject, proc_type; 22*e4a36f41SAndroid Build Coastguard Workertype proc_qtaguid_stat, fs_type, mlstrustedobject, proc_type; 23*e4a36f41SAndroid Build Coastguard Workertype proc_bluetooth_writable, fs_type, proc_type; 24*e4a36f41SAndroid Build Coastguard Workertype proc_abi, fs_type, proc_type; 25*e4a36f41SAndroid Build Coastguard Workertype proc_asound, fs_type, proc_type; 26*e4a36f41SAndroid Build Coastguard Workertype proc_bootconfig, fs_type, proc_type; 27*e4a36f41SAndroid Build Coastguard Workertype proc_bpf, fs_type, proc_type; 28*e4a36f41SAndroid Build Coastguard Workertype proc_buddyinfo, fs_type, proc_type; 29*e4a36f41SAndroid Build Coastguard Workertype proc_cmdline, fs_type, proc_type; 30*e4a36f41SAndroid Build Coastguard Workertype proc_cpu_alignment, fs_type, proc_type; 31*e4a36f41SAndroid Build Coastguard Workertype proc_cpuinfo, fs_type, proc_type; 32*e4a36f41SAndroid Build Coastguard Workertype proc_dirty, fs_type, proc_type; 33*e4a36f41SAndroid Build Coastguard Workertype proc_diskstats, fs_type, proc_type; 34*e4a36f41SAndroid Build Coastguard Workertype proc_extra_free_kbytes, fs_type, proc_type; 35*e4a36f41SAndroid Build Coastguard Workertype proc_filesystems, fs_type, proc_type; 36*e4a36f41SAndroid Build Coastguard Workertype proc_fs_verity, fs_type, proc_type; 37*e4a36f41SAndroid Build Coastguard Workertype proc_hostname, fs_type, proc_type; 38*e4a36f41SAndroid Build Coastguard Workertype proc_hung_task, fs_type, proc_type; 39*e4a36f41SAndroid Build Coastguard Workertype proc_interrupts, fs_type, proc_type; 40*e4a36f41SAndroid Build Coastguard Workertype proc_iomem, fs_type, proc_type; 41*e4a36f41SAndroid Build Coastguard Workertype proc_kallsyms, fs_type, proc_type; 42*e4a36f41SAndroid Build Coastguard Workertype proc_keys, fs_type, proc_type; 43*e4a36f41SAndroid Build Coastguard Workertype proc_kmsg, fs_type, proc_type; 44*e4a36f41SAndroid Build Coastguard Workertype proc_loadavg, fs_type, proc_type; 45*e4a36f41SAndroid Build Coastguard Workertype proc_locks, fs_type, proc_type; 46*e4a36f41SAndroid Build Coastguard Workertype proc_lowmemorykiller, fs_type, proc_type; 47*e4a36f41SAndroid Build Coastguard Workertype proc_max_map_count, fs_type, proc_type; 48*e4a36f41SAndroid Build Coastguard Workertype proc_meminfo, fs_type, proc_type; 49*e4a36f41SAndroid Build Coastguard Workertype proc_misc, fs_type, proc_type; 50*e4a36f41SAndroid Build Coastguard Workertype proc_modules, fs_type, proc_type; 51*e4a36f41SAndroid Build Coastguard Workertype proc_mounts, fs_type, proc_type; 52*e4a36f41SAndroid Build Coastguard Workertype proc_net, fs_type, proc_type, proc_net_type; 53*e4a36f41SAndroid Build Coastguard Workertype proc_net_tcp_udp, fs_type, proc_type; 54*e4a36f41SAndroid Build Coastguard Workertype proc_page_cluster, fs_type, proc_type; 55*e4a36f41SAndroid Build Coastguard Workertype proc_pagetypeinfo, fs_type, proc_type; 56*e4a36f41SAndroid Build Coastguard Workertype proc_panic, fs_type, proc_type; 57*e4a36f41SAndroid Build Coastguard Workertype proc_perf, fs_type, proc_type; 58*e4a36f41SAndroid Build Coastguard Workertype proc_pid_max, fs_type, proc_type; 59*e4a36f41SAndroid Build Coastguard Workertype proc_pipe_conf, fs_type, proc_type; 60*e4a36f41SAndroid Build Coastguard Workertype proc_pressure_cpu, fs_type, proc_type; 61*e4a36f41SAndroid Build Coastguard Workertype proc_pressure_io, fs_type, proc_type; 62*e4a36f41SAndroid Build Coastguard Workertype proc_pressure_mem, fs_type, proc_type; 63*e4a36f41SAndroid Build Coastguard Workertype proc_random, fs_type, proc_type; 64*e4a36f41SAndroid Build Coastguard Workertype proc_sched, fs_type, proc_type; 65*e4a36f41SAndroid Build Coastguard Workertype proc_slabinfo, fs_type, proc_type; 66*e4a36f41SAndroid Build Coastguard Workertype proc_stat, fs_type, proc_type; 67*e4a36f41SAndroid Build Coastguard Workertype proc_swaps, fs_type, proc_type; 68*e4a36f41SAndroid Build Coastguard Workertype proc_sysrq, fs_type, proc_type; 69*e4a36f41SAndroid Build Coastguard Workertype proc_timer, fs_type, proc_type; 70*e4a36f41SAndroid Build Coastguard Workertype proc_tty_drivers, fs_type, proc_type; 71*e4a36f41SAndroid Build Coastguard Workertype proc_uid_cputime_showstat, fs_type, proc_type; 72*e4a36f41SAndroid Build Coastguard Workertype proc_uid_cputime_removeuid, fs_type, proc_type; 73*e4a36f41SAndroid Build Coastguard Workertype proc_uid_io_stats, fs_type, proc_type; 74*e4a36f41SAndroid Build Coastguard Workertype proc_uid_procstat_set, fs_type, proc_type; 75*e4a36f41SAndroid Build Coastguard Workertype proc_uid_time_in_state, fs_type, proc_type; 76*e4a36f41SAndroid Build Coastguard Workertype proc_uid_concurrent_active_time, fs_type, proc_type; 77*e4a36f41SAndroid Build Coastguard Workertype proc_uid_concurrent_policy_time, fs_type, proc_type; 78*e4a36f41SAndroid Build Coastguard Workertype proc_uid_cpupower, fs_type, proc_type; 79*e4a36f41SAndroid Build Coastguard Workertype proc_uptime, fs_type, proc_type; 80*e4a36f41SAndroid Build Coastguard Workertype proc_version, fs_type, proc_type; 81*e4a36f41SAndroid Build Coastguard Workertype proc_vmallocinfo, fs_type, proc_type; 82*e4a36f41SAndroid Build Coastguard Workertype proc_vmstat, fs_type, proc_type; 83*e4a36f41SAndroid Build Coastguard Workertype proc_watermark_scale_factor, fs_type, proc_type; 84*e4a36f41SAndroid Build Coastguard Workertype proc_zoneinfo, fs_type, proc_type; 85*e4a36f41SAndroid Build Coastguard Workertype proc_vendor_sched, proc_type, fs_type; 86*e4a36f41SAndroid Build Coastguard Workertype selinuxfs, fs_type, mlstrustedobject; 87*e4a36f41SAndroid Build Coastguard Workertype fusectlfs, fs_type; 88*e4a36f41SAndroid Build Coastguard Workertype cgroup, fs_type, mlstrustedobject; 89*e4a36f41SAndroid Build Coastguard Workertype cgroup_v2, fs_type; 90*e4a36f41SAndroid Build Coastguard Workertype sysfs, fs_type, sysfs_type, mlstrustedobject; 91*e4a36f41SAndroid Build Coastguard Workertype sysfs_android_usb, fs_type, sysfs_type; 92*e4a36f41SAndroid Build Coastguard Workertype sysfs_uio, sysfs_type, fs_type; 93*e4a36f41SAndroid Build Coastguard Workertype sysfs_batteryinfo, fs_type, sysfs_type; 94*e4a36f41SAndroid Build Coastguard Workertype sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject; 95*e4a36f41SAndroid Build Coastguard Workertype sysfs_devfreq_cur, fs_type, sysfs_type; 96*e4a36f41SAndroid Build Coastguard Workertype sysfs_devfreq_dir, fs_type, sysfs_type; 97*e4a36f41SAndroid Build Coastguard Workertype sysfs_devices_block, fs_type, sysfs_type; 98*e4a36f41SAndroid Build Coastguard Workertype sysfs_dm, fs_type, sysfs_type; 99*e4a36f41SAndroid Build Coastguard Workertype sysfs_dm_verity, fs_type, sysfs_type; 100*e4a36f41SAndroid Build Coastguard Workertype sysfs_dma_heap, fs_type, sysfs_type; 101*e4a36f41SAndroid Build Coastguard Workertype sysfs_dmabuf_stats, fs_type, sysfs_type; 102*e4a36f41SAndroid Build Coastguard Workertype sysfs_dt_firmware_android, fs_type, sysfs_type; 103*e4a36f41SAndroid Build Coastguard Workertype sysfs_extcon, fs_type, sysfs_type; 104*e4a36f41SAndroid Build Coastguard Workertype sysfs_ion, fs_type, sysfs_type; 105*e4a36f41SAndroid Build Coastguard Workertype sysfs_ipv4, fs_type, sysfs_type; 106*e4a36f41SAndroid Build Coastguard Workertype sysfs_kernel_notes, fs_type, sysfs_type, mlstrustedobject; 107*e4a36f41SAndroid Build Coastguard Workertype sysfs_leds, fs_type, sysfs_type; 108*e4a36f41SAndroid Build Coastguard Workertype sysfs_loop, fs_type, sysfs_type; 109*e4a36f41SAndroid Build Coastguard Workertype sysfs_gpu, fs_type, sysfs_type; 110*e4a36f41SAndroid Build Coastguard Workertype sysfs_hwrandom, fs_type, sysfs_type; 111*e4a36f41SAndroid Build Coastguard Workertype sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject; 112*e4a36f41SAndroid Build Coastguard Workertype sysfs_wake_lock, fs_type, sysfs_type; 113*e4a36f41SAndroid Build Coastguard Workertype sysfs_net, fs_type, sysfs_type; 114*e4a36f41SAndroid Build Coastguard Workertype sysfs_power, fs_type, sysfs_type; 115*e4a36f41SAndroid Build Coastguard Workertype sysfs_rtc, fs_type, sysfs_type; 116*e4a36f41SAndroid Build Coastguard Workertype sysfs_suspend_stats, fs_type, sysfs_type; 117*e4a36f41SAndroid Build Coastguard Workertype sysfs_switch, fs_type, sysfs_type; 118*e4a36f41SAndroid Build Coastguard Workertype sysfs_transparent_hugepage, fs_type, sysfs_type; 119*e4a36f41SAndroid Build Coastguard Workertype sysfs_lru_gen_enabled, fs_type, sysfs_type; 120*e4a36f41SAndroid Build Coastguard Workertype sysfs_usb, fs_type, sysfs_type; 121*e4a36f41SAndroid Build Coastguard Workertype sysfs_wakeup, fs_type, sysfs_type; 122*e4a36f41SAndroid Build Coastguard Workertype sysfs_wakeup_reasons, fs_type, sysfs_type; 123*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_ext4_features, sysfs_type, fs_type; 124*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_f2fs, sysfs_type, fs_type; 125*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_fuse_bpf, sysfs_type, fs_type; 126*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_fuse_features, sysfs_type, fs_type; 127*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_incfs_features, sysfs_type, fs_type; 128*e4a36f41SAndroid Build Coastguard Workertype sysfs_fs_incfs_metrics, sysfs_type, fs_type; 129*e4a36f41SAndroid Build Coastguard Workertype sysfs_vendor_sched, sysfs_type, fs_type; 130*e4a36f41SAndroid Build Coastguard Workeruserdebug_or_eng(` 131*e4a36f41SAndroid Build Coastguard Worker typeattribute sysfs_vendor_sched mlstrustedobject; 132*e4a36f41SAndroid Build Coastguard Worker') 133*e4a36f41SAndroid Build Coastguard Workertype fs_bpf, fs_type, bpffs_type; 134*e4a36f41SAndroid Build Coastguard Worker# TODO: S+ fs_bpf_tethering (used by mainline) should be private 135*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_tethering, fs_type, bpffs_type; 136*e4a36f41SAndroid Build Coastguard Workertype fs_bpf_vendor, fs_type, bpffs_type; 137*e4a36f41SAndroid Build Coastguard Workertype configfs, fs_type; 138*e4a36f41SAndroid Build Coastguard Worker# /sys/devices/cs_etm 139*e4a36f41SAndroid Build Coastguard Workertype sysfs_devices_cs_etm, fs_type, sysfs_type; 140*e4a36f41SAndroid Build Coastguard Worker# /sys/devices/system/cpu 141*e4a36f41SAndroid Build Coastguard Workertype sysfs_devices_system_cpu, fs_type, sysfs_type; 142*e4a36f41SAndroid Build Coastguard Worker# /sys/module/lowmemorykiller 143*e4a36f41SAndroid Build Coastguard Workertype sysfs_lowmemorykiller, fs_type, sysfs_type; 144*e4a36f41SAndroid Build Coastguard Worker# /sys/module/wlan/parameters/fwpath 145*e4a36f41SAndroid Build Coastguard Workertype sysfs_wlan_fwpath, fs_type, sysfs_type; 146*e4a36f41SAndroid Build Coastguard Workertype sysfs_vibrator, fs_type, sysfs_type; 147*e4a36f41SAndroid Build Coastguard Workertype sysfs_uhid, fs_type, sysfs_type; 148*e4a36f41SAndroid Build Coastguard Workertype sysfs_thermal, sysfs_type, fs_type; 149*e4a36f41SAndroid Build Coastguard Worker 150*e4a36f41SAndroid Build Coastguard Workertype sysfs_zram, fs_type, sysfs_type; 151*e4a36f41SAndroid Build Coastguard Workertype sysfs_zram_uevent, fs_type, sysfs_type; 152*e4a36f41SAndroid Build Coastguard Workertype inotify, fs_type, mlstrustedobject; 153*e4a36f41SAndroid Build Coastguard Workertype devpts, fs_type, mlstrustedobject; 154*e4a36f41SAndroid Build Coastguard Workertype tmpfs, fs_type; 155*e4a36f41SAndroid Build Coastguard Workertype shm, fs_type; 156*e4a36f41SAndroid Build Coastguard Workertype mqueue, fs_type; 157*e4a36f41SAndroid Build Coastguard Workertype fuse, fusefs_type, fs_type, mlstrustedobject; 158*e4a36f41SAndroid Build Coastguard Workertype fuseblk, sdcard_type, fusefs_type, fs_type, mlstrustedobject; 159*e4a36f41SAndroid Build Coastguard Workertype sdcardfs, sdcard_type, fs_type, mlstrustedobject; 160*e4a36f41SAndroid Build Coastguard Workertype vfat, sdcard_type, fs_type, mlstrustedobject; 161*e4a36f41SAndroid Build Coastguard Workertype exfat, sdcard_type, fs_type, mlstrustedobject; 162*e4a36f41SAndroid Build Coastguard Workertype debugfs, fs_type, debugfs_type; 163*e4a36f41SAndroid Build Coastguard Workertype debugfs_kprobes, fs_type, debugfs_type; 164*e4a36f41SAndroid Build Coastguard Workertype debugfs_mmc, fs_type, debugfs_type; 165*e4a36f41SAndroid Build Coastguard Workertype debugfs_mm_events_tracing, fs_type, debugfs_type, tracefs_type; 166*e4a36f41SAndroid Build Coastguard Workertype debugfs_trace_marker, fs_type, debugfs_type, mlstrustedobject, tracefs_type; 167*e4a36f41SAndroid Build Coastguard Workertype debugfs_tracing, fs_type, debugfs_type, mlstrustedobject, tracefs_type; 168*e4a36f41SAndroid Build Coastguard Workertype debugfs_tracing_debug, fs_type, debugfs_type, mlstrustedobject, tracefs_type; 169*e4a36f41SAndroid Build Coastguard Workertype debugfs_tracing_instances, fs_type, debugfs_type, tracefs_type; 170*e4a36f41SAndroid Build Coastguard Workertype debugfs_tracing_printk_formats, fs_type, debugfs_type, tracefs_type; 171*e4a36f41SAndroid Build Coastguard Workertype debugfs_wakeup_sources, fs_type, debugfs_type; 172*e4a36f41SAndroid Build Coastguard Workertype debugfs_wifi_tracing, fs_type, debugfs_type, tracefs_type; 173*e4a36f41SAndroid Build Coastguard Workertype securityfs, fs_type; 174*e4a36f41SAndroid Build Coastguard Worker 175*e4a36f41SAndroid Build Coastguard Workertype pstorefs, fs_type; 176*e4a36f41SAndroid Build Coastguard Workertype functionfs, fs_type, mlstrustedobject; 177*e4a36f41SAndroid Build Coastguard Workertype oemfs, fs_type, contextmount_type; 178*e4a36f41SAndroid Build Coastguard Workertype usbfs, fs_type; 179*e4a36f41SAndroid Build Coastguard Workertype binfmt_miscfs, fs_type; 180*e4a36f41SAndroid Build Coastguard Workertype app_fusefs, fs_type, fusefs_type, contextmount_type; 181*e4a36f41SAndroid Build Coastguard Worker 182*e4a36f41SAndroid Build Coastguard Worker# File types 183*e4a36f41SAndroid Build Coastguard Workertype unlabeled, file_type; 184*e4a36f41SAndroid Build Coastguard Worker 185*e4a36f41SAndroid Build Coastguard Worker# Default type for anything under /system. 186*e4a36f41SAndroid Build Coastguard Workertype system_file, system_file_type, file_type; 187*e4a36f41SAndroid Build Coastguard Worker# Default type for /system/asan.options 188*e4a36f41SAndroid Build Coastguard Workertype system_asan_options_file, system_file_type, file_type; 189*e4a36f41SAndroid Build Coastguard Worker# Type for /system/etc/event-log-tags (liblog implementation detail) 190*e4a36f41SAndroid Build Coastguard Workertype system_event_log_tags_file, system_file_type, file_type; 191*e4a36f41SAndroid Build Coastguard Worker# Default type for anything under /system/lib[64]. 192*e4a36f41SAndroid Build Coastguard Workertype system_lib_file, system_file_type, file_type; 193*e4a36f41SAndroid Build Coastguard Worker# system libraries that are available only to bootstrap processes 194*e4a36f41SAndroid Build Coastguard Workertype system_bootstrap_lib_file, system_file_type, file_type; 195*e4a36f41SAndroid Build Coastguard Worker# Default type for the group file /system/etc/group. 196*e4a36f41SAndroid Build Coastguard Workertype system_group_file, system_file_type, file_type; 197*e4a36f41SAndroid Build Coastguard Worker# Default type for linker executable /system/bin/linker[64]. 198*e4a36f41SAndroid Build Coastguard Workertype system_linker_exec, system_file_type, file_type; 199*e4a36f41SAndroid Build Coastguard Worker# Default type for linker config /system/etc/ld.config.*. 200*e4a36f41SAndroid Build Coastguard Workertype system_linker_config_file, system_file_type, file_type; 201*e4a36f41SAndroid Build Coastguard Worker# Default type for the passwd file /system/etc/passwd. 202*e4a36f41SAndroid Build Coastguard Workertype system_passwd_file, system_file_type, file_type; 203*e4a36f41SAndroid Build Coastguard Worker# Default type for linker config /system/etc/seccomp_policy/*. 204*e4a36f41SAndroid Build Coastguard Workertype system_seccomp_policy_file, system_file_type, file_type; 205*e4a36f41SAndroid Build Coastguard Worker# Default type for cacerts in /system/etc/security/cacerts/*. 206*e4a36f41SAndroid Build Coastguard Workertype system_security_cacerts_file, system_file_type, file_type; 207*e4a36f41SAndroid Build Coastguard Worker# Default type for /system/bin/tcpdump. 208*e4a36f41SAndroid Build Coastguard Workertype tcpdump_exec, system_file_type, exec_type, file_type; 209*e4a36f41SAndroid Build Coastguard Worker# Default type for zoneinfo files in /system/usr/share/zoneinfo/*. 210*e4a36f41SAndroid Build Coastguard Workertype system_zoneinfo_file, system_file_type, file_type; 211*e4a36f41SAndroid Build Coastguard Worker# Cgroups description file under /system/etc/cgroups.json 212*e4a36f41SAndroid Build Coastguard Workertype cgroup_desc_file, system_file_type, file_type; 213*e4a36f41SAndroid Build Coastguard Worker# Cgroups description file under /system/etc/task_profiles/cgroups_*.json 214*e4a36f41SAndroid Build Coastguard Workertype cgroup_desc_api_file, system_file_type, file_type; 215*e4a36f41SAndroid Build Coastguard Worker# Vendor cgroups description file under /vendor/etc/cgroups.json 216*e4a36f41SAndroid Build Coastguard Workertype vendor_cgroup_desc_file, vendor_file_type, file_type; 217*e4a36f41SAndroid Build Coastguard Worker# Task profiles file under /system/etc/task_profiles.json 218*e4a36f41SAndroid Build Coastguard Workertype task_profiles_file, system_file_type, file_type; 219*e4a36f41SAndroid Build Coastguard Worker# Task profiles file under /system/etc/task_profiles/task_profiles_*.json 220*e4a36f41SAndroid Build Coastguard Workertype task_profiles_api_file, system_file_type, file_type; 221*e4a36f41SAndroid Build Coastguard Worker# Vendor task profiles file under /vendor/etc/task_profiles.json 222*e4a36f41SAndroid Build Coastguard Workertype vendor_task_profiles_file, vendor_file_type, file_type; 223*e4a36f41SAndroid Build Coastguard Worker# Type for /system/apex/com.android.art 224*e4a36f41SAndroid Build Coastguard Workertype art_apex_dir, system_file_type, file_type; 225*e4a36f41SAndroid Build Coastguard Worker# /linkerconfig(/.*)? 226*e4a36f41SAndroid Build Coastguard Workertype linkerconfig_file, file_type; 227*e4a36f41SAndroid Build Coastguard Worker# Control files under /data/incremental 228*e4a36f41SAndroid Build Coastguard Workertype incremental_control_file, file_type, data_file_type, core_data_file_type; 229*e4a36f41SAndroid Build Coastguard Worker 230*e4a36f41SAndroid Build Coastguard Worker# Default type for directories search for 231*e4a36f41SAndroid Build Coastguard Worker# HAL implementations 232*e4a36f41SAndroid Build Coastguard Workertype vendor_hal_file, vendor_file_type, file_type; 233*e4a36f41SAndroid Build Coastguard Worker# Default type for under /vendor or /system/vendor 234*e4a36f41SAndroid Build Coastguard Workertype vendor_file, vendor_file_type, file_type; 235*e4a36f41SAndroid Build Coastguard Worker# Default type for everything in /vendor/app 236*e4a36f41SAndroid Build Coastguard Workertype vendor_app_file, vendor_file_type, file_type; 237*e4a36f41SAndroid Build Coastguard Worker# Default type for everything under /vendor/etc/ 238*e4a36f41SAndroid Build Coastguard Workertype vendor_configs_file, vendor_file_type, file_type; 239*e4a36f41SAndroid Build Coastguard Worker# Default type for all *same process* HALs and their lib/bin dependencies. 240*e4a36f41SAndroid Build Coastguard Worker# e.g. libEGL_xxx.so, [email protected] 241*e4a36f41SAndroid Build Coastguard Workertype same_process_hal_file, vendor_file_type, file_type; 242*e4a36f41SAndroid Build Coastguard Worker# Default type for vndk-sp libs. /vendor/lib/vndk-sp 243*e4a36f41SAndroid Build Coastguard Workertype vndk_sp_file, vendor_file_type, file_type; 244*e4a36f41SAndroid Build Coastguard Worker# Default type for everything in /vendor/framework 245*e4a36f41SAndroid Build Coastguard Workertype vendor_framework_file, vendor_file_type, file_type; 246*e4a36f41SAndroid Build Coastguard Worker# Default type for everything in /vendor/overlay 247*e4a36f41SAndroid Build Coastguard Workertype vendor_overlay_file, vendor_file_type, file_type; 248*e4a36f41SAndroid Build Coastguard Worker# Type for all vendor public libraries. These libs should only be exposed to 249*e4a36f41SAndroid Build Coastguard Worker# apps. ABI stability of these libs is vendor's responsibility. 250*e4a36f41SAndroid Build Coastguard Workertype vendor_public_lib_file, vendor_file_type, file_type; 251*e4a36f41SAndroid Build Coastguard Worker# Type for all vendor public libraries for system. These libs should only be exposed to 252*e4a36f41SAndroid Build Coastguard Worker# system. ABI stability of these libs is vendor's responsibility. 253*e4a36f41SAndroid Build Coastguard Workertype vendor_public_framework_file, vendor_file_type, file_type; 254*e4a36f41SAndroid Build Coastguard Worker 255*e4a36f41SAndroid Build Coastguard Worker# Input configuration 256*e4a36f41SAndroid Build Coastguard Workertype vendor_keylayout_file, vendor_file_type, file_type; 257*e4a36f41SAndroid Build Coastguard Workertype vendor_keychars_file, vendor_file_type, file_type; 258*e4a36f41SAndroid Build Coastguard Workertype vendor_idc_file, vendor_file_type, file_type; 259*e4a36f41SAndroid Build Coastguard Worker 260*e4a36f41SAndroid Build Coastguard Worker# Type for vendor uuid mapping config file 261*e4a36f41SAndroid Build Coastguard Workertype vendor_uuid_mapping_config_file, vendor_file_type, file_type; 262*e4a36f41SAndroid Build Coastguard Worker 263*e4a36f41SAndroid Build Coastguard Worker# SoC-specific virtual machine disk files 264*e4a36f41SAndroid Build Coastguard Workertype vendor_vm_file, vendor_file_type, file_type; 265*e4a36f41SAndroid Build Coastguard Worker# SoC-specific virtual machine disk files that are mutable 266*e4a36f41SAndroid Build Coastguard Workertype vendor_vm_data_file, vendor_file_type, file_type; 267*e4a36f41SAndroid Build Coastguard Worker 268*e4a36f41SAndroid Build Coastguard Worker# /metadata partition itself 269*e4a36f41SAndroid Build Coastguard Workertype metadata_file, file_type; 270*e4a36f41SAndroid Build Coastguard Worker# Vold files within /metadata 271*e4a36f41SAndroid Build Coastguard Workertype vold_metadata_file, file_type; 272*e4a36f41SAndroid Build Coastguard Worker# GSI files within /metadata 273*e4a36f41SAndroid Build Coastguard Workertype gsi_metadata_file, gsi_metadata_file_type, file_type; 274*e4a36f41SAndroid Build Coastguard Worker# DSU (GSI) files within /metadata that are globally readable. 275*e4a36f41SAndroid Build Coastguard Workertype gsi_public_metadata_file, gsi_metadata_file_type, file_type; 276*e4a36f41SAndroid Build Coastguard Worker# system_server shares Weaver slot information in /metadata 277*e4a36f41SAndroid Build Coastguard Workertype password_slot_metadata_file, file_type; 278*e4a36f41SAndroid Build Coastguard Worker# APEX files within /metadata 279*e4a36f41SAndroid Build Coastguard Workertype apex_metadata_file, file_type; 280*e4a36f41SAndroid Build Coastguard Worker# libsnapshot files within /metadata 281*e4a36f41SAndroid Build Coastguard Workertype ota_metadata_file, file_type; 282*e4a36f41SAndroid Build Coastguard Worker# property files within /metadata/bootstat 283*e4a36f41SAndroid Build Coastguard Workertype metadata_bootstat_file, file_type; 284*e4a36f41SAndroid Build Coastguard Worker# userspace reboot files within /metadata/userspacereboot 285*e4a36f41SAndroid Build Coastguard Workertype userspace_reboot_metadata_file, file_type; 286*e4a36f41SAndroid Build Coastguard Worker# Staged install files within /metadata/staged-install 287*e4a36f41SAndroid Build Coastguard Workertype staged_install_file, file_type; 288*e4a36f41SAndroid Build Coastguard Worker# Metadata information within /metadata/watchdog 289*e4a36f41SAndroid Build Coastguard Workertype watchdog_metadata_file, file_type; 290*e4a36f41SAndroid Build Coastguard Worker# Repair mode files within /metadata/repair-mode 291*e4a36f41SAndroid Build Coastguard Workertype repair_mode_metadata_file, file_type; 292*e4a36f41SAndroid Build Coastguard Worker 293*e4a36f41SAndroid Build Coastguard Worker# Type for /dev/cpu_variant:.*. 294*e4a36f41SAndroid Build Coastguard Workertype dev_cpu_variant, file_type; 295*e4a36f41SAndroid Build Coastguard Worker# Speedup access for trusted applications to the runtime event tags 296*e4a36f41SAndroid Build Coastguard Workertype runtime_event_log_tags_file, file_type; 297*e4a36f41SAndroid Build Coastguard Worker# Type for /system/bin/logcat. 298*e4a36f41SAndroid Build Coastguard Workertype logcat_exec, system_file_type, exec_type, file_type; 299*e4a36f41SAndroid Build Coastguard Worker# Speedup access to cgroup map file 300*e4a36f41SAndroid Build Coastguard Workertype cgroup_rc_file, file_type; 301*e4a36f41SAndroid Build Coastguard Worker# /cores for coredumps on userdebug / eng builds 302*e4a36f41SAndroid Build Coastguard Workertype coredump_file, file_type; 303*e4a36f41SAndroid Build Coastguard Worker# Type of /data itself 304*e4a36f41SAndroid Build Coastguard Workertype system_data_root_file, file_type, data_file_type, core_data_file_type; 305*e4a36f41SAndroid Build Coastguard Worker# Default type for anything under /data. 306*e4a36f41SAndroid Build Coastguard Workertype system_data_file, file_type, data_file_type, core_data_file_type; 307*e4a36f41SAndroid Build Coastguard Worker# Default type for directories containing per-user encrypted directories, such 308*e4a36f41SAndroid Build Coastguard Worker# as /data/user and /data/user_de. 309*e4a36f41SAndroid Build Coastguard Workertype system_userdir_file, file_type, data_file_type, core_data_file_type; 310*e4a36f41SAndroid Build Coastguard Worker# Type for /data/system/packages.list. 311*e4a36f41SAndroid Build Coastguard Worker# TODO(b/129332765): Narrow down permissions to this. 312*e4a36f41SAndroid Build Coastguard Worker# Find out users of system_data_file that should be granted only this. 313*e4a36f41SAndroid Build Coastguard Workertype packages_list_file, file_type, data_file_type, core_data_file_type; 314*e4a36f41SAndroid Build Coastguard Workertype game_mode_intervention_list_file, file_type, data_file_type, core_data_file_type; 315*e4a36f41SAndroid Build Coastguard Worker# Default type for anything inside /data/vendor_{ce,de}. 316*e4a36f41SAndroid Build Coastguard Workertype vendor_data_file, file_type, data_file_type; 317*e4a36f41SAndroid Build Coastguard Worker# Type for /data/vendor_{ce,de} themselves. This has core_data_file_type 318*e4a36f41SAndroid Build Coastguard Worker# because these directories themselves are platform-managed; only the files 319*e4a36f41SAndroid Build Coastguard Worker# *inside* them are vendor data. (Somewhat similar to system_data_root_file.) 320*e4a36f41SAndroid Build Coastguard Workertype vendor_userdir_file, file_type, data_file_type, core_data_file_type; 321*e4a36f41SAndroid Build Coastguard Worker# Unencrypted data 322*e4a36f41SAndroid Build Coastguard Workertype unencrypted_data_file, file_type, data_file_type, core_data_file_type; 323*e4a36f41SAndroid Build Coastguard Worker# installd-create files in /data/misc/installd such as layout_version 324*e4a36f41SAndroid Build Coastguard Workertype install_data_file, file_type, data_file_type, core_data_file_type; 325*e4a36f41SAndroid Build Coastguard Worker# /data/drm - DRM plugin data 326*e4a36f41SAndroid Build Coastguard Workertype drm_data_file, file_type, data_file_type, core_data_file_type; 327*e4a36f41SAndroid Build Coastguard Worker# /data/adb - adb debugging files 328*e4a36f41SAndroid Build Coastguard Workertype adb_data_file, file_type, data_file_type, core_data_file_type; 329*e4a36f41SAndroid Build Coastguard Worker# /data/anr - ANR traces 330*e4a36f41SAndroid Build Coastguard Workertype anr_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 331*e4a36f41SAndroid Build Coastguard Worker# /data/tombstones - core dumps 332*e4a36f41SAndroid Build Coastguard Workertype tombstone_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 333*e4a36f41SAndroid Build Coastguard Worker# /data/vendor/tombstones/wifi - vendor wifi dumps 334*e4a36f41SAndroid Build Coastguard Workertype tombstone_wifi_data_file, file_type, data_file_type; 335*e4a36f41SAndroid Build Coastguard Worker# /data/apex - APEX data files 336*e4a36f41SAndroid Build Coastguard Workertype apex_data_file, file_type, data_file_type, core_data_file_type; 337*e4a36f41SAndroid Build Coastguard Worker# /data/app - user-installed apps 338*e4a36f41SAndroid Build Coastguard Workertype apk_data_file, file_type, data_file_type, core_data_file_type; 339*e4a36f41SAndroid Build Coastguard Workertype apk_tmp_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 340*e4a36f41SAndroid Build Coastguard Worker# /data/app-private - forward-locked apps 341*e4a36f41SAndroid Build Coastguard Workertype apk_private_data_file, file_type, data_file_type, core_data_file_type; 342*e4a36f41SAndroid Build Coastguard Workertype apk_private_tmp_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 343*e4a36f41SAndroid Build Coastguard Worker# /data/dalvik-cache 344*e4a36f41SAndroid Build Coastguard Workertype dalvikcache_data_file, file_type, data_file_type, core_data_file_type; 345*e4a36f41SAndroid Build Coastguard Worker# /data/ota 346*e4a36f41SAndroid Build Coastguard Workertype ota_data_file, file_type, data_file_type, core_data_file_type; 347*e4a36f41SAndroid Build Coastguard Worker# /data/ota_package 348*e4a36f41SAndroid Build Coastguard Workertype ota_package_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 349*e4a36f41SAndroid Build Coastguard Worker# /data/misc/profiles 350*e4a36f41SAndroid Build Coastguard Workertype user_profile_root_file, file_type, data_file_type, core_data_file_type; 351*e4a36f41SAndroid Build Coastguard Workertype user_profile_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 352*e4a36f41SAndroid Build Coastguard Worker# /data/misc/profman 353*e4a36f41SAndroid Build Coastguard Workertype profman_dump_data_file, file_type, data_file_type, core_data_file_type; 354*e4a36f41SAndroid Build Coastguard Worker# /data/misc/prereboot 355*e4a36f41SAndroid Build Coastguard Workertype prereboot_data_file, file_type, data_file_type, core_data_file_type; 356*e4a36f41SAndroid Build Coastguard Worker# /data/resource-cache 357*e4a36f41SAndroid Build Coastguard Workertype resourcecache_data_file, file_type, data_file_type, core_data_file_type; 358*e4a36f41SAndroid Build Coastguard Worker# /data/local - writable by shell 359*e4a36f41SAndroid Build Coastguard Workertype shell_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type, mlstrustedobject; 360*e4a36f41SAndroid Build Coastguard Worker# /data/property 361*e4a36f41SAndroid Build Coastguard Workertype property_data_file, file_type, data_file_type, core_data_file_type; 362*e4a36f41SAndroid Build Coastguard Worker# /data/bootchart 363*e4a36f41SAndroid Build Coastguard Workertype bootchart_data_file, file_type, data_file_type, core_data_file_type; 364*e4a36f41SAndroid Build Coastguard Worker# /data/system/dropbox 365*e4a36f41SAndroid Build Coastguard Workertype dropbox_data_file, file_type, data_file_type, core_data_file_type; 366*e4a36f41SAndroid Build Coastguard Worker# /data/system/heapdump 367*e4a36f41SAndroid Build Coastguard Workertype heapdump_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 368*e4a36f41SAndroid Build Coastguard Worker# /data/nativetest 369*e4a36f41SAndroid Build Coastguard Workertype nativetest_data_file, file_type, data_file_type, core_data_file_type; 370*e4a36f41SAndroid Build Coastguard Worker# /data/local/tests 371*e4a36f41SAndroid Build Coastguard Workertype shell_test_data_file, file_type, data_file_type, core_data_file_type; 372*e4a36f41SAndroid Build Coastguard Worker# /data/system_de/0/ringtones 373*e4a36f41SAndroid Build Coastguard Workertype ringtone_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 374*e4a36f41SAndroid Build Coastguard Worker# /data/preloads 375*e4a36f41SAndroid Build Coastguard Workertype preloads_data_file, file_type, data_file_type, core_data_file_type; 376*e4a36f41SAndroid Build Coastguard Worker# /data/preloads/media 377*e4a36f41SAndroid Build Coastguard Workertype preloads_media_file, file_type, data_file_type, core_data_file_type; 378*e4a36f41SAndroid Build Coastguard Worker# /data/misc/dhcp and /data/misc/dhcp-6.8.2 379*e4a36f41SAndroid Build Coastguard Workertype dhcp_data_file, file_type, data_file_type, core_data_file_type; 380*e4a36f41SAndroid Build Coastguard Worker# /data/server_configurable_flags 381*e4a36f41SAndroid Build Coastguard Workertype server_configurable_flags_data_file, file_type, data_file_type, core_data_file_type; 382*e4a36f41SAndroid Build Coastguard Worker# /data/app-staging 383*e4a36f41SAndroid Build Coastguard Workertype staging_data_file, file_type, data_file_type, core_data_file_type; 384*e4a36f41SAndroid Build Coastguard Worker# /vendor/apex 385*e4a36f41SAndroid Build Coastguard Workertype vendor_apex_file, vendor_file_type, file_type; 386*e4a36f41SAndroid Build Coastguard Worker# /data/system/shutdown-checkpoints 387*e4a36f41SAndroid Build Coastguard Workertype shutdown_checkpoints_system_data_file, file_type, data_file_type, core_data_file_type; 388*e4a36f41SAndroid Build Coastguard Worker 389*e4a36f41SAndroid Build Coastguard Worker# Mount locations managed by vold 390*e4a36f41SAndroid Build Coastguard Workertype mnt_media_rw_file, file_type; 391*e4a36f41SAndroid Build Coastguard Workertype mnt_user_file, file_type; 392*e4a36f41SAndroid Build Coastguard Workertype mnt_pass_through_file, file_type; 393*e4a36f41SAndroid Build Coastguard Workertype mnt_expand_file, file_type; 394*e4a36f41SAndroid Build Coastguard Workertype mnt_sdcard_file, file_type; 395*e4a36f41SAndroid Build Coastguard Workertype storage_file, file_type; 396*e4a36f41SAndroid Build Coastguard Worker 397*e4a36f41SAndroid Build Coastguard Worker# Label for storage dirs which are just mount stubs 398*e4a36f41SAndroid Build Coastguard Workertype mnt_media_rw_stub_file, file_type; 399*e4a36f41SAndroid Build Coastguard Workertype storage_stub_file, file_type; 400*e4a36f41SAndroid Build Coastguard Worker 401*e4a36f41SAndroid Build Coastguard Worker# Mount location for read-write vendor partitions. 402*e4a36f41SAndroid Build Coastguard Workertype mnt_vendor_file, file_type; 403*e4a36f41SAndroid Build Coastguard Worker 404*e4a36f41SAndroid Build Coastguard Worker# Mount location for read-write product partitions. 405*e4a36f41SAndroid Build Coastguard Workertype mnt_product_file, file_type; 406*e4a36f41SAndroid Build Coastguard Worker 407*e4a36f41SAndroid Build Coastguard Worker# Mount point used for APEX images 408*e4a36f41SAndroid Build Coastguard Workertype apex_mnt_dir, file_type; 409*e4a36f41SAndroid Build Coastguard Worker 410*e4a36f41SAndroid Build Coastguard Worker# /apex/apex-info-list.xml created by apexd 411*e4a36f41SAndroid Build Coastguard Workertype apex_info_file, file_type; 412*e4a36f41SAndroid Build Coastguard Worker 413*e4a36f41SAndroid Build Coastguard Worker# /postinstall: Mount point used by update_engine to run postinstall. 414*e4a36f41SAndroid Build Coastguard Workertype postinstall_mnt_dir, file_type; 415*e4a36f41SAndroid Build Coastguard Worker# Files inside the /postinstall mountpoint are all labeled as postinstall_file. 416*e4a36f41SAndroid Build Coastguard Workertype postinstall_file, file_type; 417*e4a36f41SAndroid Build Coastguard Worker# /postinstall/apex: Mount point used for APEX images within /postinstall. 418*e4a36f41SAndroid Build Coastguard Workertype postinstall_apex_mnt_dir, file_type; 419*e4a36f41SAndroid Build Coastguard Worker 420*e4a36f41SAndroid Build Coastguard Worker# /data_mirror: Contains mirror directory for storing all apps data. 421*e4a36f41SAndroid Build Coastguard Workertype mirror_data_file, file_type, core_data_file_type; 422*e4a36f41SAndroid Build Coastguard Worker 423*e4a36f41SAndroid Build Coastguard Worker# /data/misc subdirectories 424*e4a36f41SAndroid Build Coastguard Workertype adb_keys_file, file_type, data_file_type, core_data_file_type; 425*e4a36f41SAndroid Build Coastguard Workertype apex_system_server_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type; 426*e4a36f41SAndroid Build Coastguard Workertype apex_module_data_file, file_type, data_file_type, core_data_file_type; 427*e4a36f41SAndroid Build Coastguard Workertype apex_ota_reserved_file, file_type, data_file_type, core_data_file_type; 428*e4a36f41SAndroid Build Coastguard Workertype apex_rollback_data_file, file_type, data_file_type, core_data_file_type; 429*e4a36f41SAndroid Build Coastguard Workertype appcompat_data_file, file_type, data_file_type, core_data_file_type; 430*e4a36f41SAndroid Build Coastguard Workertype audio_data_file, file_type, data_file_type, core_data_file_type; 431*e4a36f41SAndroid Build Coastguard Workertype audioserver_data_file, file_type, data_file_type, core_data_file_type; 432*e4a36f41SAndroid Build Coastguard Workertype bluetooth_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 433*e4a36f41SAndroid Build Coastguard Workertype bluetooth_logs_data_file, file_type, data_file_type, core_data_file_type; 434*e4a36f41SAndroid Build Coastguard Workertype bootstat_data_file, file_type, data_file_type, core_data_file_type; 435*e4a36f41SAndroid Build Coastguard Workertype boottrace_data_file, file_type, data_file_type, core_data_file_type; 436*e4a36f41SAndroid Build Coastguard Workertype camera_data_file, file_type, data_file_type, core_data_file_type; 437*e4a36f41SAndroid Build Coastguard Workertype credstore_data_file, file_type, data_file_type, core_data_file_type; 438*e4a36f41SAndroid Build Coastguard Workertype gatekeeper_data_file, file_type, data_file_type, core_data_file_type; 439*e4a36f41SAndroid Build Coastguard Workertype incident_data_file, file_type, data_file_type, core_data_file_type; 440*e4a36f41SAndroid Build Coastguard Workertype keychain_data_file, file_type, data_file_type, core_data_file_type; 441*e4a36f41SAndroid Build Coastguard Workertype keystore_data_file, file_type, data_file_type, core_data_file_type; 442*e4a36f41SAndroid Build Coastguard Workertype media_data_file, file_type, data_file_type, core_data_file_type; 443*e4a36f41SAndroid Build Coastguard Workertype media_rw_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 444*e4a36f41SAndroid Build Coastguard Workertype media_userdir_file, file_type, data_file_type, core_data_file_type; 445*e4a36f41SAndroid Build Coastguard Workertype misc_user_data_file, file_type, data_file_type, core_data_file_type; 446*e4a36f41SAndroid Build Coastguard Workertype net_data_file, file_type, data_file_type, core_data_file_type; 447*e4a36f41SAndroid Build Coastguard Workertype network_watchlist_data_file, file_type, data_file_type, core_data_file_type; 448*e4a36f41SAndroid Build Coastguard Workertype nfc_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 449*e4a36f41SAndroid Build Coastguard Workertype nfc_logs_data_file, file_type, data_file_type, core_data_file_type; 450*e4a36f41SAndroid Build Coastguard Workertype radio_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type, mlstrustedobject; 451*e4a36f41SAndroid Build Coastguard Workertype recovery_data_file, file_type, data_file_type, core_data_file_type; 452*e4a36f41SAndroid Build Coastguard Workertype shared_relro_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 453*e4a36f41SAndroid Build Coastguard Workertype snapshotctl_log_data_file, file_type, data_file_type, core_data_file_type; 454*e4a36f41SAndroid Build Coastguard Workertype stats_config_data_file, file_type, data_file_type, core_data_file_type; 455*e4a36f41SAndroid Build Coastguard Workertype stats_data_file, file_type, data_file_type, core_data_file_type; 456*e4a36f41SAndroid Build Coastguard Workertype systemkeys_data_file, file_type, data_file_type, core_data_file_type; 457*e4a36f41SAndroid Build Coastguard Workertype textclassifier_data_file, file_type, data_file_type, core_data_file_type; 458*e4a36f41SAndroid Build Coastguard Workertype trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 459*e4a36f41SAndroid Build Coastguard Workertype vpn_data_file, file_type, data_file_type, core_data_file_type; 460*e4a36f41SAndroid Build Coastguard Workertype wifi_data_file, file_type, data_file_type, core_data_file_type; 461*e4a36f41SAndroid Build Coastguard Workertype vold_data_file, file_type, data_file_type, core_data_file_type; 462*e4a36f41SAndroid Build Coastguard Workertype tee_data_file, file_type, data_file_type; 463*e4a36f41SAndroid Build Coastguard Workertype update_engine_data_file, file_type, data_file_type, core_data_file_type; 464*e4a36f41SAndroid Build Coastguard Workertype update_engine_log_data_file, file_type, data_file_type, core_data_file_type; 465*e4a36f41SAndroid Build Coastguard Worker# /data/misc/trace for method traces on userdebug / eng builds 466*e4a36f41SAndroid Build Coastguard Workertype method_trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 467*e4a36f41SAndroid Build Coastguard Workertype gsi_data_file, file_type, data_file_type, core_data_file_type; 468*e4a36f41SAndroid Build Coastguard Workertype radio_core_data_file, file_type, data_file_type, core_data_file_type; 469*e4a36f41SAndroid Build Coastguard Worker 470*e4a36f41SAndroid Build Coastguard Worker# /data/data subdirectories - app sandboxes 471*e4a36f41SAndroid Build Coastguard Workertype app_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 472*e4a36f41SAndroid Build Coastguard Worker# /data/data subdirectories - priv-app sandboxes 473*e4a36f41SAndroid Build Coastguard Workertype privapp_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type; 474*e4a36f41SAndroid Build Coastguard Worker# /data/data subdirectory for system UID apps. 475*e4a36f41SAndroid Build Coastguard Workertype system_app_data_file, file_type, data_file_type, core_data_file_type, app_data_file_type, mlstrustedobject; 476*e4a36f41SAndroid Build Coastguard Worker# Compatibility with type name used in Android 4.3 and 4.4. 477*e4a36f41SAndroid Build Coastguard Worker# Default type for anything under /cache 478*e4a36f41SAndroid Build Coastguard Workertype cache_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 479*e4a36f41SAndroid Build Coastguard Worker# Type for /cache/overlay /mnt/scratch/overlay 480*e4a36f41SAndroid Build Coastguard Workertype overlayfs_file, file_type, data_file_type, core_data_file_type; 481*e4a36f41SAndroid Build Coastguard Worker# Type for /cache/backup_stage/* (fd interchange with apps) 482*e4a36f41SAndroid Build Coastguard Workertype cache_backup_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 483*e4a36f41SAndroid Build Coastguard Worker# type for anything under /cache/backup (local transport storage) 484*e4a36f41SAndroid Build Coastguard Workertype cache_private_backup_file, file_type, data_file_type, core_data_file_type; 485*e4a36f41SAndroid Build Coastguard Worker# Type for anything under /cache/recovery 486*e4a36f41SAndroid Build Coastguard Workertype cache_recovery_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 487*e4a36f41SAndroid Build Coastguard Worker# Default type for anything under /efs 488*e4a36f41SAndroid Build Coastguard Workertype efs_file, file_type; 489*e4a36f41SAndroid Build Coastguard Worker# Type for wallpaper file. 490*e4a36f41SAndroid Build Coastguard Workertype wallpaper_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 491*e4a36f41SAndroid Build Coastguard Worker# Type for shortcut manager icon file. 492*e4a36f41SAndroid Build Coastguard Workertype shortcut_manager_icons, file_type, data_file_type, core_data_file_type, mlstrustedobject; 493*e4a36f41SAndroid Build Coastguard Worker# Type for user icon file. 494*e4a36f41SAndroid Build Coastguard Workertype icon_file, file_type, data_file_type, core_data_file_type; 495*e4a36f41SAndroid Build Coastguard Worker# /mnt/asec 496*e4a36f41SAndroid Build Coastguard Workertype asec_apk_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 497*e4a36f41SAndroid Build Coastguard Worker# Elements of asec files (/mnt/asec) that are world readable 498*e4a36f41SAndroid Build Coastguard Workertype asec_public_file, file_type, data_file_type, core_data_file_type; 499*e4a36f41SAndroid Build Coastguard Worker# /data/app-asec 500*e4a36f41SAndroid Build Coastguard Workertype asec_image_file, file_type, data_file_type, core_data_file_type; 501*e4a36f41SAndroid Build Coastguard Worker# /data/backup and /data/secure/backup 502*e4a36f41SAndroid Build Coastguard Workertype backup_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 503*e4a36f41SAndroid Build Coastguard Worker# All devices have bluetooth efs files. But they 504*e4a36f41SAndroid Build Coastguard Worker# vary per device, so this type is used in per 505*e4a36f41SAndroid Build Coastguard Worker# device policy 506*e4a36f41SAndroid Build Coastguard Workertype bluetooth_efs_file, file_type; 507*e4a36f41SAndroid Build Coastguard Worker# Type for fingerprint template file 508*e4a36f41SAndroid Build Coastguard Workertype fingerprintd_data_file, file_type, data_file_type, core_data_file_type; 509*e4a36f41SAndroid Build Coastguard Worker# Type for _new_ fingerprint template file 510*e4a36f41SAndroid Build Coastguard Workertype fingerprint_vendor_data_file, file_type, data_file_type; 511*e4a36f41SAndroid Build Coastguard Worker# Type for appfuse file. 512*e4a36f41SAndroid Build Coastguard Workertype app_fuse_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; 513*e4a36f41SAndroid Build Coastguard Worker# Type for face template file 514*e4a36f41SAndroid Build Coastguard Workertype face_vendor_data_file, file_type, data_file_type; 515*e4a36f41SAndroid Build Coastguard Worker# Type for iris template file 516*e4a36f41SAndroid Build Coastguard Workertype iris_vendor_data_file, file_type, data_file_type; 517*e4a36f41SAndroid Build Coastguard Worker 518*e4a36f41SAndroid Build Coastguard Worker# Socket types 519*e4a36f41SAndroid Build Coastguard Workertype adbd_socket, file_type, coredomain_socket; 520*e4a36f41SAndroid Build Coastguard Workertype bluetooth_socket, file_type, data_file_type, core_data_file_type, coredomain_socket; 521*e4a36f41SAndroid Build Coastguard Workertype dnsproxyd_socket, file_type, coredomain_socket, mlstrustedobject; 522*e4a36f41SAndroid Build Coastguard Workertype dumpstate_socket, file_type, coredomain_socket; 523*e4a36f41SAndroid Build Coastguard Workertype fwmarkd_socket, file_type, coredomain_socket, mlstrustedobject; 524*e4a36f41SAndroid Build Coastguard Workertype lmkd_socket, file_type, coredomain_socket; 525*e4a36f41SAndroid Build Coastguard Workertype logd_socket, file_type, coredomain_socket, mlstrustedobject; 526*e4a36f41SAndroid Build Coastguard Workertype logdr_socket, file_type, coredomain_socket, mlstrustedobject; 527*e4a36f41SAndroid Build Coastguard Workertype logdw_socket, file_type, coredomain_socket, mlstrustedobject; 528*e4a36f41SAndroid Build Coastguard Workertype mdns_socket, file_type, coredomain_socket; 529*e4a36f41SAndroid Build Coastguard Workertype mdnsd_socket, file_type, coredomain_socket, mlstrustedobject; 530*e4a36f41SAndroid Build Coastguard Workertype misc_logd_file, coredomain_socket, file_type, data_file_type, core_data_file_type; 531*e4a36f41SAndroid Build Coastguard Workertype mtpd_socket, file_type, coredomain_socket; 532*e4a36f41SAndroid Build Coastguard Workertype property_socket, file_type, coredomain_socket, mlstrustedobject; 533*e4a36f41SAndroid Build Coastguard Workertype racoon_socket, file_type, coredomain_socket; 534*e4a36f41SAndroid Build Coastguard Workertype recovery_socket, file_type, coredomain_socket; 535*e4a36f41SAndroid Build Coastguard Workertype rild_socket, file_type; 536*e4a36f41SAndroid Build Coastguard Workertype rild_debug_socket, file_type; 537*e4a36f41SAndroid Build Coastguard Workertype snapuserd_socket, file_type, coredomain_socket; 538*e4a36f41SAndroid Build Coastguard Workertype snapuserd_proxy_socket, file_type, coredomain_socket; 539*e4a36f41SAndroid Build Coastguard Workertype statsdw_socket, file_type, coredomain_socket, mlstrustedobject; 540*e4a36f41SAndroid Build Coastguard Workertype system_wpa_socket, file_type, data_file_type, core_data_file_type, coredomain_socket; 541*e4a36f41SAndroid Build Coastguard Workertype system_ndebug_socket, file_type, data_file_type, core_data_file_type, coredomain_socket, mlstrustedobject; 542*e4a36f41SAndroid Build Coastguard Workertype system_unsolzygote_socket, file_type, data_file_type, core_data_file_type, coredomain_socket, mlstrustedobject; 543*e4a36f41SAndroid Build Coastguard Workertype tombstoned_crash_socket, file_type, coredomain_socket, mlstrustedobject; 544*e4a36f41SAndroid Build Coastguard Workertype tombstoned_java_trace_socket, file_type, mlstrustedobject; 545*e4a36f41SAndroid Build Coastguard Workertype tombstoned_intercept_socket, file_type, coredomain_socket; 546*e4a36f41SAndroid Build Coastguard Workertype traced_consumer_socket, file_type, coredomain_socket, mlstrustedobject; 547*e4a36f41SAndroid Build Coastguard Workertype traced_perf_socket, file_type, coredomain_socket, mlstrustedobject; 548*e4a36f41SAndroid Build Coastguard Workertype traced_producer_socket, file_type, coredomain_socket, mlstrustedobject; 549*e4a36f41SAndroid Build Coastguard Workertype uncrypt_socket, file_type, coredomain_socket; 550*e4a36f41SAndroid Build Coastguard Workertype wpa_socket, file_type, data_file_type, core_data_file_type; 551*e4a36f41SAndroid Build Coastguard Workertype zygote_socket, file_type, coredomain_socket; 552*e4a36f41SAndroid Build Coastguard Workertype heapprofd_socket, file_type, coredomain_socket, mlstrustedobject; 553*e4a36f41SAndroid Build Coastguard Worker# UART (for GPS) control proc file 554*e4a36f41SAndroid Build Coastguard Workertype gps_control, file_type; 555*e4a36f41SAndroid Build Coastguard Worker 556*e4a36f41SAndroid Build Coastguard Worker# PDX endpoint types 557*e4a36f41SAndroid Build Coastguard Workertype pdx_display_dir, pdx_endpoint_dir_type, file_type; 558*e4a36f41SAndroid Build Coastguard Workertype pdx_performance_dir, pdx_endpoint_dir_type, file_type; 559*e4a36f41SAndroid Build Coastguard Workertype pdx_bufferhub_dir, pdx_endpoint_dir_type, file_type; 560*e4a36f41SAndroid Build Coastguard Worker 561*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(display_client, pdx_display_dir) 562*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(display_manager, pdx_display_dir) 563*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(display_screenshot, pdx_display_dir) 564*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(display_vsync, pdx_display_dir) 565*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(performance_client, pdx_performance_dir) 566*e4a36f41SAndroid Build Coastguard Workerpdx_service_socket_types(bufferhub_client, pdx_bufferhub_dir) 567*e4a36f41SAndroid Build Coastguard Worker 568*e4a36f41SAndroid Build Coastguard Worker# file_contexts files 569*e4a36f41SAndroid Build Coastguard Workertype file_contexts_file, system_file_type, file_type; 570*e4a36f41SAndroid Build Coastguard Worker 571*e4a36f41SAndroid Build Coastguard Worker# mac_permissions file 572*e4a36f41SAndroid Build Coastguard Workertype mac_perms_file, system_file_type, file_type; 573*e4a36f41SAndroid Build Coastguard Worker 574*e4a36f41SAndroid Build Coastguard Worker# property_contexts file 575*e4a36f41SAndroid Build Coastguard Workertype property_contexts_file, system_file_type, file_type; 576*e4a36f41SAndroid Build Coastguard Worker 577*e4a36f41SAndroid Build Coastguard Worker# seapp_contexts file 578*e4a36f41SAndroid Build Coastguard Workertype seapp_contexts_file, system_file_type, file_type; 579*e4a36f41SAndroid Build Coastguard Worker 580*e4a36f41SAndroid Build Coastguard Worker# sepolicy files binary and others 581*e4a36f41SAndroid Build Coastguard Workertype sepolicy_file, system_file_type, file_type; 582*e4a36f41SAndroid Build Coastguard Worker 583*e4a36f41SAndroid Build Coastguard Worker# service_contexts file 584*e4a36f41SAndroid Build Coastguard Workertype service_contexts_file, system_file_type, file_type; 585*e4a36f41SAndroid Build Coastguard Worker 586*e4a36f41SAndroid Build Coastguard Worker# keystore2_key_contexts_file 587*e4a36f41SAndroid Build Coastguard Workertype keystore2_key_contexts_file, system_file_type, file_type; 588*e4a36f41SAndroid Build Coastguard Worker 589*e4a36f41SAndroid Build Coastguard Worker# vendor service_contexts file 590*e4a36f41SAndroid Build Coastguard Workertype vendor_service_contexts_file, vendor_file_type, file_type; 591*e4a36f41SAndroid Build Coastguard Worker 592*e4a36f41SAndroid Build Coastguard Worker# hwservice_contexts file 593*e4a36f41SAndroid Build Coastguard Workertype hwservice_contexts_file, system_file_type, file_type; 594*e4a36f41SAndroid Build Coastguard Worker 595*e4a36f41SAndroid Build Coastguard Worker# vndservice_contexts file 596*e4a36f41SAndroid Build Coastguard Workertype vndservice_contexts_file, file_type; 597*e4a36f41SAndroid Build Coastguard Worker 598*e4a36f41SAndroid Build Coastguard Worker# /sys/kernel/tracing/instances/bootreceiver for monitoring kernel memory corruptions. 599*e4a36f41SAndroid Build Coastguard Workertype debugfs_bootreceiver_tracing, fs_type, debugfs_type, tracefs_type; 600*e4a36f41SAndroid Build Coastguard Worker 601*e4a36f41SAndroid Build Coastguard Worker# kernel modules 602*e4a36f41SAndroid Build Coastguard Workertype vendor_kernel_modules, vendor_file_type, file_type; 603*e4a36f41SAndroid Build Coastguard Worker 604*e4a36f41SAndroid Build Coastguard Worker# system_dlkm 605*e4a36f41SAndroid Build Coastguard Workertype system_dlkm_file, system_dlkm_file_type, file_type; 606*e4a36f41SAndroid Build Coastguard Worker 607*e4a36f41SAndroid Build Coastguard Worker# Allow files to be created in their appropriate filesystems. 608*e4a36f41SAndroid Build Coastguard Workerallow fs_type self:filesystem associate; 609*e4a36f41SAndroid Build Coastguard Workerallow cgroup tmpfs:filesystem associate; 610*e4a36f41SAndroid Build Coastguard Workerallow cgroup_v2 tmpfs:filesystem associate; 611*e4a36f41SAndroid Build Coastguard Workerallow cgroup_rc_file tmpfs:filesystem associate; 612*e4a36f41SAndroid Build Coastguard Workerallow sysfs_type sysfs:filesystem associate; 613*e4a36f41SAndroid Build Coastguard Workerallow debugfs_type { debugfs debugfs_tracing debugfs_tracing_debug }:filesystem associate; 614*e4a36f41SAndroid Build Coastguard Workerallow file_type labeledfs:filesystem associate; 615*e4a36f41SAndroid Build Coastguard Workerallow file_type tmpfs:filesystem associate; 616*e4a36f41SAndroid Build Coastguard Workerallow file_type rootfs:filesystem associate; 617*e4a36f41SAndroid Build Coastguard Workerallow dev_type tmpfs:filesystem associate; 618*e4a36f41SAndroid Build Coastguard Workerallow app_fuse_file app_fusefs:filesystem associate; 619*e4a36f41SAndroid Build Coastguard Workerallow postinstall_file self:filesystem associate; 620*e4a36f41SAndroid Build Coastguard Workerallow proc_net proc:filesystem associate; 621*e4a36f41SAndroid Build Coastguard Worker 622*e4a36f41SAndroid Build Coastguard Worker# asanwrapper (run a sanitized app_process, to be used with wrap properties) 623*e4a36f41SAndroid Build Coastguard Workerwith_asan(`type asanwrapper_exec, exec_type, file_type;') 624*e4a36f41SAndroid Build Coastguard Worker 625*e4a36f41SAndroid Build Coastguard Worker# Deprecated in SDK version 28 626*e4a36f41SAndroid Build Coastguard Workertype audiohal_data_file, file_type, data_file_type, core_data_file_type; 627*e4a36f41SAndroid Build Coastguard Worker 628*e4a36f41SAndroid Build Coastguard Worker# It's a bug to assign the file_type attribute and fs_type attribute 629*e4a36f41SAndroid Build Coastguard Worker# to any type. Do not allow it. 630*e4a36f41SAndroid Build Coastguard Worker# 631*e4a36f41SAndroid Build Coastguard Worker# For example, the following is a bug: 632*e4a36f41SAndroid Build Coastguard Worker# type apk_data_file, file_type, data_file_type, fs_type; 633*e4a36f41SAndroid Build Coastguard Worker# Should be: 634*e4a36f41SAndroid Build Coastguard Worker# type apk_data_file, file_type, data_file_type; 635*e4a36f41SAndroid Build Coastguard Workerneverallow fs_type file_type:filesystem associate; 636