7a4af30b38
Files in /proc/net leak information. This change is the first step in
determining which files apps may use, whitelisting benign access, and
otherwise removing access while providing safe alternative APIs.
To that end, this change:
* Introduces the proc_net_type attribute which will assigned to any
new SELinux types in /proc/net to avoid removing access to privileged
processes. These processes may be evaluated later, but are lower
priority than apps.
* Labels /proc/net/{tcp,tcp6,udp,udp6} as proc_net_vpn due to existing
use by VPN apps. This may be replaced by an alternative API.
* Audits all other proc/net access for apps.
* Audits proc/net access for other processes which are currently
granted broad read access to /proc/net but should not be including
storaged, zygote, clatd, logd, preopt2cachename and vold.
Bug: 9496886
Bug: 68016944
Test: Boot Taimen-userdebug. On both wifi and cellular: stream youtube
navigate maps, send text message, make voice call, make video call.
Verify no avc "granted" messages in the logs.
Test: A few VPN apps including "VPN Monster", "Turbo VPN", and
"Freighter". Verify no logspam with the current setup.
Test: atest CtsNativeNetTestCases
Test: atest netd_integration_test
Test: atest QtaguidPermissionTest
Test: atest FileSystemPermissionTest
Change-Id: I7e49f796a25cf68bc698c6c9206e24af3ae11457
Merged-In: I7e49f796a25cf68bc698c6c9206e24af3ae11457
(cherry picked from commit 087318957f)
254 lines
19 KiB
Text
254 lines
19 KiB
Text
# Label inodes with the fs label.
|
|
genfscon rootfs / u:object_r:rootfs:s0
|
|
# proc labeling can be further refined (longest matching prefix).
|
|
genfscon proc / u:object_r:proc:s0
|
|
genfscon proc /asound u:object_r:proc_asound:s0
|
|
genfscon proc /buddyinfo u:object_r:proc_buddyinfo:s0
|
|
genfscon proc /cmdline u:object_r:proc_cmdline:s0
|
|
genfscon proc /config.gz u:object_r:config_gz:s0
|
|
genfscon proc /diskstats u:object_r:proc_diskstats:s0
|
|
genfscon proc /filesystems u:object_r:proc_filesystems:s0
|
|
genfscon proc /interrupts u:object_r:proc_interrupts:s0
|
|
genfscon proc /iomem u:object_r:proc_iomem:s0
|
|
genfscon proc /kmsg u:object_r:proc_kmsg:s0
|
|
genfscon proc /loadavg u:object_r:proc_loadavg:s0
|
|
genfscon proc /meminfo u:object_r:proc_meminfo:s0
|
|
genfscon proc /misc u:object_r:proc_misc:s0
|
|
genfscon proc /modules u:object_r:proc_modules:s0
|
|
genfscon proc /mounts u:object_r:proc_mounts:s0
|
|
genfscon proc /net u:object_r:proc_net:s0
|
|
genfscon proc /net/tcp u:object_r:proc_net_vpn:s0
|
|
genfscon proc /net/udp u:object_r:proc_net_vpn:s0
|
|
genfscon proc /net/xt_qtaguid/ctrl u:object_r:proc_qtaguid_ctrl:s0
|
|
genfscon proc /net/xt_qtaguid/ u:object_r:proc_qtaguid_stat:s0
|
|
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
|
|
genfscon proc /pagetypeinfo u:object_r:proc_pagetypeinfo:s0
|
|
genfscon proc /softirqs u:object_r:proc_timer:s0
|
|
genfscon proc /stat u:object_r:proc_stat:s0
|
|
genfscon proc /swaps u:object_r:proc_swaps:s0
|
|
genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0
|
|
genfscon proc /sys/abi/swp u:object_r:proc_abi:s0
|
|
genfscon proc /sys/fs/pipe-max-size u:object_r:proc_pipe_conf:s0
|
|
genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0
|
|
genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0
|
|
genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/core_pipe_limit u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/domainname u:object_r:proc_hostname:s0
|
|
genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/hostname u:object_r:proc_hostname:s0
|
|
genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/hung_task_timeout_secs u:object_r:proc_hung_task:s0
|
|
genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/panic_on_oops u:object_r:proc_panic:s0
|
|
genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0
|
|
genfscon proc /sys/kernel/perf_event_paranoid u:object_r:proc_perf:s0
|
|
genfscon proc /sys/kernel/pid_max u:object_r:proc_pid_max:s0
|
|
genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/random u:object_r:proc_random:s0
|
|
genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/sched_child_runs_first u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_latency_ns u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_rt_period_us u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_rt_runtime_us u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_schedstats u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_tunable_scaling u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sched_wakeup_granularity_ns u:object_r:proc_sched:s0
|
|
genfscon proc /sys/kernel/sysrq u:object_r:proc_sysrq:s0
|
|
genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/net u:object_r:proc_net:s0
|
|
genfscon proc /sys/vm/dirty_background_ratio u:object_r:proc_dirty:s0
|
|
genfscon proc /sys/vm/dirty_expire_centisecs u:object_r:proc_dirty:s0
|
|
genfscon proc /sys/vm/extra_free_kbytes u:object_r:proc_extra_free_kbytes:s0
|
|
genfscon proc /sys/vm/max_map_count u:object_r:proc_max_map_count:s0
|
|
genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0
|
|
genfscon proc /sys/vm/mmap_rnd_bits u:object_r:proc_security:s0
|
|
genfscon proc /sys/vm/mmap_rnd_compat_bits u:object_r:proc_security:s0
|
|
genfscon proc /sys/vm/page-cluster u:object_r:proc_page_cluster:s0
|
|
genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0
|
|
genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0
|
|
genfscon proc /sys/vm/min_free_order_shift u:object_r:proc_min_free_order_shift:s0
|
|
genfscon proc /timer_list u:object_r:proc_timer:s0
|
|
genfscon proc /timer_stats u:object_r:proc_timer:s0
|
|
genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0
|
|
genfscon proc /uid/ u:object_r:proc_uid_time_in_state:s0
|
|
genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0
|
|
genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0
|
|
genfscon proc /uid_io/stats u:object_r:proc_uid_io_stats:s0
|
|
genfscon proc /uid_procstat/set u:object_r:proc_uid_procstat_set:s0
|
|
genfscon proc /uid_time_in_state u:object_r:proc_uid_time_in_state:s0
|
|
genfscon proc /uid_concurrent_active_time u:object_r:proc_uid_concurrent_active_time:s0
|
|
genfscon proc /uid_concurrent_policy_time u:object_r:proc_uid_concurrent_policy_time:s0
|
|
genfscon proc /uid_cpupower/ u:object_r:proc_uid_cpupower:s0
|
|
genfscon proc /uptime u:object_r:proc_uptime:s0
|
|
genfscon proc /version u:object_r:proc_version:s0
|
|
genfscon proc /vmallocinfo u:object_r:proc_vmallocinfo:s0
|
|
genfscon proc /vmstat u:object_r:proc_vmstat:s0
|
|
genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0
|
|
|
|
# selinuxfs booleans can be individually labeled.
|
|
genfscon selinuxfs / u:object_r:selinuxfs:s0
|
|
genfscon cgroup / u:object_r:cgroup:s0
|
|
genfscon cgroup2 / u:object_r:cgroup_bpf:s0
|
|
# sysfs labels can be set by userspace.
|
|
genfscon sysfs / u:object_r:sysfs:s0
|
|
genfscon sysfs /devices/system/cpu u:object_r:sysfs_devices_system_cpu:s0
|
|
genfscon sysfs /class/android_usb u:object_r:sysfs_android_usb:s0
|
|
genfscon sysfs /class/leds u:object_r:sysfs_leds:s0
|
|
genfscon sysfs /class/net u:object_r:sysfs_net:s0
|
|
genfscon sysfs /class/rtc u:object_r:sysfs_rtc:s0
|
|
genfscon sysfs /class/switch u:object_r:sysfs_switch:s0
|
|
genfscon sysfs /devices/platform/nfc-power/nfc_power u:object_r:sysfs_nfc_power_writable:s0
|
|
genfscon sysfs /devices/virtual/android_usb u:object_r:sysfs_android_usb:s0
|
|
genfscon sysfs /devices/virtual/block/dm- u:object_r:sysfs_dm:s0
|
|
genfscon sysfs /devices/virtual/block/zram0 u:object_r:sysfs_zram:s0
|
|
genfscon sysfs /devices/virtual/block/zram1 u:object_r:sysfs_zram:s0
|
|
genfscon sysfs /devices/virtual/block/zram0/uevent u:object_r:sysfs_zram_uevent:s0
|
|
genfscon sysfs /devices/virtual/block/zram1/uevent u:object_r:sysfs_zram_uevent:s0
|
|
genfscon sysfs /devices/virtual/misc/hw_random u:object_r:sysfs_hwrandom:s0
|
|
genfscon sysfs /devices/virtual/switch u:object_r:sysfs_switch:s0
|
|
genfscon sysfs /firmware/devicetree/base/firmware/android u:object_r:sysfs_dt_firmware_android:s0
|
|
genfscon sysfs /fs/ext4/features u:object_r:sysfs_fs_ext4_features:s0
|
|
genfscon sysfs /power/autosleep u:object_r:sysfs_power:s0
|
|
genfscon sysfs /power/state u:object_r:sysfs_power:s0
|
|
genfscon sysfs /power/wakeup_count u:object_r:sysfs_power:s0
|
|
genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0
|
|
genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0
|
|
genfscon sysfs /kernel/memory_state_time u:object_r:sysfs_power:s0
|
|
genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0
|
|
genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0
|
|
genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0
|
|
genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0
|
|
genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0
|
|
genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0
|
|
genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0
|
|
|
|
genfscon debugfs /mmc0 u:object_r:debugfs_mmc:s0
|
|
genfscon debugfs /tracing u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs / u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/tracing_on u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /tracing_on u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/trace u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /trace u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/per_cpu/cpu u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /per_cpu/cpu u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon debugfs /tracing/instances u:object_r:debugfs_tracing_instances:s0
|
|
genfscon tracefs /instances u:object_r:debugfs_tracing_instances:s0
|
|
genfscon debugfs /tracing/instances/wifi u:object_r:debugfs_wifi_tracing:s0
|
|
genfscon tracefs /instances/wifi u:object_r:debugfs_wifi_tracing:s0
|
|
genfscon debugfs /tracing/trace_marker u:object_r:debugfs_trace_marker:s0
|
|
genfscon tracefs /trace_marker u:object_r:debugfs_trace_marker:s0
|
|
genfscon debugfs /wakeup_sources u:object_r:debugfs_wakeup_sources:s0
|
|
|
|
genfscon debugfs /tracing/events/sync/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/workqueue/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/regulator/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/pagecache/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/irq/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/ipi/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_get_data_block/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_iget/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_es_lookup_extent_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_es_lookup_extent_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_load_inode/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon tracefs /events/sync/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/workqueue/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/regulator/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/pagecache/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/irq/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/ipi/ u:object_r:debugfs_tracing_debug:s0
|
|
genfscon tracefs /events/f2fs/f2fs_get_data_block/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/f2fs/f2fs_iget/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_es_lookup_extent_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_es_lookup_extent_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_load_inode/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon tracefs /trace_clock u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /buffer_size_kb u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /options/overwrite u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /options/print-tgid u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /saved_cmdlines_size u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/sched/sched_switch/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/cgroup/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/power/cpu_idle/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/binder/binder_lock/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/binder/binder_locked/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0
|
|
genfscon tracefs /events/lowmemorykiller/ u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon debugfs /tracing/trace_clock u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/buffer_size_kb u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/options/overwrite u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/options/print-tgid u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/saved_cmdlines_size u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/sched/sched_switch/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/cgroup/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/power/cpu_idle/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/binder/binder_lock/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/binder/binder_locked/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0
|
|
genfscon debugfs /tracing/events/lowmemorykiller/ u:object_r:debugfs_tracing:s0
|
|
|
|
genfscon inotifyfs / u:object_r:inotify:s0
|
|
genfscon vfat / u:object_r:vfat:s0
|
|
genfscon exfat / u:object_r:exfat:s0
|
|
genfscon debugfs / u:object_r:debugfs:s0
|
|
genfscon fuse / u:object_r:fuse:s0
|
|
genfscon configfs / u:object_r:configfs:s0
|
|
genfscon sdcardfs / u:object_r:sdcardfs:s0
|
|
genfscon esdfs / u:object_r:sdcardfs:s0
|
|
genfscon pstore / u:object_r:pstorefs:s0
|
|
genfscon functionfs / u:object_r:functionfs:s0
|
|
genfscon usbfs / u:object_r:usbfs:s0
|
|
genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0
|
|
genfscon bpf / u:object_r:fs_bpf:s0
|