d345906b14
New procfs file read by storaged to dump fg/bg IO usage. Remove kmsg rule since it's no longer used by storaged. Allow storaged to find permission_service to translate UID to package name. Test: adb shell storaged -u Bug: 34198239 Change-Id: I74654662c75571cbe166cf2b8cbab84828218cbd
54 lines
2.8 KiB
Text
54 lines
2.8 KiB
Text
# Label inodes with the fs label.
|
|
genfscon rootfs / u:object_r:rootfs:s0
|
|
# proc labeling can be further refined (longest matching prefix).
|
|
genfscon proc / u:object_r:proc:s0
|
|
genfscon proc /interrupts u:object_r:proc_interrupts:s0
|
|
genfscon proc /iomem u:object_r:proc_iomem:s0
|
|
genfscon proc /meminfo u:object_r:proc_meminfo:s0
|
|
genfscon proc /net u:object_r:proc_net:s0
|
|
genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
|
|
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
|
|
genfscon proc /softirqs u:object_r:proc_timer:s0
|
|
genfscon proc /stat u:object_r:proc_stat:s0
|
|
genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0
|
|
genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0
|
|
genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0
|
|
genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0
|
|
genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0
|
|
genfscon proc /sys/net u:object_r:proc_net:s0
|
|
genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0
|
|
genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0
|
|
genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0
|
|
genfscon proc /timer_list u:object_r:proc_timer:s0
|
|
genfscon proc /timer_stats u:object_r:proc_timer:s0
|
|
genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0
|
|
genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0
|
|
genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0
|
|
genfscon proc /uid_io/stats u:object_r:proc_uid_io_stats:s0
|
|
genfscon proc /uid_procstat/set u:object_r:proc_uid_procstat_set:s0
|
|
genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0
|
|
|
|
# selinuxfs booleans can be individually labeled.
|
|
genfscon selinuxfs / u:object_r:selinuxfs:s0
|
|
genfscon cgroup / u:object_r:cgroup:s0
|
|
# sysfs labels can be set by userspace.
|
|
genfscon sysfs / u:object_r:sysfs:s0
|
|
genfscon inotifyfs / u:object_r:inotify:s0
|
|
genfscon vfat / u:object_r:vfat:s0
|
|
genfscon debugfs / u:object_r:debugfs:s0
|
|
genfscon tracefs / u:object_r:debugfs_tracing:s0
|
|
genfscon fuse / u:object_r:fuse:s0
|
|
genfscon configfs / u:object_r:configfs:s0
|
|
genfscon sdcardfs / u:object_r:sdcardfs:s0
|
|
genfscon pstore / u:object_r:pstorefs:s0
|
|
genfscon functionfs / u:object_r:functionfs:s0
|
|
genfscon usbfs / u:object_r:usbfs:s0
|
|
genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0
|