platform_system_sepolicy/private/file.te
Jeff Vander Stoep bc0fa66cbe Policy for using Apex sepolicy
Bug: 199914227
Test: aosp/1910032
Change-Id: I0726facbf0c28c486ef6501718a6013a040e4b0e
2021-12-14 13:54:03 +01:00

83 lines
3 KiB
Text

# /proc/config.gz
type config_gz, fs_type, proc_type;
# /data/misc/storaged
type storaged_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/wmtrace for wm traces
type wm_trace_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/a11ytrace for accessibility traces
type accessibility_trace_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/perfetto-traces for perfetto traces
type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/perfetto-traces/bugreport for perfetto traces for bugreports.
type perfetto_traces_bugreport_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/perfetto-configs for perfetto configs
type perfetto_configs_data_file, file_type, data_file_type, core_data_file_type;
# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds.
type debugfs_kcov, fs_type, debugfs_type;
# App executable files in /data/data directories
type app_exec_data_file, file_type, data_file_type, core_data_file_type;
typealias app_exec_data_file alias rs_data_file;
# /data/misc_[ce|de]/rollback : Used by installd to store snapshots
# of application data.
type rollback_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc_ce/checkin for checkin apps.
type checkin_data_file, file_type, data_file_type, core_data_file_type;
# /data/gsi/ota
type ota_image_data_file, file_type, data_file_type, core_data_file_type;
# /data/gsi_persistent_data
type gsi_persistent_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/emergencynumberdb
type emergency_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/profcollectd
type profcollectd_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/apexdata/com.android.art
type apex_art_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type;
# /data/misc/apexdata/com.android.art/staging
type apex_art_staging_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/apexdata/com.android.compos
type apex_compos_data_file, file_type, data_file_type, core_data_file_type, apex_data_file_type;
# /data/font/files
type font_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/odrefresh
type odrefresh_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/odsign
type odsign_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/virtualizationservice
type virtualizationservice_data_file, file_type, data_file_type, core_data_file_type;
# /data/system/environ
type environ_system_data_file, file_type, data_file_type, core_data_file_type;
# /dev/kvm
type kvm_device, dev_type;
# /apex/com.android.virt/bin/fd_server
type fd_server_exec, system_file_type, exec_type, file_type;
# /metadata/sepolicy
type sepolicy_metadata_file, file_type;
# /dev/selinux/test - used to verify that apex sepolicy is loaded and
# property labeled.
type sepolicy_test_file, file_type;