2012-01-04 09:33:27 -08:00
|
|
|
# Filesystem types
|
|
|
|
type labeledfs, fs_type;
|
|
|
|
type pipefs, fs_type;
|
|
|
|
type sockfs, fs_type;
|
|
|
|
type rootfs, fs_type;
|
|
|
|
type proc, fs_type;
|
2012-07-19 11:07:04 -07:00
|
|
|
type qtaguid_proc, fs_type, mlstrustedobject;
|
2013-03-27 03:30:25 -07:00
|
|
|
type proc_bluetooth_writable, fs_type;
|
2012-01-04 09:33:27 -08:00
|
|
|
type selinuxfs, fs_type;
|
|
|
|
type cgroup, fs_type, mlstrustedobject;
|
|
|
|
type sysfs, fs_type, mlstrustedobject;
|
|
|
|
type sysfs_writable, fs_type, sysfs_type, mlstrustedobject;
|
2012-11-16 06:06:47 -08:00
|
|
|
type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject;
|
2012-03-19 12:56:01 -07:00
|
|
|
type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
type inotify, fs_type, mlstrustedobject;
|
2012-11-13 10:00:05 -08:00
|
|
|
type devpts, fs_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
type tmpfs, fs_type;
|
|
|
|
type shm, fs_type;
|
|
|
|
type mqueue, fs_type;
|
2013-03-06 16:26:36 -08:00
|
|
|
type sdcard_internal, sdcard_type, fs_type, mlstrustedobject;
|
|
|
|
type sdcard_external, sdcard_type, fs_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
type debugfs, fs_type, mlstrustedobject;
|
|
|
|
|
|
|
|
# File types
|
|
|
|
type unlabeled, file_type;
|
|
|
|
# Default type for anything under /system.
|
|
|
|
type system_file, file_type;
|
|
|
|
# Default type for anything under /data.
|
|
|
|
type system_data_file, file_type, data_file_type;
|
2012-03-07 11:59:01 -08:00
|
|
|
# /data/drm - DRM plugin data
|
|
|
|
type drm_data_file, file_type, data_file_type;
|
2012-01-04 09:33:27 -08:00
|
|
|
# /data/anr - ANR traces
|
2012-04-04 13:00:11 -07:00
|
|
|
type anr_data_file, file_type, data_file_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
# /data/tombstones - core dumps
|
|
|
|
type tombstone_data_file, file_type, data_file_type;
|
|
|
|
# /data/app - user-installed apps
|
2012-03-19 07:24:52 -07:00
|
|
|
type apk_data_file, file_type, data_file_type;
|
|
|
|
type apk_tmp_file, file_type, data_file_type, mlstrustedobject;
|
2013-04-03 11:21:46 -07:00
|
|
|
# /data/app-private - forward-locked apps
|
|
|
|
type apk_private_data_file, file_type, data_file_type;
|
|
|
|
type apk_private_tmp_file, file_type, data_file_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
# /data/dalvik-cache
|
|
|
|
type dalvikcache_data_file, file_type, data_file_type;
|
|
|
|
# /data/local - writable by shell
|
|
|
|
type shell_data_file, file_type, data_file_type;
|
|
|
|
# /data/gps
|
|
|
|
type gps_data_file, file_type, data_file_type;
|
|
|
|
# /data/misc subdirectories
|
|
|
|
type bluetoothd_data_file, file_type, data_file_type;
|
|
|
|
type bluetooth_data_file, file_type, data_file_type;
|
|
|
|
type keystore_data_file, file_type, data_file_type;
|
|
|
|
type vpn_data_file, file_type, data_file_type;
|
|
|
|
type systemkeys_data_file, file_type, data_file_type;
|
|
|
|
type wifi_data_file, file_type, data_file_type;
|
|
|
|
type radio_data_file, file_type, data_file_type;
|
|
|
|
type nfc_data_file, file_type, data_file_type;
|
2012-07-19 10:34:39 -07:00
|
|
|
type camera_calibration_file, file_type, data_file_type;
|
2012-01-04 09:33:27 -08:00
|
|
|
# /data/data subdirectories - app sandboxes
|
|
|
|
type app_data_file, file_type, data_file_type;
|
2012-07-27 08:07:09 -07:00
|
|
|
type platform_app_data_file, file_type, data_file_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
# Default type for anything under /cache
|
|
|
|
type cache_file, file_type, mlstrustedobject;
|
2012-12-04 05:13:58 -08:00
|
|
|
# Type for /cache/.*\.{data|restore} and default
|
|
|
|
# type for anything under /cache/backup
|
|
|
|
type cache_backup_file, file_type, mlstrustedobject;
|
2012-01-04 09:33:27 -08:00
|
|
|
# Default type for anything under /efs
|
|
|
|
type efs_file, file_type;
|
2012-03-19 07:29:36 -07:00
|
|
|
# Type for wallpaper file.
|
2012-06-27 05:50:27 -07:00
|
|
|
type wallpaper_file, file_type, mlstrustedobject;
|
2012-10-22 10:50:01 -07:00
|
|
|
# /mnt/asec
|
|
|
|
type asec_apk_file, file_type, data_file_type;
|
|
|
|
# /data/app-asec
|
|
|
|
type asec_image_file, file_type, data_file_type;
|
2012-12-04 05:13:58 -08:00
|
|
|
# /data/backup and /data/secure/backup
|
|
|
|
type backup_data_file, file_type, data_file_type, mlstrustedobject;
|
2013-01-23 14:02:43 -08:00
|
|
|
# For /data/security
|
|
|
|
type security_file, file_type;
|
2012-05-31 06:40:12 -07:00
|
|
|
# All devices have bluetooth efs files. But they
|
|
|
|
# vary per device, so this type is used in per
|
2012-09-06 18:50:35 -07:00
|
|
|
# device policy
|
2012-05-31 06:40:12 -07:00
|
|
|
type bluetooth_efs_file, file_type;
|
|
|
|
|
2012-01-04 09:33:27 -08:00
|
|
|
# Socket types
|
2012-11-16 06:06:47 -08:00
|
|
|
type adbd_socket, file_type;
|
2012-01-04 09:33:27 -08:00
|
|
|
type bluetooth_socket, file_type;
|
|
|
|
type dbus_socket, file_type;
|
|
|
|
type dnsproxyd_socket, file_type, mlstrustedobject;
|
|
|
|
type gps_socket, file_type;
|
|
|
|
type installd_socket, file_type;
|
|
|
|
type keystore_socket, file_type;
|
|
|
|
type netd_socket, file_type;
|
|
|
|
type property_socket, file_type;
|
|
|
|
type qemud_socket, file_type;
|
2013-01-07 06:21:18 -08:00
|
|
|
type racoon_socket, file_type;
|
2012-01-04 09:33:27 -08:00
|
|
|
type rild_socket, file_type;
|
|
|
|
type rild_debug_socket, file_type;
|
|
|
|
type system_wpa_socket, file_type;
|
|
|
|
type vold_socket, file_type;
|
|
|
|
type wpa_socket, file_type;
|
|
|
|
type zygote_socket, file_type;
|
|
|
|
|
2012-07-10 14:36:22 -07:00
|
|
|
# UART (for GPS) control proc file
|
|
|
|
type gps_control, file_type;
|
|
|
|
|
2012-01-04 09:33:27 -08:00
|
|
|
# Allow files to be created in their appropriate filesystems.
|
|
|
|
allow fs_type self:filesystem associate;
|
|
|
|
allow sysfs_type sysfs:filesystem associate;
|
|
|
|
allow file_type labeledfs:filesystem associate;
|
|
|
|
allow file_type tmpfs:filesystem associate;
|
|
|
|
allow dev_type tmpfs:filesystem associate;
|