From 9ea0af1e9af2aa1cc633312ef23df7d7622ff400 Mon Sep 17 00:00:00 2001 From: Tri Vo Date: Wed, 29 May 2019 01:09:16 +0000 Subject: [PATCH] Revert "DO NOT MERGE Fake 29.0 sepolicy prebuilts" This reverts commit bc8dc3aa9d03598fc69df3e0b3990cddcf807616. Reason for revert: breaks build Change-Id: I4163392f3a0f56add59d0d2a1d2695cee09cc32e --- prebuilts/api/29.0/private/access_vectors | 746 ----- prebuilts/api/29.0/private/adbd.te | 190 -- .../29.0/private/apex_test_prepostinstall.te | 20 - prebuilts/api/29.0/private/apexd.te | 116 - prebuilts/api/29.0/private/app.te | 17 - prebuilts/api/29.0/private/app_neverallows.te | 293 -- prebuilts/api/29.0/private/app_zygote.te | 158 - .../29.0/private/art_apex_boot_integrity.te | 28 - .../api/29.0/private/art_apex_postinstall.te | 31 - .../api/29.0/private/art_apex_preinstall.te | 33 - prebuilts/api/29.0/private/asan_extract.te | 8 - prebuilts/api/29.0/private/ashmemd.te | 9 - prebuilts/api/29.0/private/atrace.te | 78 - prebuilts/api/29.0/private/audioserver.te | 98 - prebuilts/api/29.0/private/auditctl.te | 18 - .../private/binder_in_vendor_violators.te | 1 - .../api/29.0/private/binderservicedomain.te | 22 - prebuilts/api/29.0/private/blank_screen.te | 6 - prebuilts/api/29.0/private/blkid.te | 22 - prebuilts/api/29.0/private/blkid_untrusted.te | 37 - prebuilts/api/29.0/private/bluetooth.te | 83 - prebuilts/api/29.0/private/bluetoothdomain.te | 2 - prebuilts/api/29.0/private/bootanim.te | 6 - prebuilts/api/29.0/private/bootstat.te | 3 - prebuilts/api/29.0/private/bpfloader.te | 30 - prebuilts/api/29.0/private/bufferhubd.te | 3 - prebuilts/api/29.0/private/bug_map | 31 - prebuilts/api/29.0/private/cameraserver.te | 6 - prebuilts/api/29.0/private/charger.te | 1 - prebuilts/api/29.0/private/clatd.te | 36 - .../api/29.0/private/compat/26.0/26.0.cil | 783 ----- .../29.0/private/compat/26.0/26.0.compat.cil | 4 - .../29.0/private/compat/26.0/26.0.ignore.cil | 224 -- .../api/29.0/private/compat/27.0/27.0.cil | 1505 --------- .../29.0/private/compat/27.0/27.0.compat.cil | 4 - .../29.0/private/compat/27.0/27.0.ignore.cil | 201 -- .../api/29.0/private/compat/28.0/28.0.cil | 1745 ----------- .../29.0/private/compat/28.0/28.0.compat.cil | 4 - .../29.0/private/compat/28.0/28.0.ignore.cil | 149 - prebuilts/api/29.0/private/coredomain.te | 207 -- prebuilts/api/29.0/private/cppreopts.te | 27 - prebuilts/api/29.0/private/crash_dump.te | 49 - prebuilts/api/29.0/private/dex2oat.te | 84 - prebuilts/api/29.0/private/dexoptanalyzer.te | 32 - prebuilts/api/29.0/private/dhcp.te | 4 - prebuilts/api/29.0/private/dnsmasq.te | 1 - prebuilts/api/29.0/private/domain.te | 314 -- prebuilts/api/29.0/private/drmserver.te | 7 - prebuilts/api/29.0/private/dumpstate.te | 52 - prebuilts/api/29.0/private/ephemeral_app.te | 102 - prebuilts/api/29.0/private/fastbootd.te | 1 - prebuilts/api/29.0/private/file.te | 22 - prebuilts/api/29.0/private/file_contexts | 652 ---- prebuilts/api/29.0/private/file_contexts_asan | 12 - .../api/29.0/private/file_contexts_overlayfs | 9 - prebuilts/api/29.0/private/fingerprintd.te | 3 - .../api/29.0/private/flags_health_check.te | 3 - prebuilts/api/29.0/private/fs_use | 25 - prebuilts/api/29.0/private/fsck.te | 5 - prebuilts/api/29.0/private/fsck_untrusted.te | 1 - prebuilts/api/29.0/private/fsverity_init.te | 25 - prebuilts/api/29.0/private/fwk_bufferhub.te | 8 - prebuilts/api/29.0/private/gatekeeperd.te | 3 - prebuilts/api/29.0/private/genfs_contexts | 296 -- prebuilts/api/29.0/private/gpuservice.te | 41 - prebuilts/api/29.0/private/gsid.te | 132 - .../api/29.0/private/hal_allocator_default.te | 8 - prebuilts/api/29.0/private/halclientdomain.te | 13 - prebuilts/api/29.0/private/halserverdomain.te | 12 - prebuilts/api/29.0/private/healthd.te | 6 - prebuilts/api/29.0/private/heapprofd.te | 77 - prebuilts/api/29.0/private/hwservice_contexts | 82 - .../api/29.0/private/hwservicemanager.te | 8 - prebuilts/api/29.0/private/idmap.te | 3 - prebuilts/api/29.0/private/incident.te | 30 - prebuilts/api/29.0/private/incident_helper.te | 14 - prebuilts/api/29.0/private/incidentd.te | 177 -- prebuilts/api/29.0/private/init.te | 34 - .../api/29.0/private/initial_sid_contexts | 27 - prebuilts/api/29.0/private/initial_sids | 35 - prebuilts/api/29.0/private/inputflinger.te | 3 - .../api/29.0/private/install_recovery.te | 3 - prebuilts/api/29.0/private/installd.te | 41 - prebuilts/api/29.0/private/iorapd.te | 4 - prebuilts/api/29.0/private/isolated_app.te | 153 - prebuilts/api/29.0/private/iw.te | 4 - prebuilts/api/29.0/private/kernel.te | 8 - prebuilts/api/29.0/private/keys.conf | 28 - prebuilts/api/29.0/private/keystore.te | 19 - prebuilts/api/29.0/private/llkd.te | 53 - prebuilts/api/29.0/private/lmkd.te | 3 - prebuilts/api/29.0/private/logd.te | 37 - prebuilts/api/29.0/private/logpersist.te | 24 - prebuilts/api/29.0/private/lpdumpd.te | 41 - .../api/29.0/private/mac_permissions.xml | 62 - prebuilts/api/29.0/private/mdnsd.te | 12 - prebuilts/api/29.0/private/mediadrmserver.te | 8 - prebuilts/api/29.0/private/mediaextractor.te | 7 - prebuilts/api/29.0/private/mediametrics.te | 3 - prebuilts/api/29.0/private/mediaprovider.te | 46 - prebuilts/api/29.0/private/mediaserver.te | 8 - prebuilts/api/29.0/private/mediaswcodec.te | 4 - prebuilts/api/29.0/private/mls | 107 - prebuilts/api/29.0/private/mls_decl | 10 - prebuilts/api/29.0/private/mls_macros | 54 - prebuilts/api/29.0/private/modprobe.te | 1 - prebuilts/api/29.0/private/mtp.te | 3 - prebuilts/api/29.0/private/netd.te | 30 - .../api/29.0/private/netutils_wrapper.te | 44 - prebuilts/api/29.0/private/network_stack.te | 30 - prebuilts/api/29.0/private/nfc.te | 34 - prebuilts/api/29.0/private/notify_traceur.te | 12 - .../api/29.0/private/otapreopt_chroot.te | 74 - prebuilts/api/29.0/private/otapreopt_slot.te | 28 - prebuilts/api/29.0/private/perfetto.te | 74 - prebuilts/api/29.0/private/performanced.te | 3 - prebuilts/api/29.0/private/perfprofd.te | 28 - prebuilts/api/29.0/private/platform_app.te | 103 - .../api/29.0/private/policy_capabilities | 20 - prebuilts/api/29.0/private/port_contexts | 3 - prebuilts/api/29.0/private/postinstall.te | 3 - .../api/29.0/private/postinstall_dexopt.te | 75 - prebuilts/api/29.0/private/ppp.te | 3 - prebuilts/api/29.0/private/preloads_copy.te | 14 - .../api/29.0/private/preopt2cachename.te | 17 - prebuilts/api/29.0/private/priv_app.te | 254 -- prebuilts/api/29.0/private/profman.te | 1 - prebuilts/api/29.0/private/property_contexts | 200 -- prebuilts/api/29.0/private/racoon.te | 3 - prebuilts/api/29.0/private/radio.te | 8 - prebuilts/api/29.0/private/recovery.te | 1 - .../api/29.0/private/recovery_persist.te | 6 - .../api/29.0/private/recovery_refresh.te | 6 - prebuilts/api/29.0/private/roles_decl | 1 - prebuilts/api/29.0/private/rs.te | 39 - prebuilts/api/29.0/private/rss_hwm_reset.te | 14 - prebuilts/api/29.0/private/runas.te | 4 - prebuilts/api/29.0/private/runas_app.te | 18 - prebuilts/api/29.0/private/sdcardd.te | 3 - prebuilts/api/29.0/private/seapp_contexts | 164 - prebuilts/api/29.0/private/secure_element.te | 14 - prebuilts/api/29.0/private/security_classes | 155 - prebuilts/api/29.0/private/service.te | 7 - prebuilts/api/29.0/private/service_contexts | 221 -- prebuilts/api/29.0/private/servicemanager.te | 5 - prebuilts/api/29.0/private/sgdisk.te | 1 - prebuilts/api/29.0/private/shared_relro.te | 5 - prebuilts/api/29.0/private/shell.te | 76 - .../api/29.0/private/simpleperf_app_runner.te | 3 - prebuilts/api/29.0/private/slideshow.te | 1 - prebuilts/api/29.0/private/stats.te | 52 - prebuilts/api/29.0/private/statsd.te | 23 - prebuilts/api/29.0/private/storaged.te | 61 - prebuilts/api/29.0/private/su.te | 23 - prebuilts/api/29.0/private/surfaceflinger.te | 123 - prebuilts/api/29.0/private/system_app.te | 145 - prebuilts/api/29.0/private/system_server.te | 1050 ------- .../api/29.0/private/system_server_startup.te | 23 - prebuilts/api/29.0/private/system_suspend.te | 25 - prebuilts/api/29.0/private/technical_debt.cil | 57 - prebuilts/api/29.0/private/thermalserviced.te | 4 - prebuilts/api/29.0/private/tombstoned.te | 3 - prebuilts/api/29.0/private/toolbox.te | 3 - prebuilts/api/29.0/private/traced.te | 82 - prebuilts/api/29.0/private/traced_probes.te | 122 - prebuilts/api/29.0/private/traceur_app.te | 22 - prebuilts/api/29.0/private/tzdatacheck.te | 3 - prebuilts/api/29.0/private/ueventd.te | 3 - prebuilts/api/29.0/private/uncrypt.te | 3 - prebuilts/api/29.0/private/untrusted_app.te | 25 - .../api/29.0/private/untrusted_app_25.te | 64 - .../api/29.0/private/untrusted_app_27.te | 49 - .../api/29.0/private/untrusted_app_all.te | 191 -- prebuilts/api/29.0/private/update_engine.te | 3 - .../api/29.0/private/update_engine_common.te | 5 - prebuilts/api/29.0/private/update_verifier.te | 3 - prebuilts/api/29.0/private/usbd.te | 12 - prebuilts/api/29.0/private/users | 1 - prebuilts/api/29.0/private/vdc.te | 3 - prebuilts/api/29.0/private/vendor_init.te | 4 - prebuilts/api/29.0/private/viewcompiler.te | 25 - .../api/29.0/private/virtual_touchpad.te | 3 - prebuilts/api/29.0/private/vold.te | 19 - .../api/29.0/private/vold_prepare_subdirs.te | 36 - prebuilts/api/29.0/private/vr_hwc.te | 6 - .../api/29.0/private/wait_for_keymaster.te | 9 - prebuilts/api/29.0/private/watchdogd.te | 3 - prebuilts/api/29.0/private/webview_zygote.te | 151 - prebuilts/api/29.0/private/wificond.te | 4 - prebuilts/api/29.0/private/wpantund.te | 3 - prebuilts/api/29.0/private/zygote.te | 176 -- prebuilts/api/29.0/public/adbd.te | 11 - prebuilts/api/29.0/public/apexd.te | 15 - prebuilts/api/29.0/public/app.te | 594 ---- prebuilts/api/29.0/public/app_zygote.te | 6 - prebuilts/api/29.0/public/asan_extract.te | 36 - prebuilts/api/29.0/public/ashmemd.te | 1 - prebuilts/api/29.0/public/attributes | 316 -- prebuilts/api/29.0/public/audioserver.te | 3 - prebuilts/api/29.0/public/blkid.te | 2 - prebuilts/api/29.0/public/blkid_untrusted.te | 2 - prebuilts/api/29.0/public/bluetooth.te | 2 - prebuilts/api/29.0/public/bootanim.te | 42 - prebuilts/api/29.0/public/bootstat.te | 60 - prebuilts/api/29.0/public/bufferhubd.te | 21 - .../api/29.0/public/camera_service_server.te | 1 - prebuilts/api/29.0/public/cameraserver.te | 71 - prebuilts/api/29.0/public/charger.te | 44 - prebuilts/api/29.0/public/crash_dump.te | 68 - prebuilts/api/29.0/public/device.te | 112 - prebuilts/api/29.0/public/dhcp.te | 30 - .../api/29.0/public/display_service_server.te | 1 - prebuilts/api/29.0/public/dnsmasq.te | 25 - prebuilts/api/29.0/public/domain.te | 1389 --------- prebuilts/api/29.0/public/drmserver.te | 57 - prebuilts/api/29.0/public/dumpstate.te | 320 -- prebuilts/api/29.0/public/e2fs.te | 26 - prebuilts/api/29.0/public/ephemeral_app.te | 14 - prebuilts/api/29.0/public/fastbootd.te | 117 - prebuilts/api/29.0/public/file.te | 505 --- prebuilts/api/29.0/public/fingerprintd.te | 26 - .../api/29.0/public/flags_health_check.te | 31 - prebuilts/api/29.0/public/fsck.te | 68 - prebuilts/api/29.0/public/fsck_untrusted.te | 49 - prebuilts/api/29.0/public/fwk_bufferhub.te | 4 - prebuilts/api/29.0/public/gatekeeperd.te | 41 - prebuilts/api/29.0/public/global_macros | 51 - prebuilts/api/29.0/public/gpuservice.te | 2 - prebuilts/api/29.0/public/hal_allocator.te | 6 - prebuilts/api/29.0/public/hal_atrace.te | 4 - prebuilts/api/29.0/public/hal_audio.te | 38 - prebuilts/api/29.0/public/hal_audiocontrol.te | 5 - prebuilts/api/29.0/public/hal_authsecret.te | 4 - prebuilts/api/29.0/public/hal_bluetooth.te | 32 - prebuilts/api/29.0/public/hal_bootctl.te | 5 - .../api/29.0/public/hal_broadcastradio.te | 4 - prebuilts/api/29.0/public/hal_camera.te | 36 - prebuilts/api/29.0/public/hal_cas.te | 34 - prebuilts/api/29.0/public/hal_configstore.te | 67 - .../api/29.0/public/hal_confirmationui.te | 4 - prebuilts/api/29.0/public/hal_contexthub.te | 5 - prebuilts/api/29.0/public/hal_drm.te | 47 - prebuilts/api/29.0/public/hal_dumpstate.te | 10 - prebuilts/api/29.0/public/hal_evs.te | 5 - prebuilts/api/29.0/public/hal_face.te | 12 - prebuilts/api/29.0/public/hal_fingerprint.te | 16 - prebuilts/api/29.0/public/hal_gatekeeper.te | 7 - prebuilts/api/29.0/public/hal_gnss.te | 5 - .../api/29.0/public/hal_graphics_allocator.te | 13 - .../api/29.0/public/hal_graphics_composer.te | 31 - prebuilts/api/29.0/public/hal_health.te | 27 - .../api/29.0/public/hal_health_storage.te | 5 - .../api/29.0/public/hal_input_classifier.te | 4 - prebuilts/api/29.0/public/hal_ir.te | 5 - prebuilts/api/29.0/public/hal_keymaster.te | 7 - prebuilts/api/29.0/public/hal_light.te | 9 - prebuilts/api/29.0/public/hal_lowpan.te | 20 - prebuilts/api/29.0/public/hal_memtrack.te | 4 - .../api/29.0/public/hal_neuralnetworks.te | 22 - prebuilts/api/29.0/public/hal_neverallows.te | 59 - prebuilts/api/29.0/public/hal_nfc.te | 11 - prebuilts/api/29.0/public/hal_oemlock.te | 4 - prebuilts/api/29.0/public/hal_omx.te | 50 - prebuilts/api/29.0/public/hal_power.te | 5 - prebuilts/api/29.0/public/hal_power_stats.te | 5 - .../api/29.0/public/hal_secure_element.te | 5 - prebuilts/api/29.0/public/hal_sensors.te | 14 - prebuilts/api/29.0/public/hal_telephony.te | 42 - .../api/29.0/public/hal_tetheroffload.te | 8 - prebuilts/api/29.0/public/hal_thermal.te | 5 - prebuilts/api/29.0/public/hal_tv_cec.te | 5 - prebuilts/api/29.0/public/hal_tv_input.te | 5 - prebuilts/api/29.0/public/hal_usb.te | 18 - prebuilts/api/29.0/public/hal_usb_gadget.te | 13 - prebuilts/api/29.0/public/hal_vehicle.te | 6 - prebuilts/api/29.0/public/hal_vibrator.te | 8 - prebuilts/api/29.0/public/hal_vr.te | 5 - prebuilts/api/29.0/public/hal_weaver.te | 4 - prebuilts/api/29.0/public/hal_wifi.te | 31 - prebuilts/api/29.0/public/hal_wifi_hostapd.te | 27 - prebuilts/api/29.0/public/hal_wifi_offload.te | 8 - .../api/29.0/public/hal_wifi_supplicant.te | 28 - prebuilts/api/29.0/public/healthd.te | 56 - prebuilts/api/29.0/public/heapprofd.te | 1 - prebuilts/api/29.0/public/hwservice.te | 80 - prebuilts/api/29.0/public/hwservicemanager.te | 22 - prebuilts/api/29.0/public/idmap.te | 30 - prebuilts/api/29.0/public/incident.te | 8 - prebuilts/api/29.0/public/incident_helper.te | 5 - prebuilts/api/29.0/public/incidentd.te | 3 - prebuilts/api/29.0/public/init.te | 599 ---- prebuilts/api/29.0/public/inputflinger.te | 15 - prebuilts/api/29.0/public/install_recovery.te | 27 - prebuilts/api/29.0/public/installd.te | 177 -- prebuilts/api/29.0/public/ioctl_defines | 2719 ----------------- prebuilts/api/29.0/public/ioctl_macros | 68 - prebuilts/api/29.0/public/iorapd.te | 79 - prebuilts/api/29.0/public/isolated_app.te | 9 - prebuilts/api/29.0/public/kernel.te | 132 - prebuilts/api/29.0/public/keystore.te | 35 - prebuilts/api/29.0/public/llkd.te | 3 - prebuilts/api/29.0/public/lmkd.te | 69 - prebuilts/api/29.0/public/logd.te | 73 - prebuilts/api/29.0/public/logpersist.te | 26 - prebuilts/api/29.0/public/mdnsd.te | 2 - prebuilts/api/29.0/public/mediadrmserver.te | 33 - prebuilts/api/29.0/public/mediaextractor.te | 77 - prebuilts/api/29.0/public/mediametrics.te | 44 - prebuilts/api/29.0/public/mediaprovider.te | 6 - prebuilts/api/29.0/public/mediaserver.te | 145 - prebuilts/api/29.0/public/mediaswcodec.te | 18 - prebuilts/api/29.0/public/modprobe.te | 9 - prebuilts/api/29.0/public/mtp.te | 11 - prebuilts/api/29.0/public/net.te | 30 - prebuilts/api/29.0/public/netd.te | 175 -- prebuilts/api/29.0/public/netutils_wrapper.te | 4 - prebuilts/api/29.0/public/network_stack.te | 2 - prebuilts/api/29.0/public/neverallow_macros | 15 - prebuilts/api/29.0/public/nfc.te | 2 - prebuilts/api/29.0/public/perfetto.te | 1 - prebuilts/api/29.0/public/performanced.te | 30 - prebuilts/api/29.0/public/perfprofd.te | 121 - prebuilts/api/29.0/public/platform_app.te | 5 - prebuilts/api/29.0/public/postinstall.te | 45 - prebuilts/api/29.0/public/ppp.te | 23 - prebuilts/api/29.0/public/priv_app.te | 5 - prebuilts/api/29.0/public/profman.te | 29 - prebuilts/api/29.0/public/property.te | 469 --- prebuilts/api/29.0/public/property_contexts | 387 --- prebuilts/api/29.0/public/racoon.te | 34 - prebuilts/api/29.0/public/radio.te | 44 - prebuilts/api/29.0/public/recovery.te | 170 -- prebuilts/api/29.0/public/recovery_persist.te | 32 - prebuilts/api/29.0/public/recovery_refresh.te | 24 - prebuilts/api/29.0/public/roles | 1 - prebuilts/api/29.0/public/rs.te | 2 - prebuilts/api/29.0/public/rss_hwm_reset.te | 2 - prebuilts/api/29.0/public/runas.te | 43 - prebuilts/api/29.0/public/runas_app.te | 1 - .../29.0/public/scheduler_service_server.te | 1 - prebuilts/api/29.0/public/sdcardd.te | 44 - prebuilts/api/29.0/public/secure_element.te | 2 - .../api/29.0/public/sensor_service_server.te | 1 - prebuilts/api/29.0/public/service.te | 198 -- prebuilts/api/29.0/public/servicemanager.te | 25 - prebuilts/api/29.0/public/sgdisk.te | 34 - prebuilts/api/29.0/public/shared_relro.te | 11 - prebuilts/api/29.0/public/shell.te | 255 -- .../api/29.0/public/simpleperf_app_runner.te | 43 - prebuilts/api/29.0/public/slideshow.te | 14 - .../api/29.0/public/stats_service_server.te | 1 - prebuilts/api/29.0/public/statsd.te | 84 - prebuilts/api/29.0/public/su.te | 104 - prebuilts/api/29.0/public/surfaceflinger.te | 3 - .../api/29.0/public/swcodec_service_server.te | 40 - prebuilts/api/29.0/public/system_app.te | 7 - prebuilts/api/29.0/public/system_server.te | 6 - .../api/29.0/public/system_suspend_server.te | 6 - prebuilts/api/29.0/public/te_macros | 704 ----- prebuilts/api/29.0/public/tee.te | 11 - prebuilts/api/29.0/public/thermalserviced.te | 14 - prebuilts/api/29.0/public/tombstoned.te | 17 - prebuilts/api/29.0/public/toolbox.te | 24 - prebuilts/api/29.0/public/traced.te | 2 - prebuilts/api/29.0/public/traced_probes.te | 1 - prebuilts/api/29.0/public/traceur_app.te | 31 - prebuilts/api/29.0/public/tzdatacheck.te | 18 - prebuilts/api/29.0/public/ueventd.te | 80 - prebuilts/api/29.0/public/uncrypt.te | 42 - prebuilts/api/29.0/public/untrusted_app.te | 21 - prebuilts/api/29.0/public/update_engine.te | 56 - .../api/29.0/public/update_engine_common.te | 75 - prebuilts/api/29.0/public/update_verifier.te | 36 - prebuilts/api/29.0/public/usbd.te | 5 - prebuilts/api/29.0/public/vdc.te | 20 - prebuilts/api/29.0/public/vendor_init.te | 278 -- .../api/29.0/public/vendor_misc_writer.te | 11 - prebuilts/api/29.0/public/vendor_shell.te | 19 - prebuilts/api/29.0/public/vendor_toolbox.te | 16 - prebuilts/api/29.0/public/virtual_touchpad.te | 16 - prebuilts/api/29.0/public/vndservice.te | 1 - .../api/29.0/public/vndservicemanager.te | 2 - prebuilts/api/29.0/public/vold.te | 321 -- .../api/29.0/public/vold_prepare_subdirs.te | 6 - prebuilts/api/29.0/public/vr_hwc.te | 33 - prebuilts/api/29.0/public/watchdogd.te | 6 - prebuilts/api/29.0/public/webview_zygote.te | 6 - prebuilts/api/29.0/public/wificond.te | 31 - prebuilts/api/29.0/public/wpantund.te | 29 - prebuilts/api/29.0/public/zygote.te | 4 - 390 files changed, 28681 deletions(-) delete mode 100644 prebuilts/api/29.0/private/access_vectors delete mode 100644 prebuilts/api/29.0/private/adbd.te delete mode 100644 prebuilts/api/29.0/private/apex_test_prepostinstall.te delete mode 100644 prebuilts/api/29.0/private/apexd.te delete mode 100644 prebuilts/api/29.0/private/app.te delete mode 100644 prebuilts/api/29.0/private/app_neverallows.te delete mode 100644 prebuilts/api/29.0/private/app_zygote.te delete mode 100644 prebuilts/api/29.0/private/art_apex_boot_integrity.te delete mode 100644 prebuilts/api/29.0/private/art_apex_postinstall.te delete mode 100644 prebuilts/api/29.0/private/art_apex_preinstall.te delete mode 100644 prebuilts/api/29.0/private/asan_extract.te delete mode 100644 prebuilts/api/29.0/private/ashmemd.te delete mode 100644 prebuilts/api/29.0/private/atrace.te delete mode 100644 prebuilts/api/29.0/private/audioserver.te delete mode 100644 prebuilts/api/29.0/private/auditctl.te delete mode 100644 prebuilts/api/29.0/private/binder_in_vendor_violators.te delete mode 100644 prebuilts/api/29.0/private/binderservicedomain.te delete mode 100644 prebuilts/api/29.0/private/blank_screen.te delete mode 100644 prebuilts/api/29.0/private/blkid.te delete mode 100644 prebuilts/api/29.0/private/blkid_untrusted.te delete mode 100644 prebuilts/api/29.0/private/bluetooth.te delete mode 100644 prebuilts/api/29.0/private/bluetoothdomain.te delete mode 100644 prebuilts/api/29.0/private/bootanim.te delete mode 100644 prebuilts/api/29.0/private/bootstat.te delete mode 100644 prebuilts/api/29.0/private/bpfloader.te delete mode 100644 prebuilts/api/29.0/private/bufferhubd.te delete mode 100644 prebuilts/api/29.0/private/bug_map delete mode 100644 prebuilts/api/29.0/private/cameraserver.te delete mode 100644 prebuilts/api/29.0/private/charger.te delete mode 100644 prebuilts/api/29.0/private/clatd.te delete mode 100644 prebuilts/api/29.0/private/compat/26.0/26.0.cil delete mode 100644 prebuilts/api/29.0/private/compat/26.0/26.0.compat.cil delete mode 100644 prebuilts/api/29.0/private/compat/26.0/26.0.ignore.cil delete mode 100644 prebuilts/api/29.0/private/compat/27.0/27.0.cil delete mode 100644 prebuilts/api/29.0/private/compat/27.0/27.0.compat.cil delete mode 100644 prebuilts/api/29.0/private/compat/27.0/27.0.ignore.cil delete mode 100644 prebuilts/api/29.0/private/compat/28.0/28.0.cil delete mode 100644 prebuilts/api/29.0/private/compat/28.0/28.0.compat.cil delete mode 100644 prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil delete mode 100644 prebuilts/api/29.0/private/coredomain.te delete mode 100644 prebuilts/api/29.0/private/cppreopts.te delete mode 100644 prebuilts/api/29.0/private/crash_dump.te delete mode 100644 prebuilts/api/29.0/private/dex2oat.te delete mode 100644 prebuilts/api/29.0/private/dexoptanalyzer.te delete mode 100644 prebuilts/api/29.0/private/dhcp.te delete mode 100644 prebuilts/api/29.0/private/dnsmasq.te delete mode 100644 prebuilts/api/29.0/private/domain.te delete mode 100644 prebuilts/api/29.0/private/drmserver.te delete mode 100644 prebuilts/api/29.0/private/dumpstate.te delete mode 100644 prebuilts/api/29.0/private/ephemeral_app.te delete mode 100644 prebuilts/api/29.0/private/fastbootd.te delete mode 100644 prebuilts/api/29.0/private/file.te delete mode 100644 prebuilts/api/29.0/private/file_contexts delete mode 100644 prebuilts/api/29.0/private/file_contexts_asan delete mode 100644 prebuilts/api/29.0/private/file_contexts_overlayfs delete mode 100644 prebuilts/api/29.0/private/fingerprintd.te delete mode 100644 prebuilts/api/29.0/private/flags_health_check.te delete mode 100644 prebuilts/api/29.0/private/fs_use delete mode 100644 prebuilts/api/29.0/private/fsck.te delete mode 100644 prebuilts/api/29.0/private/fsck_untrusted.te delete mode 100644 prebuilts/api/29.0/private/fsverity_init.te delete mode 100644 prebuilts/api/29.0/private/fwk_bufferhub.te delete mode 100644 prebuilts/api/29.0/private/gatekeeperd.te delete mode 100644 prebuilts/api/29.0/private/genfs_contexts delete mode 100644 prebuilts/api/29.0/private/gpuservice.te delete mode 100644 prebuilts/api/29.0/private/gsid.te delete mode 100644 prebuilts/api/29.0/private/hal_allocator_default.te delete mode 100644 prebuilts/api/29.0/private/halclientdomain.te delete mode 100644 prebuilts/api/29.0/private/halserverdomain.te delete mode 100644 prebuilts/api/29.0/private/healthd.te delete mode 100644 prebuilts/api/29.0/private/heapprofd.te delete mode 100644 prebuilts/api/29.0/private/hwservice_contexts delete mode 100644 prebuilts/api/29.0/private/hwservicemanager.te delete mode 100644 prebuilts/api/29.0/private/idmap.te delete mode 100644 prebuilts/api/29.0/private/incident.te delete mode 100644 prebuilts/api/29.0/private/incident_helper.te delete mode 100644 prebuilts/api/29.0/private/incidentd.te delete mode 100644 prebuilts/api/29.0/private/init.te delete mode 100644 prebuilts/api/29.0/private/initial_sid_contexts delete mode 100644 prebuilts/api/29.0/private/initial_sids delete mode 100644 prebuilts/api/29.0/private/inputflinger.te delete mode 100644 prebuilts/api/29.0/private/install_recovery.te delete mode 100644 prebuilts/api/29.0/private/installd.te delete mode 100644 prebuilts/api/29.0/private/iorapd.te delete mode 100644 prebuilts/api/29.0/private/isolated_app.te delete mode 100644 prebuilts/api/29.0/private/iw.te delete mode 100644 prebuilts/api/29.0/private/kernel.te delete mode 100644 prebuilts/api/29.0/private/keys.conf delete mode 100644 prebuilts/api/29.0/private/keystore.te delete mode 100644 prebuilts/api/29.0/private/llkd.te delete mode 100644 prebuilts/api/29.0/private/lmkd.te delete mode 100644 prebuilts/api/29.0/private/logd.te delete mode 100644 prebuilts/api/29.0/private/logpersist.te delete mode 100644 prebuilts/api/29.0/private/lpdumpd.te delete mode 100644 prebuilts/api/29.0/private/mac_permissions.xml delete mode 100644 prebuilts/api/29.0/private/mdnsd.te delete mode 100644 prebuilts/api/29.0/private/mediadrmserver.te delete mode 100644 prebuilts/api/29.0/private/mediaextractor.te delete mode 100644 prebuilts/api/29.0/private/mediametrics.te delete mode 100644 prebuilts/api/29.0/private/mediaprovider.te delete mode 100644 prebuilts/api/29.0/private/mediaserver.te delete mode 100644 prebuilts/api/29.0/private/mediaswcodec.te delete mode 100644 prebuilts/api/29.0/private/mls delete mode 100644 prebuilts/api/29.0/private/mls_decl delete mode 100644 prebuilts/api/29.0/private/mls_macros delete mode 100644 prebuilts/api/29.0/private/modprobe.te delete mode 100644 prebuilts/api/29.0/private/mtp.te delete mode 100644 prebuilts/api/29.0/private/netd.te delete mode 100644 prebuilts/api/29.0/private/netutils_wrapper.te delete mode 100644 prebuilts/api/29.0/private/network_stack.te delete mode 100644 prebuilts/api/29.0/private/nfc.te delete mode 100644 prebuilts/api/29.0/private/notify_traceur.te delete mode 100644 prebuilts/api/29.0/private/otapreopt_chroot.te delete mode 100644 prebuilts/api/29.0/private/otapreopt_slot.te delete mode 100644 prebuilts/api/29.0/private/perfetto.te delete mode 100644 prebuilts/api/29.0/private/performanced.te delete mode 100644 prebuilts/api/29.0/private/perfprofd.te delete mode 100644 prebuilts/api/29.0/private/platform_app.te delete mode 100644 prebuilts/api/29.0/private/policy_capabilities delete mode 100644 prebuilts/api/29.0/private/port_contexts delete mode 100644 prebuilts/api/29.0/private/postinstall.te delete mode 100644 prebuilts/api/29.0/private/postinstall_dexopt.te delete mode 100644 prebuilts/api/29.0/private/ppp.te delete mode 100644 prebuilts/api/29.0/private/preloads_copy.te delete mode 100644 prebuilts/api/29.0/private/preopt2cachename.te delete mode 100644 prebuilts/api/29.0/private/priv_app.te delete mode 100644 prebuilts/api/29.0/private/profman.te delete mode 100644 prebuilts/api/29.0/private/property_contexts delete mode 100644 prebuilts/api/29.0/private/racoon.te delete mode 100644 prebuilts/api/29.0/private/radio.te delete mode 100644 prebuilts/api/29.0/private/recovery.te delete mode 100644 prebuilts/api/29.0/private/recovery_persist.te delete mode 100644 prebuilts/api/29.0/private/recovery_refresh.te delete mode 100644 prebuilts/api/29.0/private/roles_decl delete mode 100644 prebuilts/api/29.0/private/rs.te delete mode 100644 prebuilts/api/29.0/private/rss_hwm_reset.te delete mode 100644 prebuilts/api/29.0/private/runas.te delete mode 100644 prebuilts/api/29.0/private/runas_app.te delete mode 100644 prebuilts/api/29.0/private/sdcardd.te delete mode 100644 prebuilts/api/29.0/private/seapp_contexts delete mode 100644 prebuilts/api/29.0/private/secure_element.te delete mode 100644 prebuilts/api/29.0/private/security_classes delete mode 100644 prebuilts/api/29.0/private/service.te delete mode 100644 prebuilts/api/29.0/private/service_contexts delete mode 100644 prebuilts/api/29.0/private/servicemanager.te delete mode 100644 prebuilts/api/29.0/private/sgdisk.te delete mode 100644 prebuilts/api/29.0/private/shared_relro.te delete mode 100644 prebuilts/api/29.0/private/shell.te delete mode 100644 prebuilts/api/29.0/private/simpleperf_app_runner.te delete mode 100644 prebuilts/api/29.0/private/slideshow.te delete mode 100644 prebuilts/api/29.0/private/stats.te delete mode 100644 prebuilts/api/29.0/private/statsd.te delete mode 100644 prebuilts/api/29.0/private/storaged.te delete mode 100644 prebuilts/api/29.0/private/su.te delete mode 100644 prebuilts/api/29.0/private/surfaceflinger.te delete mode 100644 prebuilts/api/29.0/private/system_app.te delete mode 100644 prebuilts/api/29.0/private/system_server.te delete mode 100644 prebuilts/api/29.0/private/system_server_startup.te delete mode 100644 prebuilts/api/29.0/private/system_suspend.te delete mode 100644 prebuilts/api/29.0/private/technical_debt.cil delete mode 100644 prebuilts/api/29.0/private/thermalserviced.te delete mode 100644 prebuilts/api/29.0/private/tombstoned.te delete mode 100644 prebuilts/api/29.0/private/toolbox.te delete mode 100644 prebuilts/api/29.0/private/traced.te delete mode 100644 prebuilts/api/29.0/private/traced_probes.te delete mode 100644 prebuilts/api/29.0/private/traceur_app.te delete mode 100644 prebuilts/api/29.0/private/tzdatacheck.te delete mode 100644 prebuilts/api/29.0/private/ueventd.te delete mode 100644 prebuilts/api/29.0/private/uncrypt.te delete mode 100644 prebuilts/api/29.0/private/untrusted_app.te delete mode 100644 prebuilts/api/29.0/private/untrusted_app_25.te delete mode 100644 prebuilts/api/29.0/private/untrusted_app_27.te delete mode 100644 prebuilts/api/29.0/private/untrusted_app_all.te delete mode 100644 prebuilts/api/29.0/private/update_engine.te delete mode 100644 prebuilts/api/29.0/private/update_engine_common.te delete mode 100644 prebuilts/api/29.0/private/update_verifier.te delete mode 100644 prebuilts/api/29.0/private/usbd.te delete mode 100644 prebuilts/api/29.0/private/users delete mode 100644 prebuilts/api/29.0/private/vdc.te delete mode 100644 prebuilts/api/29.0/private/vendor_init.te delete mode 100644 prebuilts/api/29.0/private/viewcompiler.te delete mode 100644 prebuilts/api/29.0/private/virtual_touchpad.te delete mode 100644 prebuilts/api/29.0/private/vold.te delete mode 100644 prebuilts/api/29.0/private/vold_prepare_subdirs.te delete mode 100644 prebuilts/api/29.0/private/vr_hwc.te delete mode 100644 prebuilts/api/29.0/private/wait_for_keymaster.te delete mode 100644 prebuilts/api/29.0/private/watchdogd.te delete mode 100644 prebuilts/api/29.0/private/webview_zygote.te delete mode 100644 prebuilts/api/29.0/private/wificond.te delete mode 100644 prebuilts/api/29.0/private/wpantund.te delete mode 100644 prebuilts/api/29.0/private/zygote.te delete mode 100644 prebuilts/api/29.0/public/adbd.te delete mode 100644 prebuilts/api/29.0/public/apexd.te delete mode 100644 prebuilts/api/29.0/public/app.te delete mode 100644 prebuilts/api/29.0/public/app_zygote.te delete mode 100644 prebuilts/api/29.0/public/asan_extract.te delete mode 100644 prebuilts/api/29.0/public/ashmemd.te delete mode 100644 prebuilts/api/29.0/public/attributes delete mode 100644 prebuilts/api/29.0/public/audioserver.te delete mode 100644 prebuilts/api/29.0/public/blkid.te delete mode 100644 prebuilts/api/29.0/public/blkid_untrusted.te delete mode 100644 prebuilts/api/29.0/public/bluetooth.te delete mode 100644 prebuilts/api/29.0/public/bootanim.te delete mode 100644 prebuilts/api/29.0/public/bootstat.te delete mode 100644 prebuilts/api/29.0/public/bufferhubd.te delete mode 100644 prebuilts/api/29.0/public/camera_service_server.te delete mode 100644 prebuilts/api/29.0/public/cameraserver.te delete mode 100644 prebuilts/api/29.0/public/charger.te delete mode 100644 prebuilts/api/29.0/public/crash_dump.te delete mode 100644 prebuilts/api/29.0/public/device.te delete mode 100644 prebuilts/api/29.0/public/dhcp.te delete mode 100644 prebuilts/api/29.0/public/display_service_server.te delete mode 100644 prebuilts/api/29.0/public/dnsmasq.te delete mode 100644 prebuilts/api/29.0/public/domain.te delete mode 100644 prebuilts/api/29.0/public/drmserver.te delete mode 100644 prebuilts/api/29.0/public/dumpstate.te delete mode 100644 prebuilts/api/29.0/public/e2fs.te delete mode 100644 prebuilts/api/29.0/public/ephemeral_app.te delete mode 100644 prebuilts/api/29.0/public/fastbootd.te delete mode 100644 prebuilts/api/29.0/public/file.te delete mode 100644 prebuilts/api/29.0/public/fingerprintd.te delete mode 100644 prebuilts/api/29.0/public/flags_health_check.te delete mode 100644 prebuilts/api/29.0/public/fsck.te delete mode 100644 prebuilts/api/29.0/public/fsck_untrusted.te delete mode 100644 prebuilts/api/29.0/public/fwk_bufferhub.te delete mode 100644 prebuilts/api/29.0/public/gatekeeperd.te delete mode 100644 prebuilts/api/29.0/public/global_macros delete mode 100644 prebuilts/api/29.0/public/gpuservice.te delete mode 100644 prebuilts/api/29.0/public/hal_allocator.te delete mode 100644 prebuilts/api/29.0/public/hal_atrace.te delete mode 100644 prebuilts/api/29.0/public/hal_audio.te delete mode 100644 prebuilts/api/29.0/public/hal_audiocontrol.te delete mode 100644 prebuilts/api/29.0/public/hal_authsecret.te delete mode 100644 prebuilts/api/29.0/public/hal_bluetooth.te delete mode 100644 prebuilts/api/29.0/public/hal_bootctl.te delete mode 100644 prebuilts/api/29.0/public/hal_broadcastradio.te delete mode 100644 prebuilts/api/29.0/public/hal_camera.te delete mode 100644 prebuilts/api/29.0/public/hal_cas.te delete mode 100644 prebuilts/api/29.0/public/hal_configstore.te delete mode 100644 prebuilts/api/29.0/public/hal_confirmationui.te delete mode 100644 prebuilts/api/29.0/public/hal_contexthub.te delete mode 100644 prebuilts/api/29.0/public/hal_drm.te delete mode 100644 prebuilts/api/29.0/public/hal_dumpstate.te delete mode 100644 prebuilts/api/29.0/public/hal_evs.te delete mode 100644 prebuilts/api/29.0/public/hal_face.te delete mode 100644 prebuilts/api/29.0/public/hal_fingerprint.te delete mode 100644 prebuilts/api/29.0/public/hal_gatekeeper.te delete mode 100644 prebuilts/api/29.0/public/hal_gnss.te delete mode 100644 prebuilts/api/29.0/public/hal_graphics_allocator.te delete mode 100644 prebuilts/api/29.0/public/hal_graphics_composer.te delete mode 100644 prebuilts/api/29.0/public/hal_health.te delete mode 100644 prebuilts/api/29.0/public/hal_health_storage.te delete mode 100644 prebuilts/api/29.0/public/hal_input_classifier.te delete mode 100644 prebuilts/api/29.0/public/hal_ir.te delete mode 100644 prebuilts/api/29.0/public/hal_keymaster.te delete mode 100644 prebuilts/api/29.0/public/hal_light.te delete mode 100644 prebuilts/api/29.0/public/hal_lowpan.te delete mode 100644 prebuilts/api/29.0/public/hal_memtrack.te delete mode 100644 prebuilts/api/29.0/public/hal_neuralnetworks.te delete mode 100644 prebuilts/api/29.0/public/hal_neverallows.te delete mode 100644 prebuilts/api/29.0/public/hal_nfc.te delete mode 100644 prebuilts/api/29.0/public/hal_oemlock.te delete mode 100644 prebuilts/api/29.0/public/hal_omx.te delete mode 100644 prebuilts/api/29.0/public/hal_power.te delete mode 100644 prebuilts/api/29.0/public/hal_power_stats.te delete mode 100644 prebuilts/api/29.0/public/hal_secure_element.te delete mode 100644 prebuilts/api/29.0/public/hal_sensors.te delete mode 100644 prebuilts/api/29.0/public/hal_telephony.te delete mode 100644 prebuilts/api/29.0/public/hal_tetheroffload.te delete mode 100644 prebuilts/api/29.0/public/hal_thermal.te delete mode 100644 prebuilts/api/29.0/public/hal_tv_cec.te delete mode 100644 prebuilts/api/29.0/public/hal_tv_input.te delete mode 100644 prebuilts/api/29.0/public/hal_usb.te delete mode 100644 prebuilts/api/29.0/public/hal_usb_gadget.te delete mode 100644 prebuilts/api/29.0/public/hal_vehicle.te delete mode 100644 prebuilts/api/29.0/public/hal_vibrator.te delete mode 100644 prebuilts/api/29.0/public/hal_vr.te delete mode 100644 prebuilts/api/29.0/public/hal_weaver.te delete mode 100644 prebuilts/api/29.0/public/hal_wifi.te delete mode 100644 prebuilts/api/29.0/public/hal_wifi_hostapd.te delete mode 100644 prebuilts/api/29.0/public/hal_wifi_offload.te delete mode 100644 prebuilts/api/29.0/public/hal_wifi_supplicant.te delete mode 100644 prebuilts/api/29.0/public/healthd.te delete mode 100644 prebuilts/api/29.0/public/heapprofd.te delete mode 100644 prebuilts/api/29.0/public/hwservice.te delete mode 100644 prebuilts/api/29.0/public/hwservicemanager.te delete mode 100644 prebuilts/api/29.0/public/idmap.te delete mode 100644 prebuilts/api/29.0/public/incident.te delete mode 100644 prebuilts/api/29.0/public/incident_helper.te delete mode 100644 prebuilts/api/29.0/public/incidentd.te delete mode 100644 prebuilts/api/29.0/public/init.te delete mode 100644 prebuilts/api/29.0/public/inputflinger.te delete mode 100644 prebuilts/api/29.0/public/install_recovery.te delete mode 100644 prebuilts/api/29.0/public/installd.te delete mode 100644 prebuilts/api/29.0/public/ioctl_defines delete mode 100644 prebuilts/api/29.0/public/ioctl_macros delete mode 100644 prebuilts/api/29.0/public/iorapd.te delete mode 100644 prebuilts/api/29.0/public/isolated_app.te delete mode 100644 prebuilts/api/29.0/public/kernel.te delete mode 100644 prebuilts/api/29.0/public/keystore.te delete mode 100644 prebuilts/api/29.0/public/llkd.te delete mode 100644 prebuilts/api/29.0/public/lmkd.te delete mode 100644 prebuilts/api/29.0/public/logd.te delete mode 100644 prebuilts/api/29.0/public/logpersist.te delete mode 100644 prebuilts/api/29.0/public/mdnsd.te delete mode 100644 prebuilts/api/29.0/public/mediadrmserver.te delete mode 100644 prebuilts/api/29.0/public/mediaextractor.te delete mode 100644 prebuilts/api/29.0/public/mediametrics.te delete mode 100644 prebuilts/api/29.0/public/mediaprovider.te delete mode 100644 prebuilts/api/29.0/public/mediaserver.te delete mode 100644 prebuilts/api/29.0/public/mediaswcodec.te delete mode 100644 prebuilts/api/29.0/public/modprobe.te delete mode 100644 prebuilts/api/29.0/public/mtp.te delete mode 100644 prebuilts/api/29.0/public/net.te delete mode 100644 prebuilts/api/29.0/public/netd.te delete mode 100644 prebuilts/api/29.0/public/netutils_wrapper.te delete mode 100644 prebuilts/api/29.0/public/network_stack.te delete mode 100644 prebuilts/api/29.0/public/neverallow_macros delete mode 100644 prebuilts/api/29.0/public/nfc.te delete mode 100644 prebuilts/api/29.0/public/perfetto.te delete mode 100644 prebuilts/api/29.0/public/performanced.te delete mode 100644 prebuilts/api/29.0/public/perfprofd.te delete mode 100644 prebuilts/api/29.0/public/platform_app.te delete mode 100644 prebuilts/api/29.0/public/postinstall.te delete mode 100644 prebuilts/api/29.0/public/ppp.te delete mode 100644 prebuilts/api/29.0/public/priv_app.te delete mode 100644 prebuilts/api/29.0/public/profman.te delete mode 100644 prebuilts/api/29.0/public/property.te delete mode 100644 prebuilts/api/29.0/public/property_contexts delete mode 100644 prebuilts/api/29.0/public/racoon.te delete mode 100644 prebuilts/api/29.0/public/radio.te delete mode 100644 prebuilts/api/29.0/public/recovery.te delete mode 100644 prebuilts/api/29.0/public/recovery_persist.te delete mode 100644 prebuilts/api/29.0/public/recovery_refresh.te delete mode 100644 prebuilts/api/29.0/public/roles delete mode 100644 prebuilts/api/29.0/public/rs.te delete mode 100644 prebuilts/api/29.0/public/rss_hwm_reset.te delete mode 100644 prebuilts/api/29.0/public/runas.te delete mode 100644 prebuilts/api/29.0/public/runas_app.te delete mode 100644 prebuilts/api/29.0/public/scheduler_service_server.te delete mode 100644 prebuilts/api/29.0/public/sdcardd.te delete mode 100644 prebuilts/api/29.0/public/secure_element.te delete mode 100644 prebuilts/api/29.0/public/sensor_service_server.te delete mode 100644 prebuilts/api/29.0/public/service.te delete mode 100644 prebuilts/api/29.0/public/servicemanager.te delete mode 100644 prebuilts/api/29.0/public/sgdisk.te delete mode 100644 prebuilts/api/29.0/public/shared_relro.te delete mode 100644 prebuilts/api/29.0/public/shell.te delete mode 100644 prebuilts/api/29.0/public/simpleperf_app_runner.te delete mode 100644 prebuilts/api/29.0/public/slideshow.te delete mode 100644 prebuilts/api/29.0/public/stats_service_server.te delete mode 100644 prebuilts/api/29.0/public/statsd.te delete mode 100644 prebuilts/api/29.0/public/su.te delete mode 100644 prebuilts/api/29.0/public/surfaceflinger.te delete mode 100644 prebuilts/api/29.0/public/swcodec_service_server.te delete mode 100644 prebuilts/api/29.0/public/system_app.te delete mode 100644 prebuilts/api/29.0/public/system_server.te delete mode 100644 prebuilts/api/29.0/public/system_suspend_server.te delete mode 100644 prebuilts/api/29.0/public/te_macros delete mode 100644 prebuilts/api/29.0/public/tee.te delete mode 100644 prebuilts/api/29.0/public/thermalserviced.te delete mode 100644 prebuilts/api/29.0/public/tombstoned.te delete mode 100644 prebuilts/api/29.0/public/toolbox.te delete mode 100644 prebuilts/api/29.0/public/traced.te delete mode 100644 prebuilts/api/29.0/public/traced_probes.te delete mode 100644 prebuilts/api/29.0/public/traceur_app.te delete mode 100644 prebuilts/api/29.0/public/tzdatacheck.te delete mode 100644 prebuilts/api/29.0/public/ueventd.te delete mode 100644 prebuilts/api/29.0/public/uncrypt.te delete mode 100644 prebuilts/api/29.0/public/untrusted_app.te delete mode 100644 prebuilts/api/29.0/public/update_engine.te delete mode 100644 prebuilts/api/29.0/public/update_engine_common.te delete mode 100644 prebuilts/api/29.0/public/update_verifier.te delete mode 100644 prebuilts/api/29.0/public/usbd.te delete mode 100644 prebuilts/api/29.0/public/vdc.te delete mode 100644 prebuilts/api/29.0/public/vendor_init.te delete mode 100644 prebuilts/api/29.0/public/vendor_misc_writer.te delete mode 100644 prebuilts/api/29.0/public/vendor_shell.te delete mode 100644 prebuilts/api/29.0/public/vendor_toolbox.te delete mode 100644 prebuilts/api/29.0/public/virtual_touchpad.te delete mode 100644 prebuilts/api/29.0/public/vndservice.te delete mode 100644 prebuilts/api/29.0/public/vndservicemanager.te delete mode 100644 prebuilts/api/29.0/public/vold.te delete mode 100644 prebuilts/api/29.0/public/vold_prepare_subdirs.te delete mode 100644 prebuilts/api/29.0/public/vr_hwc.te delete mode 100644 prebuilts/api/29.0/public/watchdogd.te delete mode 100644 prebuilts/api/29.0/public/webview_zygote.te delete mode 100644 prebuilts/api/29.0/public/wificond.te delete mode 100644 prebuilts/api/29.0/public/wpantund.te delete mode 100644 prebuilts/api/29.0/public/zygote.te diff --git a/prebuilts/api/29.0/private/access_vectors b/prebuilts/api/29.0/private/access_vectors deleted file mode 100644 index b77dcc1f7..000000000 --- a/prebuilts/api/29.0/private/access_vectors +++ /dev/null @@ -1,746 +0,0 @@ -# -# Define common prefixes for access vectors -# -# common common_name { permission_name ... } - - -# -# Define a common prefix for file access vectors. -# - -common file -{ - ioctl - read - write - create - getattr - setattr - lock - relabelfrom - relabelto - append - map - unlink - link - rename - execute - quotaon - mounton -} - - -# -# Define a common prefix for socket access vectors. -# - -common socket -{ -# inherited from file - ioctl - read - write - create - getattr - setattr - lock - relabelfrom - relabelto - append - map -# socket-specific - bind - connect - listen - accept - getopt - setopt - shutdown - recvfrom - sendto - name_bind -} - -# -# Define a common prefix for ipc access vectors. -# - -common ipc -{ - create - destroy - getattr - setattr - read - write - associate - unix_read - unix_write -} - -# -# Define a common for capability access vectors. -# -common cap -{ - # The capabilities are defined in include/linux/capability.h - # Capabilities >= 32 are defined in the cap2 common. - # Care should be taken to ensure that these are consistent with - # those definitions. (Order matters) - - chown - dac_override - dac_read_search - fowner - fsetid - kill - setgid - setuid - setpcap - linux_immutable - net_bind_service - net_broadcast - net_admin - net_raw - ipc_lock - ipc_owner - sys_module - sys_rawio - sys_chroot - sys_ptrace - sys_pacct - sys_admin - sys_boot - sys_nice - sys_resource - sys_time - sys_tty_config - mknod - lease - audit_write - audit_control - setfcap -} - -common cap2 -{ - mac_override # unused by SELinux - mac_admin # unused by SELinux - syslog - wake_alarm - block_suspend - audit_read -} - -# -# Define the access vectors. -# -# class class_name [ inherits common_name ] { permission_name ... } - - -# -# Define the access vector interpretation for file-related objects. -# - -class filesystem -{ - mount - remount - unmount - getattr - relabelfrom - relabelto - associate - quotamod - quotaget -} - -class dir -inherits file -{ - add_name - remove_name - reparent - search - rmdir - open - audit_access - execmod -} - -class file -inherits file -{ - execute_no_trans - entrypoint - execmod - open - audit_access -} - -class lnk_file -inherits file -{ - open - audit_access - execmod -} - -class chr_file -inherits file -{ - execute_no_trans - entrypoint - execmod - open - audit_access -} - -class blk_file -inherits file -{ - open - audit_access - execmod -} - -class sock_file -inherits file -{ - open - audit_access - execmod -} - -class fifo_file -inherits file -{ - open - audit_access - execmod -} - -class fd -{ - use -} - - -# -# Define the access vector interpretation for network-related objects. -# - -class socket -inherits socket - -class tcp_socket -inherits socket -{ - node_bind - name_connect -} - -class udp_socket -inherits socket -{ - node_bind -} - -class rawip_socket -inherits socket -{ - node_bind -} - -class node -{ - recvfrom - sendto -} - -class netif -{ - ingress - egress -} - -class netlink_socket -inherits socket - -class packet_socket -inherits socket - -class key_socket -inherits socket - -class unix_stream_socket -inherits socket -{ - connectto -} - -class unix_dgram_socket -inherits socket - -# -# Define the access vector interpretation for process-related objects -# - -class process -{ - fork - transition - sigchld # commonly granted from child to parent - sigkill # cannot be caught or ignored - sigstop # cannot be caught or ignored - signull # for kill(pid, 0) - signal # all other signals - ptrace - getsched - setsched - getsession - getpgid - setpgid - getcap - setcap - share - getattr - setexec - setfscreate - noatsecure - siginh - setrlimit - rlimitinh - dyntransition - setcurrent - execmem - execstack - execheap - setkeycreate - setsockcreate - getrlimit -} - -class process2 -{ - nnp_transition - nosuid_transition -} - -# -# Define the access vector interpretation for ipc-related objects -# - -class ipc -inherits ipc - -class sem -inherits ipc - -class msgq -inherits ipc -{ - enqueue -} - -class msg -{ - send - receive -} - -class shm -inherits ipc -{ - lock -} - - -# -# Define the access vector interpretation for the security server. -# - -class security -{ - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce # was avc_toggle in system class - setbool - setsecparam - setcheckreqprot - read_policy - validate_trans -} - - -# -# Define the access vector interpretation for system operations. -# - -class system -{ - ipc_info - syslog_read - syslog_mod - syslog_console - module_request - module_load -} - -# -# Define the access vector interpretation for controlling capabilities -# - -class capability -inherits cap - -class capability2 -inherits cap2 - -# -# Extended Netlink classes -# -class netlink_route_socket -inherits socket -{ - nlmsg_read - nlmsg_write -} - -class netlink_tcpdiag_socket -inherits socket -{ - nlmsg_read - nlmsg_write -} - -class netlink_nflog_socket -inherits socket - -class netlink_xfrm_socket -inherits socket -{ - nlmsg_read - nlmsg_write -} - -class netlink_selinux_socket -inherits socket - -class netlink_audit_socket -inherits socket -{ - nlmsg_read - nlmsg_write - nlmsg_relay - nlmsg_readpriv - nlmsg_tty_audit -} - -class netlink_dnrt_socket -inherits socket - -# Define the access vector interpretation for controlling -# access to IPSec network data by association -# -class association -{ - sendto - recvfrom - setcontext - polmatch -} - -# Updated Netlink class for KOBJECT_UEVENT family. -class netlink_kobject_uevent_socket -inherits socket - -class appletalk_socket -inherits socket - -class packet -{ - send - recv - relabelto - flow_in # deprecated - flow_out # deprecated - forward_in - forward_out -} - -class key -{ - view - read - write - search - link - setattr - create -} - -class dccp_socket -inherits socket -{ - node_bind - name_connect -} - -class memprotect -{ - mmap_zero -} - -# network peer labels -class peer -{ - recv -} - -class kernel_service -{ - use_as_override - create_files_as -} - -class tun_socket -inherits socket -{ - attach_queue -} - -class binder -{ - impersonate - call - set_context_mgr - transfer -} - -class netlink_iscsi_socket -inherits socket - -class netlink_fib_lookup_socket -inherits socket - -class netlink_connector_socket -inherits socket - -class netlink_netfilter_socket -inherits socket - -class netlink_generic_socket -inherits socket - -class netlink_scsitransport_socket -inherits socket - -class netlink_rdma_socket -inherits socket - -class netlink_crypto_socket -inherits socket - -class infiniband_pkey -{ - access -} - -class infiniband_endport -{ - manage_subnet -} - -# -# Define the access vector interpretation for controlling capabilities -# in user namespaces -# - -class cap_userns -inherits cap - -class cap2_userns -inherits cap2 - - -# -# Define the access vector interpretation for the new socket classes -# enabled by the extended_socket_class policy capability. -# - -# -# The next two classes were previously mapped to rawip_socket and therefore -# have the same definition as rawip_socket (until further permissions -# are defined). -# -class sctp_socket -inherits socket -{ - node_bind - name_connect - association -} - -class icmp_socket -inherits socket -{ - node_bind -} - -# -# The remaining network socket classes were previously -# mapped to the socket class and therefore have the -# same definition as socket. -# - -class ax25_socket -inherits socket - -class ipx_socket -inherits socket - -class netrom_socket -inherits socket - -class atmpvc_socket -inherits socket - -class x25_socket -inherits socket - -class rose_socket -inherits socket - -class decnet_socket -inherits socket - -class atmsvc_socket -inherits socket - -class rds_socket -inherits socket - -class irda_socket -inherits socket - -class pppox_socket -inherits socket - -class llc_socket -inherits socket - -class can_socket -inherits socket - -class tipc_socket -inherits socket - -class bluetooth_socket -inherits socket - -class iucv_socket -inherits socket - -class rxrpc_socket -inherits socket - -class isdn_socket -inherits socket - -class phonet_socket -inherits socket - -class ieee802154_socket -inherits socket - -class caif_socket -inherits socket - -class alg_socket -inherits socket - -class nfc_socket -inherits socket - -class vsock_socket -inherits socket - -class kcm_socket -inherits socket - -class qipcrtr_socket -inherits socket - -class smc_socket -inherits socket - -class bpf -{ - map_create - map_read - map_write - prog_load - prog_run -} - -class property_service -{ - set -} - -class service_manager -{ - add - find - list -} - -class hwservice_manager -{ - add - find - list -} - -class keystore_key -{ - get_state - get - insert - delete - exist - list - reset - password - lock - unlock - is_empty - sign - verify - grant - duplicate - clear_uid - add_auth - user_changed - gen_unique_id -} - -class drmservice { - consumeRights - setPlaybackStatus - openDecryptSession - closeDecryptSession - initializeDecryptUnit - decrypt - finalizeDecryptUnit - pread -} - -class xdp_socket -inherits socket diff --git a/prebuilts/api/29.0/private/adbd.te b/prebuilts/api/29.0/private/adbd.te deleted file mode 100644 index 2fa4af637..000000000 --- a/prebuilts/api/29.0/private/adbd.te +++ /dev/null @@ -1,190 +0,0 @@ -### ADB daemon - -typeattribute adbd coredomain; -typeattribute adbd mlstrustedsubject; - -init_daemon_domain(adbd) - -domain_auto_trans(adbd, shell_exec, shell) - -userdebug_or_eng(` - allow adbd self:process setcurrent; - allow adbd su:process dyntransition; -') - -# When 'adb shell' is executed in recovery mode, adbd explicitly -# switches into shell domain using setcon() because the shell executable -# is not labeled as shell but as rootfs. -recovery_only(` - domain_trans(adbd, rootfs, shell) - allow adbd shell:process dyntransition; - - # Allows reboot fastboot to enter fastboot directly - unix_socket_connect(adbd, recovery, recovery) -') - -# Do not sanitize the environment or open fds of the shell. Allow signaling -# created processes. -allow adbd shell:process { noatsecure signal }; - -# Set UID and GID to shell. Set supplementary groups. -allow adbd self:global_capability_class_set { setuid setgid }; - -# Drop capabilities from bounding set on user builds. -allow adbd self:global_capability_class_set setpcap; - -# ignore spurious denials for adbd when disk space is low. -dontaudit adbd self:global_capability_class_set sys_resource; - -# adbd probes for vsock support. Do not generate denials when -# this occurs. (b/123569840) -dontaudit adbd self:{ socket vsock_socket } create; - -# Create and use network sockets. -net_domain(adbd) - -# Access /dev/usb-ffs/adb/ep0 -allow adbd functionfs:dir search; -allow adbd functionfs:file rw_file_perms; -allowxperm adbd functionfs:file ioctl { - FUNCTIONFS_ENDPOINT_DESC - FUNCTIONFS_CLEAR_HALT -}; - -# Use a pseudo tty. -allow adbd devpts:chr_file rw_file_perms; - -# adb push/pull /data/local/tmp. -allow adbd shell_data_file:dir create_dir_perms; -allow adbd shell_data_file:file create_file_perms; - -# adb pull /data/local/traces/* -allow adbd trace_data_file:dir r_dir_perms; -allow adbd trace_data_file:file r_file_perms; - -# adb pull /data/misc/profman. -allow adbd profman_dump_data_file:dir r_dir_perms; -allow adbd profman_dump_data_file:file r_file_perms; - -# adb push/pull sdcard. -allow adbd tmpfs:dir search; -allow adbd rootfs:lnk_file r_file_perms; # /sdcard symlink -allow adbd tmpfs:lnk_file r_file_perms; # /mnt/sdcard symlink -allow adbd sdcard_type:dir create_dir_perms; -allow adbd sdcard_type:file create_file_perms; - -# adb pull /data/anr/traces.txt -allow adbd anr_data_file:dir r_dir_perms; -allow adbd anr_data_file:file r_file_perms; - -# Set service.adb.*, sys.powerctl, and sys.usb.ffs.ready properties. -set_prop(adbd, shell_prop) -set_prop(adbd, powerctl_prop) -set_prop(adbd, ffs_prop) -set_prop(adbd, exported_ffs_prop) - -# Access device logging gating property -get_prop(adbd, device_logging_prop) - -# Read device's serial number from system properties -get_prop(adbd, serialno_prop) - -# Read whether or not Test Harness Mode is enabled -get_prop(adbd, test_harness_prop) - -# Read device's overlayfs related properties and files -userdebug_or_eng(` - get_prop(adbd, persistent_properties_ready_prop) - r_dir_file(adbd, sysfs_dt_firmware_android) -') - -# Run /system/bin/bu -allow adbd system_file:file rx_file_perms; - -# Perform binder IPC to surfaceflinger (screencap) -# XXX Run screencap in a separate domain? -binder_use(adbd) -binder_call(adbd, surfaceflinger) -binder_call(adbd, gpuservice) -# b/13188914 -allow adbd gpu_device:chr_file rw_file_perms; -allow adbd ion_device:chr_file rw_file_perms; -r_dir_file(adbd, system_file) - -# Needed for various screenshots -hal_client_domain(adbd, hal_graphics_allocator) - -# Read /data/misc/adb/adb_keys. -allow adbd adb_keys_file:dir search; -allow adbd adb_keys_file:file r_file_perms; - -userdebug_or_eng(` - # Write debugging information to /data/adb - # when persist.adb.trace_mask is set - # https://code.google.com/p/android/issues/detail?id=72895 - allow adbd adb_data_file:dir rw_dir_perms; - allow adbd adb_data_file:file create_file_perms; -') - -# ndk-gdb invokes adb forward to forward the gdbserver socket. -allow adbd app_data_file:dir search; -allow adbd app_data_file:sock_file write; -allow adbd appdomain:unix_stream_socket connectto; - -# ndk-gdb invokes adb pull of app_process, linker, and libc.so. -allow adbd zygote_exec:file r_file_perms; -allow adbd system_file:file r_file_perms; - -# Allow pulling the SELinux policy for CTS purposes -allow adbd selinuxfs:dir r_dir_perms; -allow adbd selinuxfs:file r_file_perms; -allow adbd kernel:security read_policy; -allow adbd service_contexts_file:file r_file_perms; -allow adbd file_contexts_file:file r_file_perms; -allow adbd seapp_contexts_file:file r_file_perms; -allow adbd property_contexts_file:file r_file_perms; -allow adbd sepolicy_file:file r_file_perms; - -# Allow pulling config.gz for CTS purposes -allow adbd config_gz:file r_file_perms; - -allow adbd gpu_service:service_manager find; -allow adbd surfaceflinger_service:service_manager find; -allow adbd bootchart_data_file:dir search; -allow adbd bootchart_data_file:file r_file_perms; - -# Allow access to external storage; we have several visible mount points under /storage -# and symlinks to primary storage at places like /storage/sdcard0 and /mnt/user/0/primary -allow adbd storage_file:dir r_dir_perms; -allow adbd storage_file:lnk_file r_file_perms; -allow adbd mnt_user_file:dir r_dir_perms; -allow adbd mnt_user_file:lnk_file r_file_perms; - -# Access to /data/media. -# This should be removed if sdcardfs is modified to alter the secontext for its -# accesses to the underlying FS. -allow adbd media_rw_data_file:dir create_dir_perms; -allow adbd media_rw_data_file:file create_file_perms; - -r_dir_file(adbd, apk_data_file) - -allow adbd rootfs:dir r_dir_perms; - -# Allow to pull Perfetto traces. -allow adbd perfetto_traces_data_file:file r_file_perms; -allow adbd perfetto_traces_data_file:dir r_dir_perms; - -# Connect to shell and use a socket transferred from it. -# Used for e.g. abb. -allow adbd shell:unix_stream_socket { read write }; -allow adbd shell:fd use; - -### -### Neverallow rules -### - -# No transitions from adbd to non-shell, non-crash_dump domains. adbd only ever -# transitions to the shell domain (except when it crashes). In particular, we -# never want to see a transition from adbd to su (aka "adb root") -neverallow adbd { domain -crash_dump -shell }:process transition; -neverallow adbd { domain userdebug_or_eng(`-su') recovery_only(`-shell') }:process dyntransition; diff --git a/prebuilts/api/29.0/private/apex_test_prepostinstall.te b/prebuilts/api/29.0/private/apex_test_prepostinstall.te deleted file mode 100644 index f1bc2145e..000000000 --- a/prebuilts/api/29.0/private/apex_test_prepostinstall.te +++ /dev/null @@ -1,20 +0,0 @@ -# APEX pre- & post-install test. -# -# Allow to run pre- and post-install hooks for APEX test modules -# in debuggable builds. - -type apex_test_prepostinstall, domain, coredomain; -type apex_test_prepostinstall_exec, system_file_type, exec_type, file_type; - -userdebug_or_eng(` - # /dev/zero - allow apex_test_prepostinstall apexd:fd use; - # Logwrapper. - create_pty(apex_test_prepostinstall) - # Logwrapper executing sh. - allow apex_test_prepostinstall shell_exec:file rx_file_perms; - # Logwrapper exec. - allow apex_test_prepostinstall system_file:file execute_no_trans; - # Ls. - allow apex_test_prepostinstall toolbox_exec:file rx_file_perms; -') diff --git a/prebuilts/api/29.0/private/apexd.te b/prebuilts/api/29.0/private/apexd.te deleted file mode 100644 index 07554d754..000000000 --- a/prebuilts/api/29.0/private/apexd.te +++ /dev/null @@ -1,116 +0,0 @@ -typeattribute apexd coredomain; - -init_daemon_domain(apexd) - -# Allow creating, reading and writing of APEX files/dirs in the APEX data dir -allow apexd apex_data_file:dir create_dir_perms; -allow apexd apex_data_file:file create_file_perms; - -# Allow creating, reading and writing of APEX files/dirs in the APEX metadata dir -allow apexd metadata_file:dir search; -allow apexd apex_metadata_file:dir create_dir_perms; -allow apexd apex_metadata_file:file create_file_perms; - -# allow apexd to create loop devices with /dev/loop-control -allow apexd loop_control_device:chr_file rw_file_perms; -# allow apexd to access loop devices -allow apexd loop_device:blk_file rw_file_perms; -allowxperm apexd loop_device:blk_file ioctl { - LOOP_GET_STATUS64 - LOOP_SET_STATUS64 - LOOP_SET_FD - LOOP_SET_BLOCK_SIZE - LOOP_SET_DIRECT_IO - LOOP_CLR_FD - BLKFLSBUF -}; -# allow apexd to access /dev/block -allow apexd block_device:dir r_dir_perms; - -# allow apexd to access /dev/block/dm-* (device-mapper entries) -allow apexd dm_device:chr_file rw_file_perms; -allow apexd dm_device:blk_file rw_file_perms; - -# sys_admin is required to access the device-mapper and mount -allow apexd self:global_capability_class_set sys_admin; - -# allow apexd to create a mount point in /apex -allow apexd apex_mnt_dir:dir create_dir_perms; -# allow apexd to mount in /apex -allow apexd apex_mnt_dir:filesystem { mount unmount }; -allow apexd apex_mnt_dir:dir mounton; -# allow apexd to create symlinks in /apex -allow apexd apex_mnt_dir:lnk_file create_file_perms; -# allow apexd to unlink apex files in /data/apex/active -# note that apexd won't be able to unlink files in /data/app-staging/session_XXXX, -# because it doesn't have write permission for staging_data_file object. -allow apexd staging_data_file:file unlink; - -# allow apexd to read files from /data/app-staging and hardlink them to /data/apex. -allow apexd staging_data_file:dir r_dir_perms; -allow apexd staging_data_file:file { r_file_perms link }; - -# allow apexd to read files from /vendor/apex - -# Unmount and mount filesystems -allow apexd labeledfs:filesystem { mount unmount }; - -# /sys directory tree traversal -allow apexd sysfs_type:dir search; -# Configure read-ahead of dm-verity and loop devices -# for dm-X -allow apexd sysfs_dm:dir r_dir_perms; -allow apexd sysfs_dm:file rw_file_perms; -# for loopX -allow apexd sysfs_loop:dir r_dir_perms; -allow apexd sysfs_loop:file rw_file_perms; - -# Spawning a libbinder thread results in a dac_override deny, -# /dev/cpuset/tasks is owned by system. -# -# See b/35323867#comment3 -dontaudit apexd self:global_capability_class_set { dac_override dac_read_search }; - -# Allow apexd to log to the kernel. -allow apexd kmsg_device:chr_file w_file_perms; - -# Allow apexd to reboot device. Required for rollbacks of apexes that are -# not covered by rollback manager. -set_prop(apexd, powerctl_prop) - -# Find the vold service, and call into vold to manage FS checkpoints -allow apexd vold_service:service_manager find; -binder_call(apexd, vold) - -# Apex pre- & post-install permission. - -# Allow self-execute for the fork mount helper. -allow apexd apexd_exec:file execute_no_trans; - -# Unshare and make / private so that hooks cannot influence the -# running system. -allow apexd rootfs:dir mounton; - -# Allow to execute shell for pre- and postinstall scripts. A transition -# rule is required, thus restricted to execute and not execute_no_trans. -allow apexd shell_exec:file { r_file_perms execute }; - -# apexd is using bootstrap bionic -allow apexd system_bootstrap_lib_file:dir r_dir_perms; -allow apexd system_bootstrap_lib_file:file { execute read open getattr map }; - -# Allow transition to ART APEX preinstall domain. -domain_auto_trans(apexd, art_apex_preinstall_exec, art_apex_preinstall) -# Allow transition to ART APEX postinstall domain. -domain_auto_trans(apexd, art_apex_postinstall_exec, art_apex_postinstall) - -# Allow transition to test APEX preinstall domain. -userdebug_or_eng(` - domain_auto_trans(apexd, apex_test_prepostinstall_exec, apex_test_prepostinstall) -') - -neverallow { domain -apexd -init } apex_data_file:dir no_w_dir_perms; -neverallow { domain -apexd -init } apex_metadata_file:dir no_w_dir_perms; -neverallow { domain -apexd -init -kernel } apex_data_file:file no_w_file_perms; -neverallow { domain -apexd -init -kernel } apex_metadata_file:file no_w_file_perms; -neverallow { domain -apexd } apex_mnt_dir:lnk_file no_w_file_perms; diff --git a/prebuilts/api/29.0/private/app.te b/prebuilts/api/29.0/private/app.te deleted file mode 100644 index 0d9a2b46f..000000000 --- a/prebuilts/api/29.0/private/app.te +++ /dev/null @@ -1,17 +0,0 @@ -# Allow apps to read the Test Harness Mode property. This property is used in -# the implementation of ActivityManager.isDeviceInTestHarnessMode() -get_prop(appdomain, test_harness_prop) - -neverallow appdomain system_server:udp_socket { - accept append bind create ioctl listen lock name_bind - relabelfrom relabelto setattr shutdown }; - -# Transition to a non-app domain. -# Exception for the shell and su domains, can transition to runas, etc. -# Exception for crash_dump to allow for app crash reporting. -# Exception for renderscript binaries (/system/bin/bcc, /system/bin/ld.mc) -# to allow renderscript to create privileged executable files. -neverallow { appdomain -shell userdebug_or_eng(`-su') } - { domain -appdomain -crash_dump -rs }:process { transition }; -neverallow { appdomain -shell userdebug_or_eng(`-su') } - { domain -appdomain }:process { dyntransition }; diff --git a/prebuilts/api/29.0/private/app_neverallows.te b/prebuilts/api/29.0/private/app_neverallows.te deleted file mode 100644 index 3a5923e6d..000000000 --- a/prebuilts/api/29.0/private/app_neverallows.te +++ /dev/null @@ -1,293 +0,0 @@ -### -### neverallow rules for untrusted app domains -### - -define(`all_untrusted_apps',`{ - ephemeral_app - isolated_app - mediaprovider - untrusted_app - untrusted_app_25 - untrusted_app_27 - untrusted_app_all -}') -# Receive or send uevent messages. -neverallow all_untrusted_apps domain:netlink_kobject_uevent_socket *; - -# Receive or send generic netlink messages -neverallow all_untrusted_apps domain:netlink_socket *; - -# Too much leaky information in debugfs. It's a security -# best practice to ensure these files aren't readable. -neverallow all_untrusted_apps { debugfs_type -debugfs_kcov }:file read; -neverallow {all_untrusted_apps userdebug_or_eng(`-domain')} debugfs_type:{ file lnk_file } read; - -# Do not allow untrusted apps to register services. -# Only trusted components of Android should be registering -# services. -neverallow all_untrusted_apps service_manager_type:service_manager add; - -# Do not allow untrusted apps to use VendorBinder -neverallow all_untrusted_apps vndbinder_device:chr_file *; -neverallow all_untrusted_apps vndservice_manager_type:service_manager *; - -# Do not allow untrusted apps to connect to the property service -# or set properties. b/10243159 -neverallow { all_untrusted_apps -mediaprovider } property_socket:sock_file write; -neverallow { all_untrusted_apps -mediaprovider } init:unix_stream_socket connectto; -neverallow { all_untrusted_apps -mediaprovider } property_type:property_service set; - -# net.dns properties are not a public API. Temporarily exempt pre-Oreo apps, -# but otherwise disallow untrusted apps from reading this property. -neverallow { all_untrusted_apps -untrusted_app_25 } net_dns_prop:file read; - -# Shared libraries created by trusted components within an app home -# directory can be dlopen()ed. To maintain the W^X property, these files -# must never be writable to the app. -neverallow all_untrusted_apps app_exec_data_file:file - { append create link relabelfrom relabelto rename setattr write }; - -# Block calling execve() on files in an apps home directory. -# This is a W^X violation (loading executable code from a writable -# home directory). For compatibility, allow for targetApi <= 28. -# b/112357170 -neverallow { - all_untrusted_apps - -untrusted_app_25 - -untrusted_app_27 - -runas_app -} { app_data_file privapp_data_file }:file execute_no_trans; - -# Do not allow untrusted apps to invoke dex2oat. This was historically required -# by ART for compiling secondary dex files but has been removed in Q. -# Exempt legacy apps (targetApi<=28) for compatibility. -neverallow { - all_untrusted_apps - -untrusted_app_25 - -untrusted_app_27 -} dex2oat_exec:file no_x_file_perms; - -# Do not allow untrusted apps to be assigned mlstrustedsubject. -# This would undermine the per-user isolation model being -# enforced via levelFrom=user in seapp_contexts and the mls -# constraints. As there is no direct way to specify a neverallow -# on attribute assignment, this relies on the fact that fork -# permission only makes sense within a domain (hence should -# never be granted to any other domain within mlstrustedsubject) -# and an untrusted app is allowed fork permission to itself. -neverallow all_untrusted_apps mlstrustedsubject:process fork; - -# Do not allow untrusted apps to hard link to any files. -# In particular, if an untrusted app links to other app data -# files, installd will not be able to guarantee the deletion -# of the linked to file. Hard links also contribute to security -# bugs, so we want to ensure untrusted apps never have this -# capability. -neverallow all_untrusted_apps file_type:file link; - -# Do not allow untrusted apps to access network MAC address file -neverallow all_untrusted_apps sysfs_mac_address:file no_rw_file_perms; - -# Do not allow any write access to files in /sys -neverallow all_untrusted_apps sysfs_type:file { no_w_file_perms no_x_file_perms }; - -# Apps may never access the default sysfs label. -neverallow all_untrusted_apps sysfs:file no_rw_file_perms; - -# Restrict socket ioctls. Either 1. disallow privileged ioctls, 2. disallow the -# ioctl permission, or 3. disallow the socket class. -neverallowxperm all_untrusted_apps domain:{ icmp_socket rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; -neverallow all_untrusted_apps *:{ netlink_route_socket netlink_selinux_socket } ioctl; -neverallow all_untrusted_apps *:{ - socket netlink_socket packet_socket key_socket appletalk_socket - netlink_tcpdiag_socket netlink_nflog_socket - netlink_xfrm_socket netlink_audit_socket - netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket - netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket - netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket - netlink_rdma_socket netlink_crypto_socket sctp_socket - ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket - atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket - bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket - alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket xdp_socket -} *; - -# Do not allow untrusted apps access to /cache -neverallow { all_untrusted_apps -mediaprovider } { cache_file cache_recovery_file }:dir ~{ r_dir_perms }; -neverallow { all_untrusted_apps -mediaprovider } { cache_file cache_recovery_file }:file ~{ read getattr }; - -# Do not allow untrusted apps to create/unlink files outside of its sandbox, -# internal storage or sdcard. -# World accessible data locations allow application to fill the device -# with unaccounted for data. This data will not get removed during -# application un-installation. -neverallow { all_untrusted_apps -mediaprovider } { - fs_type - -sdcard_type - file_type - -app_data_file # The apps sandbox itself - -privapp_data_file - -app_exec_data_file # stored within the app sandbox directory - -media_rw_data_file # Internal storage. Known that apps can - # leave artfacts here after uninstall. - -user_profile_data_file # Access to profile files - userdebug_or_eng(` - -method_trace_data_file # only on ro.debuggable=1 - -coredump_file # userdebug/eng only - ') -}:dir_file_class_set { create unlink }; - -# No untrusted component should be touching /dev/fuse -neverallow all_untrusted_apps fuse_device:chr_file *; - -# Do not allow untrusted apps to directly open the tun_device -neverallow all_untrusted_apps tun_device:chr_file open; -# The tun_device ioctls below are not allowed, to prove equivalence -# to the kernel patch at -# https://android.googlesource.com/kernel/common/+/11cee2be0c2062ba88f04eb51196506f870a3b5d%5E%21 -neverallowxperm all_untrusted_apps tun_device:chr_file ioctl { - SIOCGIFHWADDR - SIOCSIFHWADDR - TUNATTACHFILTER - TUNDETACHFILTER - TUNGETFEATURES - TUNGETFILTER - TUNGETSNDBUF - TUNGETVNETHDRSZ - TUNSETDEBUG - TUNSETGROUP - TUNSETIFF - TUNSETLINK - TUNSETNOCSUM - TUNSETOFFLOAD - TUNSETOWNER - TUNSETPERSIST - TUNSETQUEUE - TUNSETSNDBUF - TUNSETTXFILTER - TUNSETVNETHDRSZ -}; - -# Only allow appending to /data/anr/traces.txt (b/27853304, b/18340553) -neverallow all_untrusted_apps anr_data_file:file ~{ open append }; -neverallow all_untrusted_apps anr_data_file:dir ~search; - -# Avoid reads from generically labeled /proc files -# Create a more specific label if needed -neverallow all_untrusted_apps { - proc - proc_asound - proc_filesystems - proc_kmsg - proc_loadavg - proc_mounts - proc_pagetypeinfo - proc_slabinfo - proc_stat - proc_swaps - proc_uptime - proc_version - proc_vmallocinfo - proc_vmstat -}:file { no_rw_file_perms no_x_file_perms }; - -# Avoid all access to kernel configuration -neverallow all_untrusted_apps config_gz:file { no_rw_file_perms no_x_file_perms }; - -# Do not allow untrusted apps access to preloads data files -neverallow all_untrusted_apps preloads_data_file:file no_rw_file_perms; - -# Locking of files on /system could lead to denial of service attacks -# against privileged system components -neverallow all_untrusted_apps system_file:file lock; - -# Do not permit untrusted apps to perform actions on HwBinder service_manager -# other than find actions for services listed below -neverallow all_untrusted_apps *:hwservice_manager ~find; - -# Do not permit access from apps which host arbitrary code to HwBinder services, -# except those considered sufficiently safe for access from such apps. -# The two main reasons for this are: -# 1. HwBinder servers do not perform client authentication because HIDL -# currently does not expose caller UID information and, even if it did, many -# HwBinder services either operate at a level below that of apps (e.g., HALs) -# or must not rely on app identity for authorization. Thus, to be safe, the -# default assumption is that every HwBinder service treats all its clients as -# equally authorized to perform operations offered by the service. -# 2. HAL servers (a subset of HwBinder services) contain code with higher -# incidence rate of security issues than system/core components and have -# access to lower layes of the stack (all the way down to hardware) thus -# increasing opportunities for bypassing the Android security model. -# -# Safe services include: -# - same process services: because they by definition run in the process -# of the client and thus have the same access as the client domain in which -# the process runs -# - coredomain_hwservice: are considered safe because they do not pose risks -# associated with reason #2 above. -# - hal_configstore_ISurfaceFlingerConfigs: becuase it has specifically been -# designed for use by any domain. -# - hal_graphics_allocator_hwservice: because these operations are also offered -# by surfaceflinger Binder service, which apps are permitted to access -# - hal_omx_hwservice: because this is a HwBinder version of the mediacodec -# Binder service which apps were permitted to access. -# - hal_codec2_hwservice: because this is a newer version of hal_omx_hwservice. -neverallow all_untrusted_apps { - hwservice_manager_type - -fwk_bufferhub_hwservice - -hal_cas_hwservice - -hal_codec2_hwservice - -hal_configstore_ISurfaceFlingerConfigs - -hal_graphics_allocator_hwservice - -hal_graphics_mapper_hwservice - -hal_neuralnetworks_hwservice - -hal_omx_hwservice - -hal_renderscript_hwservice - -hidl_allocator_hwservice - -hidl_manager_hwservice - -hidl_memory_hwservice - -hidl_token_hwservice - -untrusted_app_visible_hwservice_violators -}:hwservice_manager find; - -# SELinux is not an API for untrusted apps to use -neverallow all_untrusted_apps selinuxfs:file no_rw_file_perms; - -# Restrict *Binder access from apps to HAL domains. We can only do this on full -# Treble devices where *Binder communications between apps and HALs are tightly -# restricted. -full_treble_only(` - neverallow all_untrusted_apps { - halserverdomain - -coredomain - -hal_configstore_server - -hal_graphics_allocator_server - -hal_cas_server - -hal_neuralnetworks_server - -hal_omx_server - -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone - -untrusted_app_visible_halserver_violators - }:binder { call transfer }; -') - -# Untrusted apps are not allowed to find mediaextractor update service. - -# Access to /proc/tty/drivers, to allow apps to determine if they -# are running in an emulated environment. -# b/33214085 b/33814662 b/33791054 b/33211769 -# https://github.com/strazzere/anti-emulator/blob/master/AntiEmulator/src/diff/strazzere/anti/emulator/FindEmulator.java -# This will go away in a future Android release -neverallow { all_untrusted_apps -untrusted_app_25 } proc_tty_drivers:file r_file_perms; -neverallow all_untrusted_apps proc_tty_drivers:file ~r_file_perms; - -# Untrusted apps are not allowed to use cgroups. -neverallow all_untrusted_apps cgroup:file *; - -# Untrusted apps targetting >= Q are not allowed to open /dev/ashmem directly. -# They must use ASharedMemory NDK API instead. -neverallow { - all_untrusted_apps - -ephemeral_app - -untrusted_app_25 - -untrusted_app_27 -} ashmem_device:chr_file open; diff --git a/prebuilts/api/29.0/private/app_zygote.te b/prebuilts/api/29.0/private/app_zygote.te deleted file mode 100644 index e44c1beb2..000000000 --- a/prebuilts/api/29.0/private/app_zygote.te +++ /dev/null @@ -1,158 +0,0 @@ -typeattribute app_zygote coredomain; - -###### -###### Policy below is different from regular zygote-spawned apps -###### - -# The app_zygote needs to be able to transition domains. -typeattribute app_zygote mlstrustedsubject; - -# Allow access to temporary files, which is normally permitted through -# a domain macro. -tmpfs_domain(app_zygote); - -# Set the UID/GID of the process. -# This will be further limited to a range of isolated UIDs with seccomp. -allow app_zygote self:global_capability_class_set { setgid setuid }; -# Drop capabilities from bounding set. -allow app_zygote self:global_capability_class_set setpcap; -# Switch SELinux context to isolated app domain. -allow app_zygote self:process setcurrent; -allow app_zygote isolated_app:process dyntransition; - -# For JIT -allow app_zygote self:process execmem; - -# Allow app_zygote to stat the files that it opens. It must -# be able to inspect them so that it can reopen them on fork -# if necessary: b/30963384. -allow app_zygote debugfs_trace_marker:file getattr; - -# get system_server process group -allow app_zygote system_server:process getpgid; - -# Interaction between the app_zygote and its children. -allow app_zygote isolated_app:process setpgid; - -# TODO (b/63631799) fix this access -dontaudit app_zygote mnt_expand_file:dir getattr; - -# Get seapp_contexts -allow app_zygote seapp_contexts_file:file r_file_perms; -# Check validity of SELinux context before use. -selinux_check_context(app_zygote) -# Check SELinux permissions. -selinux_check_access(app_zygote) - -###### -###### Policy below is shared with regular zygote-spawned apps -###### - -# Child of zygote. -allow app_zygote zygote:fd use; -allow app_zygote zygote:process sigchld; - -# For ART (read /data/dalvik-cache). -r_dir_file(app_zygote, dalvikcache_data_file); -allow app_zygote dalvikcache_data_file:file execute; - -# Allow reading/executing installed binaries to enable preloading -# application data -allow app_zygote apk_data_file:dir r_dir_perms; -allow app_zygote apk_data_file:file { r_file_perms execute }; - -# Allow app_zygote access to /vendor/overlay -r_dir_file(app_zygote, vendor_overlay_file) - -allow app_zygote system_data_file:lnk_file r_file_perms; -allow app_zygote system_data_file:file { getattr read map }; - -##### -##### Neverallow -##### - -# Only permit transition to isolated_app. -neverallow app_zygote { domain -isolated_app }:process dyntransition; - -# Only setcon() transitions, no exec() based transitions, except for crash_dump. -neverallow app_zygote { domain -crash_dump }:process transition; - -# Must not exec() a program without changing domains. -# Having said that, exec() above is not allowed. -neverallow app_zygote *:file execute_no_trans; - -# The only way to enter this domain is for the zygote to fork a new -# app_zygote child. -neverallow { domain -zygote } app_zygote:process dyntransition; - -# Disallow write access to properties. -neverallow app_zygote property_socket:sock_file write; -neverallow app_zygote property_type:property_service set; - -# Should not have any access to non-app data files. -neverallow app_zygote { - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file -}:file { rwx_file_perms }; - -neverallow app_zygote { - service_manager_type - -activity_service - -ashmem_device_service - -webviewupdate_service -}:service_manager find; - -# Isolated apps should not be able to access the driver directly. -neverallow app_zygote gpu_device:chr_file { rwx_file_perms }; - -# Do not allow app_zygote access to /cache. -neverallow app_zygote cache_file:dir ~{ r_dir_perms }; -neverallow app_zygote cache_file:file ~{ read getattr }; - -# Do not allow most socket access. This is socket_class_set, excluding unix_dgram_socket, -# unix_stream_socket, and netlink_selinux_socket. -neverallow app_zygote domain:{ - socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket - appletalk_socket netlink_route_socket netlink_tcpdiag_socket - netlink_nflog_socket netlink_xfrm_socket netlink_audit_socket - netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket - netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket - netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket - sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket - x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket - pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket - rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket - alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket -} *; - -# Only allow app_zygote to talk to the logd socket, and su/heapprofd on eng/userdebug -# This is because cap_setuid/cap_setgid allow to forge uid/gid in SCM_CREDENTIALS. -# Think twice before changing. -neverallow app_zygote { - domain - -app_zygote - -logd - userdebug_or_eng(`-su') - userdebug_or_eng(`-heapprofd') -}:unix_dgram_socket *; - -neverallow app_zygote { - domain - -app_zygote - userdebug_or_eng(`-su') - userdebug_or_eng(`-heapprofd') -}:unix_stream_socket *; - -# Never allow ptrace -neverallow app_zygote *:process ptrace; - -# Do not allow access to Bluetooth-related system properties. -# neverallow rules for Bluetooth-related data files are listed above. -neverallow app_zygote { - bluetooth_a2dp_offload_prop - bluetooth_audio_hal_prop - bluetooth_prop - exported_bluetooth_prop -}:file create_file_perms; diff --git a/prebuilts/api/29.0/private/art_apex_boot_integrity.te b/prebuilts/api/29.0/private/art_apex_boot_integrity.te deleted file mode 100644 index ba02083c3..000000000 --- a/prebuilts/api/29.0/private/art_apex_boot_integrity.te +++ /dev/null @@ -1,28 +0,0 @@ -# This command set checks the integrity of boot classpath ART -# artifacts in /data, potentially removing them. - -type art_apex_boot_integrity, domain, coredomain; -type art_apex_boot_integrity_exec, system_file_type, exec_type, file_type; - -# Technically not a daemon but we do want the transition from init domain to -# art_apex_boot_integrity to occur. -init_daemon_domain(art_apex_boot_integrity) - -# Read dalvik cache directories, remove entries. -allow art_apex_boot_integrity dalvikcache_data_file:dir { r_dir_perms write remove_name }; -# Read and possibly delete dalvik cache files. -allow art_apex_boot_integrity dalvikcache_data_file:file { r_file_perms unlink }; - -# Allow art_apex_boot_integrity to execute itself using #!/system/bin/sh -allow art_apex_boot_integrity shell_exec:file rx_file_perms; - -# Allow running the mv and rm/rmdir commands using art_apex_boot_integrity -# permissions. -allow art_apex_boot_integrity toolbox_exec:file rx_file_perms; - -# Fsverity in the same domain. -allow art_apex_boot_integrity system_file:file execute_no_trans; -# Fsverity work. -allowxperm art_apex_boot_integrity dalvikcache_data_file:file ioctl { - FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY -}; diff --git a/prebuilts/api/29.0/private/art_apex_postinstall.te b/prebuilts/api/29.0/private/art_apex_postinstall.te deleted file mode 100644 index 576ed2006..000000000 --- a/prebuilts/api/29.0/private/art_apex_postinstall.te +++ /dev/null @@ -1,31 +0,0 @@ -# ART APEX postinstall. -# - -type art_apex_postinstall, domain, coredomain; -type art_apex_postinstall_exec, system_file_type, exec_type, file_type; - -# /system/bin/sh (see b/126787589). -allow art_apex_postinstall apexd:fd use; - -# Read temp dirs and files. Move directories. -allow art_apex_postinstall ota_data_file:dir { r_dir_perms write rename remove_name relabelfrom reparent }; -allow art_apex_postinstall ota_data_file:file { r_file_perms relabelfrom }; -# We're deleting the old /data/dalvik-cache/* and move the new ones -# over. -allow art_apex_postinstall dalvikcache_data_file:dir { create_dir_perms relabelto }; -allow art_apex_postinstall dalvikcache_data_file:file { r_file_perms unlink relabelto }; - -# Required for relabel. -allow art_apex_postinstall file_contexts_file:file r_file_perms; -allow art_apex_postinstall self:global_capability_class_set sys_admin; - -# Script helpers. -allow art_apex_postinstall shell_exec:file rx_file_perms; -allow art_apex_postinstall toolbox_exec:file rx_file_perms; - -# Fsverity in the same domain. -allow art_apex_postinstall system_file:file execute_no_trans; -# Fsverity work. -allowxperm art_apex_postinstall ota_data_file:file ioctl { - FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY -}; diff --git a/prebuilts/api/29.0/private/art_apex_preinstall.te b/prebuilts/api/29.0/private/art_apex_preinstall.te deleted file mode 100644 index 12b102041..000000000 --- a/prebuilts/api/29.0/private/art_apex_preinstall.te +++ /dev/null @@ -1,33 +0,0 @@ -# ART APEX preinstall. -# - -type art_apex_preinstall, domain, coredomain; -type art_apex_preinstall_exec, system_file_type, exec_type, file_type; - -# /system/bin/sh (see b/126787589). -allow art_apex_preinstall apexd:fd use; - -# Create temp dirs and files under /data/ota. -allow art_apex_preinstall ota_data_file:dir create_dir_perms; -allow art_apex_preinstall ota_data_file:file create_file_perms; -# We mount /data/ota/dalvik-cache over /data/dalvik-cache in our -# mount namespace. -allow art_apex_preinstall dalvikcache_data_file:dir { r_dir_perms mounton }; -allow art_apex_preinstall self:capability sys_admin; - -# Script helpers. -allow art_apex_preinstall shell_exec:file rx_file_perms; -allow art_apex_preinstall toolbox_exec:file rx_file_perms; - -# Execute subscripts in the same domain. -allow art_apex_preinstall art_apex_preinstall_exec:file execute_no_trans; - -# Run dex2oat. -domain_auto_trans(art_apex_preinstall, dex2oat_exec, dex2oat) - -# Fsverity in the same domain. -allow art_apex_preinstall system_file:file execute_no_trans; -# Fsverity work. -allowxperm art_apex_preinstall ota_data_file:file ioctl { - FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY -}; diff --git a/prebuilts/api/29.0/private/asan_extract.te b/prebuilts/api/29.0/private/asan_extract.te deleted file mode 100644 index 1c20d78ec..000000000 --- a/prebuilts/api/29.0/private/asan_extract.te +++ /dev/null @@ -1,8 +0,0 @@ -# type_transition must be private policy the domain_trans rules could stay -# public, but conceptually should go with this -# Technically not a daemon but we do want the transition from init domain to -# asan_extract to occur. -with_asan(` -typeattribute asan_extract coredomain; -init_daemon_domain(asan_extract) -') diff --git a/prebuilts/api/29.0/private/ashmemd.te b/prebuilts/api/29.0/private/ashmemd.te deleted file mode 100644 index 08df515f3..000000000 --- a/prebuilts/api/29.0/private/ashmemd.te +++ /dev/null @@ -1,9 +0,0 @@ -typeattribute ashmemd coredomain; -type ashmemd_exec, exec_type, file_type, system_file_type; - -init_daemon_domain(ashmemd) - -binder_use(ashmemd) -add_service(ashmemd, ashmem_device_service) - -allow ashmemd ashmem_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/private/atrace.te b/prebuilts/api/29.0/private/atrace.te deleted file mode 100644 index 75be78727..000000000 --- a/prebuilts/api/29.0/private/atrace.te +++ /dev/null @@ -1,78 +0,0 @@ -# Domain for atrace process. -# It is spawned either by traced_probes or by init for the boottrace service. - -type atrace, domain, coredomain; -type atrace_exec, exec_type, file_type, system_file_type; - -# boottrace services uses /data/misc/boottrace/categories -allow atrace boottrace_data_file:dir search; -allow atrace boottrace_data_file:file r_file_perms; - -# Allow atrace to access tracefs. -allow atrace debugfs_tracing:dir r_dir_perms; -allow atrace debugfs_tracing:file rw_file_perms; -allow atrace debugfs_trace_marker:file getattr; - -# Allow atrace to write data when a pipe is used for stdout/stderr -# This is used by Perfetto to capture the output on error in atrace. -allow atrace traced_probes:fd use; -allow atrace traced_probes:fifo_file write; - -# atrace sets debug.atrace.* properties -set_prop(atrace, debug_prop) - -# atrace pokes all the binder-enabled processes at startup with a -# SYSPROPS_TRANSACTION, to tell them to reload the debug.atrace.* properties. - -# Allow discovery of binder services. -allow atrace { - service_manager_type - -apex_service - -incident_service - -iorapd_service - -netd_service - -dnsresolver_service - -stats_service - -dumpstate_service - -installd_service - -vold_service - -lpdump_service -}:service_manager { find }; -allow atrace servicemanager:service_manager list; - -# Allow notifying the processes hosting specific binder services that -# trace-related system properties have changed. -binder_use(atrace) -allow atrace healthd:binder call; -allow atrace surfaceflinger:binder call; -allow atrace system_server:binder call; -allow atrace cameraserver:binder call; - -# Similarly, on debug builds, allow specific HALs to be notified that -# trace-related system properties have changed. -userdebug_or_eng(` - # List HAL interfaces. - allow atrace hwservicemanager:hwservice_manager list; - # Notify the camera HAL. - hal_client_domain(atrace, hal_camera) -') - -# Remove logspam from notification attempts to non-whitelisted services. -dontaudit atrace hwservice_manager_type:hwservice_manager find; -dontaudit atrace service_manager_type:service_manager find; -dontaudit atrace domain:binder call; - -# atrace can call atrace HAL -hal_client_domain(atrace, hal_atrace) - -get_prop(atrace, hwservicemanager_prop) - -userdebug_or_eng(` - # atrace is generally invoked as a standalone binary from shell or perf - # daemons like Perfetto traced_probes. However, in userdebug builds, there is - # a further option to run atrace as an init daemon for boot tracing. - init_daemon_domain(atrace) - - allow atrace debugfs_tracing_debug:dir r_dir_perms; - allow atrace debugfs_tracing_debug:file rw_file_perms; -') diff --git a/prebuilts/api/29.0/private/audioserver.te b/prebuilts/api/29.0/private/audioserver.te deleted file mode 100644 index 07051af33..000000000 --- a/prebuilts/api/29.0/private/audioserver.te +++ /dev/null @@ -1,98 +0,0 @@ -# audioserver - audio services daemon - -typeattribute audioserver coredomain; - -type audioserver_exec, exec_type, file_type, system_file_type; -init_daemon_domain(audioserver) -tmpfs_domain(audioserver) - -r_dir_file(audioserver, sdcard_type) - -binder_use(audioserver) -binder_call(audioserver, binderservicedomain) -binder_call(audioserver, appdomain) -binder_service(audioserver) - -hal_client_domain(audioserver, hal_allocator) -# /system/lib64/hw for always-passthrough Allocator HAL ashmem / mapper .so -r_dir_file(audioserver, system_file) - -hal_client_domain(audioserver, hal_audio) - -userdebug_or_eng(` - # used for TEE sink - pcm capture for debug. - allow audioserver media_data_file:dir create_dir_perms; - allow audioserver audioserver_data_file:dir create_dir_perms; - allow audioserver audioserver_data_file:file create_file_perms; - - # ptrace to processes in the same domain for memory leak detection - allow audioserver self:process ptrace; -') - -add_service(audioserver, audioserver_service) -allow audioserver activity_service:service_manager find; -allow audioserver appops_service:service_manager find; -allow audioserver batterystats_service:service_manager find; -allow audioserver external_vibrator_service:service_manager find; -allow audioserver package_native_service:service_manager find; -allow audioserver permission_service:service_manager find; -allow audioserver power_service:service_manager find; -allow audioserver scheduling_policy_service:service_manager find; -allow audioserver mediametrics_service:service_manager find; - -# Allow read/write access to bluetooth-specific properties -set_prop(audioserver, bluetooth_a2dp_offload_prop) -set_prop(audioserver, bluetooth_audio_hal_prop) -set_prop(audioserver, bluetooth_prop) -set_prop(audioserver, exported_bluetooth_prop) - -# Grant access to audio files to audioserver -allow audioserver audio_data_file:dir ra_dir_perms; -allow audioserver audio_data_file:file create_file_perms; - -# allow access to ALSA MMAP FDs for AAudio API -allow audioserver audio_device:chr_file { read write }; - -not_full_treble(`allow audioserver audio_device:dir r_dir_perms;') -not_full_treble(`allow audioserver audio_device:chr_file rw_file_perms;') - -# For A2DP bridge which is loaded directly into audioserver -unix_socket_connect(audioserver, bluetooth, bluetooth) - -# Allow shell commands from ADB and shell for CTS testing/dumping -allow audioserver adbd:fd use; -allow audioserver adbd:unix_stream_socket { read write }; -allow audioserver shell:fifo_file { read write }; - -# Allow shell commands from ADB for CTS testing/dumping -userdebug_or_eng(` - allow audioserver su:fd use; - allow audioserver su:fifo_file { read write }; - allow audioserver su:unix_stream_socket { read write }; -') - -# Allow write access to log tag property -set_prop(audioserver, log_tag_prop); - -### -### neverallow rules -### - -# audioserver should never execute any executable without a -# domain transition -neverallow audioserver { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow audioserver domain:{ tcp_socket udp_socket rawip_socket } *; - -# Allow using wake locks -wakelock_use(audioserver) diff --git a/prebuilts/api/29.0/private/auditctl.te b/prebuilts/api/29.0/private/auditctl.te deleted file mode 100644 index f634d3d1d..000000000 --- a/prebuilts/api/29.0/private/auditctl.te +++ /dev/null @@ -1,18 +0,0 @@ -# -# /system/bin/auditctl executed for logd -# -# Performs maintenance of the kernel auditing system, including -# setting rate limits on SELinux denials. -# - -type auditctl, domain, coredomain; -type auditctl_exec, file_type, system_file_type, exec_type; - -# Uncomment the line below to put this domain into permissive -# mode. This helps speed SELinux policy development. -# userdebug_or_eng(`permissive auditctl;') - -init_daemon_domain(auditctl) - -allow auditctl self:global_capability_class_set audit_control; -allow auditctl self:netlink_audit_socket { create_socket_perms_no_ioctl nlmsg_write }; diff --git a/prebuilts/api/29.0/private/binder_in_vendor_violators.te b/prebuilts/api/29.0/private/binder_in_vendor_violators.te deleted file mode 100644 index 4a1218e1d..000000000 --- a/prebuilts/api/29.0/private/binder_in_vendor_violators.te +++ /dev/null @@ -1 +0,0 @@ -allow binder_in_vendor_violators binder_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/private/binderservicedomain.te b/prebuilts/api/29.0/private/binderservicedomain.te deleted file mode 100644 index 0891ee5b2..000000000 --- a/prebuilts/api/29.0/private/binderservicedomain.te +++ /dev/null @@ -1,22 +0,0 @@ -# Rules common to all binder service domains - -# Allow dumpstate and incidentd to collect information from binder services -allow binderservicedomain { dumpstate incidentd }:fd use; -allow binderservicedomain { dumpstate incidentd }:unix_stream_socket { read write getopt getattr }; -allow binderservicedomain { dumpstate incidentd }:fifo_file { getattr write }; -allow binderservicedomain shell_data_file:file { getattr write }; - -# Allow dumpsys to work from adb shell or the serial console -allow binderservicedomain devpts:chr_file rw_file_perms; -allow binderservicedomain console_device:chr_file rw_file_perms; - -# Receive and write to a pipe received over Binder from an app. -allow binderservicedomain appdomain:fd use; -allow binderservicedomain appdomain:fifo_file write; - -# allow all services to run permission checks -allow binderservicedomain permission_service:service_manager find; - -allow binderservicedomain keystore:keystore_key { get_state get insert delete exist list sign verify }; - -use_keystore(binderservicedomain) diff --git a/prebuilts/api/29.0/private/blank_screen.te b/prebuilts/api/29.0/private/blank_screen.te deleted file mode 100644 index 51310d180..000000000 --- a/prebuilts/api/29.0/private/blank_screen.te +++ /dev/null @@ -1,6 +0,0 @@ -type blank_screen, domain, coredomain; -type blank_screen_exec, exec_type, file_type, system_file_type; - -init_daemon_domain(blank_screen) - -hal_client_domain(blank_screen, hal_light) diff --git a/prebuilts/api/29.0/private/blkid.te b/prebuilts/api/29.0/private/blkid.te deleted file mode 100644 index 4e972ab95..000000000 --- a/prebuilts/api/29.0/private/blkid.te +++ /dev/null @@ -1,22 +0,0 @@ -# blkid called from vold - -typeattribute blkid coredomain; - -type blkid_exec, system_file_type, exec_type, file_type; - -# Allowed read-only access to encrypted devices to extract UUID/label -allow blkid block_device:dir search; -allow blkid userdata_block_device:blk_file r_file_perms; -allow blkid dm_device:blk_file r_file_perms; - -# Allow stdin/out back to vold -allow blkid vold:fd use; -allow blkid vold:fifo_file { read write getattr }; - -# For blkid launched through popen() -allow blkid blkid_exec:file rx_file_perms; - -# Only allow entry from vold -neverallow { domain -vold } blkid:process transition; -neverallow * blkid:process dyntransition; -neverallow blkid { file_type fs_type -blkid_exec -shell_exec }:file entrypoint; diff --git a/prebuilts/api/29.0/private/blkid_untrusted.te b/prebuilts/api/29.0/private/blkid_untrusted.te deleted file mode 100644 index 125677157..000000000 --- a/prebuilts/api/29.0/private/blkid_untrusted.te +++ /dev/null @@ -1,37 +0,0 @@ -# blkid for untrusted block devices - -typeattribute blkid_untrusted coredomain; - -# Allowed read-only access to vold block devices to extract UUID/label -allow blkid_untrusted block_device:dir search; -allow blkid_untrusted vold_device:blk_file r_file_perms; - -# Allow stdin/out back to vold -allow blkid_untrusted vold:fd use; -allow blkid_untrusted vold:fifo_file { read write getattr }; - -# For blkid launched through popen() -allow blkid_untrusted blkid_exec:file rx_file_perms; - -### -### neverallow rules -### - -# Untrusted blkid should never be run on block devices holding sensitive data -neverallow blkid_untrusted { - boot_block_device - frp_block_device - metadata_block_device - recovery_block_device - root_block_device - swap_block_device - system_block_device - userdata_block_device - cache_block_device - dm_device -}:blk_file no_rw_file_perms; - -# Only allow entry from vold via blkid binary -neverallow { domain -vold } blkid_untrusted:process transition; -neverallow * blkid_untrusted:process dyntransition; -neverallow blkid_untrusted { file_type fs_type -blkid_exec -shell_exec }:file entrypoint; diff --git a/prebuilts/api/29.0/private/bluetooth.te b/prebuilts/api/29.0/private/bluetooth.te deleted file mode 100644 index b96fc58f2..000000000 --- a/prebuilts/api/29.0/private/bluetooth.te +++ /dev/null @@ -1,83 +0,0 @@ -# bluetooth app - -typeattribute bluetooth coredomain; - -app_domain(bluetooth) -net_domain(bluetooth) - -# Socket creation under /data/misc/bluedroid. -type_transition bluetooth bluetooth_data_file:sock_file bluetooth_socket; - -# Allow access to net_admin ioctls -allowxperm bluetooth self:udp_socket ioctl priv_sock_ioctls; - -wakelock_use(bluetooth); - -# Data file accesses. -allow bluetooth bluetooth_data_file:dir create_dir_perms; -allow bluetooth bluetooth_data_file:notdevfile_class_set create_file_perms; -allow bluetooth bluetooth_logs_data_file:dir rw_dir_perms; -allow bluetooth bluetooth_logs_data_file:file create_file_perms; - -# Socket creation under /data/misc/bluedroid. -allow bluetooth bluetooth_socket:sock_file create_file_perms; - -allow bluetooth self:global_capability_class_set net_admin; -allow bluetooth self:global_capability2_class_set wake_alarm; - -# tethering -allow bluetooth self:packet_socket create_socket_perms_no_ioctl; -allow bluetooth self:global_capability_class_set { net_admin net_raw net_bind_service }; -allow bluetooth self:tun_socket create_socket_perms_no_ioctl; -allow bluetooth tun_device:chr_file rw_file_perms; -allowxperm bluetooth tun_device:chr_file ioctl { TUNGETIFF TUNSETIFF }; -allow bluetooth efs_file:dir search; - -# allow Bluetooth to access uhid device for HID profile -allow bluetooth uhid_device:chr_file rw_file_perms; - -# proc access. -allow bluetooth proc_bluetooth_writable:file rw_file_perms; - -# Allow write access to bluetooth specific properties -set_prop(bluetooth, bluetooth_a2dp_offload_prop) -set_prop(bluetooth, bluetooth_audio_hal_prop) -set_prop(bluetooth, bluetooth_prop) -set_prop(bluetooth, exported_bluetooth_prop) -set_prop(bluetooth, pan_result_prop) - -allow bluetooth audioserver_service:service_manager find; -allow bluetooth bluetooth_service:service_manager find; -allow bluetooth drmserver_service:service_manager find; -allow bluetooth mediaserver_service:service_manager find; -allow bluetooth radio_service:service_manager find; -allow bluetooth app_api_service:service_manager find; -allow bluetooth system_api_service:service_manager find; -allow bluetooth network_stack_service:service_manager find; - -# already open bugreport file descriptors may be shared with -# the bluetooth process, from a file in -# /data/data/com.android.shell/files/bugreports/bugreport-*. -allow bluetooth shell_data_file:file read; - -# Bluetooth audio needs RT scheduling to meet deadlines, allow sys_nice -allow bluetooth self:global_capability_class_set sys_nice; - -hal_client_domain(bluetooth, hal_bluetooth) -hal_client_domain(bluetooth, hal_telephony) - -# Bluetooth A2DP offload requires binding with audio HAL -hal_client_domain(bluetooth, hal_audio) - -read_runtime_log_tags(bluetooth) - -### -### Neverallow rules -### -### These are things that the bluetooth app should NEVER be able to do -### - -# Superuser capabilities. -# Bluetooth requires net_{admin,raw,bind_service} and wake_alarm and block_suspend and sys_nice. -neverallow bluetooth self:global_capability_class_set ~{ net_admin net_raw net_bind_service sys_nice}; -neverallow bluetooth self:global_capability2_class_set ~{ wake_alarm block_suspend }; diff --git a/prebuilts/api/29.0/private/bluetoothdomain.te b/prebuilts/api/29.0/private/bluetoothdomain.te deleted file mode 100644 index fe4f0e663..000000000 --- a/prebuilts/api/29.0/private/bluetoothdomain.te +++ /dev/null @@ -1,2 +0,0 @@ -# Allow clients to use a socket provided by the bluetooth app. -allow bluetoothdomain bluetooth:unix_stream_socket { getopt setopt getattr read write ioctl shutdown }; diff --git a/prebuilts/api/29.0/private/bootanim.te b/prebuilts/api/29.0/private/bootanim.te deleted file mode 100644 index 20ff1934b..000000000 --- a/prebuilts/api/29.0/private/bootanim.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute bootanim coredomain; - -init_daemon_domain(bootanim) - -# b/68864350 -dontaudit bootanim unlabeled:dir search; diff --git a/prebuilts/api/29.0/private/bootstat.te b/prebuilts/api/29.0/private/bootstat.te deleted file mode 100644 index 806144cf6..000000000 --- a/prebuilts/api/29.0/private/bootstat.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute bootstat coredomain; - -init_daemon_domain(bootstat) diff --git a/prebuilts/api/29.0/private/bpfloader.te b/prebuilts/api/29.0/private/bpfloader.te deleted file mode 100644 index 00d4c7902..000000000 --- a/prebuilts/api/29.0/private/bpfloader.te +++ /dev/null @@ -1,30 +0,0 @@ -# bpf program loader -type bpfloader, domain; -type bpfloader_exec, system_file_type, exec_type, file_type; -typeattribute bpfloader coredomain; - -# These permission is required for pin bpf program for netd. -allow bpfloader fs_bpf:dir create_dir_perms; -allow bpfloader fs_bpf:file create_file_perms; -allow bpfloader devpts:chr_file { read write }; - -# Allow bpfloader to create bpf maps and programs. The map_read and map_write permission is needed -# for retrieving a pinned map when bpfloader do a run time restart. -allow bpfloader self:bpf { prog_load prog_run map_read map_write map_create }; - -allow bpfloader self:global_capability_class_set sys_admin; - -### -### Neverallow rules -### -neverallow { domain -bpfloader } *:bpf { map_create prog_load }; -neverallow { domain -bpfloader -netd -netutils_wrapper } *:bpf prog_run; -neverallow { domain -bpfloader -init } bpfloader_exec:file { execute execute_no_trans }; -neverallow bpfloader domain:{ tcp_socket udp_socket rawip_socket } *; -# only system_server, netd and bpfloader can read/write the bpf maps -neverallow { domain -system_server -netd -bpfloader} *:bpf { map_read map_write }; - -# No domain should be allowed to ptrace bpfloader -neverallow { domain userdebug_or_eng(`-llkd') } bpfloader:process ptrace; - -set_prop(bpfloader, bpf_progs_loaded_prop) diff --git a/prebuilts/api/29.0/private/bufferhubd.te b/prebuilts/api/29.0/private/bufferhubd.te deleted file mode 100644 index 012eb2027..000000000 --- a/prebuilts/api/29.0/private/bufferhubd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute bufferhubd coredomain; - -init_daemon_domain(bufferhubd) diff --git a/prebuilts/api/29.0/private/bug_map b/prebuilts/api/29.0/private/bug_map deleted file mode 100644 index 4b29fde9d..000000000 --- a/prebuilts/api/29.0/private/bug_map +++ /dev/null @@ -1,31 +0,0 @@ -dnsmasq netd fifo_file 77868789 -dnsmasq netd unix_stream_socket 77868789 -init app_data_file file 77873135 -init cache_file blk_file 77873135 -init logpersist file 77873135 -init nativetest_data_file dir 77873135 -init pstorefs dir 77873135 -init shell_data_file dir 77873135 -init shell_data_file file 77873135 -init shell_data_file lnk_file 77873135 -init shell_data_file sock_file 77873135 -init system_data_file chr_file 77873135 -isolated_app privapp_data_file dir 119596573 -isolated_app app_data_file dir 120394782 -mediaextractor app_data_file file 77923736 -mediaextractor radio_data_file file 77923736 -mediaprovider cache_file blk_file 77925342 -mediaprovider mnt_media_rw_file dir 77925342 -mediaprovider shell_data_file dir 77925342 -netd priv_app unix_stream_socket 77870037 -netd untrusted_app unix_stream_socket 77870037 -netd untrusted_app_25 unix_stream_socket 77870037 -netd untrusted_app_27 unix_stream_socket 77870037 -platform_app nfc_data_file dir 74331887 -system_server crash_dump process 73128755 -system_server sdcardfs file 77856826 -system_server storage_stub_file dir 112609936 -system_server zygote process 77856826 -usbd usbd capability 72472544 -vold system_data_file file 124108085 -zygote untrusted_app_25 process 77925912 diff --git a/prebuilts/api/29.0/private/cameraserver.te b/prebuilts/api/29.0/private/cameraserver.te deleted file mode 100644 index 2be3c9ea3..000000000 --- a/prebuilts/api/29.0/private/cameraserver.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute cameraserver coredomain; - -typeattribute cameraserver camera_service_server; - -init_daemon_domain(cameraserver) -tmpfs_domain(cameraserver) diff --git a/prebuilts/api/29.0/private/charger.te b/prebuilts/api/29.0/private/charger.te deleted file mode 100644 index 65109deff..000000000 --- a/prebuilts/api/29.0/private/charger.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute charger coredomain; diff --git a/prebuilts/api/29.0/private/clatd.te b/prebuilts/api/29.0/private/clatd.te deleted file mode 100644 index 0fa774a27..000000000 --- a/prebuilts/api/29.0/private/clatd.te +++ /dev/null @@ -1,36 +0,0 @@ -# 464xlat daemon -type clatd, domain, coredomain; -type clatd_exec, system_file_type, exec_type, file_type; - -net_domain(clatd) - -r_dir_file(clatd, proc_net_type) -userdebug_or_eng(` - auditallow clatd proc_net_type:{ dir file lnk_file } { getattr open read }; -') - -# Access objects inherited from netd. -allow clatd netd:fd use; -allow clatd netd:fifo_file { read write }; -# TODO: Check whether some or all of these sockets should be close-on-exec. -allow clatd netd:netlink_kobject_uevent_socket { read write }; -allow clatd netd:netlink_nflog_socket { read write }; -allow clatd netd:netlink_route_socket { read write }; -allow clatd netd:udp_socket { read write }; -allow clatd netd:unix_stream_socket { read write }; -allow clatd netd:unix_dgram_socket { read write }; - -allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid }; - -# clatd calls mmap(MAP_LOCKED) with a 1M buffer. MAP_LOCKED first checks -# capable(CAP_IPC_LOCK), and then checks to see the requested amount is -# under RLIMIT_MEMLOCK. If the latter check succeeds clatd won't have -# needed CAP_IPC_LOCK. But this is not guaranteed to succeed on all devices -# so we permit any requests we see from clatd asking for this capability. -# See https://android-review.googlesource.com/127940 and -# https://b.corp.google.com/issues/21736319 -allow clatd self:global_capability_class_set ipc_lock; - -allow clatd self:netlink_route_socket nlmsg_write; -allow clatd self:{ packet_socket rawip_socket } create_socket_perms_no_ioctl; -allow clatd tun_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/private/compat/26.0/26.0.cil b/prebuilts/api/29.0/private/compat/26.0/26.0.cil deleted file mode 100644 index abd5fc33f..000000000 --- a/prebuilts/api/29.0/private/compat/26.0/26.0.cil +++ /dev/null @@ -1,783 +0,0 @@ -;; attributes removed from current policy -(typeattribute hal_wifi_keystore) -(typeattribute hal_wifi_keystore_client) -(typeattribute hal_wifi_keystore_server) - -;; types removed from current policy -(type untrusted_v2_app) -(type asan_reboot_prop) -(type commontime_management_service) -(type log_device) -(type mediacasserver_service) -(type mediacodec) -(type mediacodec_exec) -(type qtaguid_proc) -(type reboot_data_file) -(type tracing_shell_writable) -(type tracing_shell_writable_debug) -(type vold_socket) -(type webview_zygote_socket) -(type rild) - -(typeattributeset accessibility_service_26_0 (accessibility_service)) -(typeattributeset account_service_26_0 (account_service)) -(typeattributeset activity_service_26_0 (activity_service)) -(typeattributeset adbd_26_0 (adbd)) -(typeattributeset adb_data_file_26_0 (adb_data_file)) -(typeattributeset adbd_socket_26_0 (adbd_socket)) -(typeattributeset adb_keys_file_26_0 (adb_keys_file)) -(typeattributeset alarm_device_26_0 (alarm_device)) -(typeattributeset alarm_service_26_0 (alarm_service)) -(typeattributeset anr_data_file_26_0 (anr_data_file)) -(typeattributeset apk_data_file_26_0 (apk_data_file)) -(typeattributeset apk_private_data_file_26_0 (apk_private_data_file)) -(typeattributeset apk_private_tmp_file_26_0 (apk_private_tmp_file)) -(typeattributeset apk_tmp_file_26_0 (apk_tmp_file)) -(typeattributeset app_data_file_26_0 (app_data_file privapp_data_file)) -(typeattributeset app_fuse_file_26_0 (app_fuse_file)) -(typeattributeset app_fusefs_26_0 (app_fusefs)) -(typeattributeset appops_service_26_0 (appops_service)) -(typeattributeset appwidget_service_26_0 (appwidget_service)) -(typeattributeset asan_reboot_prop_26_0 (asan_reboot_prop)) -(typeattributeset asec_apk_file_26_0 (asec_apk_file)) -(typeattributeset asec_image_file_26_0 (asec_image_file)) -(typeattributeset asec_public_file_26_0 (asec_public_file)) -(typeattributeset ashmem_device_26_0 (ashmem_device)) -(typeattributeset assetatlas_service_26_0 (assetatlas_service)) -(typeattributeset audio_data_file_26_0 (audio_data_file)) -(typeattributeset audio_device_26_0 (audio_device)) -(typeattributeset audiohal_data_file_26_0 (audiohal_data_file)) -(typeattributeset audio_prop_26_0 (audio_prop)) -(typeattributeset audio_seq_device_26_0 (audio_seq_device)) -(typeattributeset audioserver_26_0 (audioserver)) -(typeattributeset audioserver_data_file_26_0 (audioserver_data_file)) -(typeattributeset audioserver_service_26_0 (audioserver_service)) -(typeattributeset audio_service_26_0 (audio_service)) -(typeattributeset audio_timer_device_26_0 (audio_timer_device)) -(typeattributeset autofill_service_26_0 (autofill_service)) -(typeattributeset backup_data_file_26_0 (backup_data_file)) -(typeattributeset backup_service_26_0 (backup_service)) -(typeattributeset batteryproperties_service_26_0 (batteryproperties_service)) -(typeattributeset battery_service_26_0 (battery_service)) -(typeattributeset batterystats_service_26_0 (batterystats_service)) -(typeattributeset binder_device_26_0 (binder_device)) -(typeattributeset binfmt_miscfs_26_0 (binfmt_miscfs)) -(typeattributeset blkid_26_0 (blkid)) -(typeattributeset blkid_untrusted_26_0 (blkid_untrusted)) -(typeattributeset block_device_26_0 (block_device)) -(typeattributeset bluetooth_26_0 (bluetooth)) -(typeattributeset bluetooth_data_file_26_0 (bluetooth_data_file)) -(typeattributeset bluetooth_efs_file_26_0 (bluetooth_efs_file)) -(typeattributeset bluetooth_logs_data_file_26_0 (bluetooth_logs_data_file)) -(typeattributeset bluetooth_manager_service_26_0 (bluetooth_manager_service)) -(typeattributeset bluetooth_prop_26_0 (bluetooth_prop)) -(typeattributeset bluetooth_service_26_0 (bluetooth_service)) -(typeattributeset bluetooth_socket_26_0 (bluetooth_socket)) -(typeattributeset bootanim_26_0 (bootanim)) -(typeattributeset bootanim_exec_26_0 (bootanim_exec)) -(typeattributeset boot_block_device_26_0 (boot_block_device)) -(typeattributeset bootchart_data_file_26_0 (bootchart_data_file)) -(typeattributeset bootstat_26_0 (bootstat)) -(typeattributeset bootstat_data_file_26_0 (bootstat_data_file)) -(typeattributeset bootstat_exec_26_0 (bootstat_exec)) -(typeattributeset boottime_prop_26_0 (boottime_prop)) -(typeattributeset boottrace_data_file_26_0 (boottrace_data_file)) -(typeattributeset bufferhubd_26_0 (bufferhubd)) -(typeattributeset bufferhubd_exec_26_0 (bufferhubd_exec)) -(typeattributeset cache_backup_file_26_0 (cache_backup_file)) -(typeattributeset cache_block_device_26_0 (cache_block_device)) -(typeattributeset cache_file_26_0 (cache_file)) -(typeattributeset cache_private_backup_file_26_0 (cache_private_backup_file)) -(typeattributeset cache_recovery_file_26_0 (cache_recovery_file)) -(typeattributeset camera_data_file_26_0 (camera_data_file)) -(typeattributeset camera_device_26_0 (camera_device)) -(typeattributeset cameraproxy_service_26_0 (cameraproxy_service)) -(typeattributeset cameraserver_26_0 (cameraserver)) -(typeattributeset cameraserver_exec_26_0 (cameraserver_exec)) -(typeattributeset cameraserver_service_26_0 (cameraserver_service)) -(typeattributeset cgroup_26_0 (cgroup)) -(typeattributeset charger_26_0 (charger)) -(typeattributeset clatd_26_0 (clatd)) -(typeattributeset clatd_exec_26_0 (clatd_exec)) -(typeattributeset clipboard_service_26_0 (clipboard_service)) -(typeattributeset commontime_management_service_26_0 (commontime_management_service)) -(typeattributeset companion_device_service_26_0 (companion_device_service)) -(typeattributeset configfs_26_0 (configfs)) -(typeattributeset config_prop_26_0 (config_prop)) -(typeattributeset connectivity_service_26_0 (connectivity_service)) -(typeattributeset connmetrics_service_26_0 (connmetrics_service)) -(typeattributeset console_device_26_0 (console_device)) -(typeattributeset consumer_ir_service_26_0 (consumer_ir_service)) -(typeattributeset content_service_26_0 (content_service)) -(typeattributeset contexthub_service_26_0 (contexthub_service)) -(typeattributeset coredump_file_26_0 (coredump_file)) -(typeattributeset country_detector_service_26_0 (country_detector_service)) -(typeattributeset coverage_service_26_0 (coverage_service)) -(typeattributeset cppreopt_prop_26_0 (cppreopt_prop)) -(typeattributeset cppreopts_26_0 (cppreopts)) -(typeattributeset cppreopts_exec_26_0 (cppreopts_exec)) -(typeattributeset cpuctl_device_26_0 (cpuctl_device)) -(typeattributeset cpuinfo_service_26_0 (cpuinfo_service)) -(typeattributeset crash_dump_26_0 (crash_dump)) -(typeattributeset crash_dump_exec_26_0 (crash_dump_exec)) -(typeattributeset ctl_bootanim_prop_26_0 (ctl_bootanim_prop)) -(typeattributeset ctl_bugreport_prop_26_0 (ctl_bugreport_prop)) -(typeattributeset ctl_console_prop_26_0 (ctl_console_prop)) -(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop)) -(typeattributeset ctl_dumpstate_prop_26_0 (ctl_dumpstate_prop)) -(typeattributeset ctl_fuse_prop_26_0 (ctl_fuse_prop)) -(typeattributeset ctl_mdnsd_prop_26_0 (ctl_mdnsd_prop)) -(typeattributeset ctl_rildaemon_prop_26_0 (ctl_rildaemon_prop)) -(typeattributeset dalvikcache_data_file_26_0 (dalvikcache_data_file)) -(typeattributeset dalvik_prop_26_0 (dalvik_prop)) -(typeattributeset dbinfo_service_26_0 (dbinfo_service)) -(typeattributeset debugfs_26_0 - ( debugfs - debugfs_wakeup_sources - )) -(typeattributeset debugfs_mmc_26_0 (debugfs_mmc)) -(typeattributeset debugfs_trace_marker_26_0 (debugfs_trace_marker)) -(typeattributeset debugfs_tracing_26_0 (debugfs_tracing)) -(typeattributeset debugfs_tracing_instances_26_0 (debugfs_tracing_instances)) -(typeattributeset debugfs_wifi_tracing_26_0 (debugfs_wifi_tracing)) -(typeattributeset debuggerd_prop_26_0 (debuggerd_prop)) -(typeattributeset debug_prop_26_0 (debug_prop)) -(typeattributeset default_android_hwservice_26_0 (default_android_hwservice)) -(typeattributeset default_android_service_26_0 (default_android_service)) -(typeattributeset default_android_vndservice_26_0 (default_android_vndservice)) -(typeattributeset default_prop_26_0 - ( default_prop pm_prop)) -(typeattributeset device_26_0 (device)) -(typeattributeset device_identifiers_service_26_0 (device_identifiers_service)) -(typeattributeset deviceidle_service_26_0 (deviceidle_service)) -(typeattributeset device_logging_prop_26_0 (device_logging_prop)) -(typeattributeset device_policy_service_26_0 (device_policy_service)) -(typeattributeset devicestoragemonitor_service_26_0 (devicestoragemonitor_service)) -(typeattributeset devpts_26_0 (devpts)) -(typeattributeset dex2oat_26_0 (dex2oat)) -(typeattributeset dex2oat_exec_26_0 (dex2oat_exec)) -(typeattributeset dhcp_26_0 (dhcp)) -(typeattributeset dhcp_data_file_26_0 (dhcp_data_file)) -(typeattributeset dhcp_exec_26_0 (dhcp_exec)) -(typeattributeset dhcp_prop_26_0 (dhcp_prop)) -(typeattributeset diskstats_service_26_0 (diskstats_service)) -(typeattributeset display_service_26_0 (display_service)) -(typeattributeset dm_device_26_0 (dm_device)) -(typeattributeset dnsmasq_26_0 (dnsmasq)) -(typeattributeset dnsmasq_exec_26_0 (dnsmasq_exec)) -(typeattributeset dnsproxyd_socket_26_0 (dnsproxyd_socket)) -(typeattributeset DockObserver_service_26_0 (DockObserver_service)) -(typeattributeset dreams_service_26_0 (dreams_service)) -(typeattributeset drm_data_file_26_0 (drm_data_file)) -(typeattributeset drmserver_26_0 (drmserver)) -(typeattributeset drmserver_exec_26_0 (drmserver_exec)) -(typeattributeset drmserver_service_26_0 (drmserver_service)) -(typeattributeset drmserver_socket_26_0 (drmserver_socket)) -(typeattributeset dropbox_service_26_0 (dropbox_service)) -(typeattributeset dumpstate_26_0 (dumpstate)) -(typeattributeset dumpstate_exec_26_0 (dumpstate_exec)) -(typeattributeset dumpstate_options_prop_26_0 (dumpstate_options_prop)) -(typeattributeset dumpstate_prop_26_0 (dumpstate_prop)) -(typeattributeset dumpstate_service_26_0 (dumpstate_service)) -(typeattributeset dumpstate_socket_26_0 (dumpstate_socket)) -(typeattributeset efs_file_26_0 (efs_file)) -(typeattributeset ephemeral_app_26_0 (ephemeral_app)) -(typeattributeset ethernet_service_26_0 (ethernet_service)) -(typeattributeset ffs_prop_26_0 (ffs_prop)) -(typeattributeset file_contexts_file_26_0 (file_contexts_file)) -(typeattributeset fingerprintd_26_0 (fingerprintd)) -(typeattributeset fingerprintd_data_file_26_0 (fingerprintd_data_file)) -(typeattributeset fingerprintd_exec_26_0 (fingerprintd_exec)) -(typeattributeset fingerprintd_service_26_0 (fingerprintd_service)) -(typeattributeset fingerprint_prop_26_0 (fingerprint_prop)) -(typeattributeset fingerprint_service_26_0 (fingerprint_service)) -(typeattributeset firstboot_prop_26_0 (firstboot_prop)) -(typeattributeset font_service_26_0 (font_service)) -(typeattributeset frp_block_device_26_0 (frp_block_device)) -(typeattributeset fsck_26_0 (fsck)) -(typeattributeset fsck_exec_26_0 (fsck_exec)) -(typeattributeset fscklogs_26_0 (fscklogs)) -(typeattributeset fsck_untrusted_26_0 (fsck_untrusted)) -(typeattributeset full_device_26_0 (full_device)) -(typeattributeset functionfs_26_0 (functionfs)) -(typeattributeset fuse_26_0 (fuse)) -(typeattributeset fuse_device_26_0 (fuse_device)) -(typeattributeset fwk_display_hwservice_26_0 (fwk_display_hwservice)) -(typeattributeset fwk_scheduler_hwservice_26_0 (fwk_scheduler_hwservice)) -(typeattributeset fwk_sensor_hwservice_26_0 (fwk_sensor_hwservice)) -(typeattributeset fwmarkd_socket_26_0 (fwmarkd_socket)) -(typeattributeset gatekeeperd_26_0 (gatekeeperd)) -(typeattributeset gatekeeper_data_file_26_0 (gatekeeper_data_file)) -(typeattributeset gatekeeperd_exec_26_0 (gatekeeperd_exec)) -(typeattributeset gatekeeper_service_26_0 (gatekeeper_service)) -(typeattributeset gfxinfo_service_26_0 (gfxinfo_service)) -(typeattributeset gps_control_26_0 (gps_control)) -(typeattributeset gpu_device_26_0 (gpu_device)) -(typeattributeset gpu_service_26_0 (gpu_service)) -(typeattributeset graphics_device_26_0 (graphics_device)) -(typeattributeset graphicsstats_service_26_0 (graphicsstats_service)) -(typeattributeset hal_audio_hwservice_26_0 (hal_audio_hwservice)) -(typeattributeset hal_bluetooth_hwservice_26_0 (hal_bluetooth_hwservice)) -(typeattributeset hal_bootctl_hwservice_26_0 (hal_bootctl_hwservice)) -(typeattributeset hal_camera_hwservice_26_0 (hal_camera_hwservice)) -(typeattributeset hal_configstore_ISurfaceFlingerConfigs_26_0 (hal_configstore_ISurfaceFlingerConfigs)) -(typeattributeset hal_contexthub_hwservice_26_0 (hal_contexthub_hwservice)) -(typeattributeset hal_drm_hwservice_26_0 (hal_drm_hwservice)) -(typeattributeset hal_dumpstate_hwservice_26_0 (hal_dumpstate_hwservice)) -(typeattributeset hal_fingerprint_hwservice_26_0 (hal_fingerprint_hwservice)) -(typeattributeset hal_fingerprint_service_26_0 (hal_fingerprint_service)) -(typeattributeset hal_gatekeeper_hwservice_26_0 (hal_gatekeeper_hwservice)) -(typeattributeset hal_gnss_hwservice_26_0 (hal_gnss_hwservice)) -(typeattributeset hal_graphics_allocator_hwservice_26_0 (hal_graphics_allocator_hwservice)) -(typeattributeset hal_graphics_composer_hwservice_26_0 (hal_graphics_composer_hwservice)) -(typeattributeset hal_graphics_mapper_hwservice_26_0 (hal_graphics_mapper_hwservice)) -(typeattributeset hal_health_hwservice_26_0 (hal_health_hwservice)) -(typeattributeset hal_ir_hwservice_26_0 (hal_ir_hwservice)) -(typeattributeset hal_keymaster_hwservice_26_0 (hal_keymaster_hwservice)) -(typeattributeset hal_light_hwservice_26_0 (hal_light_hwservice)) -(typeattributeset hal_memtrack_hwservice_26_0 (hal_memtrack_hwservice)) -(typeattributeset hal_nfc_hwservice_26_0 (hal_nfc_hwservice)) -(typeattributeset hal_oemlock_hwservice_26_0 (hal_oemlock_hwservice)) -(typeattributeset hal_omx_hwservice_26_0 (hal_omx_hwservice)) -(typeattributeset hal_power_hwservice_26_0 (hal_power_hwservice)) -(typeattributeset hal_renderscript_hwservice_26_0 (hal_renderscript_hwservice)) -(typeattributeset hal_sensors_hwservice_26_0 (hal_sensors_hwservice)) -(typeattributeset hal_telephony_hwservice_26_0 (hal_telephony_hwservice)) -(typeattributeset hal_thermal_hwservice_26_0 (hal_thermal_hwservice)) -(typeattributeset hal_tv_cec_hwservice_26_0 (hal_tv_cec_hwservice)) -(typeattributeset hal_tv_input_hwservice_26_0 (hal_tv_input_hwservice)) -(typeattributeset hal_usb_hwservice_26_0 (hal_usb_hwservice)) -(typeattributeset hal_vibrator_hwservice_26_0 (hal_vibrator_hwservice)) -(typeattributeset hal_vr_hwservice_26_0 (hal_vr_hwservice)) -(typeattributeset hal_weaver_hwservice_26_0 (hal_weaver_hwservice)) -(typeattributeset hal_wifi_hwservice_26_0 (hal_wifi_hwservice)) -(typeattributeset hal_wifi_supplicant_hwservice_26_0 (hal_wifi_supplicant_hwservice)) -(typeattributeset hardware_properties_service_26_0 (hardware_properties_service)) -(typeattributeset hardware_service_26_0 (hardware_service)) -(typeattributeset hci_attach_dev_26_0 (hci_attach_dev)) -(typeattributeset hdmi_control_service_26_0 (hdmi_control_service)) -(typeattributeset healthd_26_0 (healthd)) -(typeattributeset healthd_exec_26_0 (healthd_exec)) -(typeattributeset heapdump_data_file_26_0 (heapdump_data_file)) -(typeattributeset hidl_allocator_hwservice_26_0 (hidl_allocator_hwservice)) -(typeattributeset hidl_base_hwservice_26_0 (hidl_base_hwservice)) -(typeattributeset hidl_manager_hwservice_26_0 (hidl_manager_hwservice)) -(typeattributeset hidl_memory_hwservice_26_0 (hidl_memory_hwservice)) -(typeattributeset hidl_token_hwservice_26_0 (hidl_token_hwservice)) -(typeattributeset hwbinder_device_26_0 (hwbinder_device)) -(typeattributeset hw_random_device_26_0 (hw_random_device)) -(typeattributeset hwservice_contexts_file_26_0 (hwservice_contexts_file)) -(typeattributeset hwservicemanager_26_0 (hwservicemanager)) -(typeattributeset hwservicemanager_exec_26_0 (hwservicemanager_exec)) -(typeattributeset hwservicemanager_prop_26_0 (hwservicemanager_prop)) -(typeattributeset i2c_device_26_0 (i2c_device)) -(typeattributeset icon_file_26_0 (icon_file)) -(typeattributeset idmap_26_0 (idmap)) -(typeattributeset idmap_exec_26_0 (idmap_exec)) -(typeattributeset iio_device_26_0 (iio_device)) -(typeattributeset imms_service_26_0 (imms_service)) -(typeattributeset incident_26_0 (incident)) -(typeattributeset incidentd_26_0 (incidentd)) -(typeattributeset incident_data_file_26_0 (incident_data_file)) -(typeattributeset incident_service_26_0 (incident_service)) -(typeattributeset init_26_0 (init)) -(typeattributeset init_exec_26_0 (init_exec watchdogd_exec)) -(typeattributeset inotify_26_0 (inotify)) -(typeattributeset input_device_26_0 (input_device)) -(typeattributeset inputflinger_26_0 (inputflinger)) -(typeattributeset inputflinger_exec_26_0 (inputflinger_exec)) -(typeattributeset inputflinger_service_26_0 (inputflinger_service)) -(typeattributeset input_method_service_26_0 (input_method_service)) -(typeattributeset input_service_26_0 (input_service)) -(typeattributeset installd_26_0 (installd)) -(typeattributeset install_data_file_26_0 (install_data_file)) -(typeattributeset installd_exec_26_0 (installd_exec)) -(typeattributeset installd_service_26_0 (installd_service)) -(typeattributeset install_recovery_26_0 (install_recovery)) -(typeattributeset install_recovery_exec_26_0 (install_recovery_exec)) -(typeattributeset ion_device_26_0 (ion_device)) -(typeattributeset IProxyService_service_26_0 (IProxyService_service)) -(typeattributeset ipsec_service_26_0 (ipsec_service)) -(typeattributeset isolated_app_26_0 (isolated_app)) -(typeattributeset jobscheduler_service_26_0 (jobscheduler_service)) -(typeattributeset kernel_26_0 (kernel)) -(typeattributeset keychain_data_file_26_0 (keychain_data_file)) -(typeattributeset keychord_device_26_0 (keychord_device)) -(typeattributeset keystore_26_0 (keystore)) -(typeattributeset keystore_data_file_26_0 (keystore_data_file)) -(typeattributeset keystore_exec_26_0 (keystore_exec)) -(typeattributeset keystore_service_26_0 (keystore_service)) -(typeattributeset kmem_device_26_0 (kmem_device)) -(typeattributeset kmsg_device_26_0 (kmsg_device)) -(typeattributeset labeledfs_26_0 (labeledfs)) -(typeattributeset launcherapps_service_26_0 (launcherapps_service)) -(typeattributeset lmkd_26_0 (lmkd)) -(typeattributeset lmkd_exec_26_0 (lmkd_exec)) -(typeattributeset lmkd_socket_26_0 (lmkd_socket)) -(typeattributeset location_service_26_0 (location_service)) -(typeattributeset lock_settings_service_26_0 (lock_settings_service)) -(typeattributeset logcat_exec_26_0 (logcat_exec)) -(typeattributeset logd_26_0 (logd)) -(typeattributeset log_device_26_0 (log_device)) -(typeattributeset logd_exec_26_0 (logd_exec)) -(typeattributeset logd_prop_26_0 (logd_prop)) -(typeattributeset logdr_socket_26_0 (logdr_socket)) -(typeattributeset logd_socket_26_0 (logd_socket)) -(typeattributeset logdw_socket_26_0 (logdw_socket)) -(typeattributeset logpersist_26_0 (logpersist)) -(typeattributeset logpersistd_logging_prop_26_0 (logpersistd_logging_prop)) -(typeattributeset log_prop_26_0 (log_prop)) -(typeattributeset log_tag_prop_26_0 (log_tag_prop)) -(typeattributeset loop_control_device_26_0 (loop_control_device)) -(typeattributeset loop_device_26_0 (loop_device)) -(typeattributeset mac_perms_file_26_0 (mac_perms_file)) -(typeattributeset mdnsd_26_0 (mdnsd)) -(typeattributeset mdnsd_socket_26_0 (mdnsd_socket)) -(typeattributeset mdns_socket_26_0 (mdns_socket)) -(typeattributeset mediacasserver_service_26_0 (mediacasserver_service)) -(typeattributeset mediacodec_26_0 (mediacodec)) -(typeattributeset mediacodec_exec_26_0 (mediacodec_exec)) -(typeattributeset mediacodec_service_26_0 (mediacodec_service)) -(typeattributeset media_data_file_26_0 (media_data_file)) -(typeattributeset mediadrmserver_26_0 (mediadrmserver)) -(typeattributeset mediadrmserver_exec_26_0 (mediadrmserver_exec)) -(typeattributeset mediadrmserver_service_26_0 (mediadrmserver_service)) -(typeattributeset mediaextractor_26_0 (mediaextractor)) -(typeattributeset mediaextractor_exec_26_0 (mediaextractor_exec)) -(typeattributeset mediaextractor_service_26_0 (mediaextractor_service)) -(typeattributeset mediametrics_26_0 (mediametrics)) -(typeattributeset mediametrics_exec_26_0 (mediametrics_exec)) -(typeattributeset mediametrics_service_26_0 (mediametrics_service)) -(typeattributeset media_projection_service_26_0 (media_projection_service)) -(typeattributeset media_router_service_26_0 (media_router_service)) -(typeattributeset media_rw_data_file_26_0 (media_rw_data_file)) -(typeattributeset mediaserver_26_0 (mediaserver)) -(typeattributeset mediaserver_exec_26_0 (mediaserver_exec)) -(typeattributeset mediaserver_service_26_0 (mediaserver_service)) -(typeattributeset media_session_service_26_0 (media_session_service)) -(typeattributeset meminfo_service_26_0 (meminfo_service)) -(typeattributeset metadata_block_device_26_0 (metadata_block_device)) -(typeattributeset method_trace_data_file_26_0 (method_trace_data_file)) -(typeattributeset midi_service_26_0 (midi_service)) -(typeattributeset misc_block_device_26_0 (misc_block_device)) -(typeattributeset misc_logd_file_26_0 (misc_logd_file)) -(typeattributeset misc_user_data_file_26_0 (misc_user_data_file)) -(typeattributeset mmc_prop_26_0 (mmc_prop)) -(typeattributeset mnt_expand_file_26_0 (mnt_expand_file)) -(typeattributeset mnt_media_rw_file_26_0 (mnt_media_rw_file)) -(typeattributeset mnt_media_rw_stub_file_26_0 (mnt_media_rw_stub_file)) -(typeattributeset mnt_user_file_26_0 (mnt_user_file)) -(typeattributeset modprobe_26_0 (modprobe)) -(typeattributeset mount_service_26_0 (mount_service)) -(typeattributeset mqueue_26_0 (mqueue)) -(typeattributeset mtd_device_26_0 (mtd_device)) -(typeattributeset mtp_26_0 (mtp)) -(typeattributeset mtp_device_26_0 (mtp_device)) -(typeattributeset mtpd_socket_26_0 (mtpd_socket)) -(typeattributeset mtp_exec_26_0 (mtp_exec)) -(typeattributeset nativetest_data_file_26_0 (nativetest_data_file)) -(typeattributeset netd_26_0 (netd)) -(typeattributeset net_data_file_26_0 (net_data_file)) -(typeattributeset netd_exec_26_0 (netd_exec)) -(typeattributeset netd_listener_service_26_0 (netd_listener_service)) -(typeattributeset net_dns_prop_26_0 (net_dns_prop)) -(typeattributeset netd_service_26_0 (netd_service)) -(typeattributeset netd_socket_26_0 (netd_socket)) -(typeattributeset netif_26_0 (netif)) -(typeattributeset netpolicy_service_26_0 (netpolicy_service)) -(typeattributeset net_radio_prop_26_0 (net_radio_prop)) -(typeattributeset netstats_service_26_0 (netstats_service)) -(typeattributeset netutils_wrapper_26_0 (netutils_wrapper)) -(typeattributeset netutils_wrapper_exec_26_0 (netutils_wrapper_exec)) -(typeattributeset network_management_service_26_0 (network_management_service)) -(typeattributeset network_score_service_26_0 (network_score_service)) -(typeattributeset network_time_update_service_26_0 (network_time_update_service)) -(typeattributeset nfc_26_0 (nfc)) -(typeattributeset nfc_data_file_26_0 (nfc_data_file)) -(typeattributeset nfc_device_26_0 (nfc_device)) -(typeattributeset nfc_prop_26_0 (nfc_prop)) -(typeattributeset nfc_service_26_0 (nfc_service)) -(typeattributeset node_26_0 (node)) -(typeattributeset notification_service_26_0 (notification_service)) -(typeattributeset null_device_26_0 (null_device)) -(typeattributeset oemfs_26_0 (oemfs)) -(typeattributeset oem_lock_service_26_0 (oem_lock_service)) -(typeattributeset ota_data_file_26_0 (ota_data_file)) -(typeattributeset otadexopt_service_26_0 (otadexopt_service)) -(typeattributeset ota_package_file_26_0 (ota_package_file)) -(typeattributeset otapreopt_chroot_26_0 (otapreopt_chroot)) -(typeattributeset otapreopt_chroot_exec_26_0 (otapreopt_chroot_exec)) -(typeattributeset otapreopt_slot_26_0 (otapreopt_slot)) -(typeattributeset otapreopt_slot_exec_26_0 (otapreopt_slot_exec)) -(typeattributeset overlay_prop_26_0 (overlay_prop)) -(typeattributeset overlay_service_26_0 (overlay_service)) -(typeattributeset owntty_device_26_0 (owntty_device)) -(typeattributeset package_service_26_0 (package_service)) -(typeattributeset pan_result_prop_26_0 (pan_result_prop)) -(typeattributeset pdx_bufferhub_client_channel_socket_26_0 (pdx_bufferhub_client_channel_socket)) -(typeattributeset pdx_bufferhub_client_endpoint_socket_26_0 (pdx_bufferhub_client_endpoint_socket)) -(typeattributeset pdx_bufferhub_dir_26_0 (pdx_bufferhub_dir)) -(typeattributeset pdx_display_client_channel_socket_26_0 (pdx_display_client_channel_socket)) -(typeattributeset pdx_display_client_endpoint_socket_26_0 (pdx_display_client_endpoint_socket)) -(typeattributeset pdx_display_dir_26_0 (pdx_display_dir)) -(typeattributeset pdx_display_manager_channel_socket_26_0 (pdx_display_manager_channel_socket)) -(typeattributeset pdx_display_manager_endpoint_socket_26_0 (pdx_display_manager_endpoint_socket)) -(typeattributeset pdx_display_screenshot_channel_socket_26_0 (pdx_display_screenshot_channel_socket)) -(typeattributeset pdx_display_screenshot_endpoint_socket_26_0 (pdx_display_screenshot_endpoint_socket)) -(typeattributeset pdx_display_vsync_channel_socket_26_0 (pdx_display_vsync_channel_socket)) -(typeattributeset pdx_display_vsync_endpoint_socket_26_0 (pdx_display_vsync_endpoint_socket)) -(typeattributeset pdx_performance_client_channel_socket_26_0 (pdx_performance_client_channel_socket)) -(typeattributeset pdx_performance_client_endpoint_socket_26_0 (pdx_performance_client_endpoint_socket)) -(typeattributeset pdx_performance_dir_26_0 (pdx_performance_dir)) -(typeattributeset performanced_26_0 (performanced)) -(typeattributeset performanced_exec_26_0 (performanced_exec)) -(typeattributeset perfprofd_26_0 (perfprofd)) -(typeattributeset perfprofd_data_file_26_0 (perfprofd_data_file)) -(typeattributeset perfprofd_exec_26_0 (perfprofd_exec)) -(typeattributeset permission_service_26_0 (permission_service)) -(typeattributeset persist_debug_prop_26_0 (persist_debug_prop)) -(typeattributeset persistent_data_block_service_26_0 (persistent_data_block_service)) -(typeattributeset persistent_properties_ready_prop_26_0 (persistent_properties_ready_prop)) -(typeattributeset pinner_service_26_0 (pinner_service)) -(typeattributeset pipefs_26_0 (pipefs)) -(typeattributeset platform_app_26_0 (platform_app)) -(typeattributeset pmsg_device_26_0 (pmsg_device)) -(typeattributeset port_26_0 (port)) -(typeattributeset port_device_26_0 (port_device)) -(typeattributeset postinstall_26_0 (postinstall)) -(typeattributeset postinstall_dexopt_26_0 (postinstall_dexopt)) -(typeattributeset postinstall_file_26_0 (postinstall_file)) -(typeattributeset postinstall_mnt_dir_26_0 (postinstall_mnt_dir)) -(typeattributeset powerctl_prop_26_0 (powerctl_prop)) -(typeattributeset power_service_26_0 (power_service)) -(typeattributeset ppp_26_0 (ppp)) -(typeattributeset ppp_device_26_0 (ppp_device)) -(typeattributeset ppp_exec_26_0 (ppp_exec)) -(typeattributeset preloads_data_file_26_0 (preloads_data_file)) -(typeattributeset preloads_media_file_26_0 (preloads_media_file)) -(typeattributeset preopt2cachename_26_0 (preopt2cachename)) -(typeattributeset preopt2cachename_exec_26_0 (preopt2cachename_exec)) -(typeattributeset print_service_26_0 (print_service)) -(typeattributeset priv_app_26_0 (mediaprovider priv_app)) -(typeattributeset proc_26_0 - ( proc - proc_abi - proc_asound - proc_buddyinfo - proc_cmdline - proc_dirty - proc_diskstats - proc_extra_free_kbytes - proc_filesystems - proc_hostname - proc_hung_task - proc_kmsg - proc_loadavg - proc_max_map_count - proc_min_free_order_shift - proc_mounts - proc_page_cluster - proc_pagetypeinfo - proc_panic - proc_pid_max - proc_pipe_conf - proc_random - proc_sched - proc_slabinfo - proc_swaps - proc_uid_time_in_state - proc_uid_concurrent_active_time - proc_uid_concurrent_policy_time - proc_uid_cpupower - proc_uptime - proc_version - proc_vmallocinfo - proc_vmstat)) -(typeattributeset proc_bluetooth_writable_26_0 (proc_bluetooth_writable)) -(typeattributeset proc_cpuinfo_26_0 (proc_cpuinfo)) -(typeattributeset proc_drop_caches_26_0 (proc_drop_caches)) -(typeattributeset processinfo_service_26_0 (processinfo_service)) -(typeattributeset proc_interrupts_26_0 (proc_interrupts)) -(typeattributeset proc_iomem_26_0 (proc_iomem)) -(typeattributeset proc_meminfo_26_0 (proc_meminfo)) -(typeattributeset proc_misc_26_0 (proc_misc)) -(typeattributeset proc_modules_26_0 (proc_modules)) -(typeattributeset proc_net_26_0 - ( proc_net - proc_net_tcp_udp - proc_qtaguid_stat)) -(typeattributeset proc_overcommit_memory_26_0 (proc_overcommit_memory)) -(typeattributeset proc_perf_26_0 (proc_perf)) -(typeattributeset proc_security_26_0 (proc_security)) -(typeattributeset proc_stat_26_0 (proc_stat)) -(typeattributeset procstats_service_26_0 (procstats_service)) -(typeattributeset proc_sysrq_26_0 (proc_sysrq)) -(typeattributeset proc_timer_26_0 (proc_timer)) -(typeattributeset proc_tty_drivers_26_0 (proc_tty_drivers)) -(typeattributeset proc_uid_cputime_removeuid_26_0 (proc_uid_cputime_removeuid)) -(typeattributeset proc_uid_cputime_showstat_26_0 (proc_uid_cputime_showstat)) -(typeattributeset proc_uid_io_stats_26_0 (proc_uid_io_stats)) -(typeattributeset proc_uid_procstat_set_26_0 (proc_uid_procstat_set)) -(typeattributeset proc_zoneinfo_26_0 (proc_zoneinfo)) -(typeattributeset profman_26_0 (profman)) -(typeattributeset profman_dump_data_file_26_0 (profman_dump_data_file)) -(typeattributeset profman_exec_26_0 (profman_exec)) -(typeattributeset properties_device_26_0 (properties_device)) -(typeattributeset properties_serial_26_0 (properties_serial)) -(typeattributeset property_contexts_file_26_0 (property_contexts_file)) -(typeattributeset property_data_file_26_0 (property_data_file)) -(typeattributeset property_socket_26_0 (property_socket)) -(typeattributeset pstorefs_26_0 (pstorefs)) -(typeattributeset ptmx_device_26_0 (ptmx_device)) -(typeattributeset qtaguid_device_26_0 (qtaguid_device)) -(typeattributeset qtaguid_proc_26_0 - ( qtaguid_proc - proc_qtaguid_ctrl)) -(typeattributeset racoon_26_0 (racoon)) -(typeattributeset racoon_exec_26_0 (racoon_exec)) -(typeattributeset racoon_socket_26_0 (racoon_socket)) -(typeattributeset radio_26_0 (radio)) -(typeattributeset radio_data_file_26_0 (radio_data_file)) -(typeattributeset radio_device_26_0 (radio_device)) -(typeattributeset radio_prop_26_0 (radio_prop)) -(typeattributeset radio_service_26_0 (radio_service)) -(typeattributeset ram_device_26_0 (ram_device)) -(typeattributeset random_device_26_0 (random_device)) -(typeattributeset reboot_data_file_26_0 (reboot_data_file)) -(typeattributeset recovery_26_0 (recovery)) -(typeattributeset recovery_block_device_26_0 (recovery_block_device)) -(typeattributeset recovery_data_file_26_0 (recovery_data_file)) -(typeattributeset recovery_persist_26_0 (recovery_persist)) -(typeattributeset recovery_persist_exec_26_0 (recovery_persist_exec)) -(typeattributeset recovery_refresh_26_0 (recovery_refresh)) -(typeattributeset recovery_refresh_exec_26_0 (recovery_refresh_exec)) -(typeattributeset recovery_service_26_0 (recovery_service)) -(typeattributeset registry_service_26_0 (registry_service)) -(typeattributeset resourcecache_data_file_26_0 (resourcecache_data_file)) -(typeattributeset restorecon_prop_26_0 (restorecon_prop)) -(typeattributeset restrictions_service_26_0 (restrictions_service)) -(typeattributeset rild_26_0 (rild)) -(typeattributeset rild_debug_socket_26_0 (rild_debug_socket)) -(typeattributeset rild_socket_26_0 (rild_socket)) -(typeattributeset ringtone_file_26_0 (ringtone_file)) -(typeattributeset root_block_device_26_0 (root_block_device)) -(typeattributeset rootfs_26_0 (rootfs)) -(typeattributeset rpmsg_device_26_0 (rpmsg_device)) -(typeattributeset rtc_device_26_0 (rtc_device)) -(typeattributeset rttmanager_service_26_0 (rttmanager_service)) -(typeattributeset runas_26_0 (runas)) -(typeattributeset runas_exec_26_0 (runas_exec)) -(typeattributeset runtime_event_log_tags_file_26_0 (runtime_event_log_tags_file)) -(typeattributeset safemode_prop_26_0 (safemode_prop)) -(typeattributeset same_process_hal_file_26_0 - ( same_process_hal_file - vendor_public_lib_file)) -(typeattributeset samplingprofiler_service_26_0 (samplingprofiler_service)) -(typeattributeset scheduling_policy_service_26_0 (scheduling_policy_service)) -(typeattributeset sdcardd_26_0 (sdcardd)) -(typeattributeset sdcardd_exec_26_0 (sdcardd_exec)) -(typeattributeset sdcardfs_26_0 (sdcardfs)) -(typeattributeset seapp_contexts_file_26_0 (seapp_contexts_file)) -(typeattributeset search_service_26_0 (search_service)) -(typeattributeset sec_key_att_app_id_provider_service_26_0 (sec_key_att_app_id_provider_service)) -(typeattributeset selinuxfs_26_0 (selinuxfs)) -(typeattributeset sensors_device_26_0 (sensors_device)) -(typeattributeset sensorservice_service_26_0 (sensorservice_service)) -(typeattributeset sepolicy_file_26_0 (sepolicy_file)) -(typeattributeset serial_device_26_0 (serial_device)) -(typeattributeset serialno_prop_26_0 (serialno_prop)) -(typeattributeset serial_service_26_0 (serial_service)) -(typeattributeset service_contexts_file_26_0 (service_contexts_file nonplat_service_contexts_file)) -(typeattributeset servicediscovery_service_26_0 (servicediscovery_service)) -(typeattributeset servicemanager_26_0 (servicemanager)) -(typeattributeset servicemanager_exec_26_0 (servicemanager_exec)) -(typeattributeset settings_service_26_0 (settings_service)) -(typeattributeset sgdisk_26_0 (sgdisk)) -(typeattributeset sgdisk_exec_26_0 (sgdisk_exec)) -(typeattributeset shared_relro_26_0 (shared_relro)) -(typeattributeset shared_relro_file_26_0 (shared_relro_file)) -(typeattributeset shell_26_0 (shell)) -(typeattributeset shell_data_file_26_0 (shell_data_file)) -(typeattributeset shell_exec_26_0 (shell_exec)) -(typeattributeset shell_prop_26_0 (shell_prop)) -(typeattributeset shm_26_0 (shm)) -(typeattributeset shortcut_manager_icons_26_0 (shortcut_manager_icons)) -(typeattributeset shortcut_service_26_0 (shortcut_service)) -(typeattributeset slideshow_26_0 (slideshow)) -(typeattributeset socket_device_26_0 (socket_device)) -(typeattributeset sockfs_26_0 (sockfs)) -(typeattributeset statusbar_service_26_0 (statusbar_service)) -(typeattributeset storaged_service_26_0 (storaged_service)) -(typeattributeset storage_file_26_0 (storage_file)) -(typeattributeset storagestats_service_26_0 (storagestats_service)) -(typeattributeset storage_stub_file_26_0 (storage_stub_file)) -(typeattributeset su_26_0 (su)) -(typeattributeset su_exec_26_0 (su_exec)) -(typeattributeset surfaceflinger_26_0 (surfaceflinger)) -(typeattributeset surfaceflinger_service_26_0 (surfaceflinger_service)) -(typeattributeset swap_block_device_26_0 (swap_block_device)) -(typeattributeset sysfs_26_0 - ( sysfs - sysfs_android_usb - sysfs_dm - sysfs_dt_firmware_android - sysfs_ipv4 - sysfs_kernel_notes - sysfs_loop - sysfs_net - sysfs_power - sysfs_rtc - sysfs_switch - sysfs_wakeup_reasons)) -(typeattributeset sysfs_batteryinfo_26_0 (sysfs_batteryinfo)) -(typeattributeset sysfs_bluetooth_writable_26_0 (sysfs_bluetooth_writable)) -(typeattributeset sysfs_devices_system_cpu_26_0 (sysfs_devices_system_cpu)) -(typeattributeset sysfs_hwrandom_26_0 (sysfs_hwrandom)) -(typeattributeset sysfs_leds_26_0 (sysfs_leds)) -(typeattributeset sysfs_lowmemorykiller_26_0 (sysfs_lowmemorykiller)) -(typeattributeset sysfs_mac_address_26_0 (sysfs_mac_address)) -(typeattributeset sysfs_nfc_power_writable_26_0 (sysfs_nfc_power_writable)) -(typeattributeset sysfs_thermal_26_0 (sysfs_thermal)) -(typeattributeset sysfs_uio_26_0 (sysfs_uio)) -(typeattributeset sysfs_usb_26_0 (sysfs_usb)) -(typeattributeset sysfs_vibrator_26_0 (sysfs_vibrator)) -(typeattributeset sysfs_wake_lock_26_0 (sysfs_wake_lock)) -(typeattributeset sysfs_wlan_fwpath_26_0 (sysfs_wlan_fwpath)) -(typeattributeset sysfs_zram_26_0 (sysfs_zram)) -(typeattributeset sysfs_zram_uevent_26_0 (sysfs_zram_uevent)) -(typeattributeset system_app_26_0 (system_app)) -(typeattributeset system_app_data_file_26_0 (system_app_data_file)) -(typeattributeset system_app_service_26_0 (system_app_service)) -(typeattributeset system_block_device_26_0 (system_block_device)) -(typeattributeset system_data_file_26_0 - ( system_data_file - dropbox_data_file - vendor_data_file)) -(typeattributeset system_file_26_0 - ( system_file - system_lib_file - system_linker_config_file - system_linker_exec - system_seccomp_policy_file - system_security_cacerts_file - system_zoneinfo_file -)) -(typeattributeset systemkeys_data_file_26_0 (systemkeys_data_file)) -(typeattributeset system_ndebug_socket_26_0 (system_ndebug_socket)) -(typeattributeset system_prop_26_0 (system_prop)) -(typeattributeset system_radio_prop_26_0 (system_radio_prop)) -(typeattributeset system_server_26_0 (system_server)) -(typeattributeset system_wifi_keystore_hwservice_26_0 (system_wifi_keystore_hwservice)) -(typeattributeset system_wpa_socket_26_0 (system_wpa_socket)) -(typeattributeset task_service_26_0 (task_service)) -(typeattributeset tee_26_0 (tee)) -(typeattributeset tee_data_file_26_0 (tee_data_file)) -(typeattributeset tee_device_26_0 (tee_device)) -(typeattributeset telecom_service_26_0 (telecom_service)) -(typeattributeset textclassification_service_26_0 (textclassification_service)) -(typeattributeset textclassifier_data_file_26_0 (textclassifier_data_file)) -(typeattributeset textservices_service_26_0 (textservices_service)) -(typeattributeset tmpfs_26_0 (tmpfs)) -(typeattributeset tombstoned_26_0 (tombstoned)) -(typeattributeset tombstone_data_file_26_0 (tombstone_data_file)) -(typeattributeset tombstoned_crash_socket_26_0 (tombstoned_crash_socket)) -(typeattributeset tombstoned_exec_26_0 (tombstoned_exec)) -(typeattributeset tombstoned_intercept_socket_26_0 (tombstoned_intercept_socket)) -(typeattributeset toolbox_26_0 (toolbox)) -(typeattributeset toolbox_exec_26_0 (toolbox_exec)) -(typeattributeset tracing_shell_writable_26_0 (debugfs_tracing tracing_shell_writable)) -(typeattributeset tracing_shell_writable_debug_26_0 (debugfs_tracing_debug tracing_shell_writable_debug)) -(typeattributeset trust_service_26_0 (trust_service)) -(typeattributeset tty_device_26_0 (tty_device)) -(typeattributeset tun_device_26_0 (tun_device)) -(typeattributeset tv_input_service_26_0 (tv_input_service)) -(typeattributeset tzdatacheck_26_0 (tzdatacheck)) -(typeattributeset tzdatacheck_exec_26_0 (tzdatacheck_exec)) -(typeattributeset ueventd_26_0 (ueventd)) -(typeattributeset uhid_device_26_0 (uhid_device)) -(typeattributeset uimode_service_26_0 (uimode_service)) -(typeattributeset uio_device_26_0 (uio_device)) -(typeattributeset uncrypt_26_0 (uncrypt)) -(typeattributeset uncrypt_exec_26_0 (uncrypt_exec)) -(typeattributeset uncrypt_socket_26_0 (uncrypt_socket)) -(typeattributeset unencrypted_data_file_26_0 (unencrypted_data_file)) -(typeattributeset unlabeled_26_0 (unlabeled)) -(typeattributeset untrusted_app_25_26_0 (untrusted_app_25)) -(typeattributeset untrusted_app_26_0 - ( untrusted_app - untrusted_app_27)) -(typeattributeset untrusted_v2_app_26_0 (untrusted_v2_app)) -(typeattributeset update_engine_26_0 (update_engine)) -(typeattributeset update_engine_data_file_26_0 (update_engine_data_file)) -(typeattributeset update_engine_exec_26_0 (update_engine_exec)) -(typeattributeset update_engine_service_26_0 (update_engine_service)) -(typeattributeset updatelock_service_26_0 (updatelock_service)) -(typeattributeset update_verifier_26_0 (update_verifier)) -(typeattributeset update_verifier_exec_26_0 (update_verifier_exec)) -(typeattributeset usagestats_service_26_0 (usagestats_service)) -(typeattributeset usbaccessory_device_26_0 (usbaccessory_device)) -(typeattributeset usb_device_26_0 (usb_device)) -(typeattributeset usbfs_26_0 (usbfs)) -(typeattributeset usb_service_26_0 (usb_service)) -(typeattributeset userdata_block_device_26_0 (userdata_block_device)) -(typeattributeset usermodehelper_26_0 (sysfs_usermodehelper usermodehelper)) -(typeattributeset user_profile_data_file_26_0 (user_profile_data_file)) -(typeattributeset user_service_26_0 (user_service)) -(typeattributeset vcs_device_26_0 (vcs_device)) -(typeattributeset vdc_26_0 (vdc)) -(typeattributeset vdc_exec_26_0 (vdc_exec)) -(typeattributeset vendor_app_file_26_0 (vendor_app_file)) -(typeattributeset vendor_configs_file_26_0 (vendor_configs_file)) -(typeattributeset vendor_file_26_0 (vendor_file)) -(typeattributeset vendor_framework_file_26_0 (vendor_framework_file)) -(typeattributeset vendor_hal_file_26_0 (vendor_hal_file)) -(typeattributeset vendor_overlay_file_26_0 (vendor_overlay_file)) -(typeattributeset vendor_shell_exec_26_0 (vendor_shell_exec)) -(typeattributeset vendor_toolbox_exec_26_0 (vendor_toolbox_exec)) -(typeattributeset vfat_26_0 (vfat)) -(typeattributeset vibrator_service_26_0 (vibrator_service)) -(typeattributeset video_device_26_0 (video_device)) -(typeattributeset virtual_touchpad_26_0 (virtual_touchpad)) -(typeattributeset virtual_touchpad_exec_26_0 (virtual_touchpad_exec)) -(typeattributeset virtual_touchpad_service_26_0 (virtual_touchpad_service)) -(typeattributeset vndbinder_device_26_0 (vndbinder_device)) -(typeattributeset vndk_sp_file_26_0 (vndk_sp_file)) -(typeattributeset vndservice_contexts_file_26_0 (vndservice_contexts_file)) -(typeattributeset vndservicemanager_26_0 (vndservicemanager)) -(typeattributeset voiceinteraction_service_26_0 (voiceinteraction_service)) -(typeattributeset vold_26_0 (vold)) -(typeattributeset vold_data_file_26_0 (vold_data_file)) -(typeattributeset vold_device_26_0 (vold_device)) -(typeattributeset vold_exec_26_0 (vold_exec)) -(typeattributeset vold_prop_26_0 (vold_prop)) -(typeattributeset vold_socket_26_0 (vold_socket)) -(typeattributeset vpn_data_file_26_0 (vpn_data_file)) -(typeattributeset vr_hwc_26_0 (vr_hwc)) -(typeattributeset vr_hwc_exec_26_0 (vr_hwc_exec)) -(typeattributeset vr_hwc_service_26_0 (vr_hwc_service)) -(typeattributeset vr_manager_service_26_0 (vr_manager_service)) -(typeattributeset wallpaper_file_26_0 (wallpaper_file)) -(typeattributeset wallpaper_service_26_0 (wallpaper_service)) -(typeattributeset watchdogd_26_0 (watchdogd)) -(typeattributeset watchdog_device_26_0 (watchdog_device)) -(typeattributeset webviewupdate_service_26_0 (webviewupdate_service)) -(typeattributeset webview_zygote_26_0 (webview_zygote)) -(typeattributeset webview_zygote_exec_26_0 (webview_zygote_exec)) -(typeattributeset webview_zygote_socket_26_0 (webview_zygote_socket)) -(typeattributeset wifiaware_service_26_0 (wifiaware_service)) -(typeattributeset wificond_26_0 (wificond)) -(typeattributeset wificond_exec_26_0 (wificond_exec)) -(typeattributeset wificond_service_26_0 (wificond_service)) -(typeattributeset wifi_data_file_26_0 (wifi_data_file)) -(typeattributeset wifi_log_prop_26_0 (wifi_log_prop)) -(typeattributeset wifip2p_service_26_0 (wifip2p_service)) -(typeattributeset wifi_prop_26_0 (wifi_prop)) -(typeattributeset wifiscanner_service_26_0 (wifiscanner_service)) -(typeattributeset wifi_service_26_0 (wifi_service)) -(typeattributeset window_service_26_0 (window_service)) -(typeattributeset wpa_socket_26_0 (wpa_socket)) -(typeattributeset zero_device_26_0 (zero_device)) -(typeattributeset zoneinfo_data_file_26_0 (zoneinfo_data_file)) -(typeattributeset zygote_26_0 (zygote)) -(typeattributeset zygote_exec_26_0 (zygote_exec)) -(typeattributeset zygote_socket_26_0 (zygote_socket)) diff --git a/prebuilts/api/29.0/private/compat/26.0/26.0.compat.cil b/prebuilts/api/29.0/private/compat/26.0/26.0.compat.cil deleted file mode 100644 index 9031d15c7..000000000 --- a/prebuilts/api/29.0/private/compat/26.0/26.0.compat.cil +++ /dev/null @@ -1,4 +0,0 @@ -(typeattribute vendordomain) -(typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) -(allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff)))) -(allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff)))) diff --git a/prebuilts/api/29.0/private/compat/26.0/26.0.ignore.cil b/prebuilts/api/29.0/private/compat/26.0/26.0.ignore.cil deleted file mode 100644 index 3c6ba08b2..000000000 --- a/prebuilts/api/29.0/private/compat/26.0/26.0.ignore.cil +++ /dev/null @@ -1,224 +0,0 @@ -;; new_objects - a collection of types that have been introduced that have no -;; analogue in older policy. Thus, we do not need to map these types to -;; previous ones. Add here to pass checkapi tests. -(type new_objects) -(typeattribute new_objects) -(typeattributeset new_objects - ( new_objects - activity_task_service - adb_service - adbd_exec - app_binding_service - apex_data_file - apex_metadata_file - apex_mnt_dir - apex_service - apexd - apexd_exec - apexd_prop - apexd_tmpfs - app_zygote - atrace - binder_calls_stats_service - biometric_service - bootloader_boot_reason_prop - blank_screen - blank_screen_exec - blank_screen_tmpfs - bluetooth_a2dp_offload_prop - bpfloader - bpfloader_exec - broadcastradio_service - cgroup_bpf - charger_exec - color_display_service - content_capture_service - crossprofileapps_service - ctl_interface_restart_prop - ctl_interface_start_prop - ctl_interface_stop_prop - ctl_sigstop_prop - device_config_boot_count_prop - device_config_reset_performed_prop - device_config_netd_native_prop - dnsresolver_service - e2fs - e2fs_exec - exfat - exported_audio_prop - exported_bluetooth_prop - exported_config_prop - exported_dalvik_prop - exported_default_prop - exported_dumpstate_prop - exported_ffs_prop - exported_fingerprint_prop - exported_overlay_prop - exported_pm_prop - exported_radio_prop - exported_secure_prop - exported_system_prop - exported_system_radio_prop - exported_vold_prop - exported_wifi_prop - exported2_config_prop - exported2_default_prop - exported2_radio_prop - exported2_system_prop - exported2_vold_prop - exported3_default_prop - exported3_radio_prop - exported3_system_prop - fastbootd - fingerprint_vendor_data_file - flags_health_check - flags_health_check_exec - fs_bpf - fwk_stats_hwservice - hal_atrace_hwservice - hal_audiocontrol_hwservice - hal_authsecret_hwservice - hal_broadcastradio_hwservice - hal_cas_hwservice - hal_codec2_hwservice - hal_confirmationui_hwservice - hal_evs_hwservice - hal_health_storage_hwservice - hal_lowpan_hwservice - hal_neuralnetworks_hwservice - hal_secure_element_hwservice - hal_tetheroffload_hwservice - hal_wifi_hostapd_hwservice - hal_usb_gadget_hwservice - hal_vehicle_hwservice - hal_wifi_offload_hwservice - heapprofd - heapprofd_exec - heapprofd_socket - incident_helper - incident_helper_exec - iorapd - iorapd_data_file - iorapd_exec - iorapd_service - iorapd_tmpfs - kmsg_debug_device - last_boot_reason_prop - llkd - llkd_exec - llkd_prop - llkd_tmpfs - looper_stats_service - lowpan_device - lowpan_prop - lowpan_service - mediaswcodec - mediaswcodec_exec - mediaswcodec_tmpfs - mediaextractor_update_service - mediaprovider_tmpfs - metadata_file - mnt_product_file - mnt_vendor_file - netd_stable_secret_prop - network_stack - network_stack_service - network_watchlist_data_file - network_watchlist_service - overlayfs_file - package_native_service - perfetto - perfetto_exec - perfetto_tmpfs - perfetto_traces_data_file - perfprofd_service - property_info - recovery_socket - role_service - runas_app - runtime_service - secure_element - secure_element_device - secure_element_tmpfs - secure_element_service - server_configurable_flags_data_file - simpleperf_app_runner - simpleperf_app_runner_exec - slice_service - staging_data_file - stats - stats_data_file - stats_exec - stats_service - statsd - statsd_exec - statsd_tmpfs - statsdw - statsdw_socket - statscompanion_service - storaged_data_file - super_block_device - sysfs_fs_ext4_features - system_boot_reason_prop - system_bootstrap_lib_file - system_lmk_prop - system_net_netd_hwservice - system_update_service - test_boot_reason_prop - thermal_service - thermalcallback_hwservice - thermalserviced - thermalserviced_exec - thermalserviced_tmpfs - time_prop - timedetector_service - timezone_service - tombstoned_java_trace_socket - tombstone_wifi_data_file - trace_data_file - traceur_app - traceur_app_tmpfs - traced - traced_consumer_socket - traced_enabled_prop - traced_exec - traced_probes - traced_probes_exec - traced_probes_tmpfs - traced_producer_socket - traced_tmpfs - untrusted_app_all_devpts - update_engine_log_data_file - vendor_default_prop - vendor_security_patch_level_prop - uri_grants_service - usbd - usbd_exec - usbd_tmpfs - vendor_apex_file - vendor_init - vendor_shell - vold_metadata_file - vold_prepare_subdirs - vold_prepare_subdirs_exec - vold_service - vrflinger_vsync_service - wait_for_keymaster - wait_for_keymaster_exec - wait_for_keymaster_tmpfs - watchdogd_tmpfs - wpantund - wpantund_exec - wpantund_service - wpantund_tmpfs - wm_trace_data_file)) - -;; private_objects - a collection of types that were labeled differently in -;; older policy, but that should not remain accessible to vendor policy. -;; Thus, these types are also not mapped, but recorded for checkapi tests -(type priv_objects) -(typeattribute priv_objects) -(typeattributeset priv_objects - ( priv_objects - adbd_tmpfs - untrusted_app_27_tmpfs)) diff --git a/prebuilts/api/29.0/private/compat/27.0/27.0.cil b/prebuilts/api/29.0/private/compat/27.0/27.0.cil deleted file mode 100644 index 8bc2ca6ea..000000000 --- a/prebuilts/api/29.0/private/compat/27.0/27.0.cil +++ /dev/null @@ -1,1505 +0,0 @@ -;; types removed from current policy -(type commontime_management_service) -(type mediacodec) -(type mediacodec_exec) -(type qtaguid_proc) -(type reboot_data_file) -(type vold_socket) -(type rild) -(type untrusted_v2_app) -(type webview_zygote_socket) - -(expandtypeattribute (accessibility_service_27_0) true) -(expandtypeattribute (account_service_27_0) true) -(expandtypeattribute (activity_service_27_0) true) -(expandtypeattribute (adbd_27_0) true) -(expandtypeattribute (adb_data_file_27_0) true) -(expandtypeattribute (adbd_exec_27_0) true) -(expandtypeattribute (adbd_socket_27_0) true) -(expandtypeattribute (adb_keys_file_27_0) true) -(expandtypeattribute (alarm_device_27_0) true) -(expandtypeattribute (alarm_service_27_0) true) -(expandtypeattribute (anr_data_file_27_0) true) -(expandtypeattribute (apk_data_file_27_0) true) -(expandtypeattribute (apk_private_data_file_27_0) true) -(expandtypeattribute (apk_private_tmp_file_27_0) true) -(expandtypeattribute (apk_tmp_file_27_0) true) -(expandtypeattribute (app_data_file_27_0) true) -(expandtypeattribute (app_fuse_file_27_0) true) -(expandtypeattribute (app_fusefs_27_0) true) -(expandtypeattribute (appops_service_27_0) true) -(expandtypeattribute (appwidget_service_27_0) true) -(expandtypeattribute (asec_apk_file_27_0) true) -(expandtypeattribute (asec_image_file_27_0) true) -(expandtypeattribute (asec_public_file_27_0) true) -(expandtypeattribute (ashmem_device_27_0) true) -(expandtypeattribute (assetatlas_service_27_0) true) -(expandtypeattribute (audio_data_file_27_0) true) -(expandtypeattribute (audio_device_27_0) true) -(expandtypeattribute (audiohal_data_file_27_0) true) -(expandtypeattribute (audio_prop_27_0) true) -(expandtypeattribute (audio_seq_device_27_0) true) -(expandtypeattribute (audioserver_27_0) true) -(expandtypeattribute (audioserver_data_file_27_0) true) -(expandtypeattribute (audioserver_service_27_0) true) -(expandtypeattribute (audio_service_27_0) true) -(expandtypeattribute (audio_timer_device_27_0) true) -(expandtypeattribute (autofill_service_27_0) true) -(expandtypeattribute (backup_data_file_27_0) true) -(expandtypeattribute (backup_service_27_0) true) -(expandtypeattribute (batteryproperties_service_27_0) true) -(expandtypeattribute (battery_service_27_0) true) -(expandtypeattribute (batterystats_service_27_0) true) -(expandtypeattribute (binder_device_27_0) true) -(expandtypeattribute (binfmt_miscfs_27_0) true) -(expandtypeattribute (blkid_27_0) true) -(expandtypeattribute (blkid_untrusted_27_0) true) -(expandtypeattribute (block_device_27_0) true) -(expandtypeattribute (bluetooth_27_0) true) -(expandtypeattribute (bluetooth_data_file_27_0) true) -(expandtypeattribute (bluetooth_efs_file_27_0) true) -(expandtypeattribute (bluetooth_logs_data_file_27_0) true) -(expandtypeattribute (bluetooth_manager_service_27_0) true) -(expandtypeattribute (bluetooth_prop_27_0) true) -(expandtypeattribute (bluetooth_service_27_0) true) -(expandtypeattribute (bluetooth_socket_27_0) true) -(expandtypeattribute (bootanim_27_0) true) -(expandtypeattribute (bootanim_exec_27_0) true) -(expandtypeattribute (boot_block_device_27_0) true) -(expandtypeattribute (bootchart_data_file_27_0) true) -(expandtypeattribute (bootstat_27_0) true) -(expandtypeattribute (bootstat_data_file_27_0) true) -(expandtypeattribute (bootstat_exec_27_0) true) -(expandtypeattribute (boottime_prop_27_0) true) -(expandtypeattribute (boottrace_data_file_27_0) true) -(expandtypeattribute (broadcastradio_service_27_0) true) -(expandtypeattribute (bufferhubd_27_0) true) -(expandtypeattribute (bufferhubd_exec_27_0) true) -(expandtypeattribute (cache_backup_file_27_0) true) -(expandtypeattribute (cache_block_device_27_0) true) -(expandtypeattribute (cache_file_27_0) true) -(expandtypeattribute (cache_private_backup_file_27_0) true) -(expandtypeattribute (cache_recovery_file_27_0) true) -(expandtypeattribute (camera_data_file_27_0) true) -(expandtypeattribute (camera_device_27_0) true) -(expandtypeattribute (cameraproxy_service_27_0) true) -(expandtypeattribute (cameraserver_27_0) true) -(expandtypeattribute (cameraserver_exec_27_0) true) -(expandtypeattribute (cameraserver_service_27_0) true) -(expandtypeattribute (cgroup_27_0) true) -(expandtypeattribute (charger_27_0) true) -(expandtypeattribute (clatd_27_0) true) -(expandtypeattribute (clatd_exec_27_0) true) -(expandtypeattribute (clipboard_service_27_0) true) -(expandtypeattribute (commontime_management_service_27_0) true) -(expandtypeattribute (companion_device_service_27_0) true) -(expandtypeattribute (configfs_27_0) true) -(expandtypeattribute (config_prop_27_0) true) -(expandtypeattribute (connectivity_service_27_0) true) -(expandtypeattribute (connmetrics_service_27_0) true) -(expandtypeattribute (console_device_27_0) true) -(expandtypeattribute (consumer_ir_service_27_0) true) -(expandtypeattribute (content_service_27_0) true) -(expandtypeattribute (contexthub_service_27_0) true) -(expandtypeattribute (coredump_file_27_0) true) -(expandtypeattribute (country_detector_service_27_0) true) -(expandtypeattribute (coverage_service_27_0) true) -(expandtypeattribute (cppreopt_prop_27_0) true) -(expandtypeattribute (cppreopts_27_0) true) -(expandtypeattribute (cppreopts_exec_27_0) true) -(expandtypeattribute (cpuctl_device_27_0) true) -(expandtypeattribute (cpuinfo_service_27_0) true) -(expandtypeattribute (crash_dump_27_0) true) -(expandtypeattribute (crash_dump_exec_27_0) true) -(expandtypeattribute (ctl_bootanim_prop_27_0) true) -(expandtypeattribute (ctl_bugreport_prop_27_0) true) -(expandtypeattribute (ctl_console_prop_27_0) true) -(expandtypeattribute (ctl_default_prop_27_0) true) -(expandtypeattribute (ctl_dumpstate_prop_27_0) true) -(expandtypeattribute (ctl_fuse_prop_27_0) true) -(expandtypeattribute (ctl_mdnsd_prop_27_0) true) -(expandtypeattribute (ctl_rildaemon_prop_27_0) true) -(expandtypeattribute (dalvikcache_data_file_27_0) true) -(expandtypeattribute (dalvik_prop_27_0) true) -(expandtypeattribute (dbinfo_service_27_0) true) -(expandtypeattribute (debugfs_27_0) true) -(expandtypeattribute (debugfs_mmc_27_0) true) -(expandtypeattribute (debugfs_trace_marker_27_0) true) -(expandtypeattribute (debugfs_tracing_27_0) true) -(expandtypeattribute (debugfs_tracing_debug_27_0) true) -(expandtypeattribute (debugfs_tracing_instances_27_0) true) -(expandtypeattribute (debugfs_wifi_tracing_27_0) true) -(expandtypeattribute (debuggerd_prop_27_0) true) -(expandtypeattribute (debug_prop_27_0) true) -(expandtypeattribute (default_android_hwservice_27_0) true) -(expandtypeattribute (default_android_service_27_0) true) -(expandtypeattribute (default_android_vndservice_27_0) true) -(expandtypeattribute (default_prop_27_0) true) -(expandtypeattribute (device_27_0) true) -(expandtypeattribute (device_identifiers_service_27_0) true) -(expandtypeattribute (deviceidle_service_27_0) true) -(expandtypeattribute (device_logging_prop_27_0) true) -(expandtypeattribute (device_policy_service_27_0) true) -(expandtypeattribute (devicestoragemonitor_service_27_0) true) -(expandtypeattribute (devpts_27_0) true) -(expandtypeattribute (dex2oat_27_0) true) -(expandtypeattribute (dex2oat_exec_27_0) true) -(expandtypeattribute (dhcp_27_0) true) -(expandtypeattribute (dhcp_data_file_27_0) true) -(expandtypeattribute (dhcp_exec_27_0) true) -(expandtypeattribute (dhcp_prop_27_0) true) -(expandtypeattribute (diskstats_service_27_0) true) -(expandtypeattribute (display_service_27_0) true) -(expandtypeattribute (dm_device_27_0) true) -(expandtypeattribute (dnsmasq_27_0) true) -(expandtypeattribute (dnsmasq_exec_27_0) true) -(expandtypeattribute (dnsproxyd_socket_27_0) true) -(expandtypeattribute (DockObserver_service_27_0) true) -(expandtypeattribute (dreams_service_27_0) true) -(expandtypeattribute (drm_data_file_27_0) true) -(expandtypeattribute (drmserver_27_0) true) -(expandtypeattribute (drmserver_exec_27_0) true) -(expandtypeattribute (drmserver_service_27_0) true) -(expandtypeattribute (drmserver_socket_27_0) true) -(expandtypeattribute (dropbox_service_27_0) true) -(expandtypeattribute (dumpstate_27_0) true) -(expandtypeattribute (dumpstate_exec_27_0) true) -(expandtypeattribute (dumpstate_options_prop_27_0) true) -(expandtypeattribute (dumpstate_prop_27_0) true) -(expandtypeattribute (dumpstate_service_27_0) true) -(expandtypeattribute (dumpstate_socket_27_0) true) -(expandtypeattribute (e2fs_27_0) true) -(expandtypeattribute (e2fs_exec_27_0) true) -(expandtypeattribute (efs_file_27_0) true) -(expandtypeattribute (ephemeral_app_27_0) true) -(expandtypeattribute (ethernet_service_27_0) true) -(expandtypeattribute (ffs_prop_27_0) true) -(expandtypeattribute (file_contexts_file_27_0) true) -(expandtypeattribute (fingerprintd_27_0) true) -(expandtypeattribute (fingerprintd_data_file_27_0) true) -(expandtypeattribute (fingerprintd_exec_27_0) true) -(expandtypeattribute (fingerprintd_service_27_0) true) -(expandtypeattribute (fingerprint_prop_27_0) true) -(expandtypeattribute (fingerprint_service_27_0) true) -(expandtypeattribute (firstboot_prop_27_0) true) -(expandtypeattribute (font_service_27_0) true) -(expandtypeattribute (frp_block_device_27_0) true) -(expandtypeattribute (fsck_27_0) true) -(expandtypeattribute (fsck_exec_27_0) true) -(expandtypeattribute (fscklogs_27_0) true) -(expandtypeattribute (fsck_untrusted_27_0) true) -(expandtypeattribute (full_device_27_0) true) -(expandtypeattribute (functionfs_27_0) true) -(expandtypeattribute (fuse_27_0) true) -(expandtypeattribute (fuse_device_27_0) true) -(expandtypeattribute (fwk_display_hwservice_27_0) true) -(expandtypeattribute (fwk_scheduler_hwservice_27_0) true) -(expandtypeattribute (fwk_sensor_hwservice_27_0) true) -(expandtypeattribute (fwmarkd_socket_27_0) true) -(expandtypeattribute (gatekeeperd_27_0) true) -(expandtypeattribute (gatekeeper_data_file_27_0) true) -(expandtypeattribute (gatekeeperd_exec_27_0) true) -(expandtypeattribute (gatekeeper_service_27_0) true) -(expandtypeattribute (gfxinfo_service_27_0) true) -(expandtypeattribute (gps_control_27_0) true) -(expandtypeattribute (gpu_device_27_0) true) -(expandtypeattribute (gpu_service_27_0) true) -(expandtypeattribute (graphics_device_27_0) true) -(expandtypeattribute (graphicsstats_service_27_0) true) -(expandtypeattribute (hal_audio_hwservice_27_0) true) -(expandtypeattribute (hal_bluetooth_hwservice_27_0) true) -(expandtypeattribute (hal_bootctl_hwservice_27_0) true) -(expandtypeattribute (hal_broadcastradio_hwservice_27_0) true) -(expandtypeattribute (hal_camera_hwservice_27_0) true) -(expandtypeattribute (hal_cas_hwservice_27_0) true) -(expandtypeattribute (hal_configstore_ISurfaceFlingerConfigs_27_0) true) -(expandtypeattribute (hal_contexthub_hwservice_27_0) true) -(expandtypeattribute (hal_drm_hwservice_27_0) true) -(expandtypeattribute (hal_dumpstate_hwservice_27_0) true) -(expandtypeattribute (hal_fingerprint_hwservice_27_0) true) -(expandtypeattribute (hal_fingerprint_service_27_0) true) -(expandtypeattribute (hal_gatekeeper_hwservice_27_0) true) -(expandtypeattribute (hal_gnss_hwservice_27_0) true) -(expandtypeattribute (hal_graphics_allocator_hwservice_27_0) true) -(expandtypeattribute (hal_graphics_composer_hwservice_27_0) true) -(expandtypeattribute (hal_graphics_mapper_hwservice_27_0) true) -(expandtypeattribute (hal_health_hwservice_27_0) true) -(expandtypeattribute (hal_ir_hwservice_27_0) true) -(expandtypeattribute (hal_keymaster_hwservice_27_0) true) -(expandtypeattribute (hal_light_hwservice_27_0) true) -(expandtypeattribute (hal_memtrack_hwservice_27_0) true) -(expandtypeattribute (hal_neuralnetworks_hwservice_27_0) true) -(expandtypeattribute (hal_nfc_hwservice_27_0) true) -(expandtypeattribute (hal_oemlock_hwservice_27_0) true) -(expandtypeattribute (hal_omx_hwservice_27_0) true) -(expandtypeattribute (hal_power_hwservice_27_0) true) -(expandtypeattribute (hal_renderscript_hwservice_27_0) true) -(expandtypeattribute (hal_sensors_hwservice_27_0) true) -(expandtypeattribute (hal_telephony_hwservice_27_0) true) -(expandtypeattribute (hal_tetheroffload_hwservice_27_0) true) -(expandtypeattribute (hal_thermal_hwservice_27_0) true) -(expandtypeattribute (hal_tv_cec_hwservice_27_0) true) -(expandtypeattribute (hal_tv_input_hwservice_27_0) true) -(expandtypeattribute (hal_usb_hwservice_27_0) true) -(expandtypeattribute (hal_vibrator_hwservice_27_0) true) -(expandtypeattribute (hal_vr_hwservice_27_0) true) -(expandtypeattribute (hal_weaver_hwservice_27_0) true) -(expandtypeattribute (hal_wifi_hwservice_27_0) true) -(expandtypeattribute (hal_wifi_offload_hwservice_27_0) true) -(expandtypeattribute (hal_wifi_supplicant_hwservice_27_0) true) -(expandtypeattribute (hardware_properties_service_27_0) true) -(expandtypeattribute (hardware_service_27_0) true) -(expandtypeattribute (hci_attach_dev_27_0) true) -(expandtypeattribute (hdmi_control_service_27_0) true) -(expandtypeattribute (healthd_27_0) true) -(expandtypeattribute (healthd_exec_27_0) true) -(expandtypeattribute (heapdump_data_file_27_0) true) -(expandtypeattribute (hidl_allocator_hwservice_27_0) true) -(expandtypeattribute (hidl_base_hwservice_27_0) true) -(expandtypeattribute (hidl_manager_hwservice_27_0) true) -(expandtypeattribute (hidl_memory_hwservice_27_0) true) -(expandtypeattribute (hidl_token_hwservice_27_0) true) -(expandtypeattribute (hwbinder_device_27_0) true) -(expandtypeattribute (hw_random_device_27_0) true) -(expandtypeattribute (hwservice_contexts_file_27_0) true) -(expandtypeattribute (hwservicemanager_27_0) true) -(expandtypeattribute (hwservicemanager_exec_27_0) true) -(expandtypeattribute (hwservicemanager_prop_27_0) true) -(expandtypeattribute (i2c_device_27_0) true) -(expandtypeattribute (icon_file_27_0) true) -(expandtypeattribute (idmap_27_0) true) -(expandtypeattribute (idmap_exec_27_0) true) -(expandtypeattribute (iio_device_27_0) true) -(expandtypeattribute (imms_service_27_0) true) -(expandtypeattribute (incident_27_0) true) -(expandtypeattribute (incidentd_27_0) true) -(expandtypeattribute (incident_data_file_27_0) true) -(expandtypeattribute (incident_service_27_0) true) -(expandtypeattribute (init_27_0) true) -(expandtypeattribute (init_exec_27_0) true) -(expandtypeattribute (inotify_27_0) true) -(expandtypeattribute (input_device_27_0) true) -(expandtypeattribute (inputflinger_27_0) true) -(expandtypeattribute (inputflinger_exec_27_0) true) -(expandtypeattribute (inputflinger_service_27_0) true) -(expandtypeattribute (input_method_service_27_0) true) -(expandtypeattribute (input_service_27_0) true) -(expandtypeattribute (installd_27_0) true) -(expandtypeattribute (install_data_file_27_0) true) -(expandtypeattribute (installd_exec_27_0) true) -(expandtypeattribute (installd_service_27_0) true) -(expandtypeattribute (install_recovery_27_0) true) -(expandtypeattribute (install_recovery_exec_27_0) true) -(expandtypeattribute (ion_device_27_0) true) -(expandtypeattribute (IProxyService_service_27_0) true) -(expandtypeattribute (ipsec_service_27_0) true) -(expandtypeattribute (isolated_app_27_0) true) -(expandtypeattribute (jobscheduler_service_27_0) true) -(expandtypeattribute (kernel_27_0) true) -(expandtypeattribute (keychain_data_file_27_0) true) -(expandtypeattribute (keychord_device_27_0) true) -(expandtypeattribute (keystore_27_0) true) -(expandtypeattribute (keystore_data_file_27_0) true) -(expandtypeattribute (keystore_exec_27_0) true) -(expandtypeattribute (keystore_service_27_0) true) -(expandtypeattribute (kmem_device_27_0) true) -(expandtypeattribute (kmsg_debug_device_27_0) true) -(expandtypeattribute (kmsg_device_27_0) true) -(expandtypeattribute (labeledfs_27_0) true) -(expandtypeattribute (launcherapps_service_27_0) true) -(expandtypeattribute (lmkd_27_0) true) -(expandtypeattribute (lmkd_exec_27_0) true) -(expandtypeattribute (lmkd_socket_27_0) true) -(expandtypeattribute (location_service_27_0) true) -(expandtypeattribute (lock_settings_service_27_0) true) -(expandtypeattribute (logcat_exec_27_0) true) -(expandtypeattribute (logd_27_0) true) -(expandtypeattribute (logd_exec_27_0) true) -(expandtypeattribute (logd_prop_27_0) true) -(expandtypeattribute (logdr_socket_27_0) true) -(expandtypeattribute (logd_socket_27_0) true) -(expandtypeattribute (logdw_socket_27_0) true) -(expandtypeattribute (logpersist_27_0) true) -(expandtypeattribute (logpersistd_logging_prop_27_0) true) -(expandtypeattribute (log_prop_27_0) true) -(expandtypeattribute (log_tag_prop_27_0) true) -(expandtypeattribute (loop_control_device_27_0) true) -(expandtypeattribute (loop_device_27_0) true) -(expandtypeattribute (mac_perms_file_27_0) true) -(expandtypeattribute (mdnsd_27_0) true) -(expandtypeattribute (mdnsd_socket_27_0) true) -(expandtypeattribute (mdns_socket_27_0) true) -(expandtypeattribute (mediacodec_27_0) true) -(expandtypeattribute (mediacodec_exec_27_0) true) -(expandtypeattribute (mediacodec_service_27_0) true) -(expandtypeattribute (media_data_file_27_0) true) -(expandtypeattribute (mediadrmserver_27_0) true) -(expandtypeattribute (mediadrmserver_exec_27_0) true) -(expandtypeattribute (mediadrmserver_service_27_0) true) -(expandtypeattribute (mediaextractor_27_0) true) -(expandtypeattribute (mediaextractor_exec_27_0) true) -(expandtypeattribute (mediaextractor_service_27_0) true) -(expandtypeattribute (mediametrics_27_0) true) -(expandtypeattribute (mediametrics_exec_27_0) true) -(expandtypeattribute (mediametrics_service_27_0) true) -(expandtypeattribute (media_projection_service_27_0) true) -(expandtypeattribute (mediaprovider_27_0) true) -(expandtypeattribute (media_router_service_27_0) true) -(expandtypeattribute (media_rw_data_file_27_0) true) -(expandtypeattribute (mediaserver_27_0) true) -(expandtypeattribute (mediaserver_exec_27_0) true) -(expandtypeattribute (mediaserver_service_27_0) true) -(expandtypeattribute (media_session_service_27_0) true) -(expandtypeattribute (meminfo_service_27_0) true) -(expandtypeattribute (metadata_block_device_27_0) true) -(expandtypeattribute (method_trace_data_file_27_0) true) -(expandtypeattribute (midi_service_27_0) true) -(expandtypeattribute (misc_block_device_27_0) true) -(expandtypeattribute (misc_logd_file_27_0) true) -(expandtypeattribute (misc_user_data_file_27_0) true) -(expandtypeattribute (mmc_prop_27_0) true) -(expandtypeattribute (mnt_expand_file_27_0) true) -(expandtypeattribute (mnt_media_rw_file_27_0) true) -(expandtypeattribute (mnt_media_rw_stub_file_27_0) true) -(expandtypeattribute (mnt_user_file_27_0) true) -(expandtypeattribute (modprobe_27_0) true) -(expandtypeattribute (mount_service_27_0) true) -(expandtypeattribute (mqueue_27_0) true) -(expandtypeattribute (mtd_device_27_0) true) -(expandtypeattribute (mtp_27_0) true) -(expandtypeattribute (mtp_device_27_0) true) -(expandtypeattribute (mtpd_socket_27_0) true) -(expandtypeattribute (mtp_exec_27_0) true) -(expandtypeattribute (nativetest_data_file_27_0) true) -(expandtypeattribute (netd_27_0) true) -(expandtypeattribute (net_data_file_27_0) true) -(expandtypeattribute (netd_exec_27_0) true) -(expandtypeattribute (netd_listener_service_27_0) true) -(expandtypeattribute (net_dns_prop_27_0) true) -(expandtypeattribute (netd_service_27_0) true) -(expandtypeattribute (netd_socket_27_0) true) -(expandtypeattribute (netd_stable_secret_prop_27_0) true) -(expandtypeattribute (netif_27_0) true) -(expandtypeattribute (netpolicy_service_27_0) true) -(expandtypeattribute (net_radio_prop_27_0) true) -(expandtypeattribute (netstats_service_27_0) true) -(expandtypeattribute (netutils_wrapper_27_0) true) -(expandtypeattribute (netutils_wrapper_exec_27_0) true) -(expandtypeattribute (network_management_service_27_0) true) -(expandtypeattribute (network_score_service_27_0) true) -(expandtypeattribute (network_time_update_service_27_0) true) -(expandtypeattribute (nfc_27_0) true) -(expandtypeattribute (nfc_data_file_27_0) true) -(expandtypeattribute (nfc_device_27_0) true) -(expandtypeattribute (nfc_prop_27_0) true) -(expandtypeattribute (nfc_service_27_0) true) -(expandtypeattribute (node_27_0) true) -(expandtypeattribute (nonplat_service_contexts_file_27_0) true) -(expandtypeattribute (notification_service_27_0) true) -(expandtypeattribute (null_device_27_0) true) -(expandtypeattribute (oemfs_27_0) true) -(expandtypeattribute (oem_lock_service_27_0) true) -(expandtypeattribute (ota_data_file_27_0) true) -(expandtypeattribute (otadexopt_service_27_0) true) -(expandtypeattribute (ota_package_file_27_0) true) -(expandtypeattribute (otapreopt_chroot_27_0) true) -(expandtypeattribute (otapreopt_chroot_exec_27_0) true) -(expandtypeattribute (otapreopt_slot_27_0) true) -(expandtypeattribute (otapreopt_slot_exec_27_0) true) -(expandtypeattribute (overlay_prop_27_0) true) -(expandtypeattribute (overlay_service_27_0) true) -(expandtypeattribute (owntty_device_27_0) true) -(expandtypeattribute (package_native_service_27_0) true) -(expandtypeattribute (package_service_27_0) true) -(expandtypeattribute (pan_result_prop_27_0) true) -(expandtypeattribute (pdx_bufferhub_client_channel_socket_27_0) true) -(expandtypeattribute (pdx_bufferhub_client_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_bufferhub_dir_27_0) true) -(expandtypeattribute (pdx_display_client_channel_socket_27_0) true) -(expandtypeattribute (pdx_display_client_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_display_dir_27_0) true) -(expandtypeattribute (pdx_display_manager_channel_socket_27_0) true) -(expandtypeattribute (pdx_display_manager_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_display_screenshot_channel_socket_27_0) true) -(expandtypeattribute (pdx_display_screenshot_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_display_vsync_channel_socket_27_0) true) -(expandtypeattribute (pdx_display_vsync_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_performance_client_channel_socket_27_0) true) -(expandtypeattribute (pdx_performance_client_endpoint_socket_27_0) true) -(expandtypeattribute (pdx_performance_dir_27_0) true) -(expandtypeattribute (performanced_27_0) true) -(expandtypeattribute (performanced_exec_27_0) true) -(expandtypeattribute (perfprofd_27_0) true) -(expandtypeattribute (perfprofd_data_file_27_0) true) -(expandtypeattribute (perfprofd_exec_27_0) true) -(expandtypeattribute (permission_service_27_0) true) -(expandtypeattribute (persist_debug_prop_27_0) true) -(expandtypeattribute (persistent_data_block_service_27_0) true) -(expandtypeattribute (persistent_properties_ready_prop_27_0) true) -(expandtypeattribute (pinner_service_27_0) true) -(expandtypeattribute (pipefs_27_0) true) -(expandtypeattribute (platform_app_27_0) true) -(expandtypeattribute (pmsg_device_27_0) true) -(expandtypeattribute (port_27_0) true) -(expandtypeattribute (port_device_27_0) true) -(expandtypeattribute (postinstall_27_0) true) -(expandtypeattribute (postinstall_dexopt_27_0) true) -(expandtypeattribute (postinstall_file_27_0) true) -(expandtypeattribute (postinstall_mnt_dir_27_0) true) -(expandtypeattribute (powerctl_prop_27_0) true) -(expandtypeattribute (power_service_27_0) true) -(expandtypeattribute (ppp_27_0) true) -(expandtypeattribute (ppp_device_27_0) true) -(expandtypeattribute (ppp_exec_27_0) true) -(expandtypeattribute (preloads_data_file_27_0) true) -(expandtypeattribute (preloads_media_file_27_0) true) -(expandtypeattribute (preopt2cachename_27_0) true) -(expandtypeattribute (preopt2cachename_exec_27_0) true) -(expandtypeattribute (print_service_27_0) true) -(expandtypeattribute (priv_app_27_0) true) -(expandtypeattribute (proc_27_0) true) -(expandtypeattribute (proc_bluetooth_writable_27_0) true) -(expandtypeattribute (proc_cpuinfo_27_0) true) -(expandtypeattribute (proc_drop_caches_27_0) true) -(expandtypeattribute (processinfo_service_27_0) true) -(expandtypeattribute (proc_interrupts_27_0) true) -(expandtypeattribute (proc_iomem_27_0) true) -(expandtypeattribute (proc_meminfo_27_0) true) -(expandtypeattribute (proc_misc_27_0) true) -(expandtypeattribute (proc_modules_27_0) true) -(expandtypeattribute (proc_net_27_0) true) -(expandtypeattribute (proc_overcommit_memory_27_0) true) -(expandtypeattribute (proc_perf_27_0) true) -(expandtypeattribute (proc_security_27_0) true) -(expandtypeattribute (proc_stat_27_0) true) -(expandtypeattribute (procstats_service_27_0) true) -(expandtypeattribute (proc_sysrq_27_0) true) -(expandtypeattribute (proc_timer_27_0) true) -(expandtypeattribute (proc_tty_drivers_27_0) true) -(expandtypeattribute (proc_uid_cputime_removeuid_27_0) true) -(expandtypeattribute (proc_uid_cputime_showstat_27_0) true) -(expandtypeattribute (proc_uid_io_stats_27_0) true) -(expandtypeattribute (proc_uid_procstat_set_27_0) true) -(expandtypeattribute (proc_uid_time_in_state_27_0) true) -(expandtypeattribute (proc_zoneinfo_27_0) true) -(expandtypeattribute (profman_27_0) true) -(expandtypeattribute (profman_dump_data_file_27_0) true) -(expandtypeattribute (profman_exec_27_0) true) -(expandtypeattribute (properties_device_27_0) true) -(expandtypeattribute (properties_serial_27_0) true) -(expandtypeattribute (property_contexts_file_27_0) true) -(expandtypeattribute (property_data_file_27_0) true) -(expandtypeattribute (property_socket_27_0) true) -(expandtypeattribute (pstorefs_27_0) true) -(expandtypeattribute (ptmx_device_27_0) true) -(expandtypeattribute (qtaguid_device_27_0) true) -(expandtypeattribute (qtaguid_proc_27_0) true) -(expandtypeattribute (racoon_27_0) true) -(expandtypeattribute (racoon_exec_27_0) true) -(expandtypeattribute (racoon_socket_27_0) true) -(expandtypeattribute (radio_27_0) true) -(expandtypeattribute (radio_data_file_27_0) true) -(expandtypeattribute (radio_device_27_0) true) -(expandtypeattribute (radio_prop_27_0) true) -(expandtypeattribute (radio_service_27_0) true) -(expandtypeattribute (ram_device_27_0) true) -(expandtypeattribute (random_device_27_0) true) -(expandtypeattribute (reboot_data_file_27_0) true) -(expandtypeattribute (recovery_27_0) true) -(expandtypeattribute (recovery_block_device_27_0) true) -(expandtypeattribute (recovery_data_file_27_0) true) -(expandtypeattribute (recovery_persist_27_0) true) -(expandtypeattribute (recovery_persist_exec_27_0) true) -(expandtypeattribute (recovery_refresh_27_0) true) -(expandtypeattribute (recovery_refresh_exec_27_0) true) -(expandtypeattribute (recovery_service_27_0) true) -(expandtypeattribute (registry_service_27_0) true) -(expandtypeattribute (resourcecache_data_file_27_0) true) -(expandtypeattribute (restorecon_prop_27_0) true) -(expandtypeattribute (restrictions_service_27_0) true) -(expandtypeattribute (rild_27_0) true) -(expandtypeattribute (rild_debug_socket_27_0) true) -(expandtypeattribute (rild_socket_27_0) true) -(expandtypeattribute (ringtone_file_27_0) true) -(expandtypeattribute (root_block_device_27_0) true) -(expandtypeattribute (rootfs_27_0) true) -(expandtypeattribute (rpmsg_device_27_0) true) -(expandtypeattribute (rtc_device_27_0) true) -(expandtypeattribute (rttmanager_service_27_0) true) -(expandtypeattribute (runas_27_0) true) -(expandtypeattribute (runas_exec_27_0) true) -(expandtypeattribute (runtime_event_log_tags_file_27_0) true) -(expandtypeattribute (safemode_prop_27_0) true) -(expandtypeattribute (same_process_hal_file_27_0) true) -(expandtypeattribute (samplingprofiler_service_27_0) true) -(expandtypeattribute (scheduling_policy_service_27_0) true) -(expandtypeattribute (sdcardd_27_0) true) -(expandtypeattribute (sdcardd_exec_27_0) true) -(expandtypeattribute (sdcardfs_27_0) true) -(expandtypeattribute (seapp_contexts_file_27_0) true) -(expandtypeattribute (search_service_27_0) true) -(expandtypeattribute (sec_key_att_app_id_provider_service_27_0) true) -(expandtypeattribute (selinuxfs_27_0) true) -(expandtypeattribute (sensors_device_27_0) true) -(expandtypeattribute (sensorservice_service_27_0) true) -(expandtypeattribute (sepolicy_file_27_0) true) -(expandtypeattribute (serial_device_27_0) true) -(expandtypeattribute (serialno_prop_27_0) true) -(expandtypeattribute (serial_service_27_0) true) -(expandtypeattribute (service_contexts_file_27_0) true) -(expandtypeattribute (servicediscovery_service_27_0) true) -(expandtypeattribute (servicemanager_27_0) true) -(expandtypeattribute (servicemanager_exec_27_0) true) -(expandtypeattribute (settings_service_27_0) true) -(expandtypeattribute (sgdisk_27_0) true) -(expandtypeattribute (sgdisk_exec_27_0) true) -(expandtypeattribute (shared_relro_27_0) true) -(expandtypeattribute (shared_relro_file_27_0) true) -(expandtypeattribute (shell_27_0) true) -(expandtypeattribute (shell_data_file_27_0) true) -(expandtypeattribute (shell_exec_27_0) true) -(expandtypeattribute (shell_prop_27_0) true) -(expandtypeattribute (shm_27_0) true) -(expandtypeattribute (shortcut_manager_icons_27_0) true) -(expandtypeattribute (shortcut_service_27_0) true) -(expandtypeattribute (slideshow_27_0) true) -(expandtypeattribute (socket_device_27_0) true) -(expandtypeattribute (sockfs_27_0) true) -(expandtypeattribute (statusbar_service_27_0) true) -(expandtypeattribute (storaged_service_27_0) true) -(expandtypeattribute (storage_file_27_0) true) -(expandtypeattribute (storagestats_service_27_0) true) -(expandtypeattribute (storage_stub_file_27_0) true) -(expandtypeattribute (su_27_0) true) -(expandtypeattribute (su_exec_27_0) true) -(expandtypeattribute (surfaceflinger_27_0) true) -(expandtypeattribute (surfaceflinger_service_27_0) true) -(expandtypeattribute (swap_block_device_27_0) true) -(expandtypeattribute (sysfs_27_0) true) -(expandtypeattribute (sysfs_batteryinfo_27_0) true) -(expandtypeattribute (sysfs_bluetooth_writable_27_0) true) -(expandtypeattribute (sysfs_devices_system_cpu_27_0) true) -(expandtypeattribute (sysfs_fs_ext4_features_27_0) true) -(expandtypeattribute (sysfs_hwrandom_27_0) true) -(expandtypeattribute (sysfs_leds_27_0) true) -(expandtypeattribute (sysfs_lowmemorykiller_27_0) true) -(expandtypeattribute (sysfs_mac_address_27_0) true) -(expandtypeattribute (sysfs_nfc_power_writable_27_0) true) -(expandtypeattribute (sysfs_thermal_27_0) true) -(expandtypeattribute (sysfs_uio_27_0) true) -(expandtypeattribute (sysfs_usb_27_0) true) -(expandtypeattribute (sysfs_usermodehelper_27_0) true) -(expandtypeattribute (sysfs_vibrator_27_0) true) -(expandtypeattribute (sysfs_wake_lock_27_0) true) -(expandtypeattribute (sysfs_wlan_fwpath_27_0) true) -(expandtypeattribute (sysfs_zram_27_0) true) -(expandtypeattribute (sysfs_zram_uevent_27_0) true) -(expandtypeattribute (system_app_27_0) true) -(expandtypeattribute (system_app_data_file_27_0) true) -(expandtypeattribute (system_app_service_27_0) true) -(expandtypeattribute (system_block_device_27_0) true) -(expandtypeattribute (system_data_file_27_0) true) -(expandtypeattribute (system_file_27_0) true) -(expandtypeattribute (systemkeys_data_file_27_0) true) -(expandtypeattribute (system_ndebug_socket_27_0) true) -(expandtypeattribute (system_net_netd_hwservice_27_0) true) -(expandtypeattribute (system_prop_27_0) true) -(expandtypeattribute (system_radio_prop_27_0) true) -(expandtypeattribute (system_server_27_0) true) -(expandtypeattribute (system_wifi_keystore_hwservice_27_0) true) -(expandtypeattribute (system_wpa_socket_27_0) true) -(expandtypeattribute (task_service_27_0) true) -(expandtypeattribute (tee_27_0) true) -(expandtypeattribute (tee_data_file_27_0) true) -(expandtypeattribute (tee_device_27_0) true) -(expandtypeattribute (telecom_service_27_0) true) -(expandtypeattribute (textclassification_service_27_0) true) -(expandtypeattribute (textclassifier_data_file_27_0) true) -(expandtypeattribute (textservices_service_27_0) true) -(expandtypeattribute (thermalcallback_hwservice_27_0) true) -(expandtypeattribute (thermal_service_27_0) true) -(expandtypeattribute (thermalserviced_27_0) true) -(expandtypeattribute (thermalserviced_exec_27_0) true) -(expandtypeattribute (timezone_service_27_0) true) -(expandtypeattribute (tmpfs_27_0) true) -(expandtypeattribute (tombstoned_27_0) true) -(expandtypeattribute (tombstone_data_file_27_0) true) -(expandtypeattribute (tombstoned_crash_socket_27_0) true) -(expandtypeattribute (tombstoned_exec_27_0) true) -(expandtypeattribute (tombstoned_intercept_socket_27_0) true) -(expandtypeattribute (tombstoned_java_trace_socket_27_0) true) -(expandtypeattribute (toolbox_27_0) true) -(expandtypeattribute (toolbox_exec_27_0) true) -(expandtypeattribute (trust_service_27_0) true) -(expandtypeattribute (tty_device_27_0) true) -(expandtypeattribute (tun_device_27_0) true) -(expandtypeattribute (tv_input_service_27_0) true) -(expandtypeattribute (tzdatacheck_27_0) true) -(expandtypeattribute (tzdatacheck_exec_27_0) true) -(expandtypeattribute (ueventd_27_0) true) -(expandtypeattribute (uhid_device_27_0) true) -(expandtypeattribute (uimode_service_27_0) true) -(expandtypeattribute (uio_device_27_0) true) -(expandtypeattribute (uncrypt_27_0) true) -(expandtypeattribute (uncrypt_exec_27_0) true) -(expandtypeattribute (uncrypt_socket_27_0) true) -(expandtypeattribute (unencrypted_data_file_27_0) true) -(expandtypeattribute (unlabeled_27_0) true) -(expandtypeattribute (untrusted_app_25_27_0) true) -(expandtypeattribute (untrusted_app_27_0) true) -(expandtypeattribute (untrusted_v2_app_27_0) true) -(expandtypeattribute (update_engine_27_0) true) -(expandtypeattribute (update_engine_data_file_27_0) true) -(expandtypeattribute (update_engine_exec_27_0) true) -(expandtypeattribute (update_engine_service_27_0) true) -(expandtypeattribute (updatelock_service_27_0) true) -(expandtypeattribute (update_verifier_27_0) true) -(expandtypeattribute (update_verifier_exec_27_0) true) -(expandtypeattribute (usagestats_service_27_0) true) -(expandtypeattribute (usbaccessory_device_27_0) true) -(expandtypeattribute (usb_device_27_0) true) -(expandtypeattribute (usbfs_27_0) true) -(expandtypeattribute (usb_service_27_0) true) -(expandtypeattribute (userdata_block_device_27_0) true) -(expandtypeattribute (usermodehelper_27_0) true) -(expandtypeattribute (user_profile_data_file_27_0) true) -(expandtypeattribute (user_service_27_0) true) -(expandtypeattribute (vcs_device_27_0) true) -(expandtypeattribute (vdc_27_0) true) -(expandtypeattribute (vdc_exec_27_0) true) -(expandtypeattribute (vendor_app_file_27_0) true) -(expandtypeattribute (vendor_configs_file_27_0) true) -(expandtypeattribute (vendor_file_27_0) true) -(expandtypeattribute (vendor_framework_file_27_0) true) -(expandtypeattribute (vendor_hal_file_27_0) true) -(expandtypeattribute (vendor_overlay_file_27_0) true) -(expandtypeattribute (vendor_shell_exec_27_0) true) -(expandtypeattribute (vendor_toolbox_exec_27_0) true) -(expandtypeattribute (vfat_27_0) true) -(expandtypeattribute (vibrator_service_27_0) true) -(expandtypeattribute (video_device_27_0) true) -(expandtypeattribute (virtual_touchpad_27_0) true) -(expandtypeattribute (virtual_touchpad_exec_27_0) true) -(expandtypeattribute (virtual_touchpad_service_27_0) true) -(expandtypeattribute (vndbinder_device_27_0) true) -(expandtypeattribute (vndk_sp_file_27_0) true) -(expandtypeattribute (vndservice_contexts_file_27_0) true) -(expandtypeattribute (vndservicemanager_27_0) true) -(expandtypeattribute (voiceinteraction_service_27_0) true) -(expandtypeattribute (vold_27_0) true) -(expandtypeattribute (vold_data_file_27_0) true) -(expandtypeattribute (vold_device_27_0) true) -(expandtypeattribute (vold_exec_27_0) true) -(expandtypeattribute (vold_prop_27_0) true) -(expandtypeattribute (vold_socket_27_0) true) -(expandtypeattribute (vpn_data_file_27_0) true) -(expandtypeattribute (vr_hwc_27_0) true) -(expandtypeattribute (vr_hwc_exec_27_0) true) -(expandtypeattribute (vr_hwc_service_27_0) true) -(expandtypeattribute (vr_manager_service_27_0) true) -(expandtypeattribute (wallpaper_file_27_0) true) -(expandtypeattribute (wallpaper_service_27_0) true) -(expandtypeattribute (watchdogd_27_0) true) -(expandtypeattribute (watchdog_device_27_0) true) -(expandtypeattribute (webviewupdate_service_27_0) true) -(expandtypeattribute (webview_zygote_27_0) true) -(expandtypeattribute (webview_zygote_exec_27_0) true) -(expandtypeattribute (webview_zygote_socket_27_0) true) -(expandtypeattribute (wifiaware_service_27_0) true) -(expandtypeattribute (wificond_27_0) true) -(expandtypeattribute (wificond_exec_27_0) true) -(expandtypeattribute (wificond_service_27_0) true) -(expandtypeattribute (wifi_data_file_27_0) true) -(expandtypeattribute (wifi_log_prop_27_0) true) -(expandtypeattribute (wifip2p_service_27_0) true) -(expandtypeattribute (wifi_prop_27_0) true) -(expandtypeattribute (wifiscanner_service_27_0) true) -(expandtypeattribute (wifi_service_27_0) true) -(expandtypeattribute (window_service_27_0) true) -(expandtypeattribute (wpa_socket_27_0) true) -(expandtypeattribute (zero_device_27_0) true) -(expandtypeattribute (zoneinfo_data_file_27_0) true) -(expandtypeattribute (zygote_27_0) true) -(expandtypeattribute (zygote_exec_27_0) true) -(expandtypeattribute (zygote_socket_27_0) true) -(typeattributeset accessibility_service_27_0 (accessibility_service)) -(typeattributeset account_service_27_0 (account_service)) -(typeattributeset activity_service_27_0 (activity_service)) -(typeattributeset adbd_27_0 (adbd)) -(typeattributeset adb_data_file_27_0 (adb_data_file)) -(typeattributeset adbd_exec_27_0 (adbd_exec)) -(typeattributeset adbd_socket_27_0 (adbd_socket)) -(typeattributeset adb_keys_file_27_0 (adb_keys_file)) -(typeattributeset alarm_device_27_0 (alarm_device)) -(typeattributeset alarm_service_27_0 (alarm_service)) -(typeattributeset anr_data_file_27_0 (anr_data_file)) -(typeattributeset apk_data_file_27_0 (apk_data_file)) -(typeattributeset apk_private_data_file_27_0 (apk_private_data_file)) -(typeattributeset apk_private_tmp_file_27_0 (apk_private_tmp_file)) -(typeattributeset apk_tmp_file_27_0 (apk_tmp_file)) -(typeattributeset app_data_file_27_0 (app_data_file privapp_data_file)) -(typeattributeset app_fuse_file_27_0 (app_fuse_file)) -(typeattributeset app_fusefs_27_0 (app_fusefs)) -(typeattributeset appops_service_27_0 (appops_service)) -(typeattributeset appwidget_service_27_0 (appwidget_service)) -(typeattributeset asec_apk_file_27_0 (asec_apk_file)) -(typeattributeset asec_image_file_27_0 (asec_image_file)) -(typeattributeset asec_public_file_27_0 (asec_public_file)) -(typeattributeset ashmem_device_27_0 (ashmem_device)) -(typeattributeset assetatlas_service_27_0 (assetatlas_service)) -(typeattributeset audio_data_file_27_0 (audio_data_file)) -(typeattributeset audio_device_27_0 (audio_device)) -(typeattributeset audiohal_data_file_27_0 (audiohal_data_file)) -(typeattributeset audio_prop_27_0 (audio_prop)) -(typeattributeset audio_seq_device_27_0 (audio_seq_device)) -(typeattributeset audioserver_27_0 (audioserver)) -(typeattributeset audioserver_data_file_27_0 (audioserver_data_file)) -(typeattributeset audioserver_service_27_0 (audioserver_service)) -(typeattributeset audio_service_27_0 (audio_service)) -(typeattributeset audio_timer_device_27_0 (audio_timer_device)) -(typeattributeset autofill_service_27_0 (autofill_service)) -(typeattributeset backup_data_file_27_0 (backup_data_file)) -(typeattributeset backup_service_27_0 (backup_service)) -(typeattributeset batteryproperties_service_27_0 (batteryproperties_service)) -(typeattributeset battery_service_27_0 (battery_service)) -(typeattributeset batterystats_service_27_0 (batterystats_service)) -(typeattributeset binder_device_27_0 (binder_device)) -(typeattributeset binfmt_miscfs_27_0 (binfmt_miscfs)) -(typeattributeset blkid_27_0 (blkid)) -(typeattributeset blkid_untrusted_27_0 (blkid_untrusted)) -(typeattributeset block_device_27_0 (block_device)) -(typeattributeset bluetooth_27_0 (bluetooth)) -(typeattributeset bluetooth_data_file_27_0 (bluetooth_data_file)) -(typeattributeset bluetooth_efs_file_27_0 (bluetooth_efs_file)) -(typeattributeset bluetooth_logs_data_file_27_0 (bluetooth_logs_data_file)) -(typeattributeset bluetooth_manager_service_27_0 (bluetooth_manager_service)) -(typeattributeset bluetooth_prop_27_0 (bluetooth_prop)) -(typeattributeset bluetooth_service_27_0 (bluetooth_service)) -(typeattributeset bluetooth_socket_27_0 (bluetooth_socket)) -(typeattributeset bootanim_27_0 (bootanim)) -(typeattributeset bootanim_exec_27_0 (bootanim_exec)) -(typeattributeset boot_block_device_27_0 (boot_block_device)) -(typeattributeset bootchart_data_file_27_0 (bootchart_data_file)) -(typeattributeset bootstat_27_0 (bootstat)) -(typeattributeset bootstat_data_file_27_0 (bootstat_data_file)) -(typeattributeset bootstat_exec_27_0 (bootstat_exec)) -(typeattributeset boottime_prop_27_0 (boottime_prop)) -(typeattributeset boottrace_data_file_27_0 (boottrace_data_file)) -(typeattributeset broadcastradio_service_27_0 (broadcastradio_service)) -(typeattributeset bufferhubd_27_0 (bufferhubd)) -(typeattributeset bufferhubd_exec_27_0 (bufferhubd_exec)) -(typeattributeset cache_backup_file_27_0 (cache_backup_file)) -(typeattributeset cache_block_device_27_0 (cache_block_device)) -(typeattributeset cache_file_27_0 (cache_file)) -(typeattributeset cache_private_backup_file_27_0 (cache_private_backup_file)) -(typeattributeset cache_recovery_file_27_0 (cache_recovery_file)) -(typeattributeset camera_data_file_27_0 (camera_data_file)) -(typeattributeset camera_device_27_0 (camera_device)) -(typeattributeset cameraproxy_service_27_0 (cameraproxy_service)) -(typeattributeset cameraserver_27_0 (cameraserver)) -(typeattributeset cameraserver_exec_27_0 (cameraserver_exec)) -(typeattributeset cameraserver_service_27_0 (cameraserver_service)) -(typeattributeset cgroup_27_0 (cgroup)) -(typeattributeset charger_27_0 (charger)) -(typeattributeset clatd_27_0 (clatd)) -(typeattributeset clatd_exec_27_0 (clatd_exec)) -(typeattributeset clipboard_service_27_0 (clipboard_service)) -(typeattributeset commontime_management_service_27_0 (commontime_management_service)) -(typeattributeset companion_device_service_27_0 (companion_device_service)) -(typeattributeset configfs_27_0 (configfs)) -(typeattributeset config_prop_27_0 (config_prop)) -(typeattributeset connectivity_service_27_0 (connectivity_service)) -(typeattributeset connmetrics_service_27_0 (connmetrics_service)) -(typeattributeset console_device_27_0 (console_device)) -(typeattributeset consumer_ir_service_27_0 (consumer_ir_service)) -(typeattributeset content_service_27_0 (content_service)) -(typeattributeset contexthub_service_27_0 (contexthub_service)) -(typeattributeset coredump_file_27_0 (coredump_file)) -(typeattributeset country_detector_service_27_0 (country_detector_service)) -(typeattributeset coverage_service_27_0 (coverage_service)) -(typeattributeset cppreopt_prop_27_0 (cppreopt_prop)) -(typeattributeset cppreopts_27_0 (cppreopts)) -(typeattributeset cppreopts_exec_27_0 (cppreopts_exec)) -(typeattributeset cpuctl_device_27_0 (cpuctl_device)) -(typeattributeset cpuinfo_service_27_0 (cpuinfo_service)) -(typeattributeset crash_dump_27_0 (crash_dump)) -(typeattributeset crash_dump_exec_27_0 (crash_dump_exec)) -(typeattributeset ctl_bootanim_prop_27_0 (ctl_bootanim_prop)) -(typeattributeset ctl_bugreport_prop_27_0 (ctl_bugreport_prop)) -(typeattributeset ctl_console_prop_27_0 (ctl_console_prop)) -(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop)) -(typeattributeset ctl_dumpstate_prop_27_0 (ctl_dumpstate_prop)) -(typeattributeset ctl_fuse_prop_27_0 (ctl_fuse_prop)) -(typeattributeset ctl_mdnsd_prop_27_0 (ctl_mdnsd_prop)) -(typeattributeset ctl_rildaemon_prop_27_0 (ctl_rildaemon_prop)) -(typeattributeset dalvikcache_data_file_27_0 (dalvikcache_data_file)) -(typeattributeset dalvik_prop_27_0 (dalvik_prop)) -(typeattributeset dbinfo_service_27_0 (dbinfo_service)) -(typeattributeset debugfs_27_0 - ( debugfs - debugfs_wakeup_sources)) -(typeattributeset debugfs_mmc_27_0 (debugfs_mmc)) -(typeattributeset debugfs_trace_marker_27_0 (debugfs_trace_marker)) -(typeattributeset debugfs_tracing_27_0 (debugfs_tracing)) -(typeattributeset debugfs_tracing_debug_27_0 (debugfs_tracing_debug)) -(typeattributeset debugfs_tracing_instances_27_0 (debugfs_tracing_instances)) -(typeattributeset debugfs_wifi_tracing_27_0 (debugfs_wifi_tracing)) -(typeattributeset debuggerd_prop_27_0 (debuggerd_prop)) -(typeattributeset debug_prop_27_0 (debug_prop)) -(typeattributeset default_android_hwservice_27_0 (default_android_hwservice)) -(typeattributeset default_android_service_27_0 (default_android_service)) -(typeattributeset default_android_vndservice_27_0 (default_android_vndservice)) -(typeattributeset default_prop_27_0 - ( default_prop - pm_prop)) -(typeattributeset device_27_0 (device)) -(typeattributeset device_identifiers_service_27_0 (device_identifiers_service)) -(typeattributeset deviceidle_service_27_0 (deviceidle_service)) -(typeattributeset device_logging_prop_27_0 (device_logging_prop)) -(typeattributeset device_policy_service_27_0 (device_policy_service)) -(typeattributeset devicestoragemonitor_service_27_0 (devicestoragemonitor_service)) -(typeattributeset devpts_27_0 (devpts)) -(typeattributeset dex2oat_27_0 (dex2oat)) -(typeattributeset dex2oat_exec_27_0 (dex2oat_exec)) -(typeattributeset dhcp_27_0 (dhcp)) -(typeattributeset dhcp_data_file_27_0 (dhcp_data_file)) -(typeattributeset dhcp_exec_27_0 (dhcp_exec)) -(typeattributeset dhcp_prop_27_0 (dhcp_prop)) -(typeattributeset diskstats_service_27_0 (diskstats_service)) -(typeattributeset display_service_27_0 (display_service)) -(typeattributeset dm_device_27_0 (dm_device)) -(typeattributeset dnsmasq_27_0 (dnsmasq)) -(typeattributeset dnsmasq_exec_27_0 (dnsmasq_exec)) -(typeattributeset dnsproxyd_socket_27_0 (dnsproxyd_socket)) -(typeattributeset DockObserver_service_27_0 (DockObserver_service)) -(typeattributeset dreams_service_27_0 (dreams_service)) -(typeattributeset drm_data_file_27_0 (drm_data_file)) -(typeattributeset drmserver_27_0 (drmserver)) -(typeattributeset drmserver_exec_27_0 (drmserver_exec)) -(typeattributeset drmserver_service_27_0 (drmserver_service)) -(typeattributeset drmserver_socket_27_0 (drmserver_socket)) -(typeattributeset dropbox_service_27_0 (dropbox_service)) -(typeattributeset dumpstate_27_0 (dumpstate)) -(typeattributeset dumpstate_exec_27_0 (dumpstate_exec)) -(typeattributeset dumpstate_options_prop_27_0 (dumpstate_options_prop)) -(typeattributeset dumpstate_prop_27_0 (dumpstate_prop)) -(typeattributeset dumpstate_service_27_0 (dumpstate_service)) -(typeattributeset dumpstate_socket_27_0 (dumpstate_socket)) -(typeattributeset e2fs_27_0 (e2fs)) -(typeattributeset e2fs_exec_27_0 (e2fs_exec)) -(typeattributeset efs_file_27_0 (efs_file)) -(typeattributeset ephemeral_app_27_0 (ephemeral_app)) -(typeattributeset ethernet_service_27_0 (ethernet_service)) -(typeattributeset ffs_prop_27_0 (ffs_prop)) -(typeattributeset file_contexts_file_27_0 (file_contexts_file)) -(typeattributeset fingerprintd_27_0 (fingerprintd)) -(typeattributeset fingerprintd_data_file_27_0 (fingerprintd_data_file)) -(typeattributeset fingerprintd_exec_27_0 (fingerprintd_exec)) -(typeattributeset fingerprintd_service_27_0 (fingerprintd_service)) -(typeattributeset fingerprint_prop_27_0 (fingerprint_prop)) -(typeattributeset fingerprint_service_27_0 (fingerprint_service)) -(typeattributeset firstboot_prop_27_0 (firstboot_prop)) -(typeattributeset font_service_27_0 (font_service)) -(typeattributeset frp_block_device_27_0 (frp_block_device)) -(typeattributeset fsck_27_0 (fsck)) -(typeattributeset fsck_exec_27_0 (fsck_exec)) -(typeattributeset fscklogs_27_0 (fscklogs)) -(typeattributeset fsck_untrusted_27_0 (fsck_untrusted)) -(typeattributeset full_device_27_0 (full_device)) -(typeattributeset functionfs_27_0 (functionfs)) -(typeattributeset fuse_27_0 (fuse)) -(typeattributeset fuse_device_27_0 (fuse_device)) -(typeattributeset fwk_display_hwservice_27_0 (fwk_display_hwservice)) -(typeattributeset fwk_scheduler_hwservice_27_0 (fwk_scheduler_hwservice)) -(typeattributeset fwk_sensor_hwservice_27_0 (fwk_sensor_hwservice)) -(typeattributeset fwmarkd_socket_27_0 (fwmarkd_socket)) -(typeattributeset gatekeeperd_27_0 (gatekeeperd)) -(typeattributeset gatekeeper_data_file_27_0 (gatekeeper_data_file)) -(typeattributeset gatekeeperd_exec_27_0 (gatekeeperd_exec)) -(typeattributeset gatekeeper_service_27_0 (gatekeeper_service)) -(typeattributeset gfxinfo_service_27_0 (gfxinfo_service)) -(typeattributeset gps_control_27_0 (gps_control)) -(typeattributeset gpu_device_27_0 (gpu_device)) -(typeattributeset gpu_service_27_0 (gpu_service)) -(typeattributeset graphics_device_27_0 (graphics_device)) -(typeattributeset graphicsstats_service_27_0 (graphicsstats_service)) -(typeattributeset hal_audio_hwservice_27_0 (hal_audio_hwservice)) -(typeattributeset hal_bluetooth_hwservice_27_0 (hal_bluetooth_hwservice)) -(typeattributeset hal_bootctl_hwservice_27_0 (hal_bootctl_hwservice)) -(typeattributeset hal_broadcastradio_hwservice_27_0 (hal_broadcastradio_hwservice)) -(typeattributeset hal_camera_hwservice_27_0 (hal_camera_hwservice)) -(typeattributeset hal_cas_hwservice_27_0 (hal_cas_hwservice)) -(typeattributeset hal_configstore_ISurfaceFlingerConfigs_27_0 (hal_configstore_ISurfaceFlingerConfigs)) -(typeattributeset hal_contexthub_hwservice_27_0 (hal_contexthub_hwservice)) -(typeattributeset hal_drm_hwservice_27_0 (hal_drm_hwservice)) -(typeattributeset hal_dumpstate_hwservice_27_0 (hal_dumpstate_hwservice)) -(typeattributeset hal_fingerprint_hwservice_27_0 (hal_fingerprint_hwservice)) -(typeattributeset hal_fingerprint_service_27_0 (hal_fingerprint_service)) -(typeattributeset hal_gatekeeper_hwservice_27_0 (hal_gatekeeper_hwservice)) -(typeattributeset hal_gnss_hwservice_27_0 (hal_gnss_hwservice)) -(typeattributeset hal_graphics_allocator_hwservice_27_0 (hal_graphics_allocator_hwservice)) -(typeattributeset hal_graphics_composer_hwservice_27_0 (hal_graphics_composer_hwservice)) -(typeattributeset hal_graphics_mapper_hwservice_27_0 (hal_graphics_mapper_hwservice)) -(typeattributeset hal_health_hwservice_27_0 (hal_health_hwservice)) -(typeattributeset hal_ir_hwservice_27_0 (hal_ir_hwservice)) -(typeattributeset hal_keymaster_hwservice_27_0 (hal_keymaster_hwservice)) -(typeattributeset hal_light_hwservice_27_0 (hal_light_hwservice)) -(typeattributeset hal_memtrack_hwservice_27_0 (hal_memtrack_hwservice)) -(typeattributeset hal_neuralnetworks_hwservice_27_0 (hal_neuralnetworks_hwservice)) -(typeattributeset hal_nfc_hwservice_27_0 (hal_nfc_hwservice)) -(typeattributeset hal_oemlock_hwservice_27_0 (hal_oemlock_hwservice)) -(typeattributeset hal_omx_hwservice_27_0 (hal_omx_hwservice)) -(typeattributeset hal_power_hwservice_27_0 (hal_power_hwservice)) -(typeattributeset hal_renderscript_hwservice_27_0 (hal_renderscript_hwservice)) -(typeattributeset hal_sensors_hwservice_27_0 (hal_sensors_hwservice)) -(typeattributeset hal_telephony_hwservice_27_0 (hal_telephony_hwservice)) -(typeattributeset hal_tetheroffload_hwservice_27_0 (hal_tetheroffload_hwservice)) -(typeattributeset hal_thermal_hwservice_27_0 (hal_thermal_hwservice)) -(typeattributeset hal_tv_cec_hwservice_27_0 (hal_tv_cec_hwservice)) -(typeattributeset hal_tv_input_hwservice_27_0 (hal_tv_input_hwservice)) -(typeattributeset hal_usb_hwservice_27_0 (hal_usb_hwservice)) -(typeattributeset hal_vibrator_hwservice_27_0 (hal_vibrator_hwservice)) -(typeattributeset hal_vr_hwservice_27_0 (hal_vr_hwservice)) -(typeattributeset hal_weaver_hwservice_27_0 (hal_weaver_hwservice)) -(typeattributeset hal_wifi_hwservice_27_0 (hal_wifi_hwservice)) -(typeattributeset hal_wifi_offload_hwservice_27_0 (hal_wifi_offload_hwservice)) -(typeattributeset hal_wifi_supplicant_hwservice_27_0 (hal_wifi_supplicant_hwservice)) -(typeattributeset hardware_properties_service_27_0 (hardware_properties_service)) -(typeattributeset hardware_service_27_0 (hardware_service)) -(typeattributeset hci_attach_dev_27_0 (hci_attach_dev)) -(typeattributeset hdmi_control_service_27_0 (hdmi_control_service)) -(typeattributeset healthd_27_0 (healthd)) -(typeattributeset healthd_exec_27_0 (healthd_exec)) -(typeattributeset heapdump_data_file_27_0 (heapdump_data_file)) -(typeattributeset hidl_allocator_hwservice_27_0 (hidl_allocator_hwservice)) -(typeattributeset hidl_base_hwservice_27_0 (hidl_base_hwservice)) -(typeattributeset hidl_manager_hwservice_27_0 (hidl_manager_hwservice)) -(typeattributeset hidl_memory_hwservice_27_0 (hidl_memory_hwservice)) -(typeattributeset hidl_token_hwservice_27_0 (hidl_token_hwservice)) -(typeattributeset hwbinder_device_27_0 (hwbinder_device)) -(typeattributeset hw_random_device_27_0 (hw_random_device)) -(typeattributeset hwservice_contexts_file_27_0 (hwservice_contexts_file)) -(typeattributeset hwservicemanager_27_0 (hwservicemanager)) -(typeattributeset hwservicemanager_exec_27_0 (hwservicemanager_exec)) -(typeattributeset hwservicemanager_prop_27_0 (hwservicemanager_prop)) -(typeattributeset i2c_device_27_0 (i2c_device)) -(typeattributeset icon_file_27_0 (icon_file)) -(typeattributeset idmap_27_0 (idmap)) -(typeattributeset idmap_exec_27_0 (idmap_exec)) -(typeattributeset iio_device_27_0 (iio_device)) -(typeattributeset imms_service_27_0 (imms_service)) -(typeattributeset incident_27_0 (incident)) -(typeattributeset incidentd_27_0 (incidentd)) -(typeattributeset incident_data_file_27_0 (incident_data_file)) -(typeattributeset incident_service_27_0 (incident_service)) -(typeattributeset init_27_0 (init)) -(typeattributeset init_exec_27_0 (init_exec watchdogd_exec)) -(typeattributeset inotify_27_0 (inotify)) -(typeattributeset input_device_27_0 (input_device)) -(typeattributeset inputflinger_27_0 (inputflinger)) -(typeattributeset inputflinger_exec_27_0 (inputflinger_exec)) -(typeattributeset inputflinger_service_27_0 (inputflinger_service)) -(typeattributeset input_method_service_27_0 (input_method_service)) -(typeattributeset input_service_27_0 (input_service)) -(typeattributeset installd_27_0 (installd)) -(typeattributeset install_data_file_27_0 (install_data_file)) -(typeattributeset installd_exec_27_0 (installd_exec)) -(typeattributeset installd_service_27_0 (installd_service)) -(typeattributeset install_recovery_27_0 (install_recovery)) -(typeattributeset install_recovery_exec_27_0 (install_recovery_exec)) -(typeattributeset ion_device_27_0 (ion_device)) -(typeattributeset IProxyService_service_27_0 (IProxyService_service)) -(typeattributeset ipsec_service_27_0 (ipsec_service)) -(typeattributeset isolated_app_27_0 (isolated_app)) -(typeattributeset jobscheduler_service_27_0 (jobscheduler_service)) -(typeattributeset kernel_27_0 (kernel)) -(typeattributeset keychain_data_file_27_0 (keychain_data_file)) -(typeattributeset keychord_device_27_0 (keychord_device)) -(typeattributeset keystore_27_0 (keystore)) -(typeattributeset keystore_data_file_27_0 (keystore_data_file)) -(typeattributeset keystore_exec_27_0 (keystore_exec)) -(typeattributeset keystore_service_27_0 (keystore_service)) -(typeattributeset kmem_device_27_0 (kmem_device)) -(typeattributeset kmsg_debug_device_27_0 (kmsg_debug_device)) -(typeattributeset kmsg_device_27_0 (kmsg_device)) -(typeattributeset labeledfs_27_0 (labeledfs)) -(typeattributeset launcherapps_service_27_0 (launcherapps_service)) -(typeattributeset lmkd_27_0 (lmkd)) -(typeattributeset lmkd_exec_27_0 (lmkd_exec)) -(typeattributeset lmkd_socket_27_0 (lmkd_socket)) -(typeattributeset location_service_27_0 (location_service)) -(typeattributeset lock_settings_service_27_0 (lock_settings_service)) -(typeattributeset logcat_exec_27_0 (logcat_exec)) -(typeattributeset logd_27_0 (logd)) -(typeattributeset logd_exec_27_0 (logd_exec)) -(typeattributeset logd_prop_27_0 (logd_prop)) -(typeattributeset logdr_socket_27_0 (logdr_socket)) -(typeattributeset logd_socket_27_0 (logd_socket)) -(typeattributeset logdw_socket_27_0 (logdw_socket)) -(typeattributeset logpersist_27_0 (logpersist)) -(typeattributeset logpersistd_logging_prop_27_0 (logpersistd_logging_prop)) -(typeattributeset log_prop_27_0 (log_prop)) -(typeattributeset log_tag_prop_27_0 (log_tag_prop)) -(typeattributeset loop_control_device_27_0 (loop_control_device)) -(typeattributeset loop_device_27_0 (loop_device)) -(typeattributeset mac_perms_file_27_0 (mac_perms_file)) -(typeattributeset mdnsd_27_0 (mdnsd)) -(typeattributeset mdnsd_socket_27_0 (mdnsd_socket)) -(typeattributeset mdns_socket_27_0 (mdns_socket)) -(typeattributeset mediacodec_27_0 (mediacodec)) -(typeattributeset mediacodec_exec_27_0 (mediacodec_exec)) -(typeattributeset mediacodec_service_27_0 (mediacodec_service)) -(typeattributeset media_data_file_27_0 (media_data_file)) -(typeattributeset mediadrmserver_27_0 (mediadrmserver)) -(typeattributeset mediadrmserver_exec_27_0 (mediadrmserver_exec)) -(typeattributeset mediadrmserver_service_27_0 (mediadrmserver_service)) -(typeattributeset mediaextractor_27_0 (mediaextractor)) -(typeattributeset mediaextractor_exec_27_0 (mediaextractor_exec)) -(typeattributeset mediaextractor_service_27_0 (mediaextractor_service)) -(typeattributeset mediametrics_27_0 (mediametrics)) -(typeattributeset mediametrics_exec_27_0 (mediametrics_exec)) -(typeattributeset mediametrics_service_27_0 (mediametrics_service)) -(typeattributeset media_projection_service_27_0 (media_projection_service)) -(typeattributeset mediaprovider_27_0 (mediaprovider)) -(typeattributeset media_router_service_27_0 (media_router_service)) -(typeattributeset media_rw_data_file_27_0 (media_rw_data_file)) -(typeattributeset mediaserver_27_0 (mediaserver)) -(typeattributeset mediaserver_exec_27_0 (mediaserver_exec)) -(typeattributeset mediaserver_service_27_0 (mediaserver_service)) -(typeattributeset media_session_service_27_0 (media_session_service)) -(typeattributeset meminfo_service_27_0 (meminfo_service)) -(typeattributeset metadata_block_device_27_0 (metadata_block_device)) -(typeattributeset method_trace_data_file_27_0 (method_trace_data_file)) -(typeattributeset midi_service_27_0 (midi_service)) -(typeattributeset misc_block_device_27_0 (misc_block_device)) -(typeattributeset misc_logd_file_27_0 (misc_logd_file)) -(typeattributeset misc_user_data_file_27_0 (misc_user_data_file)) -(typeattributeset mmc_prop_27_0 (mmc_prop)) -(typeattributeset mnt_expand_file_27_0 (mnt_expand_file)) -(typeattributeset mnt_media_rw_file_27_0 (mnt_media_rw_file)) -(typeattributeset mnt_media_rw_stub_file_27_0 (mnt_media_rw_stub_file)) -(typeattributeset mnt_user_file_27_0 (mnt_user_file)) -(typeattributeset modprobe_27_0 (modprobe)) -(typeattributeset mount_service_27_0 (mount_service)) -(typeattributeset mqueue_27_0 (mqueue)) -(typeattributeset mtd_device_27_0 (mtd_device)) -(typeattributeset mtp_27_0 (mtp)) -(typeattributeset mtp_device_27_0 (mtp_device)) -(typeattributeset mtpd_socket_27_0 (mtpd_socket)) -(typeattributeset mtp_exec_27_0 (mtp_exec)) -(typeattributeset nativetest_data_file_27_0 (nativetest_data_file)) -(typeattributeset netd_27_0 (netd)) -(typeattributeset net_data_file_27_0 (net_data_file)) -(typeattributeset netd_exec_27_0 (netd_exec)) -(typeattributeset netd_listener_service_27_0 (netd_listener_service)) -(typeattributeset net_dns_prop_27_0 (net_dns_prop)) -(typeattributeset netd_service_27_0 (netd_service)) -(typeattributeset netd_socket_27_0 (netd_socket)) -(typeattributeset netd_stable_secret_prop_27_0 (netd_stable_secret_prop)) -(typeattributeset netif_27_0 (netif)) -(typeattributeset netpolicy_service_27_0 (netpolicy_service)) -(typeattributeset net_radio_prop_27_0 (net_radio_prop)) -(typeattributeset netstats_service_27_0 (netstats_service)) -(typeattributeset netutils_wrapper_27_0 (netutils_wrapper)) -(typeattributeset netutils_wrapper_exec_27_0 (netutils_wrapper_exec)) -(typeattributeset network_management_service_27_0 (network_management_service)) -(typeattributeset network_score_service_27_0 (network_score_service)) -(typeattributeset network_time_update_service_27_0 (network_time_update_service)) -(typeattributeset nfc_27_0 (nfc)) -(typeattributeset nfc_data_file_27_0 (nfc_data_file)) -(typeattributeset nfc_device_27_0 (nfc_device)) -(typeattributeset nfc_prop_27_0 (nfc_prop)) -(typeattributeset nfc_service_27_0 (nfc_service)) -(typeattributeset node_27_0 (node)) -(typeattributeset nonplat_service_contexts_file_27_0 (nonplat_service_contexts_file)) -(typeattributeset notification_service_27_0 (notification_service)) -(typeattributeset null_device_27_0 (null_device)) -(typeattributeset oemfs_27_0 (oemfs)) -(typeattributeset oem_lock_service_27_0 (oem_lock_service)) -(typeattributeset ota_data_file_27_0 (ota_data_file)) -(typeattributeset otadexopt_service_27_0 (otadexopt_service)) -(typeattributeset ota_package_file_27_0 (ota_package_file)) -(typeattributeset otapreopt_chroot_27_0 (otapreopt_chroot)) -(typeattributeset otapreopt_chroot_exec_27_0 (otapreopt_chroot_exec)) -(typeattributeset otapreopt_slot_27_0 (otapreopt_slot)) -(typeattributeset otapreopt_slot_exec_27_0 (otapreopt_slot_exec)) -(typeattributeset overlay_prop_27_0 (overlay_prop)) -(typeattributeset overlay_service_27_0 (overlay_service)) -(typeattributeset owntty_device_27_0 (owntty_device)) -(typeattributeset package_native_service_27_0 (package_native_service)) -(typeattributeset package_service_27_0 (package_service)) -(typeattributeset pan_result_prop_27_0 (pan_result_prop)) -(typeattributeset pdx_bufferhub_client_channel_socket_27_0 (pdx_bufferhub_client_channel_socket)) -(typeattributeset pdx_bufferhub_client_endpoint_socket_27_0 (pdx_bufferhub_client_endpoint_socket)) -(typeattributeset pdx_bufferhub_dir_27_0 (pdx_bufferhub_dir)) -(typeattributeset pdx_display_client_channel_socket_27_0 (pdx_display_client_channel_socket)) -(typeattributeset pdx_display_client_endpoint_socket_27_0 (pdx_display_client_endpoint_socket)) -(typeattributeset pdx_display_dir_27_0 (pdx_display_dir)) -(typeattributeset pdx_display_manager_channel_socket_27_0 (pdx_display_manager_channel_socket)) -(typeattributeset pdx_display_manager_endpoint_socket_27_0 (pdx_display_manager_endpoint_socket)) -(typeattributeset pdx_display_screenshot_channel_socket_27_0 (pdx_display_screenshot_channel_socket)) -(typeattributeset pdx_display_screenshot_endpoint_socket_27_0 (pdx_display_screenshot_endpoint_socket)) -(typeattributeset pdx_display_vsync_channel_socket_27_0 (pdx_display_vsync_channel_socket)) -(typeattributeset pdx_display_vsync_endpoint_socket_27_0 (pdx_display_vsync_endpoint_socket)) -(typeattributeset pdx_performance_client_channel_socket_27_0 (pdx_performance_client_channel_socket)) -(typeattributeset pdx_performance_client_endpoint_socket_27_0 (pdx_performance_client_endpoint_socket)) -(typeattributeset pdx_performance_dir_27_0 (pdx_performance_dir)) -(typeattributeset performanced_27_0 (performanced)) -(typeattributeset performanced_exec_27_0 (performanced_exec)) -(typeattributeset perfprofd_27_0 (perfprofd)) -(typeattributeset perfprofd_data_file_27_0 (perfprofd_data_file)) -(typeattributeset perfprofd_exec_27_0 (perfprofd_exec)) -(typeattributeset permission_service_27_0 (permission_service)) -(typeattributeset persist_debug_prop_27_0 (persist_debug_prop)) -(typeattributeset persistent_data_block_service_27_0 (persistent_data_block_service)) -(typeattributeset persistent_properties_ready_prop_27_0 (persistent_properties_ready_prop)) -(typeattributeset pinner_service_27_0 (pinner_service)) -(typeattributeset pipefs_27_0 (pipefs)) -(typeattributeset platform_app_27_0 (platform_app)) -(typeattributeset pmsg_device_27_0 (pmsg_device)) -(typeattributeset port_27_0 (port)) -(typeattributeset port_device_27_0 (port_device)) -(typeattributeset postinstall_27_0 (postinstall)) -(typeattributeset postinstall_dexopt_27_0 (postinstall_dexopt)) -(typeattributeset postinstall_file_27_0 (postinstall_file)) -(typeattributeset postinstall_mnt_dir_27_0 (postinstall_mnt_dir)) -(typeattributeset powerctl_prop_27_0 (powerctl_prop)) -(typeattributeset power_service_27_0 (power_service)) -(typeattributeset ppp_27_0 (ppp)) -(typeattributeset ppp_device_27_0 (ppp_device)) -(typeattributeset ppp_exec_27_0 (ppp_exec)) -(typeattributeset preloads_data_file_27_0 (preloads_data_file)) -(typeattributeset preloads_media_file_27_0 (preloads_media_file)) -(typeattributeset preopt2cachename_27_0 (preopt2cachename)) -(typeattributeset preopt2cachename_exec_27_0 (preopt2cachename_exec)) -(typeattributeset print_service_27_0 (print_service)) -(typeattributeset priv_app_27_0 (priv_app)) -(typeattributeset proc_27_0 - ( proc - proc_abi - proc_asound - proc_buddyinfo - proc_cmdline - proc_dirty - proc_diskstats - proc_extra_free_kbytes - proc_filesystems - proc_hostname - proc_hung_task - proc_kmsg - proc_loadavg - proc_max_map_count - proc_min_free_order_shift - proc_mounts - proc_page_cluster - proc_pagetypeinfo - proc_panic - proc_pid_max - proc_pipe_conf - proc_random - proc_sched - proc_slabinfo - proc_swaps - proc_uid_concurrent_active_time - proc_uid_concurrent_policy_time - proc_uid_cpupower - proc_uptime - proc_version - proc_vmallocinfo - proc_vmstat)) -(typeattributeset proc_bluetooth_writable_27_0 (proc_bluetooth_writable)) -(typeattributeset proc_cpuinfo_27_0 (proc_cpuinfo)) -(typeattributeset proc_drop_caches_27_0 (proc_drop_caches)) -(typeattributeset processinfo_service_27_0 (processinfo_service)) -(typeattributeset proc_interrupts_27_0 (proc_interrupts)) -(typeattributeset proc_iomem_27_0 (proc_iomem)) -(typeattributeset proc_meminfo_27_0 (proc_meminfo)) -(typeattributeset proc_misc_27_0 (proc_misc)) -(typeattributeset proc_modules_27_0 (proc_modules)) -(typeattributeset proc_net_27_0 - ( proc_net - proc_net_tcp_udp - proc_qtaguid_stat)) -(typeattributeset proc_overcommit_memory_27_0 (proc_overcommit_memory)) -(typeattributeset proc_perf_27_0 (proc_perf)) -(typeattributeset proc_security_27_0 (proc_security)) -(typeattributeset proc_stat_27_0 (proc_stat)) -(typeattributeset procstats_service_27_0 (procstats_service)) -(typeattributeset proc_sysrq_27_0 (proc_sysrq)) -(typeattributeset proc_timer_27_0 (proc_timer)) -(typeattributeset proc_tty_drivers_27_0 (proc_tty_drivers)) -(typeattributeset proc_uid_cputime_removeuid_27_0 (proc_uid_cputime_removeuid)) -(typeattributeset proc_uid_cputime_showstat_27_0 (proc_uid_cputime_showstat)) -(typeattributeset proc_uid_io_stats_27_0 (proc_uid_io_stats)) -(typeattributeset proc_uid_procstat_set_27_0 (proc_uid_procstat_set)) -(typeattributeset proc_uid_time_in_state_27_0 (proc_uid_time_in_state)) -(typeattributeset proc_zoneinfo_27_0 (proc_zoneinfo)) -(typeattributeset profman_27_0 (profman)) -(typeattributeset profman_dump_data_file_27_0 (profman_dump_data_file)) -(typeattributeset profman_exec_27_0 (profman_exec)) -(typeattributeset properties_device_27_0 (properties_device)) -(typeattributeset properties_serial_27_0 (properties_serial)) -(typeattributeset property_contexts_file_27_0 (property_contexts_file)) -(typeattributeset property_data_file_27_0 (property_data_file)) -(typeattributeset property_socket_27_0 (property_socket)) -(typeattributeset pstorefs_27_0 (pstorefs)) -(typeattributeset ptmx_device_27_0 (ptmx_device)) -(typeattributeset qtaguid_device_27_0 (qtaguid_device)) -(typeattributeset qtaguid_proc_27_0 - ( proc_qtaguid_ctrl - qtaguid_proc)) -(typeattributeset racoon_27_0 (racoon)) -(typeattributeset racoon_exec_27_0 (racoon_exec)) -(typeattributeset racoon_socket_27_0 (racoon_socket)) -(typeattributeset radio_27_0 (radio)) -(typeattributeset radio_data_file_27_0 (radio_data_file)) -(typeattributeset radio_device_27_0 (radio_device)) -(typeattributeset radio_prop_27_0 (radio_prop)) -(typeattributeset radio_service_27_0 (radio_service)) -(typeattributeset ram_device_27_0 (ram_device)) -(typeattributeset random_device_27_0 (random_device)) -(typeattributeset reboot_data_file_27_0 (reboot_data_file)) -(typeattributeset recovery_27_0 (recovery)) -(typeattributeset recovery_block_device_27_0 (recovery_block_device)) -(typeattributeset recovery_data_file_27_0 (recovery_data_file)) -(typeattributeset recovery_persist_27_0 (recovery_persist)) -(typeattributeset recovery_persist_exec_27_0 (recovery_persist_exec)) -(typeattributeset recovery_refresh_27_0 (recovery_refresh)) -(typeattributeset recovery_refresh_exec_27_0 (recovery_refresh_exec)) -(typeattributeset recovery_service_27_0 (recovery_service)) -(typeattributeset registry_service_27_0 (registry_service)) -(typeattributeset resourcecache_data_file_27_0 (resourcecache_data_file)) -(typeattributeset restorecon_prop_27_0 (restorecon_prop)) -(typeattributeset restrictions_service_27_0 (restrictions_service)) -(typeattributeset rild_27_0 (rild)) -(typeattributeset rild_debug_socket_27_0 (rild_debug_socket)) -(typeattributeset rild_socket_27_0 (rild_socket)) -(typeattributeset ringtone_file_27_0 (ringtone_file)) -(typeattributeset root_block_device_27_0 (root_block_device)) -(typeattributeset rootfs_27_0 (rootfs)) -(typeattributeset rpmsg_device_27_0 (rpmsg_device)) -(typeattributeset rtc_device_27_0 (rtc_device)) -(typeattributeset rttmanager_service_27_0 (rttmanager_service)) -(typeattributeset runas_27_0 (runas)) -(typeattributeset runas_exec_27_0 (runas_exec)) -(typeattributeset runtime_event_log_tags_file_27_0 (runtime_event_log_tags_file)) -(typeattributeset safemode_prop_27_0 (safemode_prop)) -(typeattributeset same_process_hal_file_27_0 - ( same_process_hal_file - vendor_public_lib_file)) -(typeattributeset samplingprofiler_service_27_0 (samplingprofiler_service)) -(typeattributeset scheduling_policy_service_27_0 (scheduling_policy_service)) -(typeattributeset sdcardd_27_0 (sdcardd)) -(typeattributeset sdcardd_exec_27_0 (sdcardd_exec)) -(typeattributeset sdcardfs_27_0 (sdcardfs)) -(typeattributeset seapp_contexts_file_27_0 (seapp_contexts_file)) -(typeattributeset search_service_27_0 (search_service)) -(typeattributeset sec_key_att_app_id_provider_service_27_0 (sec_key_att_app_id_provider_service)) -(typeattributeset selinuxfs_27_0 (selinuxfs)) -(typeattributeset sensors_device_27_0 (sensors_device)) -(typeattributeset sensorservice_service_27_0 (sensorservice_service)) -(typeattributeset sepolicy_file_27_0 (sepolicy_file)) -(typeattributeset serial_device_27_0 (serial_device)) -(typeattributeset serialno_prop_27_0 (serialno_prop)) -(typeattributeset serial_service_27_0 (serial_service)) -(typeattributeset service_contexts_file_27_0 (service_contexts_file)) -(typeattributeset servicediscovery_service_27_0 (servicediscovery_service)) -(typeattributeset servicemanager_27_0 (servicemanager)) -(typeattributeset servicemanager_exec_27_0 (servicemanager_exec)) -(typeattributeset settings_service_27_0 (settings_service)) -(typeattributeset sgdisk_27_0 (sgdisk)) -(typeattributeset sgdisk_exec_27_0 (sgdisk_exec)) -(typeattributeset shared_relro_27_0 (shared_relro)) -(typeattributeset shared_relro_file_27_0 (shared_relro_file)) -(typeattributeset shell_27_0 (shell)) -(typeattributeset shell_data_file_27_0 (shell_data_file)) -(typeattributeset shell_exec_27_0 (shell_exec)) -(typeattributeset shell_prop_27_0 (shell_prop)) -(typeattributeset shm_27_0 (shm)) -(typeattributeset shortcut_manager_icons_27_0 (shortcut_manager_icons)) -(typeattributeset shortcut_service_27_0 (shortcut_service)) -(typeattributeset slideshow_27_0 (slideshow)) -(typeattributeset socket_device_27_0 (socket_device)) -(typeattributeset sockfs_27_0 (sockfs)) -(typeattributeset statusbar_service_27_0 (statusbar_service)) -(typeattributeset storaged_service_27_0 (storaged_service)) -(typeattributeset storage_file_27_0 (storage_file)) -(typeattributeset storagestats_service_27_0 (storagestats_service)) -(typeattributeset storage_stub_file_27_0 (storage_stub_file)) -(typeattributeset su_27_0 (su)) -(typeattributeset su_exec_27_0 (su_exec)) -(typeattributeset surfaceflinger_27_0 (surfaceflinger)) -(typeattributeset surfaceflinger_service_27_0 (surfaceflinger_service)) -(typeattributeset swap_block_device_27_0 (swap_block_device)) -(typeattributeset sysfs_27_0 - ( sysfs - sysfs_android_usb - sysfs_dm - sysfs_dt_firmware_android - sysfs_ipv4 - sysfs_kernel_notes - sysfs_loop - sysfs_net - sysfs_power - sysfs_rtc - sysfs_switch - sysfs_wakeup_reasons)) -(typeattributeset sysfs_batteryinfo_27_0 (sysfs_batteryinfo)) -(typeattributeset sysfs_bluetooth_writable_27_0 (sysfs_bluetooth_writable)) -(typeattributeset sysfs_devices_system_cpu_27_0 (sysfs_devices_system_cpu)) -(typeattributeset sysfs_fs_ext4_features_27_0 (sysfs_fs_ext4_features)) -(typeattributeset sysfs_hwrandom_27_0 (sysfs_hwrandom)) -(typeattributeset sysfs_leds_27_0 (sysfs_leds)) -(typeattributeset sysfs_lowmemorykiller_27_0 (sysfs_lowmemorykiller)) -(typeattributeset sysfs_mac_address_27_0 (sysfs_mac_address)) -(typeattributeset sysfs_nfc_power_writable_27_0 (sysfs_nfc_power_writable)) -(typeattributeset sysfs_thermal_27_0 (sysfs_thermal)) -(typeattributeset sysfs_uio_27_0 (sysfs_uio)) -(typeattributeset sysfs_usb_27_0 (sysfs_usb)) -(typeattributeset sysfs_usermodehelper_27_0 (sysfs_usermodehelper)) -(typeattributeset sysfs_vibrator_27_0 (sysfs_vibrator)) -(typeattributeset sysfs_wake_lock_27_0 (sysfs_wake_lock)) -(typeattributeset sysfs_wlan_fwpath_27_0 (sysfs_wlan_fwpath)) -(typeattributeset sysfs_zram_27_0 (sysfs_zram)) -(typeattributeset sysfs_zram_uevent_27_0 (sysfs_zram_uevent)) -(typeattributeset system_app_27_0 (system_app)) -(typeattributeset system_app_data_file_27_0 (system_app_data_file)) -(typeattributeset system_app_service_27_0 (system_app_service)) -(typeattributeset system_block_device_27_0 (system_block_device)) -(typeattributeset system_data_file_27_0 - ( system_data_file - dropbox_data_file - vendor_data_file)) -(typeattributeset system_file_27_0 - ( system_file - system_lib_file - system_linker_config_file - system_linker_exec - system_seccomp_policy_file - system_security_cacerts_file - system_zoneinfo_file -)) -(typeattributeset systemkeys_data_file_27_0 (systemkeys_data_file)) -(typeattributeset system_ndebug_socket_27_0 (system_ndebug_socket)) -(typeattributeset system_net_netd_hwservice_27_0 (system_net_netd_hwservice)) -(typeattributeset system_prop_27_0 (system_prop)) -(typeattributeset system_radio_prop_27_0 (system_radio_prop)) -(typeattributeset system_server_27_0 (system_server)) -(typeattributeset system_wifi_keystore_hwservice_27_0 (system_wifi_keystore_hwservice)) -(typeattributeset system_wpa_socket_27_0 (system_wpa_socket)) -(typeattributeset task_service_27_0 (task_service)) -(typeattributeset tee_27_0 (tee)) -(typeattributeset tee_data_file_27_0 (tee_data_file)) -(typeattributeset tee_device_27_0 (tee_device)) -(typeattributeset telecom_service_27_0 (telecom_service)) -(typeattributeset textclassification_service_27_0 (textclassification_service)) -(typeattributeset textclassifier_data_file_27_0 (textclassifier_data_file)) -(typeattributeset textservices_service_27_0 (textservices_service)) -(typeattributeset thermalcallback_hwservice_27_0 (thermalcallback_hwservice)) -(typeattributeset thermal_service_27_0 (thermal_service)) -(typeattributeset thermalserviced_27_0 (thermalserviced)) -(typeattributeset thermalserviced_exec_27_0 (thermalserviced_exec)) -(typeattributeset timezone_service_27_0 (timezone_service)) -(typeattributeset tmpfs_27_0 (tmpfs)) -(typeattributeset tombstoned_27_0 (tombstoned)) -(typeattributeset tombstone_data_file_27_0 (tombstone_data_file)) -(typeattributeset tombstoned_crash_socket_27_0 (tombstoned_crash_socket)) -(typeattributeset tombstoned_exec_27_0 (tombstoned_exec)) -(typeattributeset tombstoned_intercept_socket_27_0 (tombstoned_intercept_socket)) -(typeattributeset tombstoned_java_trace_socket_27_0 (tombstoned_java_trace_socket)) -(typeattributeset toolbox_27_0 (toolbox)) -(typeattributeset toolbox_exec_27_0 (toolbox_exec)) -(typeattributeset trust_service_27_0 (trust_service)) -(typeattributeset tty_device_27_0 (tty_device)) -(typeattributeset tun_device_27_0 (tun_device)) -(typeattributeset tv_input_service_27_0 (tv_input_service)) -(typeattributeset tzdatacheck_27_0 (tzdatacheck)) -(typeattributeset tzdatacheck_exec_27_0 (tzdatacheck_exec)) -(typeattributeset ueventd_27_0 (ueventd)) -(typeattributeset uhid_device_27_0 (uhid_device)) -(typeattributeset uimode_service_27_0 (uimode_service)) -(typeattributeset uio_device_27_0 (uio_device)) -(typeattributeset uncrypt_27_0 (uncrypt)) -(typeattributeset uncrypt_exec_27_0 (uncrypt_exec)) -(typeattributeset uncrypt_socket_27_0 (uncrypt_socket)) -(typeattributeset unencrypted_data_file_27_0 (unencrypted_data_file)) -(typeattributeset unlabeled_27_0 (unlabeled)) -(typeattributeset untrusted_app_25_27_0 (untrusted_app_25)) -(typeattributeset untrusted_app_27_0 - ( untrusted_app - untrusted_app_27)) -(typeattributeset untrusted_v2_app_27_0 (untrusted_v2_app)) -(typeattributeset update_engine_27_0 (update_engine)) -(typeattributeset update_engine_data_file_27_0 (update_engine_data_file)) -(typeattributeset update_engine_exec_27_0 (update_engine_exec)) -(typeattributeset update_engine_service_27_0 (update_engine_service)) -(typeattributeset updatelock_service_27_0 (updatelock_service)) -(typeattributeset update_verifier_27_0 (update_verifier)) -(typeattributeset update_verifier_exec_27_0 (update_verifier_exec)) -(typeattributeset usagestats_service_27_0 (usagestats_service)) -(typeattributeset usbaccessory_device_27_0 (usbaccessory_device)) -(typeattributeset usb_device_27_0 (usb_device)) -(typeattributeset usbfs_27_0 (usbfs)) -(typeattributeset usb_service_27_0 (usb_service)) -(typeattributeset userdata_block_device_27_0 (userdata_block_device)) -(typeattributeset usermodehelper_27_0 (usermodehelper)) -(typeattributeset user_profile_data_file_27_0 (user_profile_data_file)) -(typeattributeset user_service_27_0 (user_service)) -(typeattributeset vcs_device_27_0 (vcs_device)) -(typeattributeset vdc_27_0 (vdc)) -(typeattributeset vdc_exec_27_0 (vdc_exec)) -(typeattributeset vendor_app_file_27_0 (vendor_app_file)) -(typeattributeset vendor_configs_file_27_0 (vendor_configs_file)) -(typeattributeset vendor_file_27_0 (vendor_file)) -(typeattributeset vendor_framework_file_27_0 (vendor_framework_file)) -(typeattributeset vendor_hal_file_27_0 (vendor_hal_file)) -(typeattributeset vendor_overlay_file_27_0 (vendor_overlay_file)) -(typeattributeset vendor_shell_exec_27_0 (vendor_shell_exec)) -(typeattributeset vendor_toolbox_exec_27_0 (vendor_toolbox_exec)) -(typeattributeset vfat_27_0 (vfat)) -(typeattributeset vibrator_service_27_0 (vibrator_service)) -(typeattributeset video_device_27_0 (video_device)) -(typeattributeset virtual_touchpad_27_0 (virtual_touchpad)) -(typeattributeset virtual_touchpad_exec_27_0 (virtual_touchpad_exec)) -(typeattributeset virtual_touchpad_service_27_0 (virtual_touchpad_service)) -(typeattributeset vndbinder_device_27_0 (vndbinder_device)) -(typeattributeset vndk_sp_file_27_0 (vndk_sp_file)) -(typeattributeset vndservice_contexts_file_27_0 (vndservice_contexts_file)) -(typeattributeset vndservicemanager_27_0 (vndservicemanager)) -(typeattributeset voiceinteraction_service_27_0 (voiceinteraction_service)) -(typeattributeset vold_27_0 (vold)) -(typeattributeset vold_data_file_27_0 (vold_data_file)) -(typeattributeset vold_device_27_0 (vold_device)) -(typeattributeset vold_exec_27_0 (vold_exec)) -(typeattributeset vold_prop_27_0 (vold_prop)) -(typeattributeset vold_socket_27_0 (vold_socket)) -(typeattributeset vpn_data_file_27_0 (vpn_data_file)) -(typeattributeset vr_hwc_27_0 (vr_hwc)) -(typeattributeset vr_hwc_exec_27_0 (vr_hwc_exec)) -(typeattributeset vr_hwc_service_27_0 (vr_hwc_service)) -(typeattributeset vr_manager_service_27_0 (vr_manager_service)) -(typeattributeset wallpaper_file_27_0 (wallpaper_file)) -(typeattributeset wallpaper_service_27_0 (wallpaper_service)) -(typeattributeset watchdogd_27_0 (watchdogd)) -(typeattributeset watchdog_device_27_0 (watchdog_device)) -(typeattributeset webviewupdate_service_27_0 (webviewupdate_service)) -(typeattributeset webview_zygote_27_0 (webview_zygote)) -(typeattributeset webview_zygote_exec_27_0 (webview_zygote_exec)) -(typeattributeset webview_zygote_socket_27_0 (webview_zygote_socket)) -(typeattributeset wifiaware_service_27_0 (wifiaware_service)) -(typeattributeset wificond_27_0 (wificond)) -(typeattributeset wificond_exec_27_0 (wificond_exec)) -(typeattributeset wificond_service_27_0 (wificond_service)) -(typeattributeset wifi_data_file_27_0 (wifi_data_file)) -(typeattributeset wifi_log_prop_27_0 (wifi_log_prop)) -(typeattributeset wifip2p_service_27_0 (wifip2p_service)) -(typeattributeset wifi_prop_27_0 (wifi_prop)) -(typeattributeset wifiscanner_service_27_0 (wifiscanner_service)) -(typeattributeset wifi_service_27_0 (wifi_service)) -(typeattributeset window_service_27_0 (window_service)) -(typeattributeset wpa_socket_27_0 (wpa_socket)) -(typeattributeset zero_device_27_0 (zero_device)) -(typeattributeset zoneinfo_data_file_27_0 (zoneinfo_data_file)) -(typeattributeset zygote_27_0 (zygote)) -(typeattributeset zygote_exec_27_0 (zygote_exec)) -(typeattributeset zygote_socket_27_0 (zygote_socket)) diff --git a/prebuilts/api/29.0/private/compat/27.0/27.0.compat.cil b/prebuilts/api/29.0/private/compat/27.0/27.0.compat.cil deleted file mode 100644 index 9031d15c7..000000000 --- a/prebuilts/api/29.0/private/compat/27.0/27.0.compat.cil +++ /dev/null @@ -1,4 +0,0 @@ -(typeattribute vendordomain) -(typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) -(allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff)))) -(allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff)))) diff --git a/prebuilts/api/29.0/private/compat/27.0/27.0.ignore.cil b/prebuilts/api/29.0/private/compat/27.0/27.0.ignore.cil deleted file mode 100644 index 3b9bd52e0..000000000 --- a/prebuilts/api/29.0/private/compat/27.0/27.0.ignore.cil +++ /dev/null @@ -1,201 +0,0 @@ -;; new_objects - a collection of types that have been introduced that have no -;; analogue in older policy. Thus, we do not need to map these types to -;; previous ones. Add here to pass checkapi tests. -(type new_objects) -(typeattribute new_objects) -(typeattributeset new_objects - ( new_objects - activity_task_service - adb_service - app_binding_service - apex_data_file - apex_metadata_file - apex_mnt_dir - apex_service - apexd - apexd_exec - apexd_prop - apexd_tmpfs - app_zygote - atrace - binder_calls_stats_service - biometric_service - blank_screen - blank_screen_exec - blank_screen_tmpfs - bootloader_boot_reason_prop - bluetooth_a2dp_offload_prop - bpfloader - bpfloader_exec - cgroup_bpf - charger_exec - color_display_service - content_capture_service - crossprofileapps_service - ctl_interface_restart_prop - ctl_interface_start_prop - ctl_interface_stop_prop - ctl_sigstop_prop - device_config_boot_count_prop - device_config_reset_performed_prop - device_config_netd_native_prop - dnsresolver_service - exfat - exported2_config_prop - exported2_default_prop - exported2_radio_prop - exported2_system_prop - exported2_vold_prop - exported3_default_prop - exported3_radio_prop - exported3_system_prop - exported_audio_prop - exported_bluetooth_prop - exported_config_prop - exported_dalvik_prop - exported_default_prop - exported_dumpstate_prop - exported_ffs_prop - exported_fingerprint_prop - exported_overlay_prop - exported_pm_prop - exported_radio_prop - exported_secure_prop - exported_system_prop - exported_system_radio_prop - exported_vold_prop - exported_wifi_prop - fastbootd - flags_health_check - flags_health_check_exec - fingerprint_vendor_data_file - fs_bpf - fwk_stats_hwservice - hal_atrace_hwservice - hal_audiocontrol_hwservice - hal_authsecret_hwservice - hal_codec2_hwservice - hal_confirmationui_hwservice - hal_evs_hwservice - hal_health_storage_hwservice - hal_lowpan_hwservice - hal_secure_element_hwservice - hal_usb_gadget_hwservice - hal_vehicle_hwservice - hal_wifi_hostapd_hwservice - heapprofd - heapprofd_exec - heapprofd_socket - incident_helper - incident_helper_exec - iorapd - iorapd_data_file - iorapd_exec - iorapd_service - iorapd_tmpfs - last_boot_reason_prop - llkd - llkd_exec - llkd_prop - llkd_tmpfs - looper_stats_service - lowpan_device - lowpan_prop - lowpan_service - mediaextractor_update_service - mediaswcodec - mediaswcodec_exec - mediaswcodec_tmpfs - metadata_file - mnt_product_file - mnt_vendor_file - network_stack - network_stack_service - network_watchlist_data_file - network_watchlist_service - overlayfs_file - perfetto - perfetto_exec - perfetto_tmpfs - perfetto_traces_data_file - perfprofd_service - property_info - recovery_socket - role_service - runas_app - runtime_service - secure_element - secure_element_device - secure_element_service - secure_element_tmpfs - server_configurable_flags_data_file - simpleperf_app_runner - simpleperf_app_runner_exec - slice_service - stats - stats_data_file - stats_exec - stats_service - statscompanion_service - statsd - statsd_exec - statsd_tmpfs - statsdw - statsdw_socket - storaged_data_file - super_block_device - staging_data_file - system_boot_reason_prop - system_bootstrap_lib_file - system_lmk_prop - system_update_service - test_boot_reason_prop - time_prop - timedetector_service - tombstone_wifi_data_file - trace_data_file - traced - traced_consumer_socket - traced_enabled_prop - traced_exec - traced_probes - traced_probes_exec - traced_probes_tmpfs - traced_producer_socket - traced_tmpfs - traceur_app - traceur_app_tmpfs - untrusted_app_all_devpts - update_engine_log_data_file - uri_grants_service - usbd - usbd_exec - usbd_tmpfs - vendor_apex_file - vendor_default_prop - vendor_init - vendor_security_patch_level_prop - vendor_shell - vold_metadata_file - vold_prepare_subdirs - vold_prepare_subdirs_exec - vold_service - vrflinger_vsync_service - wait_for_keymaster - wait_for_keymaster_exec - wait_for_keymaster_tmpfs - watchdogd_tmpfs - wm_trace_data_file - wpantund - wpantund_exec - wpantund_service - wpantund_tmpfs)) - -;; private_objects - a collection of types that were labeled differently in -;; older policy, but that should not remain accessible to vendor policy. -;; Thus, these types are also not mapped, but recorded for checkapi tests -(type priv_objects) -(typeattribute priv_objects) -(typeattributeset priv_objects - ( priv_objects - untrusted_app_27_tmpfs)) diff --git a/prebuilts/api/29.0/private/compat/28.0/28.0.cil b/prebuilts/api/29.0/private/compat/28.0/28.0.cil deleted file mode 100644 index 5a4b8193f..000000000 --- a/prebuilts/api/29.0/private/compat/28.0/28.0.cil +++ /dev/null @@ -1,1745 +0,0 @@ -;; types removed from current policy -(type alarm_device) -(type audio_seq_device) -(type audio_timer_device) -(type commontime_management_service) -(type cpuctl_device) -(type full_device) -(type i2c_device) -(type kmem_device) -(type mediacodec) -(type mediacodec_exec) -(type mtd_device) -(type qtaguid_proc) -(type thermalcallback_hwservice) -(type untrusted_v2_app) -(type vcs_device) - -;; Public 28.0 SEPolicy is divergent on different devices w.r.t -;; exported_audio_prop type. We need this typeattribute declaration so that the -;; mapping file compiles with vendor policies without exported_audio_prop type. -(typeattribute exported_audio_prop_28_0) - -(expandtypeattribute (accessibility_service_28_0) true) -(expandtypeattribute (account_service_28_0) true) -(expandtypeattribute (activity_service_28_0) true) -(expandtypeattribute (adbd_28_0) true) -(expandtypeattribute (adb_data_file_28_0) true) -(expandtypeattribute (adbd_exec_28_0) true) -(expandtypeattribute (adbd_socket_28_0) true) -(expandtypeattribute (adb_keys_file_28_0) true) -(expandtypeattribute (alarm_device_28_0) true) -(expandtypeattribute (alarm_service_28_0) true) -(expandtypeattribute (anr_data_file_28_0) true) -(expandtypeattribute (apk_data_file_28_0) true) -(expandtypeattribute (apk_private_data_file_28_0) true) -(expandtypeattribute (apk_private_tmp_file_28_0) true) -(expandtypeattribute (apk_tmp_file_28_0) true) -(expandtypeattribute (app_data_file_28_0) true) -(expandtypeattribute (app_fuse_file_28_0) true) -(expandtypeattribute (app_fusefs_28_0) true) -(expandtypeattribute (appops_service_28_0) true) -(expandtypeattribute (appwidget_service_28_0) true) -(expandtypeattribute (asec_apk_file_28_0) true) -(expandtypeattribute (asec_image_file_28_0) true) -(expandtypeattribute (asec_public_file_28_0) true) -(expandtypeattribute (ashmem_device_28_0) true) -(expandtypeattribute (assetatlas_service_28_0) true) -(expandtypeattribute (audio_data_file_28_0) true) -(expandtypeattribute (audio_device_28_0) true) -(expandtypeattribute (audiohal_data_file_28_0) true) -(expandtypeattribute (audio_prop_28_0) true) -(expandtypeattribute (audio_seq_device_28_0) true) -(expandtypeattribute (audioserver_28_0) true) -(expandtypeattribute (audioserver_data_file_28_0) true) -(expandtypeattribute (audioserver_service_28_0) true) -(expandtypeattribute (audio_service_28_0) true) -(expandtypeattribute (audio_timer_device_28_0) true) -(expandtypeattribute (autofill_service_28_0) true) -(expandtypeattribute (backup_data_file_28_0) true) -(expandtypeattribute (backup_service_28_0) true) -(expandtypeattribute (batteryproperties_service_28_0) true) -(expandtypeattribute (battery_service_28_0) true) -(expandtypeattribute (batterystats_service_28_0) true) -(expandtypeattribute (binder_calls_stats_service_28_0) true) -(expandtypeattribute (binder_device_28_0) true) -(expandtypeattribute (binfmt_miscfs_28_0) true) -(expandtypeattribute (blkid_28_0) true) -(expandtypeattribute (blkid_untrusted_28_0) true) -(expandtypeattribute (block_device_28_0) true) -(expandtypeattribute (bluetooth_28_0) true) -(expandtypeattribute (bluetooth_a2dp_offload_prop_28_0) true) -(expandtypeattribute (bluetooth_data_file_28_0) true) -(expandtypeattribute (bluetooth_efs_file_28_0) true) -(expandtypeattribute (bluetooth_logs_data_file_28_0) true) -(expandtypeattribute (bluetooth_manager_service_28_0) true) -(expandtypeattribute (bluetooth_prop_28_0) true) -(expandtypeattribute (bluetooth_service_28_0) true) -(expandtypeattribute (bluetooth_socket_28_0) true) -(expandtypeattribute (bootanim_28_0) true) -(expandtypeattribute (bootanim_exec_28_0) true) -(expandtypeattribute (boot_block_device_28_0) true) -(expandtypeattribute (bootchart_data_file_28_0) true) -(expandtypeattribute (bootloader_boot_reason_prop_28_0) true) -(expandtypeattribute (bootstat_28_0) true) -(expandtypeattribute (bootstat_data_file_28_0) true) -(expandtypeattribute (bootstat_exec_28_0) true) -(expandtypeattribute (boottime_prop_28_0) true) -(expandtypeattribute (boottrace_data_file_28_0) true) -(expandtypeattribute (broadcastradio_service_28_0) true) -(expandtypeattribute (bufferhubd_28_0) true) -(expandtypeattribute (bufferhubd_exec_28_0) true) -(expandtypeattribute (cache_backup_file_28_0) true) -(expandtypeattribute (cache_block_device_28_0) true) -(expandtypeattribute (cache_file_28_0) true) -(expandtypeattribute (cache_private_backup_file_28_0) true) -(expandtypeattribute (cache_recovery_file_28_0) true) -(expandtypeattribute (camera_data_file_28_0) true) -(expandtypeattribute (camera_device_28_0) true) -(expandtypeattribute (cameraproxy_service_28_0) true) -(expandtypeattribute (cameraserver_28_0) true) -(expandtypeattribute (cameraserver_exec_28_0) true) -(expandtypeattribute (cameraserver_service_28_0) true) -(expandtypeattribute (cgroup_28_0) true) -(expandtypeattribute (cgroup_bpf_28_0) true) -(expandtypeattribute (charger_28_0) true) -(expandtypeattribute (clatd_28_0) true) -(expandtypeattribute (clatd_exec_28_0) true) -(expandtypeattribute (clipboard_service_28_0) true) -(expandtypeattribute (commontime_management_service_28_0) true) -(expandtypeattribute (companion_device_service_28_0) true) -(expandtypeattribute (configfs_28_0) true) -(expandtypeattribute (config_prop_28_0) true) -(expandtypeattribute (connectivity_service_28_0) true) -(expandtypeattribute (connmetrics_service_28_0) true) -(expandtypeattribute (console_device_28_0) true) -(expandtypeattribute (consumer_ir_service_28_0) true) -(expandtypeattribute (content_service_28_0) true) -(expandtypeattribute (contexthub_service_28_0) true) -(expandtypeattribute (coredump_file_28_0) true) -(expandtypeattribute (country_detector_service_28_0) true) -(expandtypeattribute (coverage_service_28_0) true) -(expandtypeattribute (cppreopt_prop_28_0) true) -(expandtypeattribute (cppreopts_28_0) true) -(expandtypeattribute (cppreopts_exec_28_0) true) -(expandtypeattribute (cpuctl_device_28_0) true) -(expandtypeattribute (cpuinfo_service_28_0) true) -(expandtypeattribute (crash_dump_28_0) true) -(expandtypeattribute (crash_dump_exec_28_0) true) -(expandtypeattribute (crossprofileapps_service_28_0) true) -(expandtypeattribute (ctl_bootanim_prop_28_0) true) -(expandtypeattribute (ctl_bugreport_prop_28_0) true) -(expandtypeattribute (ctl_console_prop_28_0) true) -(expandtypeattribute (ctl_default_prop_28_0) true) -(expandtypeattribute (ctl_dumpstate_prop_28_0) true) -(expandtypeattribute (ctl_fuse_prop_28_0) true) -(expandtypeattribute (ctl_interface_restart_prop_28_0) true) -(expandtypeattribute (ctl_interface_start_prop_28_0) true) -(expandtypeattribute (ctl_interface_stop_prop_28_0) true) -(expandtypeattribute (ctl_mdnsd_prop_28_0) true) -(expandtypeattribute (ctl_restart_prop_28_0) true) -(expandtypeattribute (ctl_rildaemon_prop_28_0) true) -(expandtypeattribute (ctl_sigstop_prop_28_0) true) -(expandtypeattribute (ctl_start_prop_28_0) true) -(expandtypeattribute (ctl_stop_prop_28_0) true) -(expandtypeattribute (dalvikcache_data_file_28_0) true) -(expandtypeattribute (dalvik_prop_28_0) true) -(expandtypeattribute (dbinfo_service_28_0) true) -(expandtypeattribute (debugfs_28_0) true) -(expandtypeattribute (debugfs_mmc_28_0) true) -(expandtypeattribute (debugfs_trace_marker_28_0) true) -(expandtypeattribute (debugfs_tracing_28_0) true) -(expandtypeattribute (debugfs_tracing_debug_28_0) true) -(expandtypeattribute (debugfs_tracing_instances_28_0) true) -(expandtypeattribute (debugfs_wakeup_sources_28_0) true) -(expandtypeattribute (debugfs_wifi_tracing_28_0) true) -(expandtypeattribute (debuggerd_prop_28_0) true) -(expandtypeattribute (debug_prop_28_0) true) -(expandtypeattribute (default_android_hwservice_28_0) true) -(expandtypeattribute (default_android_service_28_0) true) -(expandtypeattribute (default_android_vndservice_28_0) true) -(expandtypeattribute (default_prop_28_0) true) -(expandtypeattribute (device_28_0) true) -(expandtypeattribute (device_identifiers_service_28_0) true) -(expandtypeattribute (deviceidle_service_28_0) true) -(expandtypeattribute (device_logging_prop_28_0) true) -(expandtypeattribute (device_policy_service_28_0) true) -(expandtypeattribute (devicestoragemonitor_service_28_0) true) -(expandtypeattribute (devpts_28_0) true) -(expandtypeattribute (dex2oat_28_0) true) -(expandtypeattribute (dex2oat_exec_28_0) true) -(expandtypeattribute (dhcp_28_0) true) -(expandtypeattribute (dhcp_data_file_28_0) true) -(expandtypeattribute (dhcp_exec_28_0) true) -(expandtypeattribute (dhcp_prop_28_0) true) -(expandtypeattribute (diskstats_service_28_0) true) -(expandtypeattribute (display_service_28_0) true) -(expandtypeattribute (dm_device_28_0) true) -(expandtypeattribute (dnsmasq_28_0) true) -(expandtypeattribute (dnsmasq_exec_28_0) true) -(expandtypeattribute (dnsproxyd_socket_28_0) true) -(expandtypeattribute (DockObserver_service_28_0) true) -(expandtypeattribute (dreams_service_28_0) true) -(expandtypeattribute (drm_data_file_28_0) true) -(expandtypeattribute (drmserver_28_0) true) -(expandtypeattribute (drmserver_exec_28_0) true) -(expandtypeattribute (drmserver_service_28_0) true) -(expandtypeattribute (drmserver_socket_28_0) true) -(expandtypeattribute (dropbox_service_28_0) true) -(expandtypeattribute (dumpstate_28_0) true) -(expandtypeattribute (dumpstate_exec_28_0) true) -(expandtypeattribute (dumpstate_options_prop_28_0) true) -(expandtypeattribute (dumpstate_prop_28_0) true) -(expandtypeattribute (dumpstate_service_28_0) true) -(expandtypeattribute (dumpstate_socket_28_0) true) -(expandtypeattribute (e2fs_28_0) true) -(expandtypeattribute (e2fs_exec_28_0) true) -(expandtypeattribute (efs_file_28_0) true) -(expandtypeattribute (ephemeral_app_28_0) true) -(expandtypeattribute (ethernet_service_28_0) true) -(expandtypeattribute (exfat_28_0) true) -(expandtypeattribute (exported2_config_prop_28_0) true) -(expandtypeattribute (exported2_default_prop_28_0) true) -(expandtypeattribute (exported2_radio_prop_28_0) true) -(expandtypeattribute (exported2_system_prop_28_0) true) -(expandtypeattribute (exported2_vold_prop_28_0) true) -(expandtypeattribute (exported3_default_prop_28_0) true) -(expandtypeattribute (exported3_radio_prop_28_0) true) -(expandtypeattribute (exported3_system_prop_28_0) true) -(expandtypeattribute (exported_audio_prop_28_0) true) -(expandtypeattribute (exported_bluetooth_prop_28_0) true) -(expandtypeattribute (exported_config_prop_28_0) true) -(expandtypeattribute (exported_dalvik_prop_28_0) true) -(expandtypeattribute (exported_default_prop_28_0) true) -(expandtypeattribute (exported_dumpstate_prop_28_0) true) -(expandtypeattribute (exported_ffs_prop_28_0) true) -(expandtypeattribute (exported_fingerprint_prop_28_0) true) -(expandtypeattribute (exported_overlay_prop_28_0) true) -(expandtypeattribute (exported_pm_prop_28_0) true) -(expandtypeattribute (exported_radio_prop_28_0) true) -(expandtypeattribute (exported_secure_prop_28_0) true) -(expandtypeattribute (exported_system_prop_28_0) true) -(expandtypeattribute (exported_system_radio_prop_28_0) true) -(expandtypeattribute (exported_vold_prop_28_0) true) -(expandtypeattribute (exported_wifi_prop_28_0) true) -(expandtypeattribute (ffs_prop_28_0) true) -(expandtypeattribute (file_contexts_file_28_0) true) -(expandtypeattribute (fingerprintd_28_0) true) -(expandtypeattribute (fingerprintd_data_file_28_0) true) -(expandtypeattribute (fingerprintd_exec_28_0) true) -(expandtypeattribute (fingerprintd_service_28_0) true) -(expandtypeattribute (fingerprint_prop_28_0) true) -(expandtypeattribute (fingerprint_service_28_0) true) -(expandtypeattribute (fingerprint_vendor_data_file_28_0) true) -(expandtypeattribute (firstboot_prop_28_0) true) -(expandtypeattribute (font_service_28_0) true) -(expandtypeattribute (frp_block_device_28_0) true) -(expandtypeattribute (fs_bpf_28_0) true) -(expandtypeattribute (fsck_28_0) true) -(expandtypeattribute (fsck_exec_28_0) true) -(expandtypeattribute (fscklogs_28_0) true) -(expandtypeattribute (fsck_untrusted_28_0) true) -(expandtypeattribute (full_device_28_0) true) -(expandtypeattribute (functionfs_28_0) true) -(expandtypeattribute (fuse_28_0) true) -(expandtypeattribute (fuse_device_28_0) true) -(expandtypeattribute (fwk_display_hwservice_28_0) true) -(expandtypeattribute (fwk_scheduler_hwservice_28_0) true) -(expandtypeattribute (fwk_sensor_hwservice_28_0) true) -(expandtypeattribute (fwmarkd_socket_28_0) true) -(expandtypeattribute (gatekeeperd_28_0) true) -(expandtypeattribute (gatekeeper_data_file_28_0) true) -(expandtypeattribute (gatekeeperd_exec_28_0) true) -(expandtypeattribute (gatekeeper_service_28_0) true) -(expandtypeattribute (gfxinfo_service_28_0) true) -(expandtypeattribute (gps_control_28_0) true) -(expandtypeattribute (gpu_device_28_0) true) -(expandtypeattribute (gpu_service_28_0) true) -(expandtypeattribute (graphics_device_28_0) true) -(expandtypeattribute (graphicsstats_service_28_0) true) -(expandtypeattribute (hal_audiocontrol_hwservice_28_0) true) -(expandtypeattribute (hal_audio_hwservice_28_0) true) -(expandtypeattribute (hal_authsecret_hwservice_28_0) true) -(expandtypeattribute (hal_bluetooth_hwservice_28_0) true) -(expandtypeattribute (hal_bootctl_hwservice_28_0) true) -(expandtypeattribute (hal_broadcastradio_hwservice_28_0) true) -(expandtypeattribute (hal_camera_hwservice_28_0) true) -(expandtypeattribute (hal_cas_hwservice_28_0) true) -(expandtypeattribute (hal_codec2_hwservice_28_0) true) -(expandtypeattribute (hal_configstore_ISurfaceFlingerConfigs_28_0) true) -(expandtypeattribute (hal_confirmationui_hwservice_28_0) true) -(expandtypeattribute (hal_contexthub_hwservice_28_0) true) -(expandtypeattribute (hal_drm_hwservice_28_0) true) -(expandtypeattribute (hal_dumpstate_hwservice_28_0) true) -(expandtypeattribute (hal_evs_hwservice_28_0) true) -(expandtypeattribute (hal_fingerprint_hwservice_28_0) true) -(expandtypeattribute (hal_fingerprint_service_28_0) true) -(expandtypeattribute (hal_gatekeeper_hwservice_28_0) true) -(expandtypeattribute (hal_gnss_hwservice_28_0) true) -(expandtypeattribute (hal_graphics_allocator_hwservice_28_0) true) -(expandtypeattribute (hal_graphics_composer_hwservice_28_0) true) -(expandtypeattribute (hal_graphics_mapper_hwservice_28_0) true) -(expandtypeattribute (hal_health_hwservice_28_0) true) -(expandtypeattribute (hal_ir_hwservice_28_0) true) -(expandtypeattribute (hal_keymaster_hwservice_28_0) true) -(expandtypeattribute (hal_light_hwservice_28_0) true) -(expandtypeattribute (hal_lowpan_hwservice_28_0) true) -(expandtypeattribute (hal_memtrack_hwservice_28_0) true) -(expandtypeattribute (hal_neuralnetworks_hwservice_28_0) true) -(expandtypeattribute (hal_nfc_hwservice_28_0) true) -(expandtypeattribute (hal_oemlock_hwservice_28_0) true) -(expandtypeattribute (hal_omx_hwservice_28_0) true) -(expandtypeattribute (hal_power_hwservice_28_0) true) -(expandtypeattribute (hal_renderscript_hwservice_28_0) true) -(expandtypeattribute (hal_secure_element_hwservice_28_0) true) -(expandtypeattribute (hal_sensors_hwservice_28_0) true) -(expandtypeattribute (hal_telephony_hwservice_28_0) true) -(expandtypeattribute (hal_tetheroffload_hwservice_28_0) true) -(expandtypeattribute (hal_thermal_hwservice_28_0) true) -(expandtypeattribute (hal_tv_cec_hwservice_28_0) true) -(expandtypeattribute (hal_tv_input_hwservice_28_0) true) -(expandtypeattribute (hal_usb_gadget_hwservice_28_0) true) -(expandtypeattribute (hal_usb_hwservice_28_0) true) -(expandtypeattribute (hal_vehicle_hwservice_28_0) true) -(expandtypeattribute (hal_vibrator_hwservice_28_0) true) -(expandtypeattribute (hal_vr_hwservice_28_0) true) -(expandtypeattribute (hal_weaver_hwservice_28_0) true) -(expandtypeattribute (hal_wifi_hostapd_hwservice_28_0) true) -(expandtypeattribute (hal_wifi_hwservice_28_0) true) -(expandtypeattribute (hal_wifi_offload_hwservice_28_0) true) -(expandtypeattribute (hal_wifi_supplicant_hwservice_28_0) true) -(expandtypeattribute (hardware_properties_service_28_0) true) -(expandtypeattribute (hardware_service_28_0) true) -(expandtypeattribute (hci_attach_dev_28_0) true) -(expandtypeattribute (hdmi_control_service_28_0) true) -(expandtypeattribute (healthd_28_0) true) -(expandtypeattribute (healthd_exec_28_0) true) -(expandtypeattribute (heapdump_data_file_28_0) true) -(expandtypeattribute (hidl_allocator_hwservice_28_0) true) -(expandtypeattribute (hidl_base_hwservice_28_0) true) -(expandtypeattribute (hidl_manager_hwservice_28_0) true) -(expandtypeattribute (hidl_memory_hwservice_28_0) true) -(expandtypeattribute (hidl_token_hwservice_28_0) true) -(expandtypeattribute (hwbinder_device_28_0) true) -(expandtypeattribute (hw_random_device_28_0) true) -(expandtypeattribute (hwservice_contexts_file_28_0) true) -(expandtypeattribute (hwservicemanager_28_0) true) -(expandtypeattribute (hwservicemanager_exec_28_0) true) -(expandtypeattribute (hwservicemanager_prop_28_0) true) -(expandtypeattribute (i2c_device_28_0) true) -(expandtypeattribute (icon_file_28_0) true) -(expandtypeattribute (idmap_28_0) true) -(expandtypeattribute (idmap_exec_28_0) true) -(expandtypeattribute (iio_device_28_0) true) -(expandtypeattribute (imms_service_28_0) true) -(expandtypeattribute (incident_28_0) true) -(expandtypeattribute (incidentd_28_0) true) -(expandtypeattribute (incident_data_file_28_0) true) -(expandtypeattribute (incident_helper_28_0) true) -(expandtypeattribute (incident_service_28_0) true) -(expandtypeattribute (init_28_0) true) -(expandtypeattribute (init_exec_28_0) true) -(expandtypeattribute (inotify_28_0) true) -(expandtypeattribute (input_device_28_0) true) -(expandtypeattribute (inputflinger_28_0) true) -(expandtypeattribute (inputflinger_exec_28_0) true) -(expandtypeattribute (inputflinger_service_28_0) true) -(expandtypeattribute (input_method_service_28_0) true) -(expandtypeattribute (input_service_28_0) true) -(expandtypeattribute (installd_28_0) true) -(expandtypeattribute (install_data_file_28_0) true) -(expandtypeattribute (installd_exec_28_0) true) -(expandtypeattribute (installd_service_28_0) true) -(expandtypeattribute (install_recovery_28_0) true) -(expandtypeattribute (install_recovery_exec_28_0) true) -(expandtypeattribute (ion_device_28_0) true) -(expandtypeattribute (IProxyService_service_28_0) true) -(expandtypeattribute (ipsec_service_28_0) true) -(expandtypeattribute (isolated_app_28_0) true) -(expandtypeattribute (jobscheduler_service_28_0) true) -(expandtypeattribute (kernel_28_0) true) -(expandtypeattribute (keychain_data_file_28_0) true) -(expandtypeattribute (keychord_device_28_0) true) -(expandtypeattribute (keystore_28_0) true) -(expandtypeattribute (keystore_data_file_28_0) true) -(expandtypeattribute (keystore_exec_28_0) true) -(expandtypeattribute (keystore_service_28_0) true) -(expandtypeattribute (kmem_device_28_0) true) -(expandtypeattribute (kmsg_debug_device_28_0) true) -(expandtypeattribute (kmsg_device_28_0) true) -(expandtypeattribute (labeledfs_28_0) true) -(expandtypeattribute (last_boot_reason_prop_28_0) true) -(expandtypeattribute (launcherapps_service_28_0) true) -(expandtypeattribute (lmkd_28_0) true) -(expandtypeattribute (lmkd_exec_28_0) true) -(expandtypeattribute (lmkd_socket_28_0) true) -(expandtypeattribute (location_service_28_0) true) -(expandtypeattribute (lock_settings_service_28_0) true) -(expandtypeattribute (logcat_exec_28_0) true) -(expandtypeattribute (logd_28_0) true) -(expandtypeattribute (logd_exec_28_0) true) -(expandtypeattribute (logd_prop_28_0) true) -(expandtypeattribute (logdr_socket_28_0) true) -(expandtypeattribute (logd_socket_28_0) true) -(expandtypeattribute (logdw_socket_28_0) true) -(expandtypeattribute (logpersist_28_0) true) -(expandtypeattribute (logpersistd_logging_prop_28_0) true) -(expandtypeattribute (log_prop_28_0) true) -(expandtypeattribute (log_tag_prop_28_0) true) -(expandtypeattribute (loop_control_device_28_0) true) -(expandtypeattribute (loop_device_28_0) true) -(expandtypeattribute (lowpan_device_28_0) true) -(expandtypeattribute (lowpan_prop_28_0) true) -(expandtypeattribute (lowpan_service_28_0) true) -(expandtypeattribute (mac_perms_file_28_0) true) -(expandtypeattribute (mdnsd_28_0) true) -(expandtypeattribute (mdnsd_socket_28_0) true) -(expandtypeattribute (mdns_socket_28_0) true) -(expandtypeattribute (mediacodec_28_0) true) -(expandtypeattribute (mediacodec_exec_28_0) true) -(expandtypeattribute (mediacodec_service_28_0) true) -(expandtypeattribute (media_data_file_28_0) true) -(expandtypeattribute (mediadrmserver_28_0) true) -(expandtypeattribute (mediadrmserver_exec_28_0) true) -(expandtypeattribute (mediadrmserver_service_28_0) true) -(expandtypeattribute (mediaextractor_28_0) true) -(expandtypeattribute (mediaextractor_exec_28_0) true) -(expandtypeattribute (mediaextractor_service_28_0) true) -(expandtypeattribute (mediaextractor_update_service_28_0) true) -(expandtypeattribute (mediametrics_28_0) true) -(expandtypeattribute (mediametrics_exec_28_0) true) -(expandtypeattribute (mediametrics_service_28_0) true) -(expandtypeattribute (media_projection_service_28_0) true) -(expandtypeattribute (mediaprovider_28_0) true) -(expandtypeattribute (media_router_service_28_0) true) -(expandtypeattribute (media_rw_data_file_28_0) true) -(expandtypeattribute (mediaserver_28_0) true) -(expandtypeattribute (mediaserver_exec_28_0) true) -(expandtypeattribute (mediaserver_service_28_0) true) -(expandtypeattribute (media_session_service_28_0) true) -(expandtypeattribute (meminfo_service_28_0) true) -(expandtypeattribute (metadata_block_device_28_0) true) -(expandtypeattribute (metadata_file_28_0) true) -(expandtypeattribute (method_trace_data_file_28_0) true) -(expandtypeattribute (midi_service_28_0) true) -(expandtypeattribute (misc_block_device_28_0) true) -(expandtypeattribute (misc_logd_file_28_0) true) -(expandtypeattribute (misc_user_data_file_28_0) true) -(expandtypeattribute (mmc_prop_28_0) true) -(expandtypeattribute (mnt_expand_file_28_0) true) -(expandtypeattribute (mnt_media_rw_file_28_0) true) -(expandtypeattribute (mnt_media_rw_stub_file_28_0) true) -(expandtypeattribute (mnt_user_file_28_0) true) -(expandtypeattribute (mnt_vendor_file_28_0) true) -(expandtypeattribute (modprobe_28_0) true) -(expandtypeattribute (mount_service_28_0) true) -(expandtypeattribute (mqueue_28_0) true) -(expandtypeattribute (mtd_device_28_0) true) -(expandtypeattribute (mtp_28_0) true) -(expandtypeattribute (mtp_device_28_0) true) -(expandtypeattribute (mtpd_socket_28_0) true) -(expandtypeattribute (mtp_exec_28_0) true) -(expandtypeattribute (nativetest_data_file_28_0) true) -(expandtypeattribute (netd_28_0) true) -(expandtypeattribute (net_data_file_28_0) true) -(expandtypeattribute (netd_exec_28_0) true) -(expandtypeattribute (netd_listener_service_28_0) true) -(expandtypeattribute (net_dns_prop_28_0) true) -(expandtypeattribute (netd_service_28_0) true) -(expandtypeattribute (netd_socket_28_0) true) -(expandtypeattribute (netd_stable_secret_prop_28_0) true) -(expandtypeattribute (netif_28_0) true) -(expandtypeattribute (netpolicy_service_28_0) true) -(expandtypeattribute (net_radio_prop_28_0) true) -(expandtypeattribute (netstats_service_28_0) true) -(expandtypeattribute (netutils_wrapper_28_0) true) -(expandtypeattribute (netutils_wrapper_exec_28_0) true) -(expandtypeattribute (network_management_service_28_0) true) -(expandtypeattribute (network_score_service_28_0) true) -(expandtypeattribute (network_time_update_service_28_0) true) -(expandtypeattribute (network_watchlist_data_file_28_0) true) -(expandtypeattribute (network_watchlist_service_28_0) true) -(expandtypeattribute (nfc_28_0) true) -(expandtypeattribute (nfc_data_file_28_0) true) -(expandtypeattribute (nfc_device_28_0) true) -(expandtypeattribute (nfc_prop_28_0) true) -(expandtypeattribute (nfc_service_28_0) true) -(expandtypeattribute (node_28_0) true) -(expandtypeattribute (nonplat_service_contexts_file_28_0) true) -(expandtypeattribute (notification_service_28_0) true) -(expandtypeattribute (null_device_28_0) true) -(expandtypeattribute (oemfs_28_0) true) -(expandtypeattribute (oem_lock_service_28_0) true) -(expandtypeattribute (ota_data_file_28_0) true) -(expandtypeattribute (otadexopt_service_28_0) true) -(expandtypeattribute (ota_package_file_28_0) true) -(expandtypeattribute (otapreopt_chroot_28_0) true) -(expandtypeattribute (otapreopt_chroot_exec_28_0) true) -(expandtypeattribute (otapreopt_slot_28_0) true) -(expandtypeattribute (otapreopt_slot_exec_28_0) true) -(expandtypeattribute (overlay_prop_28_0) true) -(expandtypeattribute (overlay_service_28_0) true) -(expandtypeattribute (owntty_device_28_0) true) -(expandtypeattribute (package_native_service_28_0) true) -(expandtypeattribute (package_service_28_0) true) -(expandtypeattribute (pan_result_prop_28_0) true) -(expandtypeattribute (pdx_bufferhub_client_channel_socket_28_0) true) -(expandtypeattribute (pdx_bufferhub_client_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_bufferhub_dir_28_0) true) -(expandtypeattribute (pdx_display_client_channel_socket_28_0) true) -(expandtypeattribute (pdx_display_client_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_display_dir_28_0) true) -(expandtypeattribute (pdx_display_manager_channel_socket_28_0) true) -(expandtypeattribute (pdx_display_manager_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_display_screenshot_channel_socket_28_0) true) -(expandtypeattribute (pdx_display_screenshot_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_display_vsync_channel_socket_28_0) true) -(expandtypeattribute (pdx_display_vsync_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_performance_client_channel_socket_28_0) true) -(expandtypeattribute (pdx_performance_client_endpoint_socket_28_0) true) -(expandtypeattribute (pdx_performance_dir_28_0) true) -(expandtypeattribute (performanced_28_0) true) -(expandtypeattribute (performanced_exec_28_0) true) -(expandtypeattribute (perfprofd_28_0) true) -(expandtypeattribute (perfprofd_data_file_28_0) true) -(expandtypeattribute (perfprofd_exec_28_0) true) -(expandtypeattribute (perfprofd_service_28_0) true) -(expandtypeattribute (permission_service_28_0) true) -(expandtypeattribute (persist_debug_prop_28_0) true) -(expandtypeattribute (persistent_data_block_service_28_0) true) -(expandtypeattribute (persistent_properties_ready_prop_28_0) true) -(expandtypeattribute (pinner_service_28_0) true) -(expandtypeattribute (pipefs_28_0) true) -(expandtypeattribute (platform_app_28_0) true) -(expandtypeattribute (pm_prop_28_0) true) -(expandtypeattribute (pmsg_device_28_0) true) -(expandtypeattribute (port_28_0) true) -(expandtypeattribute (port_device_28_0) true) -(expandtypeattribute (postinstall_28_0) true) -(expandtypeattribute (postinstall_dexopt_28_0) true) -(expandtypeattribute (postinstall_file_28_0) true) -(expandtypeattribute (postinstall_mnt_dir_28_0) true) -(expandtypeattribute (powerctl_prop_28_0) true) -(expandtypeattribute (power_service_28_0) true) -(expandtypeattribute (ppp_28_0) true) -(expandtypeattribute (ppp_device_28_0) true) -(expandtypeattribute (ppp_exec_28_0) true) -(expandtypeattribute (preloads_data_file_28_0) true) -(expandtypeattribute (preloads_media_file_28_0) true) -(expandtypeattribute (preopt2cachename_28_0) true) -(expandtypeattribute (preopt2cachename_exec_28_0) true) -(expandtypeattribute (print_service_28_0) true) -(expandtypeattribute (priv_app_28_0) true) -(expandtypeattribute (proc_28_0) true) -(expandtypeattribute (proc_abi_28_0) true) -(expandtypeattribute (proc_asound_28_0) true) -(expandtypeattribute (proc_bluetooth_writable_28_0) true) -(expandtypeattribute (proc_buddyinfo_28_0) true) -(expandtypeattribute (proc_cmdline_28_0) true) -(expandtypeattribute (proc_cpuinfo_28_0) true) -(expandtypeattribute (proc_dirty_28_0) true) -(expandtypeattribute (proc_diskstats_28_0) true) -(expandtypeattribute (proc_drop_caches_28_0) true) -(expandtypeattribute (processinfo_service_28_0) true) -(expandtypeattribute (proc_extra_free_kbytes_28_0) true) -(expandtypeattribute (proc_filesystems_28_0) true) -(expandtypeattribute (proc_hostname_28_0) true) -(expandtypeattribute (proc_hung_task_28_0) true) -(expandtypeattribute (proc_interrupts_28_0) true) -(expandtypeattribute (proc_iomem_28_0) true) -(expandtypeattribute (proc_kmsg_28_0) true) -(expandtypeattribute (proc_loadavg_28_0) true) -(expandtypeattribute (proc_max_map_count_28_0) true) -(expandtypeattribute (proc_meminfo_28_0) true) -(expandtypeattribute (proc_min_free_order_shift_28_0) true) -(expandtypeattribute (proc_misc_28_0) true) -(expandtypeattribute (proc_modules_28_0) true) -(expandtypeattribute (proc_mounts_28_0) true) -(expandtypeattribute (proc_net_28_0) true) -(expandtypeattribute (proc_overcommit_memory_28_0) true) -(expandtypeattribute (proc_page_cluster_28_0) true) -(expandtypeattribute (proc_pagetypeinfo_28_0) true) -(expandtypeattribute (proc_panic_28_0) true) -(expandtypeattribute (proc_perf_28_0) true) -(expandtypeattribute (proc_pid_max_28_0) true) -(expandtypeattribute (proc_pipe_conf_28_0) true) -(expandtypeattribute (proc_qtaguid_stat_28_0) true) -(expandtypeattribute (proc_random_28_0) true) -(expandtypeattribute (proc_sched_28_0) true) -(expandtypeattribute (proc_security_28_0) true) -(expandtypeattribute (proc_stat_28_0) true) -(expandtypeattribute (procstats_service_28_0) true) -(expandtypeattribute (proc_swaps_28_0) true) -(expandtypeattribute (proc_sysrq_28_0) true) -(expandtypeattribute (proc_timer_28_0) true) -(expandtypeattribute (proc_tty_drivers_28_0) true) -(expandtypeattribute (proc_uid_concurrent_active_time_28_0) true) -(expandtypeattribute (proc_uid_concurrent_policy_time_28_0) true) -(expandtypeattribute (proc_uid_cpupower_28_0) true) -(expandtypeattribute (proc_uid_cputime_removeuid_28_0) true) -(expandtypeattribute (proc_uid_cputime_showstat_28_0) true) -(expandtypeattribute (proc_uid_io_stats_28_0) true) -(expandtypeattribute (proc_uid_procstat_set_28_0) true) -(expandtypeattribute (proc_uid_time_in_state_28_0) true) -(expandtypeattribute (proc_uptime_28_0) true) -(expandtypeattribute (proc_version_28_0) true) -(expandtypeattribute (proc_vmallocinfo_28_0) true) -(expandtypeattribute (proc_vmstat_28_0) true) -(expandtypeattribute (proc_zoneinfo_28_0) true) -(expandtypeattribute (profman_28_0) true) -(expandtypeattribute (profman_dump_data_file_28_0) true) -(expandtypeattribute (profman_exec_28_0) true) -(expandtypeattribute (properties_device_28_0) true) -(expandtypeattribute (properties_serial_28_0) true) -(expandtypeattribute (property_contexts_file_28_0) true) -(expandtypeattribute (property_data_file_28_0) true) -(expandtypeattribute (property_info_28_0) true) -(expandtypeattribute (property_socket_28_0) true) -(expandtypeattribute (pstorefs_28_0) true) -(expandtypeattribute (ptmx_device_28_0) true) -(expandtypeattribute (qtaguid_device_28_0) true) -(expandtypeattribute (qtaguid_proc_28_0) true) -(expandtypeattribute (racoon_28_0) true) -(expandtypeattribute (racoon_exec_28_0) true) -(expandtypeattribute (racoon_socket_28_0) true) -(expandtypeattribute (radio_28_0) true) -(expandtypeattribute (radio_data_file_28_0) true) -(expandtypeattribute (radio_device_28_0) true) -(expandtypeattribute (radio_prop_28_0) true) -(expandtypeattribute (radio_service_28_0) true) -(expandtypeattribute (ram_device_28_0) true) -(expandtypeattribute (random_device_28_0) true) -(expandtypeattribute (recovery_28_0) true) -(expandtypeattribute (recovery_block_device_28_0) true) -(expandtypeattribute (recovery_data_file_28_0) true) -(expandtypeattribute (recovery_persist_28_0) true) -(expandtypeattribute (recovery_persist_exec_28_0) true) -(expandtypeattribute (recovery_refresh_28_0) true) -(expandtypeattribute (recovery_refresh_exec_28_0) true) -(expandtypeattribute (recovery_service_28_0) true) -(expandtypeattribute (registry_service_28_0) true) -(expandtypeattribute (resourcecache_data_file_28_0) true) -(expandtypeattribute (restorecon_prop_28_0) true) -(expandtypeattribute (restrictions_service_28_0) true) -(expandtypeattribute (rild_debug_socket_28_0) true) -(expandtypeattribute (rild_socket_28_0) true) -(expandtypeattribute (ringtone_file_28_0) true) -(expandtypeattribute (root_block_device_28_0) true) -(expandtypeattribute (rootfs_28_0) true) -(expandtypeattribute (rpmsg_device_28_0) true) -(expandtypeattribute (rtc_device_28_0) true) -(expandtypeattribute (rttmanager_service_28_0) true) -(expandtypeattribute (runas_28_0) true) -(expandtypeattribute (runas_exec_28_0) true) -(expandtypeattribute (runtime_event_log_tags_file_28_0) true) -(expandtypeattribute (safemode_prop_28_0) true) -(expandtypeattribute (same_process_hal_file_28_0) true) -(expandtypeattribute (samplingprofiler_service_28_0) true) -(expandtypeattribute (scheduling_policy_service_28_0) true) -(expandtypeattribute (sdcardd_28_0) true) -(expandtypeattribute (sdcardd_exec_28_0) true) -(expandtypeattribute (sdcardfs_28_0) true) -(expandtypeattribute (seapp_contexts_file_28_0) true) -(expandtypeattribute (search_service_28_0) true) -(expandtypeattribute (sec_key_att_app_id_provider_service_28_0) true) -(expandtypeattribute (secure_element_28_0) true) -(expandtypeattribute (secure_element_device_28_0) true) -(expandtypeattribute (secure_element_service_28_0) true) -(expandtypeattribute (selinuxfs_28_0) true) -(expandtypeattribute (sensors_device_28_0) true) -(expandtypeattribute (sensorservice_service_28_0) true) -(expandtypeattribute (sepolicy_file_28_0) true) -(expandtypeattribute (serial_device_28_0) true) -(expandtypeattribute (serialno_prop_28_0) true) -(expandtypeattribute (serial_service_28_0) true) -(expandtypeattribute (service_contexts_file_28_0) true) -(expandtypeattribute (servicediscovery_service_28_0) true) -(expandtypeattribute (servicemanager_28_0) true) -(expandtypeattribute (servicemanager_exec_28_0) true) -(expandtypeattribute (settings_service_28_0) true) -(expandtypeattribute (sgdisk_28_0) true) -(expandtypeattribute (sgdisk_exec_28_0) true) -(expandtypeattribute (shared_relro_28_0) true) -(expandtypeattribute (shared_relro_file_28_0) true) -(expandtypeattribute (shell_28_0) true) -(expandtypeattribute (shell_data_file_28_0) true) -(expandtypeattribute (shell_exec_28_0) true) -(expandtypeattribute (shell_prop_28_0) true) -(expandtypeattribute (shm_28_0) true) -(expandtypeattribute (shortcut_manager_icons_28_0) true) -(expandtypeattribute (shortcut_service_28_0) true) -(expandtypeattribute (slice_service_28_0) true) -(expandtypeattribute (slideshow_28_0) true) -(expandtypeattribute (socket_device_28_0) true) -(expandtypeattribute (sockfs_28_0) true) -(expandtypeattribute (statusbar_service_28_0) true) -(expandtypeattribute (storaged_service_28_0) true) -(expandtypeattribute (storage_file_28_0) true) -(expandtypeattribute (storagestats_service_28_0) true) -(expandtypeattribute (storage_stub_file_28_0) true) -(expandtypeattribute (su_28_0) true) -(expandtypeattribute (su_exec_28_0) true) -(expandtypeattribute (surfaceflinger_28_0) true) -(expandtypeattribute (surfaceflinger_service_28_0) true) -(expandtypeattribute (swap_block_device_28_0) true) -(expandtypeattribute (sysfs_28_0) true) -(expandtypeattribute (sysfs_android_usb_28_0) true) -(expandtypeattribute (sysfs_batteryinfo_28_0) true) -(expandtypeattribute (sysfs_bluetooth_writable_28_0) true) -(expandtypeattribute (sysfs_devices_system_cpu_28_0) true) -(expandtypeattribute (sysfs_dm_28_0) true) -(expandtypeattribute (sysfs_dt_firmware_android_28_0) true) -(expandtypeattribute (sysfs_fs_ext4_features_28_0) true) -(expandtypeattribute (sysfs_hwrandom_28_0) true) -(expandtypeattribute (sysfs_ipv4_28_0) true) -(expandtypeattribute (sysfs_kernel_notes_28_0) true) -(expandtypeattribute (sysfs_leds_28_0) true) -(expandtypeattribute (sysfs_lowmemorykiller_28_0) true) -(expandtypeattribute (sysfs_mac_address_28_0) true) -(expandtypeattribute (sysfs_net_28_0) true) -(expandtypeattribute (sysfs_nfc_power_writable_28_0) true) -(expandtypeattribute (sysfs_power_28_0) true) -(expandtypeattribute (sysfs_rtc_28_0) true) -(expandtypeattribute (sysfs_switch_28_0) true) -(expandtypeattribute (sysfs_thermal_28_0) true) -(expandtypeattribute (sysfs_uio_28_0) true) -(expandtypeattribute (sysfs_usb_28_0) true) -(expandtypeattribute (sysfs_usermodehelper_28_0) true) -(expandtypeattribute (sysfs_vibrator_28_0) true) -(expandtypeattribute (sysfs_wake_lock_28_0) true) -(expandtypeattribute (sysfs_wakeup_reasons_28_0) true) -(expandtypeattribute (sysfs_wlan_fwpath_28_0) true) -(expandtypeattribute (sysfs_zram_28_0) true) -(expandtypeattribute (sysfs_zram_uevent_28_0) true) -(expandtypeattribute (system_app_28_0) true) -(expandtypeattribute (system_app_data_file_28_0) true) -(expandtypeattribute (system_app_service_28_0) true) -(expandtypeattribute (system_block_device_28_0) true) -(expandtypeattribute (system_boot_reason_prop_28_0) true) -(expandtypeattribute (system_data_file_28_0) true) -(expandtypeattribute (system_file_28_0) true) -(expandtypeattribute (systemkeys_data_file_28_0) true) -(expandtypeattribute (system_ndebug_socket_28_0) true) -(expandtypeattribute (system_net_netd_hwservice_28_0) true) -(expandtypeattribute (system_prop_28_0) true) -(expandtypeattribute (system_radio_prop_28_0) true) -(expandtypeattribute (system_server_28_0) true) -(expandtypeattribute (system_update_service_28_0) true) -(expandtypeattribute (system_wifi_keystore_hwservice_28_0) true) -(expandtypeattribute (system_wpa_socket_28_0) true) -(expandtypeattribute (task_service_28_0) true) -(expandtypeattribute (tee_28_0) true) -(expandtypeattribute (tee_data_file_28_0) true) -(expandtypeattribute (tee_device_28_0) true) -(expandtypeattribute (telecom_service_28_0) true) -(expandtypeattribute (test_boot_reason_prop_28_0) true) -(expandtypeattribute (textclassification_service_28_0) true) -(expandtypeattribute (textclassifier_data_file_28_0) true) -(expandtypeattribute (textservices_service_28_0) true) -(expandtypeattribute (thermalcallback_hwservice_28_0) true) -(expandtypeattribute (thermal_service_28_0) true) -(expandtypeattribute (thermalserviced_28_0) true) -(expandtypeattribute (thermalserviced_exec_28_0) true) -(expandtypeattribute (timezone_service_28_0) true) -(expandtypeattribute (tmpfs_28_0) true) -(expandtypeattribute (tombstoned_28_0) true) -(expandtypeattribute (tombstone_data_file_28_0) true) -(expandtypeattribute (tombstoned_crash_socket_28_0) true) -(expandtypeattribute (tombstoned_exec_28_0) true) -(expandtypeattribute (tombstoned_intercept_socket_28_0) true) -(expandtypeattribute (tombstoned_java_trace_socket_28_0) true) -(expandtypeattribute (tombstone_wifi_data_file_28_0) true) -(expandtypeattribute (toolbox_28_0) true) -(expandtypeattribute (toolbox_exec_28_0) true) -(expandtypeattribute (trace_data_file_28_0) true) -(expandtypeattribute (traced_consumer_socket_28_0) true) -(expandtypeattribute (traced_enabled_prop_28_0) true) -(expandtypeattribute (traced_probes_28_0) true) -(expandtypeattribute (traced_producer_socket_28_0) true) -(expandtypeattribute (traceur_app_28_0) true) -(expandtypeattribute (trust_service_28_0) true) -(expandtypeattribute (tty_device_28_0) true) -(expandtypeattribute (tun_device_28_0) true) -(expandtypeattribute (tv_input_service_28_0) true) -(expandtypeattribute (tzdatacheck_28_0) true) -(expandtypeattribute (tzdatacheck_exec_28_0) true) -(expandtypeattribute (ueventd_28_0) true) -(expandtypeattribute (uhid_device_28_0) true) -(expandtypeattribute (uimode_service_28_0) true) -(expandtypeattribute (uio_device_28_0) true) -(expandtypeattribute (uncrypt_28_0) true) -(expandtypeattribute (uncrypt_exec_28_0) true) -(expandtypeattribute (uncrypt_socket_28_0) true) -(expandtypeattribute (unencrypted_data_file_28_0) true) -(expandtypeattribute (unlabeled_28_0) true) -(expandtypeattribute (untrusted_app_25_28_0) true) -(expandtypeattribute (untrusted_app_27_28_0) true) -(expandtypeattribute (untrusted_app_28_0) true) -(expandtypeattribute (untrusted_v2_app_28_0) true) -(expandtypeattribute (update_engine_28_0) true) -(expandtypeattribute (update_engine_data_file_28_0) true) -(expandtypeattribute (update_engine_exec_28_0) true) -(expandtypeattribute (update_engine_log_data_file_28_0) true) -(expandtypeattribute (update_engine_service_28_0) true) -(expandtypeattribute (updatelock_service_28_0) true) -(expandtypeattribute (update_verifier_28_0) true) -(expandtypeattribute (update_verifier_exec_28_0) true) -(expandtypeattribute (usagestats_service_28_0) true) -(expandtypeattribute (usbaccessory_device_28_0) true) -(expandtypeattribute (usbd_28_0) true) -(expandtypeattribute (usb_device_28_0) true) -(expandtypeattribute (usbd_exec_28_0) true) -(expandtypeattribute (usbfs_28_0) true) -(expandtypeattribute (usb_service_28_0) true) -(expandtypeattribute (userdata_block_device_28_0) true) -(expandtypeattribute (usermodehelper_28_0) true) -(expandtypeattribute (user_profile_data_file_28_0) true) -(expandtypeattribute (user_service_28_0) true) -(expandtypeattribute (vcs_device_28_0) true) -(expandtypeattribute (vdc_28_0) true) -(expandtypeattribute (vdc_exec_28_0) true) -(expandtypeattribute (vendor_app_file_28_0) true) -(expandtypeattribute (vendor_configs_file_28_0) true) -(expandtypeattribute (vendor_data_file_28_0) true) -(expandtypeattribute (vendor_default_prop_28_0) true) -(expandtypeattribute (vendor_file_28_0) true) -(expandtypeattribute (vendor_framework_file_28_0) true) -(expandtypeattribute (vendor_hal_file_28_0) true) -(expandtypeattribute (vendor_init_28_0) true) -(expandtypeattribute (vendor_overlay_file_28_0) true) -(expandtypeattribute (vendor_security_patch_level_prop_28_0) true) -(expandtypeattribute (vendor_shell_28_0) true) -(expandtypeattribute (vendor_shell_exec_28_0) true) -(expandtypeattribute (vendor_toolbox_exec_28_0) true) -(expandtypeattribute (vfat_28_0) true) -(expandtypeattribute (vibrator_service_28_0) true) -(expandtypeattribute (video_device_28_0) true) -(expandtypeattribute (virtual_touchpad_28_0) true) -(expandtypeattribute (virtual_touchpad_exec_28_0) true) -(expandtypeattribute (virtual_touchpad_service_28_0) true) -(expandtypeattribute (vndbinder_device_28_0) true) -(expandtypeattribute (vndk_sp_file_28_0) true) -(expandtypeattribute (vndservice_contexts_file_28_0) true) -(expandtypeattribute (vndservicemanager_28_0) true) -(expandtypeattribute (voiceinteraction_service_28_0) true) -(expandtypeattribute (vold_28_0) true) -(expandtypeattribute (vold_data_file_28_0) true) -(expandtypeattribute (vold_device_28_0) true) -(expandtypeattribute (vold_exec_28_0) true) -(expandtypeattribute (vold_metadata_file_28_0) true) -(expandtypeattribute (vold_prepare_subdirs_28_0) true) -(expandtypeattribute (vold_prepare_subdirs_exec_28_0) true) -(expandtypeattribute (vold_prop_28_0) true) -(expandtypeattribute (vold_service_28_0) true) -(expandtypeattribute (vpn_data_file_28_0) true) -(expandtypeattribute (vr_hwc_28_0) true) -(expandtypeattribute (vr_hwc_exec_28_0) true) -(expandtypeattribute (vr_hwc_service_28_0) true) -(expandtypeattribute (vr_manager_service_28_0) true) -(expandtypeattribute (wallpaper_file_28_0) true) -(expandtypeattribute (wallpaper_service_28_0) true) -(expandtypeattribute (watchdogd_28_0) true) -(expandtypeattribute (watchdog_device_28_0) true) -(expandtypeattribute (webviewupdate_service_28_0) true) -(expandtypeattribute (webview_zygote_28_0) true) -(expandtypeattribute (webview_zygote_exec_28_0) true) -(expandtypeattribute (wifiaware_service_28_0) true) -(expandtypeattribute (wificond_28_0) true) -(expandtypeattribute (wificond_exec_28_0) true) -(expandtypeattribute (wificond_service_28_0) true) -(expandtypeattribute (wifi_data_file_28_0) true) -(expandtypeattribute (wifi_log_prop_28_0) true) -(expandtypeattribute (wifip2p_service_28_0) true) -(expandtypeattribute (wifi_prop_28_0) true) -(expandtypeattribute (wifiscanner_service_28_0) true) -(expandtypeattribute (wifi_service_28_0) true) -(expandtypeattribute (window_service_28_0) true) -(expandtypeattribute (wpantund_28_0) true) -(expandtypeattribute (wpantund_exec_28_0) true) -(expandtypeattribute (wpantund_service_28_0) true) -(expandtypeattribute (wpa_socket_28_0) true) -(expandtypeattribute (zero_device_28_0) true) -(expandtypeattribute (zoneinfo_data_file_28_0) true) -(expandtypeattribute (zygote_28_0) true) -(expandtypeattribute (zygote_exec_28_0) true) -(expandtypeattribute (zygote_socket_28_0) true) -(typeattributeset accessibility_service_28_0 (accessibility_service)) -(typeattributeset account_service_28_0 (account_service)) -(typeattributeset activity_service_28_0 (activity_service)) -(typeattributeset adbd_28_0 (adbd)) -(typeattributeset adb_data_file_28_0 (adb_data_file)) -(typeattributeset adbd_exec_28_0 (adbd_exec)) -(typeattributeset adbd_socket_28_0 (adbd_socket)) -(typeattributeset adb_keys_file_28_0 (adb_keys_file)) -(typeattributeset alarm_device_28_0 (alarm_device)) -(typeattributeset alarm_service_28_0 (alarm_service)) -(typeattributeset anr_data_file_28_0 (anr_data_file)) -(typeattributeset apk_data_file_28_0 (apk_data_file)) -(typeattributeset apk_private_data_file_28_0 (apk_private_data_file)) -(typeattributeset apk_private_tmp_file_28_0 (apk_private_tmp_file)) -(typeattributeset apk_tmp_file_28_0 (apk_tmp_file)) -(typeattributeset app_data_file_28_0 (app_data_file privapp_data_file)) -(typeattributeset app_fuse_file_28_0 (app_fuse_file)) -(typeattributeset app_fusefs_28_0 (app_fusefs)) -(typeattributeset appops_service_28_0 (appops_service)) -(typeattributeset appwidget_service_28_0 (appwidget_service)) -(typeattributeset asec_apk_file_28_0 (asec_apk_file)) -(typeattributeset asec_image_file_28_0 (asec_image_file)) -(typeattributeset asec_public_file_28_0 (asec_public_file)) -(typeattributeset ashmem_device_28_0 (ashmem_device)) -(typeattributeset assetatlas_service_28_0 (assetatlas_service)) -(typeattributeset audio_data_file_28_0 (audio_data_file)) -(typeattributeset audio_device_28_0 (audio_device)) -(typeattributeset audiohal_data_file_28_0 (audiohal_data_file)) -(typeattributeset audio_prop_28_0 (audio_prop)) -(typeattributeset audio_seq_device_28_0 (audio_seq_device)) -(typeattributeset audioserver_28_0 (audioserver)) -(typeattributeset audioserver_data_file_28_0 (audioserver_data_file)) -(typeattributeset audioserver_service_28_0 (audioserver_service)) -(typeattributeset audio_service_28_0 (audio_service)) -(typeattributeset audio_timer_device_28_0 (audio_timer_device)) -(typeattributeset autofill_service_28_0 (autofill_service)) -(typeattributeset backup_data_file_28_0 (backup_data_file)) -(typeattributeset backup_service_28_0 (backup_service)) -(typeattributeset batteryproperties_service_28_0 (batteryproperties_service)) -(typeattributeset battery_service_28_0 (battery_service)) -(typeattributeset batterystats_service_28_0 (batterystats_service)) -(typeattributeset binder_calls_stats_service_28_0 (binder_calls_stats_service)) -(typeattributeset binder_device_28_0 (binder_device)) -(typeattributeset binfmt_miscfs_28_0 (binfmt_miscfs)) -(typeattributeset blkid_28_0 (blkid)) -(typeattributeset blkid_untrusted_28_0 (blkid_untrusted)) -(typeattributeset block_device_28_0 (block_device)) -(typeattributeset bluetooth_28_0 (bluetooth)) -(typeattributeset bluetooth_a2dp_offload_prop_28_0 (bluetooth_a2dp_offload_prop)) -(typeattributeset bluetooth_data_file_28_0 (bluetooth_data_file)) -(typeattributeset bluetooth_efs_file_28_0 (bluetooth_efs_file)) -(typeattributeset bluetooth_logs_data_file_28_0 (bluetooth_logs_data_file)) -(typeattributeset bluetooth_manager_service_28_0 (bluetooth_manager_service)) -(typeattributeset bluetooth_prop_28_0 (bluetooth_prop)) -(typeattributeset bluetooth_service_28_0 (bluetooth_service)) -(typeattributeset bluetooth_socket_28_0 (bluetooth_socket)) -(typeattributeset bootanim_28_0 (bootanim)) -(typeattributeset bootanim_exec_28_0 (bootanim_exec)) -(typeattributeset boot_block_device_28_0 (boot_block_device)) -(typeattributeset bootchart_data_file_28_0 (bootchart_data_file)) -(typeattributeset bootloader_boot_reason_prop_28_0 (bootloader_boot_reason_prop)) -(typeattributeset bootstat_28_0 (bootstat)) -(typeattributeset bootstat_data_file_28_0 (bootstat_data_file)) -(typeattributeset bootstat_exec_28_0 (bootstat_exec)) -(typeattributeset boottime_prop_28_0 (boottime_prop)) -(typeattributeset boottrace_data_file_28_0 (boottrace_data_file)) -(typeattributeset broadcastradio_service_28_0 (broadcastradio_service)) -(typeattributeset bufferhubd_28_0 (bufferhubd)) -(typeattributeset bufferhubd_exec_28_0 (bufferhubd_exec)) -(typeattributeset cache_backup_file_28_0 (cache_backup_file)) -(typeattributeset cache_block_device_28_0 (cache_block_device)) -(typeattributeset cache_file_28_0 (cache_file)) -(typeattributeset cache_private_backup_file_28_0 (cache_private_backup_file)) -(typeattributeset cache_recovery_file_28_0 (cache_recovery_file)) -(typeattributeset camera_data_file_28_0 (camera_data_file)) -(typeattributeset camera_device_28_0 (camera_device)) -(typeattributeset cameraproxy_service_28_0 (cameraproxy_service)) -(typeattributeset cameraserver_28_0 (cameraserver)) -(typeattributeset cameraserver_exec_28_0 (cameraserver_exec)) -(typeattributeset cameraserver_service_28_0 (cameraserver_service)) -(typeattributeset cgroup_28_0 (cgroup)) -(typeattributeset cgroup_bpf_28_0 (cgroup_bpf)) -(typeattributeset charger_28_0 (charger)) -(typeattributeset clatd_28_0 (clatd)) -(typeattributeset clatd_exec_28_0 (clatd_exec)) -(typeattributeset clipboard_service_28_0 (clipboard_service)) -(typeattributeset commontime_management_service_28_0 (commontime_management_service)) -(typeattributeset companion_device_service_28_0 (companion_device_service)) -(typeattributeset configfs_28_0 (configfs)) -(typeattributeset config_prop_28_0 (config_prop)) -(typeattributeset connectivity_service_28_0 (connectivity_service)) -(typeattributeset connmetrics_service_28_0 (connmetrics_service)) -(typeattributeset console_device_28_0 (console_device)) -(typeattributeset consumer_ir_service_28_0 (consumer_ir_service)) -(typeattributeset content_service_28_0 (content_service)) -(typeattributeset contexthub_service_28_0 (contexthub_service)) -(typeattributeset coredump_file_28_0 (coredump_file)) -(typeattributeset country_detector_service_28_0 (country_detector_service)) -(typeattributeset coverage_service_28_0 (coverage_service)) -(typeattributeset cppreopt_prop_28_0 (cppreopt_prop)) -(typeattributeset cppreopts_28_0 (cppreopts)) -(typeattributeset cppreopts_exec_28_0 (cppreopts_exec)) -(typeattributeset cpuctl_device_28_0 (cpuctl_device)) -(typeattributeset cpuinfo_service_28_0 (cpuinfo_service)) -(typeattributeset crash_dump_28_0 (crash_dump)) -(typeattributeset crash_dump_exec_28_0 (crash_dump_exec)) -(typeattributeset crossprofileapps_service_28_0 (crossprofileapps_service)) -(typeattributeset ctl_bootanim_prop_28_0 (ctl_bootanim_prop)) -(typeattributeset ctl_bugreport_prop_28_0 (ctl_bugreport_prop)) -(typeattributeset ctl_console_prop_28_0 (ctl_console_prop)) -(typeattributeset ctl_default_prop_28_0 - ( ctl_adbd_prop - ctl_default_prop)) -(typeattributeset ctl_dumpstate_prop_28_0 (ctl_dumpstate_prop)) -(typeattributeset ctl_fuse_prop_28_0 (ctl_fuse_prop)) -(typeattributeset ctl_interface_restart_prop_28_0 (ctl_interface_restart_prop)) -(typeattributeset ctl_interface_start_prop_28_0 (ctl_interface_start_prop)) -(typeattributeset ctl_interface_stop_prop_28_0 (ctl_interface_stop_prop)) -(typeattributeset ctl_mdnsd_prop_28_0 (ctl_mdnsd_prop)) -(typeattributeset ctl_restart_prop_28_0 (ctl_restart_prop)) -(typeattributeset ctl_rildaemon_prop_28_0 (ctl_rildaemon_prop)) -(typeattributeset ctl_sigstop_prop_28_0 (ctl_sigstop_prop)) -(typeattributeset ctl_start_prop_28_0 (ctl_start_prop)) -(typeattributeset ctl_stop_prop_28_0 (ctl_stop_prop)) -(typeattributeset dalvikcache_data_file_28_0 (dalvikcache_data_file)) -(typeattributeset dalvik_prop_28_0 (dalvik_prop)) -(typeattributeset dbinfo_service_28_0 (dbinfo_service)) -(typeattributeset debugfs_28_0 (debugfs)) -(typeattributeset debugfs_mmc_28_0 (debugfs_mmc)) -(typeattributeset debugfs_trace_marker_28_0 (debugfs_trace_marker)) -(typeattributeset debugfs_tracing_28_0 (debugfs_tracing)) -(typeattributeset debugfs_tracing_debug_28_0 (debugfs_tracing_debug)) -(typeattributeset debugfs_tracing_instances_28_0 (debugfs_tracing_instances)) -(typeattributeset debugfs_wakeup_sources_28_0 (debugfs_wakeup_sources)) -(typeattributeset debugfs_wifi_tracing_28_0 (debugfs_wifi_tracing)) -(typeattributeset debuggerd_prop_28_0 (debuggerd_prop)) -(typeattributeset debug_prop_28_0 (debug_prop)) -(typeattributeset default_android_hwservice_28_0 (default_android_hwservice)) -(typeattributeset default_android_service_28_0 (default_android_service)) -(typeattributeset default_android_vndservice_28_0 (default_android_vndservice)) -(typeattributeset default_prop_28_0 (default_prop)) -(typeattributeset device_28_0 (device)) -(typeattributeset device_identifiers_service_28_0 (device_identifiers_service)) -(typeattributeset deviceidle_service_28_0 (deviceidle_service)) -(typeattributeset device_logging_prop_28_0 (device_logging_prop)) -(typeattributeset device_policy_service_28_0 (device_policy_service)) -(typeattributeset devicestoragemonitor_service_28_0 (devicestoragemonitor_service)) -(typeattributeset devpts_28_0 (devpts)) -(typeattributeset dex2oat_28_0 (dex2oat)) -(typeattributeset dex2oat_exec_28_0 (dex2oat_exec)) -(typeattributeset dhcp_28_0 (dhcp)) -(typeattributeset dhcp_data_file_28_0 (dhcp_data_file)) -(typeattributeset dhcp_exec_28_0 (dhcp_exec)) -(typeattributeset dhcp_prop_28_0 (dhcp_prop)) -(typeattributeset diskstats_service_28_0 (diskstats_service)) -(typeattributeset display_service_28_0 (display_service)) -(typeattributeset dm_device_28_0 (dm_device)) -(typeattributeset dnsmasq_28_0 (dnsmasq)) -(typeattributeset dnsmasq_exec_28_0 (dnsmasq_exec)) -(typeattributeset dnsproxyd_socket_28_0 (dnsproxyd_socket)) -(typeattributeset DockObserver_service_28_0 (DockObserver_service)) -(typeattributeset dreams_service_28_0 (dreams_service)) -(typeattributeset drm_data_file_28_0 (drm_data_file)) -(typeattributeset drmserver_28_0 (drmserver)) -(typeattributeset drmserver_exec_28_0 (drmserver_exec)) -(typeattributeset drmserver_service_28_0 (drmserver_service)) -(typeattributeset drmserver_socket_28_0 (drmserver_socket)) -(typeattributeset dropbox_service_28_0 (dropbox_service)) -(typeattributeset dumpstate_28_0 (dumpstate)) -(typeattributeset dumpstate_exec_28_0 (dumpstate_exec)) -(typeattributeset dumpstate_options_prop_28_0 (dumpstate_options_prop)) -(typeattributeset dumpstate_prop_28_0 (dumpstate_prop)) -(typeattributeset dumpstate_service_28_0 (dumpstate_service)) -(typeattributeset dumpstate_socket_28_0 (dumpstate_socket)) -(typeattributeset e2fs_28_0 (e2fs)) -(typeattributeset e2fs_exec_28_0 (e2fs_exec)) -(typeattributeset efs_file_28_0 (efs_file)) -(typeattributeset ephemeral_app_28_0 (ephemeral_app)) -(typeattributeset ethernet_service_28_0 (ethernet_service)) -(typeattributeset exfat_28_0 (exfat)) -(typeattributeset exported2_config_prop_28_0 (exported2_config_prop)) -(typeattributeset exported2_default_prop_28_0 (exported2_default_prop)) -(typeattributeset exported2_radio_prop_28_0 (exported2_radio_prop)) -(typeattributeset exported2_system_prop_28_0 (exported2_system_prop)) -(typeattributeset exported2_vold_prop_28_0 (exported2_vold_prop)) -(typeattributeset exported3_default_prop_28_0 (exported3_default_prop)) -(typeattributeset exported3_radio_prop_28_0 (exported3_radio_prop)) -(typeattributeset exported3_system_prop_28_0 (exported3_system_prop)) -(typeattributeset exported_audio_prop_28_0 (exported_audio_prop)) -(typeattributeset exported_bluetooth_prop_28_0 (exported_bluetooth_prop)) -(typeattributeset exported_config_prop_28_0 (exported_config_prop)) -(typeattributeset exported_dalvik_prop_28_0 (exported_dalvik_prop)) -(typeattributeset exported_default_prop_28_0 (exported_default_prop)) -(typeattributeset exported_dumpstate_prop_28_0 (exported_dumpstate_prop)) -(typeattributeset exported_ffs_prop_28_0 (exported_ffs_prop)) -(typeattributeset exported_fingerprint_prop_28_0 (exported_fingerprint_prop)) -(typeattributeset exported_overlay_prop_28_0 (exported_overlay_prop)) -(typeattributeset exported_pm_prop_28_0 (exported_pm_prop)) -(typeattributeset exported_radio_prop_28_0 (exported_radio_prop)) -(typeattributeset exported_secure_prop_28_0 (exported_secure_prop)) -(typeattributeset exported_system_prop_28_0 (exported_system_prop)) -(typeattributeset exported_system_radio_prop_28_0 (exported_system_radio_prop)) -(typeattributeset exported_vold_prop_28_0 (exported_vold_prop)) -(typeattributeset exported_wifi_prop_28_0 (exported_wifi_prop)) -(typeattributeset ffs_prop_28_0 (ffs_prop)) -(typeattributeset file_contexts_file_28_0 (file_contexts_file)) -(typeattributeset fingerprintd_28_0 (fingerprintd)) -(typeattributeset fingerprintd_data_file_28_0 (fingerprintd_data_file)) -(typeattributeset fingerprintd_exec_28_0 (fingerprintd_exec)) -(typeattributeset fingerprintd_service_28_0 (fingerprintd_service)) -(typeattributeset fingerprint_prop_28_0 (fingerprint_prop)) -(typeattributeset fingerprint_service_28_0 (fingerprint_service)) -(typeattributeset fingerprint_vendor_data_file_28_0 (fingerprint_vendor_data_file)) -(typeattributeset firstboot_prop_28_0 (firstboot_prop)) -(typeattributeset font_service_28_0 (font_service)) -(typeattributeset frp_block_device_28_0 (frp_block_device)) -(typeattributeset fs_bpf_28_0 (fs_bpf)) -(typeattributeset fsck_28_0 (fsck)) -(typeattributeset fsck_exec_28_0 (fsck_exec)) -(typeattributeset fscklogs_28_0 (fscklogs)) -(typeattributeset fsck_untrusted_28_0 (fsck_untrusted)) -(typeattributeset full_device_28_0 (full_device)) -(typeattributeset functionfs_28_0 (functionfs)) -(typeattributeset fuse_28_0 (fuse)) -(typeattributeset fuse_device_28_0 (fuse_device)) -(typeattributeset fwk_display_hwservice_28_0 (fwk_display_hwservice)) -(typeattributeset fwk_scheduler_hwservice_28_0 (fwk_scheduler_hwservice)) -(typeattributeset fwk_sensor_hwservice_28_0 (fwk_sensor_hwservice)) -(typeattributeset fwmarkd_socket_28_0 (fwmarkd_socket)) -(typeattributeset gatekeeperd_28_0 (gatekeeperd)) -(typeattributeset gatekeeper_data_file_28_0 (gatekeeper_data_file)) -(typeattributeset gatekeeperd_exec_28_0 (gatekeeperd_exec)) -(typeattributeset gatekeeper_service_28_0 (gatekeeper_service)) -(typeattributeset gfxinfo_service_28_0 (gfxinfo_service)) -(typeattributeset gps_control_28_0 (gps_control)) -(typeattributeset gpu_device_28_0 (gpu_device)) -(typeattributeset gpu_service_28_0 (gpu_service)) -(typeattributeset graphics_device_28_0 (graphics_device)) -(typeattributeset graphicsstats_service_28_0 (graphicsstats_service)) -(typeattributeset hal_audiocontrol_hwservice_28_0 (hal_audiocontrol_hwservice)) -(typeattributeset hal_audio_hwservice_28_0 (hal_audio_hwservice)) -(typeattributeset hal_authsecret_hwservice_28_0 (hal_authsecret_hwservice)) -(typeattributeset hal_bluetooth_hwservice_28_0 (hal_bluetooth_hwservice)) -(typeattributeset hal_bootctl_hwservice_28_0 (hal_bootctl_hwservice)) -(typeattributeset hal_broadcastradio_hwservice_28_0 (hal_broadcastradio_hwservice)) -(typeattributeset hal_camera_hwservice_28_0 (hal_camera_hwservice)) -(typeattributeset hal_cas_hwservice_28_0 (hal_cas_hwservice)) -(typeattributeset hal_codec2_hwservice_28_0 (hal_codec2_hwservice)) -(typeattributeset hal_configstore_ISurfaceFlingerConfigs_28_0 (hal_configstore_ISurfaceFlingerConfigs)) -(typeattributeset hal_confirmationui_hwservice_28_0 (hal_confirmationui_hwservice)) -(typeattributeset hal_contexthub_hwservice_28_0 (hal_contexthub_hwservice)) -(typeattributeset hal_drm_hwservice_28_0 (hal_drm_hwservice)) -(typeattributeset hal_dumpstate_hwservice_28_0 (hal_dumpstate_hwservice)) -(typeattributeset hal_evs_hwservice_28_0 (hal_evs_hwservice)) -(typeattributeset hal_fingerprint_hwservice_28_0 (hal_fingerprint_hwservice)) -(typeattributeset hal_fingerprint_service_28_0 (hal_fingerprint_service)) -(typeattributeset hal_gatekeeper_hwservice_28_0 (hal_gatekeeper_hwservice)) -(typeattributeset hal_gnss_hwservice_28_0 (hal_gnss_hwservice)) -(typeattributeset hal_graphics_allocator_hwservice_28_0 (hal_graphics_allocator_hwservice)) -(typeattributeset hal_graphics_composer_hwservice_28_0 (hal_graphics_composer_hwservice)) -(typeattributeset hal_graphics_mapper_hwservice_28_0 (hal_graphics_mapper_hwservice)) -(typeattributeset hal_health_hwservice_28_0 (hal_health_hwservice)) -(typeattributeset hal_ir_hwservice_28_0 (hal_ir_hwservice)) -(typeattributeset hal_keymaster_hwservice_28_0 (hal_keymaster_hwservice)) -(typeattributeset hal_light_hwservice_28_0 (hal_light_hwservice)) -(typeattributeset hal_lowpan_hwservice_28_0 (hal_lowpan_hwservice)) -(typeattributeset hal_memtrack_hwservice_28_0 (hal_memtrack_hwservice)) -(typeattributeset hal_neuralnetworks_hwservice_28_0 (hal_neuralnetworks_hwservice)) -(typeattributeset hal_nfc_hwservice_28_0 (hal_nfc_hwservice)) -(typeattributeset hal_oemlock_hwservice_28_0 (hal_oemlock_hwservice)) -(typeattributeset hal_omx_hwservice_28_0 (hal_omx_hwservice)) -(typeattributeset hal_power_hwservice_28_0 (hal_power_hwservice)) -(typeattributeset hal_renderscript_hwservice_28_0 (hal_renderscript_hwservice)) -(typeattributeset hal_secure_element_hwservice_28_0 (hal_secure_element_hwservice)) -(typeattributeset hal_sensors_hwservice_28_0 (hal_sensors_hwservice)) -(typeattributeset hal_telephony_hwservice_28_0 (hal_telephony_hwservice)) -(typeattributeset hal_tetheroffload_hwservice_28_0 (hal_tetheroffload_hwservice)) -(typeattributeset hal_thermal_hwservice_28_0 (hal_thermal_hwservice)) -(typeattributeset hal_tv_cec_hwservice_28_0 (hal_tv_cec_hwservice)) -(typeattributeset hal_tv_input_hwservice_28_0 (hal_tv_input_hwservice)) -(typeattributeset hal_usb_gadget_hwservice_28_0 (hal_usb_gadget_hwservice)) -(typeattributeset hal_usb_hwservice_28_0 (hal_usb_hwservice)) -(typeattributeset hal_vehicle_hwservice_28_0 (hal_vehicle_hwservice)) -(typeattributeset hal_vibrator_hwservice_28_0 (hal_vibrator_hwservice)) -(typeattributeset hal_vr_hwservice_28_0 (hal_vr_hwservice)) -(typeattributeset hal_weaver_hwservice_28_0 (hal_weaver_hwservice)) -(typeattributeset hal_wifi_hostapd_hwservice_28_0 (hal_wifi_hostapd_hwservice)) -(typeattributeset hal_wifi_hwservice_28_0 (hal_wifi_hwservice)) -(typeattributeset hal_wifi_offload_hwservice_28_0 (hal_wifi_offload_hwservice)) -(typeattributeset hal_wifi_supplicant_hwservice_28_0 (hal_wifi_supplicant_hwservice)) -(typeattributeset hardware_properties_service_28_0 (hardware_properties_service)) -(typeattributeset hardware_service_28_0 (hardware_service)) -(typeattributeset hci_attach_dev_28_0 (hci_attach_dev)) -(typeattributeset hdmi_control_service_28_0 (hdmi_control_service)) -(typeattributeset healthd_28_0 (healthd)) -(typeattributeset healthd_exec_28_0 (healthd_exec)) -(typeattributeset heapdump_data_file_28_0 (heapdump_data_file)) -(typeattributeset hidl_allocator_hwservice_28_0 (hidl_allocator_hwservice)) -(typeattributeset hidl_base_hwservice_28_0 (hidl_base_hwservice)) -(typeattributeset hidl_manager_hwservice_28_0 (hidl_manager_hwservice)) -(typeattributeset hidl_memory_hwservice_28_0 (hidl_memory_hwservice)) -(typeattributeset hidl_token_hwservice_28_0 (hidl_token_hwservice)) -(typeattributeset hwbinder_device_28_0 (hwbinder_device)) -(typeattributeset hw_random_device_28_0 (hw_random_device)) -(typeattributeset hwservice_contexts_file_28_0 (hwservice_contexts_file)) -(typeattributeset hwservicemanager_28_0 (hwservicemanager)) -(typeattributeset hwservicemanager_exec_28_0 (hwservicemanager_exec)) -(typeattributeset hwservicemanager_prop_28_0 (hwservicemanager_prop)) -(typeattributeset i2c_device_28_0 (i2c_device)) -(typeattributeset icon_file_28_0 (icon_file)) -(typeattributeset idmap_28_0 (idmap)) -(typeattributeset idmap_exec_28_0 (idmap_exec)) -(typeattributeset iio_device_28_0 (iio_device)) -(typeattributeset imms_service_28_0 (imms_service)) -(typeattributeset incident_28_0 (incident)) -(typeattributeset incidentd_28_0 (incidentd)) -(typeattributeset incident_data_file_28_0 (incident_data_file)) -(typeattributeset incident_helper_28_0 (incident_helper)) -(typeattributeset incident_service_28_0 (incident_service)) -(typeattributeset init_28_0 (init)) -(typeattributeset init_exec_28_0 (init_exec watchdogd_exec)) -(typeattributeset inotify_28_0 (inotify)) -(typeattributeset input_device_28_0 (input_device)) -(typeattributeset inputflinger_28_0 (inputflinger)) -(typeattributeset inputflinger_exec_28_0 (inputflinger_exec)) -(typeattributeset inputflinger_service_28_0 (inputflinger_service)) -(typeattributeset input_method_service_28_0 (input_method_service)) -(typeattributeset input_service_28_0 (input_service)) -(typeattributeset installd_28_0 (installd)) -(typeattributeset install_data_file_28_0 (install_data_file)) -(typeattributeset installd_exec_28_0 (installd_exec)) -(typeattributeset installd_service_28_0 (installd_service)) -(typeattributeset install_recovery_28_0 (install_recovery)) -(typeattributeset install_recovery_exec_28_0 (install_recovery_exec)) -(typeattributeset ion_device_28_0 (ion_device)) -(typeattributeset IProxyService_service_28_0 (IProxyService_service)) -(typeattributeset ipsec_service_28_0 (ipsec_service)) -(typeattributeset isolated_app_28_0 (isolated_app)) -(typeattributeset jobscheduler_service_28_0 (jobscheduler_service)) -(typeattributeset kernel_28_0 (kernel)) -(typeattributeset keychain_data_file_28_0 (keychain_data_file)) -(typeattributeset keychord_device_28_0 (keychord_device)) -(typeattributeset keystore_28_0 (keystore)) -(typeattributeset keystore_data_file_28_0 (keystore_data_file)) -(typeattributeset keystore_exec_28_0 (keystore_exec)) -(typeattributeset keystore_service_28_0 (keystore_service)) -(typeattributeset kmem_device_28_0 (kmem_device)) -(typeattributeset kmsg_debug_device_28_0 (kmsg_debug_device)) -(typeattributeset kmsg_device_28_0 (kmsg_device)) -(typeattributeset labeledfs_28_0 (labeledfs)) -(typeattributeset last_boot_reason_prop_28_0 (last_boot_reason_prop)) -(typeattributeset launcherapps_service_28_0 (launcherapps_service)) -(typeattributeset lmkd_28_0 (lmkd)) -(typeattributeset lmkd_exec_28_0 (lmkd_exec)) -(typeattributeset lmkd_socket_28_0 (lmkd_socket)) -(typeattributeset location_service_28_0 (location_service)) -(typeattributeset lock_settings_service_28_0 (lock_settings_service)) -(typeattributeset logcat_exec_28_0 (logcat_exec)) -(typeattributeset logd_28_0 (logd)) -(typeattributeset logd_exec_28_0 (logd_exec)) -(typeattributeset logd_prop_28_0 (logd_prop)) -(typeattributeset logdr_socket_28_0 (logdr_socket)) -(typeattributeset logd_socket_28_0 (logd_socket)) -(typeattributeset logdw_socket_28_0 (logdw_socket)) -(typeattributeset logpersist_28_0 (logpersist)) -(typeattributeset logpersistd_logging_prop_28_0 (logpersistd_logging_prop)) -(typeattributeset log_prop_28_0 (log_prop)) -(typeattributeset log_tag_prop_28_0 (log_tag_prop)) -(typeattributeset loop_control_device_28_0 (loop_control_device)) -(typeattributeset loop_device_28_0 (loop_device)) -(typeattributeset lowpan_device_28_0 (lowpan_device)) -(typeattributeset lowpan_prop_28_0 (lowpan_prop)) -(typeattributeset lowpan_service_28_0 (lowpan_service)) -(typeattributeset mac_perms_file_28_0 (mac_perms_file)) -(typeattributeset mdnsd_28_0 (mdnsd)) -(typeattributeset mdnsd_socket_28_0 (mdnsd_socket)) -(typeattributeset mdns_socket_28_0 (mdns_socket)) -(typeattributeset mediacodec_28_0 (mediacodec)) -(typeattributeset mediacodec_exec_28_0 (mediacodec_exec)) -(typeattributeset mediacodec_service_28_0 (mediacodec_service)) -(typeattributeset media_data_file_28_0 (media_data_file)) -(typeattributeset mediadrmserver_28_0 (mediadrmserver)) -(typeattributeset mediadrmserver_exec_28_0 (mediadrmserver_exec)) -(typeattributeset mediadrmserver_service_28_0 (mediadrmserver_service)) -(typeattributeset mediaextractor_28_0 (mediaextractor)) -(typeattributeset mediaextractor_exec_28_0 (mediaextractor_exec)) -(typeattributeset mediaextractor_service_28_0 (mediaextractor_service)) -(typeattributeset mediaextractor_update_service_28_0 (mediaextractor_update_service)) -(typeattributeset mediametrics_28_0 (mediametrics)) -(typeattributeset mediametrics_exec_28_0 (mediametrics_exec)) -(typeattributeset mediametrics_service_28_0 (mediametrics_service)) -(typeattributeset media_projection_service_28_0 (media_projection_service)) -(typeattributeset mediaprovider_28_0 (mediaprovider)) -(typeattributeset media_router_service_28_0 (media_router_service)) -(typeattributeset media_rw_data_file_28_0 (media_rw_data_file)) -(typeattributeset mediaserver_28_0 (mediaserver)) -(typeattributeset mediaserver_exec_28_0 (mediaserver_exec)) -(typeattributeset mediaserver_service_28_0 (mediaserver_service)) -(typeattributeset media_session_service_28_0 (media_session_service)) -(typeattributeset meminfo_service_28_0 (meminfo_service)) -(typeattributeset metadata_block_device_28_0 (metadata_block_device)) -(typeattributeset metadata_file_28_0 (metadata_file)) -(typeattributeset method_trace_data_file_28_0 (method_trace_data_file)) -(typeattributeset midi_service_28_0 (midi_service)) -(typeattributeset misc_block_device_28_0 (misc_block_device)) -(typeattributeset misc_logd_file_28_0 (misc_logd_file)) -(typeattributeset misc_user_data_file_28_0 (misc_user_data_file)) -(typeattributeset mmc_prop_28_0 (mmc_prop)) -(typeattributeset mnt_expand_file_28_0 (mnt_expand_file)) -(typeattributeset mnt_media_rw_file_28_0 (mnt_media_rw_file)) -(typeattributeset mnt_media_rw_stub_file_28_0 (mnt_media_rw_stub_file)) -(typeattributeset mnt_user_file_28_0 (mnt_user_file)) -(typeattributeset mnt_vendor_file_28_0 (mnt_vendor_file)) -(typeattributeset modprobe_28_0 (modprobe)) -(typeattributeset mount_service_28_0 (mount_service)) -(typeattributeset mqueue_28_0 (mqueue)) -(typeattributeset mtd_device_28_0 (mtd_device)) -(typeattributeset mtp_28_0 (mtp)) -(typeattributeset mtp_device_28_0 (mtp_device)) -(typeattributeset mtpd_socket_28_0 (mtpd_socket)) -(typeattributeset mtp_exec_28_0 (mtp_exec)) -(typeattributeset nativetest_data_file_28_0 (nativetest_data_file)) -(typeattributeset netd_28_0 (netd)) -(typeattributeset net_data_file_28_0 (net_data_file)) -(typeattributeset netd_exec_28_0 (netd_exec)) -(typeattributeset netd_listener_service_28_0 (netd_listener_service)) -(typeattributeset net_dns_prop_28_0 (net_dns_prop)) -(typeattributeset netd_service_28_0 (netd_service)) -(typeattributeset netd_socket_28_0 (netd_socket)) -(typeattributeset netd_stable_secret_prop_28_0 (netd_stable_secret_prop)) -(typeattributeset netif_28_0 (netif)) -(typeattributeset netpolicy_service_28_0 (netpolicy_service)) -(typeattributeset net_radio_prop_28_0 (net_radio_prop)) -(typeattributeset netstats_service_28_0 (netstats_service)) -(typeattributeset netutils_wrapper_28_0 (netutils_wrapper)) -(typeattributeset netutils_wrapper_exec_28_0 (netutils_wrapper_exec)) -(typeattributeset network_management_service_28_0 (network_management_service)) -(typeattributeset network_score_service_28_0 (network_score_service)) -(typeattributeset network_time_update_service_28_0 (network_time_update_service)) -(typeattributeset network_watchlist_data_file_28_0 (network_watchlist_data_file)) -(typeattributeset network_watchlist_service_28_0 (network_watchlist_service)) -(typeattributeset nfc_28_0 (nfc)) -(typeattributeset nfc_data_file_28_0 (nfc_data_file)) -(typeattributeset nfc_device_28_0 (nfc_device)) -(typeattributeset nfc_prop_28_0 (nfc_prop)) -(typeattributeset nfc_service_28_0 (nfc_service)) -(typeattributeset node_28_0 (node)) -(typeattributeset nonplat_service_contexts_file_28_0 (nonplat_service_contexts_file)) -(typeattributeset notification_service_28_0 (notification_service)) -(typeattributeset null_device_28_0 (null_device)) -(typeattributeset oemfs_28_0 (oemfs)) -(typeattributeset oem_lock_service_28_0 (oem_lock_service)) -(typeattributeset ota_data_file_28_0 (ota_data_file)) -(typeattributeset otadexopt_service_28_0 (otadexopt_service)) -(typeattributeset ota_package_file_28_0 (ota_package_file)) -(typeattributeset otapreopt_chroot_28_0 (otapreopt_chroot)) -(typeattributeset otapreopt_chroot_exec_28_0 (otapreopt_chroot_exec)) -(typeattributeset otapreopt_slot_28_0 (otapreopt_slot)) -(typeattributeset otapreopt_slot_exec_28_0 (otapreopt_slot_exec)) -(typeattributeset overlay_prop_28_0 (overlay_prop)) -(typeattributeset overlay_service_28_0 (overlay_service)) -(typeattributeset owntty_device_28_0 (owntty_device)) -(typeattributeset package_native_service_28_0 (package_native_service)) -(typeattributeset package_service_28_0 (package_service)) -(typeattributeset pan_result_prop_28_0 (pan_result_prop)) -(typeattributeset pdx_bufferhub_client_channel_socket_28_0 (pdx_bufferhub_client_channel_socket)) -(typeattributeset pdx_bufferhub_client_endpoint_socket_28_0 (pdx_bufferhub_client_endpoint_socket)) -(typeattributeset pdx_bufferhub_dir_28_0 (pdx_bufferhub_dir)) -(typeattributeset pdx_display_client_channel_socket_28_0 (pdx_display_client_channel_socket)) -(typeattributeset pdx_display_client_endpoint_socket_28_0 (pdx_display_client_endpoint_socket)) -(typeattributeset pdx_display_dir_28_0 (pdx_display_dir)) -(typeattributeset pdx_display_manager_channel_socket_28_0 (pdx_display_manager_channel_socket)) -(typeattributeset pdx_display_manager_endpoint_socket_28_0 (pdx_display_manager_endpoint_socket)) -(typeattributeset pdx_display_screenshot_channel_socket_28_0 (pdx_display_screenshot_channel_socket)) -(typeattributeset pdx_display_screenshot_endpoint_socket_28_0 (pdx_display_screenshot_endpoint_socket)) -(typeattributeset pdx_display_vsync_channel_socket_28_0 (pdx_display_vsync_channel_socket)) -(typeattributeset pdx_display_vsync_endpoint_socket_28_0 (pdx_display_vsync_endpoint_socket)) -(typeattributeset pdx_performance_client_channel_socket_28_0 (pdx_performance_client_channel_socket)) -(typeattributeset pdx_performance_client_endpoint_socket_28_0 (pdx_performance_client_endpoint_socket)) -(typeattributeset pdx_performance_dir_28_0 (pdx_performance_dir)) -(typeattributeset performanced_28_0 (performanced)) -(typeattributeset performanced_exec_28_0 (performanced_exec)) -(typeattributeset perfprofd_28_0 (perfprofd)) -(typeattributeset perfprofd_data_file_28_0 (perfprofd_data_file)) -(typeattributeset perfprofd_exec_28_0 (perfprofd_exec)) -(typeattributeset perfprofd_service_28_0 (perfprofd_service)) -(typeattributeset permission_service_28_0 (permission_service)) -(typeattributeset persist_debug_prop_28_0 (persist_debug_prop)) -(typeattributeset persistent_data_block_service_28_0 (persistent_data_block_service)) -(typeattributeset persistent_properties_ready_prop_28_0 (persistent_properties_ready_prop)) -(typeattributeset pinner_service_28_0 (pinner_service)) -(typeattributeset pipefs_28_0 (pipefs)) -(typeattributeset platform_app_28_0 (platform_app)) -(typeattributeset pm_prop_28_0 (pm_prop)) -(typeattributeset pmsg_device_28_0 (pmsg_device)) -(typeattributeset port_28_0 (port)) -(typeattributeset port_device_28_0 (port_device)) -(typeattributeset postinstall_28_0 (postinstall)) -(typeattributeset postinstall_dexopt_28_0 (postinstall_dexopt)) -(typeattributeset postinstall_file_28_0 (postinstall_file)) -(typeattributeset postinstall_mnt_dir_28_0 (postinstall_mnt_dir)) -(typeattributeset powerctl_prop_28_0 (powerctl_prop)) -(typeattributeset power_service_28_0 (power_service)) -(typeattributeset ppp_28_0 (ppp)) -(typeattributeset ppp_device_28_0 (ppp_device)) -(typeattributeset ppp_exec_28_0 (ppp_exec)) -(typeattributeset preloads_data_file_28_0 (preloads_data_file)) -(typeattributeset preloads_media_file_28_0 (preloads_media_file)) -(typeattributeset preopt2cachename_28_0 (preopt2cachename)) -(typeattributeset preopt2cachename_exec_28_0 (preopt2cachename_exec)) -(typeattributeset print_service_28_0 (print_service)) -(typeattributeset priv_app_28_0 (priv_app)) -(typeattributeset proc_28_0 - ( proc - proc_fs_verity - proc_keys - proc_kpageflags - proc_lowmemorykiller - proc_pressure_cpu - proc_pressure_io - proc_pressure_mem - proc_slabinfo)) -(typeattributeset proc_abi_28_0 (proc_abi)) -(typeattributeset proc_asound_28_0 (proc_asound)) -(typeattributeset proc_bluetooth_writable_28_0 (proc_bluetooth_writable)) -(typeattributeset proc_buddyinfo_28_0 (proc_buddyinfo)) -(typeattributeset proc_cmdline_28_0 (proc_cmdline)) -(typeattributeset proc_cpuinfo_28_0 (proc_cpuinfo)) -(typeattributeset proc_dirty_28_0 (proc_dirty)) -(typeattributeset proc_diskstats_28_0 (proc_diskstats)) -(typeattributeset proc_drop_caches_28_0 (proc_drop_caches)) -(typeattributeset processinfo_service_28_0 (processinfo_service)) -(typeattributeset proc_extra_free_kbytes_28_0 (proc_extra_free_kbytes)) -(typeattributeset proc_filesystems_28_0 (proc_filesystems)) -(typeattributeset proc_hostname_28_0 (proc_hostname)) -(typeattributeset proc_hung_task_28_0 (proc_hung_task)) -(typeattributeset proc_interrupts_28_0 (proc_interrupts)) -(typeattributeset proc_iomem_28_0 (proc_iomem)) -(typeattributeset proc_kmsg_28_0 (proc_kmsg)) -(typeattributeset proc_loadavg_28_0 (proc_loadavg)) -(typeattributeset proc_max_map_count_28_0 (proc_max_map_count)) -(typeattributeset proc_meminfo_28_0 (proc_meminfo)) -(typeattributeset proc_min_free_order_shift_28_0 (proc_min_free_order_shift)) -(typeattributeset proc_misc_28_0 (proc_misc)) -(typeattributeset proc_modules_28_0 (proc_modules)) -(typeattributeset proc_mounts_28_0 (proc_mounts)) -(typeattributeset proc_net_28_0 - ( proc_net - proc_net_tcp_udp)) -(typeattributeset proc_overcommit_memory_28_0 (proc_overcommit_memory)) -(typeattributeset proc_page_cluster_28_0 (proc_page_cluster)) -(typeattributeset proc_pagetypeinfo_28_0 (proc_pagetypeinfo)) -(typeattributeset proc_panic_28_0 (proc_panic)) -(typeattributeset proc_perf_28_0 (proc_perf)) -(typeattributeset proc_pid_max_28_0 (proc_pid_max)) -(typeattributeset proc_pipe_conf_28_0 (proc_pipe_conf)) -(typeattributeset proc_qtaguid_stat_28_0 (proc_qtaguid_stat)) -(typeattributeset proc_random_28_0 (proc_random)) -(typeattributeset proc_sched_28_0 (proc_sched)) -(typeattributeset proc_security_28_0 (proc_security)) -(typeattributeset proc_stat_28_0 (proc_stat)) -(typeattributeset procstats_service_28_0 (procstats_service)) -(typeattributeset proc_swaps_28_0 (proc_swaps)) -(typeattributeset proc_sysrq_28_0 (proc_sysrq)) -(typeattributeset proc_timer_28_0 (proc_timer)) -(typeattributeset proc_tty_drivers_28_0 (proc_tty_drivers)) -(typeattributeset proc_uid_concurrent_active_time_28_0 (proc_uid_concurrent_active_time)) -(typeattributeset proc_uid_concurrent_policy_time_28_0 (proc_uid_concurrent_policy_time)) -(typeattributeset proc_uid_cpupower_28_0 (proc_uid_cpupower)) -(typeattributeset proc_uid_cputime_removeuid_28_0 (proc_uid_cputime_removeuid)) -(typeattributeset proc_uid_cputime_showstat_28_0 (proc_uid_cputime_showstat)) -(typeattributeset proc_uid_io_stats_28_0 (proc_uid_io_stats)) -(typeattributeset proc_uid_procstat_set_28_0 (proc_uid_procstat_set)) -(typeattributeset proc_uid_time_in_state_28_0 (proc_uid_time_in_state)) -(typeattributeset proc_uptime_28_0 (proc_uptime)) -(typeattributeset proc_version_28_0 (proc_version)) -(typeattributeset proc_vmallocinfo_28_0 (proc_vmallocinfo)) -(typeattributeset proc_vmstat_28_0 (proc_vmstat)) -(typeattributeset proc_zoneinfo_28_0 (proc_zoneinfo)) -(typeattributeset profman_28_0 (profman)) -(typeattributeset profman_dump_data_file_28_0 (profman_dump_data_file)) -(typeattributeset profman_exec_28_0 (profman_exec)) -(typeattributeset properties_device_28_0 (properties_device)) -(typeattributeset properties_serial_28_0 (properties_serial)) -(typeattributeset property_contexts_file_28_0 (property_contexts_file)) -(typeattributeset property_data_file_28_0 (property_data_file)) -(typeattributeset property_info_28_0 (property_info)) -(typeattributeset property_socket_28_0 (property_socket)) -(typeattributeset pstorefs_28_0 (pstorefs)) -(typeattributeset ptmx_device_28_0 (ptmx_device)) -(typeattributeset qtaguid_device_28_0 (qtaguid_device)) -(typeattributeset qtaguid_proc_28_0 - ( proc_qtaguid_ctrl - qtaguid_proc)) -(typeattributeset racoon_28_0 (racoon)) -(typeattributeset racoon_exec_28_0 (racoon_exec)) -(typeattributeset racoon_socket_28_0 (racoon_socket)) -(typeattributeset radio_28_0 (radio)) -(typeattributeset radio_data_file_28_0 (radio_data_file)) -(typeattributeset radio_device_28_0 (radio_device)) -(typeattributeset radio_prop_28_0 (radio_prop)) -(typeattributeset radio_service_28_0 (radio_service)) -(typeattributeset ram_device_28_0 (ram_device)) -(typeattributeset random_device_28_0 (random_device)) -(typeattributeset recovery_28_0 (recovery)) -(typeattributeset recovery_block_device_28_0 (recovery_block_device)) -(typeattributeset recovery_data_file_28_0 (recovery_data_file)) -(typeattributeset recovery_persist_28_0 (recovery_persist)) -(typeattributeset recovery_persist_exec_28_0 (recovery_persist_exec)) -(typeattributeset recovery_refresh_28_0 (recovery_refresh)) -(typeattributeset recovery_refresh_exec_28_0 (recovery_refresh_exec)) -(typeattributeset recovery_service_28_0 (recovery_service)) -(typeattributeset registry_service_28_0 (registry_service)) -(typeattributeset resourcecache_data_file_28_0 (resourcecache_data_file)) -(typeattributeset restorecon_prop_28_0 (restorecon_prop)) -(typeattributeset restrictions_service_28_0 (restrictions_service)) -(typeattributeset rild_debug_socket_28_0 (rild_debug_socket)) -(typeattributeset rild_socket_28_0 (rild_socket)) -(typeattributeset ringtone_file_28_0 (ringtone_file)) -(typeattributeset root_block_device_28_0 (root_block_device)) -(typeattributeset rootfs_28_0 (rootfs)) -(typeattributeset rpmsg_device_28_0 (rpmsg_device)) -(typeattributeset rtc_device_28_0 (rtc_device)) -(typeattributeset rttmanager_service_28_0 (rttmanager_service)) -(typeattributeset runas_28_0 (runas)) -(typeattributeset runas_exec_28_0 (runas_exec)) -(typeattributeset runtime_event_log_tags_file_28_0 (runtime_event_log_tags_file)) -(typeattributeset safemode_prop_28_0 (safemode_prop)) -(typeattributeset same_process_hal_file_28_0 - ( same_process_hal_file - vendor_public_lib_file)) -(typeattributeset samplingprofiler_service_28_0 (samplingprofiler_service)) -(typeattributeset scheduling_policy_service_28_0 (scheduling_policy_service)) -(typeattributeset sdcardd_28_0 (sdcardd)) -(typeattributeset sdcardd_exec_28_0 (sdcardd_exec)) -(typeattributeset sdcardfs_28_0 (sdcardfs)) -(typeattributeset seapp_contexts_file_28_0 (seapp_contexts_file)) -(typeattributeset search_service_28_0 (search_service)) -(typeattributeset sec_key_att_app_id_provider_service_28_0 (sec_key_att_app_id_provider_service)) -(typeattributeset secure_element_28_0 (secure_element)) -(typeattributeset secure_element_device_28_0 (secure_element_device)) -(typeattributeset secure_element_service_28_0 (secure_element_service)) -(typeattributeset selinuxfs_28_0 (selinuxfs)) -(typeattributeset sensors_device_28_0 (sensors_device)) -(typeattributeset sensorservice_service_28_0 (sensorservice_service)) -(typeattributeset sepolicy_file_28_0 (sepolicy_file)) -(typeattributeset serial_device_28_0 (serial_device)) -(typeattributeset serialno_prop_28_0 (serialno_prop)) -(typeattributeset serial_service_28_0 (serial_service)) -(typeattributeset service_contexts_file_28_0 (service_contexts_file)) -(typeattributeset servicediscovery_service_28_0 (servicediscovery_service)) -(typeattributeset servicemanager_28_0 (servicemanager)) -(typeattributeset servicemanager_exec_28_0 (servicemanager_exec)) -(typeattributeset settings_service_28_0 (settings_service)) -(typeattributeset sgdisk_28_0 (sgdisk)) -(typeattributeset sgdisk_exec_28_0 (sgdisk_exec)) -(typeattributeset shared_relro_28_0 (shared_relro)) -(typeattributeset shared_relro_file_28_0 (shared_relro_file)) -(typeattributeset shell_28_0 (shell)) -(typeattributeset shell_data_file_28_0 (shell_data_file)) -(typeattributeset shell_exec_28_0 (shell_exec)) -(typeattributeset shell_prop_28_0 (shell_prop)) -(typeattributeset shm_28_0 (shm)) -(typeattributeset shortcut_manager_icons_28_0 (shortcut_manager_icons)) -(typeattributeset shortcut_service_28_0 (shortcut_service)) -(typeattributeset slice_service_28_0 (slice_service)) -(typeattributeset slideshow_28_0 (slideshow)) -(typeattributeset socket_device_28_0 (socket_device)) -(typeattributeset sockfs_28_0 (sockfs)) -(typeattributeset statusbar_service_28_0 (statusbar_service)) -(typeattributeset storaged_service_28_0 (storaged_service)) -(typeattributeset storage_file_28_0 (storage_file)) -(typeattributeset storagestats_service_28_0 (storagestats_service)) -(typeattributeset storage_stub_file_28_0 (storage_stub_file)) -(typeattributeset su_28_0 (su)) -(typeattributeset su_exec_28_0 (su_exec)) -(typeattributeset surfaceflinger_28_0 (surfaceflinger)) -(typeattributeset surfaceflinger_service_28_0 (surfaceflinger_service)) -(typeattributeset swap_block_device_28_0 (swap_block_device)) -(typeattributeset sysfs_28_0 - ( sysfs - sysfs_devices_block - sysfs_extcon - sysfs_loop - sysfs_transparent_hugepage)) -(typeattributeset sysfs_android_usb_28_0 (sysfs_android_usb)) -(typeattributeset sysfs_batteryinfo_28_0 (sysfs_batteryinfo)) -(typeattributeset sysfs_bluetooth_writable_28_0 (sysfs_bluetooth_writable)) -(typeattributeset sysfs_devices_system_cpu_28_0 (sysfs_devices_system_cpu)) -(typeattributeset sysfs_dm_28_0 (sysfs_dm)) -(typeattributeset sysfs_dt_firmware_android_28_0 (sysfs_dt_firmware_android)) -(typeattributeset sysfs_fs_ext4_features_28_0 (sysfs_fs_ext4_features)) -(typeattributeset sysfs_hwrandom_28_0 (sysfs_hwrandom)) -(typeattributeset sysfs_ipv4_28_0 (sysfs_ipv4)) -(typeattributeset sysfs_kernel_notes_28_0 (sysfs_kernel_notes)) -(typeattributeset sysfs_leds_28_0 (sysfs_leds)) -(typeattributeset sysfs_lowmemorykiller_28_0 (sysfs_lowmemorykiller)) -(typeattributeset sysfs_mac_address_28_0 (sysfs_mac_address)) -(typeattributeset sysfs_net_28_0 (sysfs_net)) -(typeattributeset sysfs_nfc_power_writable_28_0 (sysfs_nfc_power_writable)) -(typeattributeset sysfs_power_28_0 (sysfs_power)) -(typeattributeset sysfs_rtc_28_0 (sysfs_rtc)) -(typeattributeset sysfs_switch_28_0 (sysfs_switch)) -(typeattributeset sysfs_thermal_28_0 (sysfs_thermal)) -(typeattributeset sysfs_uio_28_0 (sysfs_uio)) -(typeattributeset sysfs_usb_28_0 (sysfs_usb)) -(typeattributeset sysfs_usermodehelper_28_0 (sysfs_usermodehelper)) -(typeattributeset sysfs_vibrator_28_0 (sysfs_vibrator)) -(typeattributeset sysfs_wake_lock_28_0 (sysfs_wake_lock)) -(typeattributeset sysfs_wakeup_reasons_28_0 (sysfs_wakeup_reasons)) -(typeattributeset sysfs_wlan_fwpath_28_0 (sysfs_wlan_fwpath)) -(typeattributeset sysfs_zram_28_0 (sysfs_zram)) -(typeattributeset sysfs_zram_uevent_28_0 (sysfs_zram_uevent)) -(typeattributeset system_app_28_0 (system_app)) -(typeattributeset system_app_data_file_28_0 (system_app_data_file)) -(typeattributeset system_app_service_28_0 (system_app_service)) -(typeattributeset system_block_device_28_0 (system_block_device)) -(typeattributeset system_boot_reason_prop_28_0 (system_boot_reason_prop)) -(typeattributeset system_data_file_28_0 - ( dropbox_data_file - system_data_file - packages_list_file)) -(typeattributeset system_file_28_0 - ( system_file - system_asan_options_file - system_lib_file - system_linker_config_file - system_linker_exec - system_seccomp_policy_file - system_security_cacerts_file - tcpdump_exec - system_zoneinfo_file -)) -(typeattributeset systemkeys_data_file_28_0 (systemkeys_data_file)) -(typeattributeset system_ndebug_socket_28_0 (system_ndebug_socket)) -(typeattributeset system_net_netd_hwservice_28_0 (system_net_netd_hwservice)) -(typeattributeset system_prop_28_0 (system_prop)) -(typeattributeset system_radio_prop_28_0 (system_radio_prop)) -(typeattributeset system_server_28_0 (system_server)) -(typeattributeset system_update_service_28_0 (system_update_service)) -(typeattributeset system_wifi_keystore_hwservice_28_0 (system_wifi_keystore_hwservice)) -(typeattributeset system_wpa_socket_28_0 (system_wpa_socket)) -(typeattributeset task_service_28_0 (task_service)) -(typeattributeset tee_28_0 (tee)) -(typeattributeset tee_data_file_28_0 (tee_data_file)) -(typeattributeset tee_device_28_0 (tee_device)) -(typeattributeset telecom_service_28_0 (telecom_service)) -(typeattributeset test_boot_reason_prop_28_0 (test_boot_reason_prop)) -(typeattributeset textclassification_service_28_0 (textclassification_service)) -(typeattributeset textclassifier_data_file_28_0 (textclassifier_data_file)) -(typeattributeset textservices_service_28_0 (textservices_service)) -(typeattributeset thermalcallback_hwservice_28_0 (thermalcallback_hwservice)) -(typeattributeset thermal_service_28_0 (thermal_service)) -(typeattributeset thermalserviced_28_0 (thermalserviced)) -(typeattributeset thermalserviced_exec_28_0 (thermalserviced_exec)) -(typeattributeset timezone_service_28_0 (timezone_service)) -(typeattributeset tmpfs_28_0 - ( mnt_sdcard_file - tmpfs)) -(typeattributeset tombstoned_28_0 (tombstoned)) -(typeattributeset tombstone_data_file_28_0 (tombstone_data_file)) -(typeattributeset tombstoned_crash_socket_28_0 (tombstoned_crash_socket)) -(typeattributeset tombstoned_exec_28_0 (tombstoned_exec)) -(typeattributeset tombstoned_intercept_socket_28_0 (tombstoned_intercept_socket)) -(typeattributeset tombstoned_java_trace_socket_28_0 (tombstoned_java_trace_socket)) -(typeattributeset tombstone_wifi_data_file_28_0 (tombstone_wifi_data_file)) -(typeattributeset toolbox_28_0 (toolbox)) -(typeattributeset toolbox_exec_28_0 (toolbox_exec)) -(typeattributeset trace_data_file_28_0 (trace_data_file)) -(typeattributeset traced_consumer_socket_28_0 (traced_consumer_socket)) -(typeattributeset traced_enabled_prop_28_0 (traced_enabled_prop)) -(typeattributeset traced_probes_28_0 (traced_probes)) -(typeattributeset traced_producer_socket_28_0 (traced_producer_socket)) -(typeattributeset traceur_app_28_0 (traceur_app)) -(typeattributeset trust_service_28_0 (trust_service)) -(typeattributeset tty_device_28_0 (tty_device)) -(typeattributeset tun_device_28_0 (tun_device)) -(typeattributeset tv_input_service_28_0 (tv_input_service)) -(typeattributeset tzdatacheck_28_0 (tzdatacheck)) -(typeattributeset tzdatacheck_exec_28_0 (tzdatacheck_exec)) -(typeattributeset ueventd_28_0 (ueventd)) -(typeattributeset uhid_device_28_0 (uhid_device)) -(typeattributeset uimode_service_28_0 (uimode_service)) -(typeattributeset uio_device_28_0 (uio_device)) -(typeattributeset uncrypt_28_0 (uncrypt)) -(typeattributeset uncrypt_exec_28_0 (uncrypt_exec)) -(typeattributeset uncrypt_socket_28_0 (uncrypt_socket)) -(typeattributeset unencrypted_data_file_28_0 (unencrypted_data_file)) -(typeattributeset unlabeled_28_0 (unlabeled)) -(typeattributeset untrusted_app_25_28_0 (untrusted_app_25)) -(typeattributeset untrusted_app_27_28_0 (untrusted_app_27)) -(typeattributeset untrusted_app_28_0 (untrusted_app)) -(typeattributeset untrusted_v2_app_28_0 (untrusted_v2_app)) -(typeattributeset update_engine_28_0 (update_engine)) -(typeattributeset update_engine_data_file_28_0 (update_engine_data_file)) -(typeattributeset update_engine_exec_28_0 (update_engine_exec)) -(typeattributeset update_engine_log_data_file_28_0 (update_engine_log_data_file)) -(typeattributeset update_engine_service_28_0 (update_engine_service)) -(typeattributeset updatelock_service_28_0 (updatelock_service)) -(typeattributeset update_verifier_28_0 (update_verifier)) -(typeattributeset update_verifier_exec_28_0 (update_verifier_exec)) -(typeattributeset usagestats_service_28_0 (usagestats_service)) -(typeattributeset usbaccessory_device_28_0 (usbaccessory_device)) -(typeattributeset usbd_28_0 (usbd)) -(typeattributeset usb_device_28_0 (usb_device)) -(typeattributeset usbd_exec_28_0 (usbd_exec)) -(typeattributeset usbfs_28_0 (usbfs)) -(typeattributeset usb_service_28_0 (usb_service)) -(typeattributeset userdata_block_device_28_0 (userdata_block_device)) -(typeattributeset usermodehelper_28_0 (usermodehelper)) -(typeattributeset user_profile_data_file_28_0 (user_profile_data_file)) -(typeattributeset user_service_28_0 (user_service)) -(typeattributeset vcs_device_28_0 (vcs_device)) -(typeattributeset vdc_28_0 (vdc)) -(typeattributeset vdc_exec_28_0 (vdc_exec)) -(typeattributeset vendor_app_file_28_0 (vendor_app_file)) -(typeattributeset vendor_configs_file_28_0 (vendor_configs_file)) -(typeattributeset vendor_data_file_28_0 (vendor_data_file)) -(typeattributeset vendor_default_prop_28_0 (vendor_default_prop)) -(typeattributeset vendor_file_28_0 (vendor_file)) -(typeattributeset vendor_framework_file_28_0 (vendor_framework_file)) -(typeattributeset vendor_hal_file_28_0 (vendor_hal_file)) -(typeattributeset vendor_init_28_0 (vendor_init)) -(typeattributeset vendor_overlay_file_28_0 (vendor_overlay_file)) -(typeattributeset vendor_security_patch_level_prop_28_0 (vendor_security_patch_level_prop)) -(typeattributeset vendor_shell_28_0 (vendor_shell)) -(typeattributeset vendor_shell_exec_28_0 (vendor_shell_exec)) -(typeattributeset vendor_toolbox_exec_28_0 (vendor_toolbox_exec)) -(typeattributeset vfat_28_0 (vfat)) -(typeattributeset vibrator_service_28_0 (vibrator_service)) -(typeattributeset video_device_28_0 (video_device)) -(typeattributeset virtual_touchpad_28_0 (virtual_touchpad)) -(typeattributeset virtual_touchpad_exec_28_0 (virtual_touchpad_exec)) -(typeattributeset virtual_touchpad_service_28_0 (virtual_touchpad_service)) -(typeattributeset vndbinder_device_28_0 (vndbinder_device)) -(typeattributeset vndk_sp_file_28_0 (vndk_sp_file)) -(typeattributeset vndservice_contexts_file_28_0 (vndservice_contexts_file)) -(typeattributeset vndservicemanager_28_0 (vndservicemanager)) -(typeattributeset voiceinteraction_service_28_0 (voiceinteraction_service)) -(typeattributeset vold_28_0 (vold)) -(typeattributeset vold_data_file_28_0 (vold_data_file)) -(typeattributeset vold_device_28_0 (vold_device)) -(typeattributeset vold_exec_28_0 (vold_exec)) -(typeattributeset vold_metadata_file_28_0 (vold_metadata_file)) -(typeattributeset vold_prepare_subdirs_28_0 (vold_prepare_subdirs)) -(typeattributeset vold_prepare_subdirs_exec_28_0 (vold_prepare_subdirs_exec)) -(typeattributeset vold_prop_28_0 (vold_prop)) -(typeattributeset vold_service_28_0 (vold_service)) -(typeattributeset vpn_data_file_28_0 (vpn_data_file)) -(typeattributeset vr_hwc_28_0 (vr_hwc)) -(typeattributeset vr_hwc_exec_28_0 (vr_hwc_exec)) -(typeattributeset vr_hwc_service_28_0 (vr_hwc_service)) -(typeattributeset vr_manager_service_28_0 (vr_manager_service)) -(typeattributeset wallpaper_file_28_0 (wallpaper_file)) -(typeattributeset wallpaper_service_28_0 (wallpaper_service)) -(typeattributeset watchdogd_28_0 (watchdogd)) -(typeattributeset watchdog_device_28_0 (watchdog_device)) -(typeattributeset webviewupdate_service_28_0 (webviewupdate_service)) -(typeattributeset webview_zygote_28_0 (webview_zygote)) -(typeattributeset webview_zygote_exec_28_0 (webview_zygote_exec)) -(typeattributeset wifiaware_service_28_0 (wifiaware_service)) -(typeattributeset wificond_28_0 (wificond)) -(typeattributeset wificond_exec_28_0 (wificond_exec)) -(typeattributeset wificond_service_28_0 (wificond_service)) -(typeattributeset wifi_data_file_28_0 (wifi_data_file)) -(typeattributeset wifi_log_prop_28_0 (wifi_log_prop)) -(typeattributeset wifip2p_service_28_0 (wifip2p_service)) -(typeattributeset wifi_prop_28_0 (wifi_prop)) -(typeattributeset wifiscanner_service_28_0 (wifiscanner_service)) -(typeattributeset wifi_service_28_0 (wifi_service)) -(typeattributeset window_service_28_0 (window_service)) -(typeattributeset wpantund_28_0 (wpantund)) -(typeattributeset wpantund_exec_28_0 (wpantund_exec)) -(typeattributeset wpantund_service_28_0 (wpantund_service)) -(typeattributeset wpa_socket_28_0 (wpa_socket)) -(typeattributeset zero_device_28_0 (zero_device)) -(typeattributeset zoneinfo_data_file_28_0 (zoneinfo_data_file)) -(typeattributeset zygote_28_0 (zygote)) -(typeattributeset zygote_exec_28_0 (zygote_exec)) -(typeattributeset zygote_socket_28_0 (zygote_socket)) diff --git a/prebuilts/api/29.0/private/compat/28.0/28.0.compat.cil b/prebuilts/api/29.0/private/compat/28.0/28.0.compat.cil deleted file mode 100644 index 9031d15c7..000000000 --- a/prebuilts/api/29.0/private/compat/28.0/28.0.compat.cil +++ /dev/null @@ -1,4 +0,0 @@ -(typeattribute vendordomain) -(typeattributeset vendordomain ((and (domain) ((not (coredomain)))))) -(allowx vendordomain dev_type (ioctl blk_file ((range 0x0000 0xffff)))) -(allowx vendordomain file_type (ioctl file ((range 0x0000 0xffff)))) diff --git a/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil b/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil deleted file mode 100644 index 796321ad6..000000000 --- a/prebuilts/api/29.0/private/compat/28.0/28.0.ignore.cil +++ /dev/null @@ -1,149 +0,0 @@ -;; new_objects - a collection of types that have been introduced that have no -;; analogue in older policy. Thus, we do not need to map these types to -;; previous ones. Add here to pass checkapi tests. -(type new_objects) -(typeattribute new_objects) -(typeattributeset new_objects - ( new_objects - activity_task_service - adb_service - apex_data_file - apex_metadata_file - apex_mnt_dir - apex_service - apexd - apexd_exec - apexd_prop - apexd_tmpfs - appdomain_tmpfs - app_binding_service - app_prediction_service - app_zygote - app_zygote_tmpfs - ashmemd - ashmem_device_service - attention_service - biometric_service - bluetooth_audio_hal_prop - bpf_progs_loaded_prop - bugreport_service - cgroup_desc_file - cgroup_rc_file - charger_exec - content_capture_service - content_suggestions_service - cpu_variant_prop - ctl_gsid_prop - dev_cpu_variant - device_config_activity_manager_native_boot_prop - device_config_boot_count_prop - device_config_input_native_boot_prop - device_config_netd_native_prop - device_config_reset_performed_prop - device_config_runtime_native_boot_prop - device_config_runtime_native_prop - device_config_media_native_prop - device_config_service - dnsresolver_service - dynamic_android_service - dynamic_system_prop - face_service - face_vendor_data_file - fastbootd - flags_health_check - flags_health_check_exec - fwk_bufferhub_hwservice - fwk_camera_hwservice - fwk_stats_hwservice - gpuservice - gsi_data_file - gsi_metadata_file - gsi_service - gsid - gsid_exec - gsid_prop - color_display_service - external_vibrator_service - hal_atrace_hwservice - hal_face_hwservice - hal_graphics_composer_server_tmpfs - hal_health_storage_hwservice - hal_input_classifier_hwservice - hal_power_stats_hwservice - heapprofd - heapprofd_enabled_prop - heapprofd_exec - heapprofd_prop - heapprofd_socket - idmap_service - iris_service - iris_vendor_data_file - llkd - llkd_exec - llkd_prop - llkd_tmpfs - looper_stats_service - lpdumpd - lpdumpd_exec - lpdumpd_prop - lpdump_service - iorapd - iorapd_exec - iorapd_data_file - iorapd_service - iorapd_tmpfs - mediaswcodec - mediaswcodec_exec - mediaswcodec_tmpfs - mnt_product_file - network_stack - network_stack_service - network_stack_tmpfs - nnapi_ext_deny_product_prop - overlayfs_file - password_slot_metadata_file - permissionmgr_service - postinstall_apex_mnt_dir - recovery_socket - role_service - rs - rs_exec - rss_hwm_reset - rss_hwm_reset_exec - runas_app - runas_app_tmpfs - runtime_service - sdcard_block_device - sensor_privacy_service - server_configurable_flags_data_file - simpleperf_app_runner - simpleperf_app_runner_exec - su_tmpfs - super_block_device - sysfs_fs_f2fs - system_bootstrap_lib_file - system_event_log_tags_file - system_lmk_prop - system_suspend_hwservice - system_suspend_control_service - system_trace_prop - staging_data_file - task_profiles_file - testharness_service - test_harness_prop - time_prop - timedetector_service - timezonedetector_service - traced_lazy_prop - uri_grants_service - use_memfd_prop - vendor_apex_file - vendor_cgroup_desc_file - vendor_idc_file - vendor_keychars_file - vendor_keylayout_file - vendor_misc_writer - vendor_misc_writer_exec - vendor_task_profiles_file - vrflinger_vsync_service - watchdogd_tmpfs)) diff --git a/prebuilts/api/29.0/private/coredomain.te b/prebuilts/api/29.0/private/coredomain.te deleted file mode 100644 index 169f6b249..000000000 --- a/prebuilts/api/29.0/private/coredomain.te +++ /dev/null @@ -1,207 +0,0 @@ -get_prop(coredomain, pm_prop) -get_prop(coredomain, exported_pm_prop) - -full_treble_only(` -neverallow { - coredomain - - # for chowning - -init - - # generic access to sysfs_type - -ueventd - -vold -} sysfs_leds:file *; -') - -# On TREBLE devices, a limited set of files in /vendor are accessible to -# only a few whitelisted coredomains to keep system/vendor separation. -full_treble_only(` - # Limit access to /vendor/app - neverallow { - coredomain - -appdomain - -dex2oat - -idmap - -init - -installd - userdebug_or_eng(`-perfprofd') - userdebug_or_eng(`-heapprofd') - -postinstall_dexopt - -rs # spawned by appdomain, so carryover the exception above - -system_server - } vendor_app_file:dir { open read getattr search }; -') - -full_treble_only(` - neverallow { - coredomain - -appdomain - -dex2oat - -idmap - -init - -installd - userdebug_or_eng(`-perfprofd') - userdebug_or_eng(`-heapprofd') - -postinstall_dexopt - -rs # spawned by appdomain, so carryover the exception above - -system_server - -mediaserver - } vendor_app_file:file r_file_perms; -') - -full_treble_only(` - # Limit access to /vendor/overlay - neverallow { - coredomain - -appdomain - -idmap - -init - -installd - -postinstall_dexopt - -rs # spawned by appdomain, so carryover the exception above - -system_server - -app_zygote - -webview_zygote - -zygote - userdebug_or_eng(`-heapprofd') - } vendor_overlay_file:dir { getattr open read search }; -') - -full_treble_only(` - neverallow { - coredomain - -appdomain - -idmap - -init - -installd - -postinstall_dexopt - -rs # spawned by appdomain, so carryover the exception above - -system_server - -app_zygote - -webview_zygote - -zygote - userdebug_or_eng(`-heapprofd') - } vendor_overlay_file:file r_file_perms; -') - -# Core domains are not permitted to use kernel interfaces which are not -# explicitly labeled. -# TODO(b/65643247): Apply these neverallow rules to all coredomain. -full_treble_only(` - # /proc - neverallow { - coredomain - -init - -vold - } proc:file no_rw_file_perms; - - # /sys - neverallow { - coredomain - -init - -ueventd - -vold - } sysfs:file no_rw_file_perms; - - # /dev - neverallow { - coredomain - -fsck - -init - -ueventd - } device:{ blk_file file } no_rw_file_perms; - - # debugfs - neverallow { - coredomain - -dumpstate - -init - -system_server - } debugfs:file no_rw_file_perms; - - # tracefs - neverallow { - coredomain - -atrace - -dumpstate - -init - userdebug_or_eng(`-perfprofd') - -traced_probes - -shell - -traceur_app - } debugfs_tracing:file no_rw_file_perms; - - # inotifyfs - neverallow { - coredomain - -init - } inotify:file no_rw_file_perms; - - # pstorefs - neverallow { - coredomain - -bootstat - -charger - -dumpstate - -healthd - userdebug_or_eng(`-incidentd') - -init - -logd - -logpersist - -recovery_persist - -recovery_refresh - -shell - -system_server - } pstorefs:file no_rw_file_perms; - - # configfs - neverallow { - coredomain - -init - -system_server - } configfs:file no_rw_file_perms; - - # functionfs - neverallow { - coredomain - -adbd - -init - -mediaprovider - -system_server - } functionfs:file no_rw_file_perms; - - # usbfs and binfmt_miscfs - neverallow { - coredomain - -init - }{ usbfs binfmt_miscfs }:file no_rw_file_perms; -') - -# Following /dev nodes must not be directly accessed by coredomain, but should -# instead be wrapped by HALs. -neverallow coredomain { - iio_device - radio_device -}:chr_file { open read append write ioctl }; - -# TODO(b/120243891): HAL permission to tee_device is included into coredomain -# on non-Treble devices. -full_treble_only(` - neverallow coredomain tee_device:chr_file { open read append write ioctl }; -') - -# Allow access to ashmemd to request /dev/ashmem fds. -allow { - coredomain - -init - -iorapd - -perfprofd -} ashmem_device_service:service_manager find; - -binder_call({ - coredomain - -init - -iorapd - -perfprofd -}, ashmemd) diff --git a/prebuilts/api/29.0/private/cppreopts.te b/prebuilts/api/29.0/private/cppreopts.te deleted file mode 100644 index 1a8fa0bf3..000000000 --- a/prebuilts/api/29.0/private/cppreopts.te +++ /dev/null @@ -1,27 +0,0 @@ -# cppreopts -# -# This command copies preopted files from the system_b partition to the data -# partition. This domain ensures that we are only copying into specific -# directories. - -type cppreopts, domain, mlstrustedsubject, coredomain; -type cppreopts_exec, system_file_type, exec_type, file_type; - -# Technically not a daemon but we do want the transition from init domain to -# cppreopts to occur. -init_daemon_domain(cppreopts) -domain_auto_trans(cppreopts, preopt2cachename_exec, preopt2cachename); - -# Allow cppreopts copy files into the dalvik-cache -allow cppreopts dalvikcache_data_file:dir { add_name remove_name search write }; -allow cppreopts dalvikcache_data_file:file { create getattr open read rename write unlink }; - -# Allow cppreopts to execute itself using #!/system/bin/sh -allow cppreopts shell_exec:file rx_file_perms; - -# Allow us to run find on /postinstall -allow cppreopts system_file:dir { open read }; - -# Allow running the cp command using cppreopts permissions. Needed so we can -# write into dalvik-cache -allow cppreopts toolbox_exec:file rx_file_perms; diff --git a/prebuilts/api/29.0/private/crash_dump.te b/prebuilts/api/29.0/private/crash_dump.te deleted file mode 100644 index f130327da..000000000 --- a/prebuilts/api/29.0/private/crash_dump.te +++ /dev/null @@ -1,49 +0,0 @@ -typeattribute crash_dump coredomain; - -# Crash dump does not need to access devices passed across exec(). -dontaudit crash_dump { devpts dev_type }:chr_file { read write }; - -allow crash_dump { - domain - -apexd - -bpfloader - -crash_dump - -init - -kernel - -keystore - -llkd - -logd - -ueventd - -vendor_init - -vold -}:process { ptrace signal sigchld sigstop sigkill }; -userdebug_or_eng(` - allow crash_dump { apexd llkd logd vold }:process { ptrace signal sigchld sigstop sigkill }; -') - -### -### neverallow assertions -### - -# ptrace neverallow assertions are spread throughout the other policy -# files, so we avoid adding redundant assertions here - -neverallow crash_dump { - apexd - userdebug_or_eng(`-apexd') - bpfloader - init - kernel - keystore - llkd - userdebug_or_eng(`-llkd') - logd - userdebug_or_eng(`-logd') - ueventd - vendor_init - vold - userdebug_or_eng(`-vold') -}:process { signal sigstop sigkill }; - -neverallow crash_dump self:process ptrace; -neverallow crash_dump gpu_device:chr_file *; diff --git a/prebuilts/api/29.0/private/dex2oat.te b/prebuilts/api/29.0/private/dex2oat.te deleted file mode 100644 index 7907f6c2a..000000000 --- a/prebuilts/api/29.0/private/dex2oat.te +++ /dev/null @@ -1,84 +0,0 @@ -# dex2oat -type dex2oat, domain, coredomain; -type dex2oat_exec, system_file_type, exec_type, file_type; - -r_dir_file(dex2oat, apk_data_file) -# Access to /vendor/app -r_dir_file(dex2oat, vendor_app_file) -# Access /vendor/framework -allow dex2oat vendor_framework_file:dir { getattr search }; -allow dex2oat vendor_framework_file:file { getattr open read map }; - -allow dex2oat tmpfs:file { read getattr map }; - -r_dir_file(dex2oat, dalvikcache_data_file) -allow dex2oat dalvikcache_data_file:file write; -# Read symlinks in /data/dalvik-cache. This is required for PIC mode boot images, where -# the oat file is symlinked to the original file in /system. -allow dex2oat dalvikcache_data_file:lnk_file read; -allow dex2oat installd:fd use; - -# Acquire advisory lock on /system/framework/arm/* -allow dex2oat system_file:file lock; - -# Read already open asec_apk_file file descriptors passed by installd. -# Also allow reading unlabeled files, to allow for upgrading forward -# locked APKs. -allow dex2oat asec_apk_file:file { read map }; -allow dex2oat unlabeled:file { read map }; -allow dex2oat oemfs:file { read map }; -allow dex2oat apk_tmp_file:dir search; -allow dex2oat apk_tmp_file:file r_file_perms; -allow dex2oat user_profile_data_file:file { getattr read lock map }; - -# Allow dex2oat to compile app's secondary dex files which were reported back to -# the framework. -allow dex2oat { privapp_data_file app_data_file }:file { getattr read write lock map }; - -################## -# A/B OTA Dexopt # -################## - -# Allow dex2oat to use file descriptors from otapreopt. -allow dex2oat postinstall_dexopt:fd use; - -# Allow dex2oat to read files under /postinstall (e.g. APKs under /system, /system/bin/linker). -allow dex2oat postinstall_file:dir r_dir_perms; -allow dex2oat postinstall_file:filesystem getattr; -allow dex2oat postinstall_file:lnk_file { getattr read }; -allow dex2oat postinstall_file:file read; -# Allow dex2oat to use libraries under /postinstall/system (e.g. /system/lib/libc.so). -# TODO(b/120266448): Remove when Bionic libraries are part of the Runtime APEX. -allow dex2oat postinstall_file:file { execute getattr open }; - -# Allow dex2oat access to /postinstall/apex. -allow dex2oat postinstall_apex_mnt_dir:dir { getattr search }; - -# Allow dex2oat access to files in /data/ota. -allow dex2oat ota_data_file:dir ra_dir_perms; -allow dex2oat ota_data_file:file r_file_perms; - -# Create and read symlinks in /data/ota/dalvik-cache. This is required for PIC mode boot images, -# where the oat file is symlinked to the original file in /system. -allow dex2oat ota_data_file:lnk_file { create read }; - -# It would be nice to tie this down, but currently, because of how images are written, we can't -# pass file descriptors for the preopted boot image to dex2oat. So dex2oat needs to be able to -# create them itself (and make them world-readable). -allow dex2oat ota_data_file:file { create w_file_perms setattr }; - -############### -# APEX Update # -############### - -# /dev/zero is inherited. -allow dex2oat apexd:fd use; - -# Allow dex2oat to use file descriptors from preinstall. -allow dex2oat art_apex_preinstall:fd use; - -############## -# Neverallow # -############## - -neverallow dex2oat { privapp_data_file app_data_file }:notdevfile_class_set open; diff --git a/prebuilts/api/29.0/private/dexoptanalyzer.te b/prebuilts/api/29.0/private/dexoptanalyzer.te deleted file mode 100644 index 59554c857..000000000 --- a/prebuilts/api/29.0/private/dexoptanalyzer.te +++ /dev/null @@ -1,32 +0,0 @@ -# dexoptanalyzer -type dexoptanalyzer, domain, coredomain, mlstrustedsubject; -type dexoptanalyzer_exec, system_file_type, exec_type, file_type; -type dexoptanalyzer_tmpfs, file_type; - -# Reading an APK opens a ZipArchive, which unpack to tmpfs. -# Use tmpfs_domain() which will give tmpfs files created by dexoptanalyzer their -# own label, which differs from other labels created by other processes. -# This allows to distinguish in policy files created by dexoptanalyzer vs other -#processes. -tmpfs_domain(dexoptanalyzer) - -# Read symlinks in /data/dalvik-cache. This is required for PIC mode boot -# app_data_file the oat file is symlinked to the original file in /system. -allow dexoptanalyzer dalvikcache_data_file:dir { getattr search }; -allow dexoptanalyzer dalvikcache_data_file:file r_file_perms; -allow dexoptanalyzer dalvikcache_data_file:lnk_file read; - -allow dexoptanalyzer installd:fd use; -allow dexoptanalyzer installd:fifo_file { getattr write }; - -# Allow reading secondary dex files that were reported by the app to the -# package manager. -allow dexoptanalyzer { privapp_data_file app_data_file }:dir { getattr search }; -allow dexoptanalyzer { privapp_data_file app_data_file }:file { getattr read }; -# dexoptanalyzer calls access(2) with W_OK flag on app data. We can use the -# "dontaudit...audit_access" policy line to suppress the audit access without -# suppressing denial on actual access. -dontaudit dexoptanalyzer { privapp_data_file app_data_file }:dir audit_access; - -# Allow testing /data/user/0 which symlinks to /data/data -allow dexoptanalyzer system_data_file:lnk_file { getattr }; diff --git a/prebuilts/api/29.0/private/dhcp.te b/prebuilts/api/29.0/private/dhcp.te deleted file mode 100644 index b2f8ac7c7..000000000 --- a/prebuilts/api/29.0/private/dhcp.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute dhcp coredomain; - -init_daemon_domain(dhcp) -type_transition dhcp system_data_file:{ dir file } dhcp_data_file; diff --git a/prebuilts/api/29.0/private/dnsmasq.te b/prebuilts/api/29.0/private/dnsmasq.te deleted file mode 100644 index 96084b490..000000000 --- a/prebuilts/api/29.0/private/dnsmasq.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute dnsmasq coredomain; diff --git a/prebuilts/api/29.0/private/domain.te b/prebuilts/api/29.0/private/domain.te deleted file mode 100644 index 037a7d52e..000000000 --- a/prebuilts/api/29.0/private/domain.te +++ /dev/null @@ -1,314 +0,0 @@ -# Transition to crash_dump when /system/bin/crash_dump* is executed. -# This occurs when the process crashes. -# We do not apply this to the su domain to avoid interfering with -# tests (b/114136122) -domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump); -allow domain crash_dump:process sigchld; - -# Allow every process to check the heapprofd.enable properties to determine -# whether to load the heap profiling library. This does not necessarily enable -# heap profiling, as initialization will fail if it does not have the -# necessary SELinux permissions. -get_prop(domain, heapprofd_prop); -# Allow heap profiling on debug builds. -userdebug_or_eng(`can_profile_heap_userdebug_or_eng({ - domain - -bpfloader - -init - -kernel - -keystore - -llkd - -logd - -logpersist - -recovery - -recovery_persist - -recovery_refresh - -ueventd - -vendor_init - -vold -})') - -# Path resolution access in cgroups. -allow domain cgroup:dir search; -allow { domain -appdomain -rs } cgroup:dir w_dir_perms; -allow { domain -appdomain -rs } cgroup:file w_file_perms; - -allow domain cgroup_rc_file:dir search; -allow domain cgroup_rc_file:file r_file_perms; -allow domain task_profiles_file:file r_file_perms; -allow domain vendor_task_profiles_file:file r_file_perms; - -# Allow all domains to read sys.use_memfd to determine -# if memfd support can be used if device supports it -get_prop(domain, use_memfd_prop); - -# For now, everyone can access core property files -# Device specific properties are not granted by default -not_compatible_property(` - get_prop(domain, core_property_type) - get_prop(domain, exported_dalvik_prop) - get_prop(domain, exported_ffs_prop) - get_prop(domain, exported_system_radio_prop) - get_prop(domain, exported2_config_prop) - get_prop(domain, exported2_radio_prop) - get_prop(domain, exported2_system_prop) - get_prop(domain, exported2_vold_prop) - get_prop(domain, exported3_default_prop) - get_prop(domain, exported3_radio_prop) - get_prop(domain, exported3_system_prop) - get_prop(domain, vendor_default_prop) -') -compatible_property_only(` - get_prop({coredomain appdomain shell}, core_property_type) - get_prop({coredomain appdomain shell}, exported_dalvik_prop) - get_prop({coredomain appdomain shell}, exported_ffs_prop) - get_prop({coredomain appdomain shell}, exported_system_radio_prop) - get_prop({coredomain appdomain shell}, exported2_config_prop) - get_prop({coredomain appdomain shell}, exported2_radio_prop) - get_prop({coredomain appdomain shell}, exported2_system_prop) - get_prop({coredomain appdomain shell}, exported2_vold_prop) - get_prop({coredomain appdomain shell}, exported3_default_prop) - get_prop({coredomain appdomain shell}, exported3_radio_prop) - get_prop({coredomain appdomain shell}, exported3_system_prop) - get_prop({domain -coredomain -appdomain}, vendor_default_prop) -') - -# Allow access to fsverity keyring. -allow domain kernel:key search; -# Allow access to keys in the fsverity keyring that were installed at boot. -allow domain fsverity_init:key search; -# For testing purposes, allow access to keys installed with su. -userdebug_or_eng(` - allow domain su:key search; -') - -# Limit ability to ptrace or read sensitive /proc/pid files of processes -# with other UIDs to these whitelisted domains. -neverallow { - domain - -vold - userdebug_or_eng(`-llkd') - -dumpstate - userdebug_or_eng(`-incidentd') - -storaged - -system_server - userdebug_or_eng(`-perfprofd') -} self:global_capability_class_set sys_ptrace; - -# Limit ability to generate hardware unique device ID attestations to priv_apps -neverallow { domain -priv_app } *:keystore_key gen_unique_id; - -neverallow { - domain - -init - -vendor_init - userdebug_or_eng(`-domain') -} debugfs_tracing_debug:file no_rw_file_perms; - -# System_server owns dropbox data, and init creates/restorecons the directory -# Disallow direct access by other processes. -neverallow { domain -init -system_server } dropbox_data_file:dir *; -neverallow { domain -init -system_server } dropbox_data_file:file ~{ getattr read }; - -### -# Services should respect app sandboxes -neverallow { - domain - -appdomain - -installd # creation of sandbox -} { privapp_data_file app_data_file }:dir_file_class_set { create unlink }; - -# Only the following processes should be directly accessing private app -# directories. -neverallow { - domain - -adbd - -appdomain - -app_zygote - -dexoptanalyzer - -installd - userdebug_or_eng(`-perfprofd') - -profman - -rs # spawned by appdomain, so carryover the exception above - -runas - -system_server - -viewcompiler -} { privapp_data_file app_data_file }:dir *; - -# Only apps should be modifying app data. installd is exempted for -# restorecon and package install/uninstall. -neverallow { - domain - -appdomain - -installd - -rs # spawned by appdomain, so carryover the exception above -} { privapp_data_file app_data_file }:dir ~r_dir_perms; - -neverallow { - domain - -appdomain - -app_zygote - -installd - userdebug_or_eng(`-perfprofd') - -rs # spawned by appdomain, so carryover the exception above -} { privapp_data_file app_data_file }:file_class_set open; - -neverallow { - domain - -appdomain - -installd # creation of sandbox -} { privapp_data_file app_data_file }:dir_file_class_set { create unlink }; - -neverallow { - domain - -installd -} { privapp_data_file app_data_file }:dir_file_class_set { relabelfrom relabelto }; - -# The staging directory contains APEX and APK files. It is important to ensure -# that these files cannot be accessed by other domains to ensure that the files -# do not change between system_server staging the files and apexd processing -# the files. -neverallow { domain -init -system_server -apexd -installd} staging_data_file:dir *; -neverallow { domain -init -system_server -apexd -kernel -installd } staging_data_file:file *; -neverallow { domain -init -system_server -installd} staging_data_file:dir no_w_dir_perms; -# apexd needs the link and unlink permissions, so list every `no_w_file_perms` -# except for `link` and `unlink`. -neverallow { domain -init -system_server } staging_data_file:file - { append create relabelfrom rename setattr write no_x_file_perms }; - -neverallow { - domain - -appdomain # for oemfs - -bootanim # for oemfs - -recovery # for /tmp/update_binary in tmpfs -} { fs_type -rootfs }:file execute; - -# -# Assert that, to the extent possible, we're not loading executable content from -# outside the rootfs or /system partition except for a few whitelisted domains. -# Executable files loaded from /data is a persistence vector -# we want to avoid. See -# https://bugs.chromium.org/p/project-zero/issues/detail?id=955 for example. -# -neverallow { - domain - -appdomain - with_asan(`-asan_extract') - -shell - userdebug_or_eng(`-su') - -system_server_startup # for memfd backed executable regions - -app_zygote - -webview_zygote - -zygote - userdebug_or_eng(`-mediaextractor') - userdebug_or_eng(`-mediaswcodec') -} { - file_type - -system_file_type - -system_lib_file - -system_linker_exec - -vendor_file_type - -exec_type - -postinstall_file -}:file execute; - -# Only init is allowed to write cgroup.rc file -neverallow { - domain - -init - -vendor_init -} cgroup_rc_file:file no_w_file_perms; - -# Only authorized processes should be writing to files in /data/dalvik-cache -neverallow { - domain - -init # TODO: limit init to relabelfrom for files - -zygote - -installd - -postinstall_dexopt - -cppreopts - -dex2oat - -otapreopt_slot - -art_apex_postinstall - -art_apex_boot_integrity -} dalvikcache_data_file:file no_w_file_perms; - -neverallow { - domain - -init - -installd - -postinstall_dexopt - -cppreopts - -dex2oat - -zygote - -otapreopt_slot - -art_apex_boot_integrity - -art_apex_postinstall -} dalvikcache_data_file:dir no_w_dir_perms; - -# Minimize dac_override and dac_read_search. -# Instead of granting them it is usually better to add the domain to -# a Unix group or change the permissions of a file. -define(`dac_override_allowed', `{ - dnsmasq - dumpstate - init - installd - install_recovery - userdebug_or_eng(`llkd') - lmkd - netd - perfprofd - postinstall_dexopt - recovery - rss_hwm_reset - sdcardd - tee - ueventd - uncrypt - vendor_init - vold - vold_prepare_subdirs - zygote -}') -neverallow ~dac_override_allowed self:global_capability_class_set dac_override; -# Since the kernel checks dac_read_search before dac_override, domains that -# have dac_override should also have dac_read_search to eliminate spurious -# denials. Some domains have dac_read_search without having dac_override, so -# this list should be a superset of the one above. -neverallow ~{ - dac_override_allowed - traced_probes - userdebug_or_eng(`heapprofd') -} self:global_capability_class_set dac_read_search; - -# Limit what domains can mount filesystems or change their mount flags. -# sdcard_type / vfat is exempt as a larger set of domains need -# this capability, including device-specific domains. -neverallow { - domain - -apexd - recovery_only(`userdebug_or_eng(`-fastbootd')') - -init - -kernel - -otapreopt_chroot - -recovery - -update_engine - -vold - -zygote -} { fs_type -sdcard_type }:filesystem { mount remount relabelfrom relabelto }; - -# Limit raw I/O to these whitelisted domains. Do not apply to debug builds. -neverallow { - domain - userdebug_or_eng(`-domain') - -kernel - -gsid - -init - -recovery - -ueventd - -healthd - -uncrypt - -tee - -hal_bootctl_server -} self:global_capability_class_set sys_rawio; diff --git a/prebuilts/api/29.0/private/drmserver.te b/prebuilts/api/29.0/private/drmserver.te deleted file mode 100644 index afe4f0aae..000000000 --- a/prebuilts/api/29.0/private/drmserver.te +++ /dev/null @@ -1,7 +0,0 @@ -typeattribute drmserver coredomain; - -init_daemon_domain(drmserver) - -type_transition drmserver apk_data_file:sock_file drmserver_socket; - -typeattribute drmserver_socket coredomain_socket; diff --git a/prebuilts/api/29.0/private/dumpstate.te b/prebuilts/api/29.0/private/dumpstate.te deleted file mode 100644 index 4f6d96aaf..000000000 --- a/prebuilts/api/29.0/private/dumpstate.te +++ /dev/null @@ -1,52 +0,0 @@ -typeattribute dumpstate coredomain; - -init_daemon_domain(dumpstate) - -# Execute and transition to the vdc domain -domain_auto_trans(dumpstate, vdc_exec, vdc) - -# Acquire advisory lock on /system/etc/xtables.lock from ip[6]tables -allow dumpstate system_file:file lock; - -allow dumpstate storaged_exec:file rx_file_perms; - -# /data/misc/wmtrace for wm traces -userdebug_or_eng(` - allow dumpstate wm_trace_data_file:dir r_dir_perms; - allow dumpstate wm_trace_data_file:file r_file_perms; -') - -# Allow dumpstate to make binder calls to incidentd -binder_call(dumpstate, incidentd) - -# Allow dumpstate to make binder calls to storaged service -binder_call(dumpstate, storaged) - -# Allow dumpstate to make binder calls to statsd -binder_call(dumpstate, statsd) - -# Allow dumpstate to talk to gpuservice over binder -binder_call(dumpstate, gpuservice); - -# Allow dumpstate to talk to idmap over binder -binder_call(dumpstate, idmap); - -# Collect metrics on boot time created by init -get_prop(dumpstate, boottime_prop) - -# Signal native processes to dump their stack. -allow dumpstate { - statsd - netd -}:process signal; - -# For collecting bugreports. -allow dumpstate debugfs_wakeup_sources:file r_file_perms; -allow dumpstate dev_type:blk_file getattr; -allow dumpstate webview_zygote:process signal; -dontaudit dumpstate perfprofd:binder call; -dontaudit dumpstate update_engine:binder call; -allow dumpstate proc_net_tcp_udp:file r_file_perms; - -# For comminucating with the system process to do confirmation ui. -binder_call(dumpstate, incidentcompanion_service) diff --git a/prebuilts/api/29.0/private/ephemeral_app.te b/prebuilts/api/29.0/private/ephemeral_app.te deleted file mode 100644 index 1283e2178..000000000 --- a/prebuilts/api/29.0/private/ephemeral_app.te +++ /dev/null @@ -1,102 +0,0 @@ -### -### Ephemeral apps. -### -### This file defines the security policy for apps with the ephemeral -### feature. -### -### The ephemeral_app domain is a reduced permissions sandbox allowing -### ephemeral applications to be safely installed and run. Non ephemeral -### applications may also opt-in to ephemeral to take advantage of the -### additional security features. -### -### PackageManager flags an app as ephemeral at install time. - -typeattribute ephemeral_app coredomain; - -net_domain(ephemeral_app) -app_domain(ephemeral_app) - -# Allow ephemeral apps to read/write files in visible storage if provided fds -allow ephemeral_app { sdcard_type media_rw_data_file }:file {read write getattr ioctl lock append}; - -# Some apps ship with shared libraries and binaries that they write out -# to their sandbox directory and then execute. -allow ephemeral_app privapp_data_file:file { r_file_perms execute }; -allow ephemeral_app app_data_file:file { r_file_perms execute }; - -# Follow priv-app symlinks. This is used for dynamite functionality. -allow ephemeral_app privapp_data_file:lnk_file r_file_perms; - -# Allow the renderscript compiler to be run. -domain_auto_trans(ephemeral_app, rs_exec, rs) - -# Allow loading and deleting shared libraries created by trusted system -# components within an application home directory. -allow ephemeral_app app_exec_data_file:file { r_file_perms execute unlink }; - -# services -allow ephemeral_app audioserver_service:service_manager find; -allow ephemeral_app cameraserver_service:service_manager find; -allow ephemeral_app mediaserver_service:service_manager find; -allow ephemeral_app mediaextractor_service:service_manager find; -allow ephemeral_app mediacodec_service:service_manager find; -allow ephemeral_app mediametrics_service:service_manager find; -allow ephemeral_app mediadrmserver_service:service_manager find; -allow ephemeral_app drmserver_service:service_manager find; -allow ephemeral_app radio_service:service_manager find; -allow ephemeral_app ephemeral_app_api_service:service_manager find; -allow ephemeral_app gpu_service:service_manager find; - -# Allow ephemeral apps to interact with gpuservice -binder_call(ephemeral_app, gpuservice) - -# Write app-specific trace data to the Perfetto traced damon. This requires -# connecting to its producer socket and obtaining a (per-process) tmpfs fd. -allow ephemeral_app traced:fd use; -allow ephemeral_app traced_tmpfs:file { read write getattr map }; -unix_socket_connect(ephemeral_app, traced_producer, traced) - -# Allow heap profiling if the app opts in by being marked -# profileable/debuggable. -can_profile_heap(ephemeral_app) - -# allow ephemeral apps to use UDP sockets provided by the system server but not -# modify them other than to connect -allow ephemeral_app system_server:udp_socket { - connect getattr read recvfrom sendto write getopt setopt }; - -allow ephemeral_app ashmem_device:chr_file rw_file_perms; - -### -### neverallow rules -### - -neverallow ephemeral_app { app_data_file privapp_data_file }:file execute_no_trans; - -# Receive or send uevent messages. -neverallow ephemeral_app domain:netlink_kobject_uevent_socket *; - -# Receive or send generic netlink messages -neverallow ephemeral_app domain:netlink_socket *; - -# Too much leaky information in debugfs. It's a security -# best practice to ensure these files aren't readable. -neverallow ephemeral_app debugfs:file read; - -# execute gpu_device -neverallow ephemeral_app gpu_device:chr_file execute; - -# access files in /sys with the default sysfs label -neverallow ephemeral_app sysfs:file *; - -# Avoid reads from generically labeled /proc files -# Create a more specific label if needed -neverallow ephemeral_app proc:file { no_rw_file_perms no_x_file_perms }; - -# Directly access external storage -neverallow ephemeral_app { sdcard_type media_rw_data_file }:file {open create}; -neverallow ephemeral_app { sdcard_type media_rw_data_file }:dir search; - -# Avoid reads to proc_net, it contains too much device wide information about -# ongoing connections. -neverallow ephemeral_app proc_net:file no_rw_file_perms; diff --git a/prebuilts/api/29.0/private/fastbootd.te b/prebuilts/api/29.0/private/fastbootd.te deleted file mode 100644 index 29a9157e6..000000000 --- a/prebuilts/api/29.0/private/fastbootd.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute fastbootd coredomain; diff --git a/prebuilts/api/29.0/private/file.te b/prebuilts/api/29.0/private/file.te deleted file mode 100644 index a856792f9..000000000 --- a/prebuilts/api/29.0/private/file.te +++ /dev/null @@ -1,22 +0,0 @@ -# /proc/config.gz -type config_gz, fs_type, proc_type; - -# /data/misc/storaged -type storaged_data_file, file_type, data_file_type, core_data_file_type; - -# /data/misc/wmtrace for wm traces -type wm_trace_data_file, file_type, data_file_type, core_data_file_type; - -# /data/misc/perfetto-traces for perfetto traces -type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type; - -# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds. -type debugfs_kcov, fs_type, debugfs_type; - -# App executable files in /data/data directories -type app_exec_data_file, file_type, data_file_type, core_data_file_type; -typealias app_exec_data_file alias rs_data_file; - -# /data/misc_[ce|de]/rollback : Used by installd to store snapshots -# of application data. -type rollback_data_file, file_type, data_file_type, core_data_file_type; diff --git a/prebuilts/api/29.0/private/file_contexts b/prebuilts/api/29.0/private/file_contexts deleted file mode 100644 index 141749a8f..000000000 --- a/prebuilts/api/29.0/private/file_contexts +++ /dev/null @@ -1,652 +0,0 @@ -########################################### -# Root -/ u:object_r:rootfs:s0 - -# Data files -/adb_keys u:object_r:adb_keys_file:s0 -/build\.prop u:object_r:rootfs:s0 -/default\.prop u:object_r:rootfs:s0 -/fstab\..* u:object_r:rootfs:s0 -/init\..* u:object_r:rootfs:s0 -/res(/.*)? u:object_r:rootfs:s0 -/selinux_version u:object_r:rootfs:s0 -/ueventd\..* u:object_r:rootfs:s0 -/verity_key u:object_r:rootfs:s0 - -# Executables -/init u:object_r:init_exec:s0 -/sbin(/.*)? u:object_r:rootfs:s0 - -# For kernel modules -/lib(/.*)? u:object_r:rootfs:s0 - -# Empty directories -/lost\+found u:object_r:rootfs:s0 -/acct u:object_r:cgroup:s0 -/config u:object_r:rootfs:s0 -/debug_ramdisk u:object_r:tmpfs:s0 -/mnt u:object_r:tmpfs:s0 -/postinstall u:object_r:postinstall_mnt_dir:s0 -/postinstall/apex u:object_r:postinstall_apex_mnt_dir:s0 -/proc u:object_r:rootfs:s0 -/sys u:object_r:sysfs:s0 -/apex u:object_r:apex_mnt_dir:s0 - -# Symlinks -/bin u:object_r:rootfs:s0 -/bugreports u:object_r:rootfs:s0 -/charger u:object_r:rootfs:s0 -/d u:object_r:rootfs:s0 -/etc u:object_r:rootfs:s0 -/sdcard u:object_r:rootfs:s0 - -# SELinux policy files -/vendor_file_contexts u:object_r:file_contexts_file:s0 -/nonplat_file_contexts u:object_r:file_contexts_file:s0 -/plat_file_contexts u:object_r:file_contexts_file:s0 -/product_file_contexts u:object_r:file_contexts_file:s0 -/mapping_sepolicy\.cil u:object_r:sepolicy_file:s0 -/nonplat_sepolicy\.cil u:object_r:sepolicy_file:s0 -/plat_sepolicy\.cil u:object_r:sepolicy_file:s0 -/plat_property_contexts u:object_r:property_contexts_file:s0 -/product_property_contexts u:object_r:property_contexts_file:s0 -/nonplat_property_contexts u:object_r:property_contexts_file:s0 -/vendor_property_contexts u:object_r:property_contexts_file:s0 -/seapp_contexts u:object_r:seapp_contexts_file:s0 -/nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0 -/vendor_seapp_contexts u:object_r:seapp_contexts_file:s0 -/plat_seapp_contexts u:object_r:seapp_contexts_file:s0 -/sepolicy u:object_r:sepolicy_file:s0 -/plat_service_contexts u:object_r:service_contexts_file:s0 -/plat_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/nonplat_service_contexts u:object_r:nonplat_service_contexts_file:s0 -# Use nonplat_service_contexts_file to allow servicemanager to read it -# on non full-treble devices. -/vendor_service_contexts u:object_r:nonplat_service_contexts_file:s0 -/nonplat_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/vendor_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/vndservice_contexts u:object_r:vndservice_contexts_file:s0 - -########################## -# Devices -# -/dev(/.*)? u:object_r:device:s0 -/dev/adf[0-9]* u:object_r:graphics_device:s0 -/dev/adf-interface[0-9]*\.[0-9]* u:object_r:graphics_device:s0 -/dev/adf-overlay-engine[0-9]*\.[0-9]* u:object_r:graphics_device:s0 -/dev/ashmem u:object_r:ashmem_device:s0 -/dev/audio.* u:object_r:audio_device:s0 -/dev/binder u:object_r:binder_device:s0 -/dev/block(/.*)? u:object_r:block_device:s0 -/dev/block/dm-[0-9]+ u:object_r:dm_device:s0 -/dev/block/loop[0-9]* u:object_r:loop_device:s0 -/dev/block/vold/.+ u:object_r:vold_device:s0 -/dev/block/ram[0-9]* u:object_r:ram_device:s0 -/dev/block/zram[0-9]* u:object_r:ram_device:s0 -/dev/bus/usb(.*)? u:object_r:usb_device:s0 -/dev/console u:object_r:console_device:s0 -/dev/cpu_variant:.* u:object_r:dev_cpu_variant:s0 -/dev/device-mapper u:object_r:dm_device:s0 -/dev/eac u:object_r:audio_device:s0 -/dev/event-log-tags u:object_r:runtime_event_log_tags_file:s0 -/dev/cgroup_info(/.*)? u:object_r:cgroup_rc_file:s0 -/dev/fscklogs(/.*)? u:object_r:fscklogs:s0 -/dev/fuse u:object_r:fuse_device:s0 -/dev/graphics(/.*)? u:object_r:graphics_device:s0 -/dev/hw_random u:object_r:hw_random_device:s0 -/dev/hwbinder u:object_r:hwbinder_device:s0 -/dev/input(/.*)? u:object_r:input_device:s0 -/dev/iio:device[0-9]+ u:object_r:iio_device:s0 -/dev/ion u:object_r:ion_device:s0 -/dev/keychord u:object_r:keychord_device:s0 -/dev/loop-control u:object_r:loop_control_device:s0 -/dev/modem.* u:object_r:radio_device:s0 -/dev/mtp_usb u:object_r:mtp_device:s0 -/dev/pmsg0 u:object_r:pmsg_device:s0 -/dev/pn544 u:object_r:nfc_device:s0 -/dev/port u:object_r:port_device:s0 -/dev/ppp u:object_r:ppp_device:s0 -/dev/ptmx u:object_r:ptmx_device:s0 -/dev/pvrsrvkm u:object_r:gpu_device:s0 -/dev/kmsg u:object_r:kmsg_device:s0 -/dev/kmsg_debug u:object_r:kmsg_debug_device:s0 -/dev/null u:object_r:null_device:s0 -/dev/nvhdcp1 u:object_r:video_device:s0 -/dev/random u:object_r:random_device:s0 -/dev/rpmsg-omx[0-9] u:object_r:rpmsg_device:s0 -/dev/rproc_user u:object_r:rpmsg_device:s0 -/dev/rtc[0-9] u:object_r:rtc_device:s0 -/dev/snd(/.*)? u:object_r:audio_device:s0 -/dev/socket(/.*)? u:object_r:socket_device:s0 -/dev/socket/adbd u:object_r:adbd_socket:s0 -/dev/socket/dnsproxyd u:object_r:dnsproxyd_socket:s0 -/dev/socket/dumpstate u:object_r:dumpstate_socket:s0 -/dev/socket/fwmarkd u:object_r:fwmarkd_socket:s0 -/dev/socket/lmkd u:object_r:lmkd_socket:s0 -/dev/socket/logd u:object_r:logd_socket:s0 -/dev/socket/logdr u:object_r:logdr_socket:s0 -/dev/socket/logdw u:object_r:logdw_socket:s0 -/dev/socket/statsdw u:object_r:statsdw_socket:s0 -/dev/socket/mdns u:object_r:mdns_socket:s0 -/dev/socket/mdnsd u:object_r:mdnsd_socket:s0 -/dev/socket/mtpd u:object_r:mtpd_socket:s0 -/dev/socket/netd u:object_r:netd_socket:s0 -/dev/socket/pdx/system/buffer_hub u:object_r:pdx_bufferhub_dir:s0 -/dev/socket/pdx/system/buffer_hub/client u:object_r:pdx_bufferhub_client_endpoint_socket:s0 -/dev/socket/pdx/system/performance u:object_r:pdx_performance_dir:s0 -/dev/socket/pdx/system/performance/client u:object_r:pdx_performance_client_endpoint_socket:s0 -/dev/socket/pdx/system/vr/display u:object_r:pdx_display_dir:s0 -/dev/socket/pdx/system/vr/display/client u:object_r:pdx_display_client_endpoint_socket:s0 -/dev/socket/pdx/system/vr/display/manager u:object_r:pdx_display_manager_endpoint_socket:s0 -/dev/socket/pdx/system/vr/display/screenshot u:object_r:pdx_display_screenshot_endpoint_socket:s0 -/dev/socket/pdx/system/vr/display/vsync u:object_r:pdx_display_vsync_endpoint_socket:s0 -/dev/socket/property_service u:object_r:property_socket:s0 -/dev/socket/racoon u:object_r:racoon_socket:s0 -/dev/socket/recovery u:object_r:recovery_socket:s0 -/dev/socket/rild u:object_r:rild_socket:s0 -/dev/socket/rild-debug u:object_r:rild_debug_socket:s0 -/dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0 -/dev/socket/tombstoned_java_trace u:object_r:tombstoned_java_trace_socket:s0 -/dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0 -/dev/socket/traced_producer u:object_r:traced_producer_socket:s0 -/dev/socket/traced_consumer u:object_r:traced_consumer_socket:s0 -/dev/socket/heapprofd u:object_r:heapprofd_socket:s0 -/dev/socket/uncrypt u:object_r:uncrypt_socket:s0 -/dev/socket/wpa_eth[0-9] u:object_r:wpa_socket:s0 -/dev/socket/wpa_wlan[0-9] u:object_r:wpa_socket:s0 -/dev/socket/zygote u:object_r:zygote_socket:s0 -/dev/socket/zygote_secondary u:object_r:zygote_socket:s0 -/dev/socket/blastula_pool u:object_r:zygote_socket:s0 -/dev/socket/blastula_pool_secondary u:object_r:zygote_socket:s0 -/dev/spdif_out.* u:object_r:audio_device:s0 -/dev/tty u:object_r:owntty_device:s0 -/dev/tty[0-9]* u:object_r:tty_device:s0 -/dev/ttyS[0-9]* u:object_r:serial_device:s0 -/dev/tun u:object_r:tun_device:s0 -/dev/uhid u:object_r:uhid_device:s0 -/dev/uinput u:object_r:uhid_device:s0 -/dev/uio[0-9]* u:object_r:uio_device:s0 -/dev/urandom u:object_r:random_device:s0 -/dev/usb_accessory u:object_r:usbaccessory_device:s0 -/dev/v4l-touch[0-9]* u:object_r:input_device:s0 -/dev/video[0-9]* u:object_r:video_device:s0 -/dev/vndbinder u:object_r:vndbinder_device:s0 -/dev/watchdog u:object_r:watchdog_device:s0 -/dev/xt_qtaguid u:object_r:qtaguid_device:s0 -/dev/zero u:object_r:zero_device:s0 -/dev/__properties__ u:object_r:properties_device:s0 -/dev/__properties__/property_info u:object_r:property_info:s0 -############################# -# System files -# -/system(/.*)? u:object_r:system_file:s0 -/system/lib(64)?(/.*)? u:object_r:system_lib_file:s0 -/system/lib(64)?/bootstrap(/.*)? u:object_r:system_bootstrap_lib_file:s0 -/system/bin/atrace u:object_r:atrace_exec:s0 -/system/bin/ashmemd u:object_r:ashmemd_exec:s0 -/system/bin/auditctl u:object_r:auditctl_exec:s0 -/system/bin/bcc u:object_r:rs_exec:s0 -/system/bin/blank_screen u:object_r:blank_screen_exec:s0 -/system/bin/charger u:object_r:charger_exec:s0 -/system/bin/e2fsdroid u:object_r:e2fs_exec:s0 -/system/bin/mke2fs u:object_r:e2fs_exec:s0 -/system/bin/e2fsck -- u:object_r:fsck_exec:s0 -/system/bin/fsck\.exfat -- u:object_r:fsck_exec:s0 -/system/bin/fsck\.f2fs -- u:object_r:fsck_exec:s0 -/system/bin/init u:object_r:init_exec:s0 -# TODO(/123600489): merge mini-keyctl into toybox -/system/bin/mini-keyctl -- u:object_r:toolbox_exec:s0 -/system/bin/fsverity_init u:object_r:fsverity_init_exec:s0 -/system/bin/sload_f2fs -- u:object_r:e2fs_exec:s0 -/system/bin/make_f2fs -- u:object_r:e2fs_exec:s0 -/system/bin/fsck_msdos -- u:object_r:fsck_exec:s0 -/system/bin/tcpdump -- u:object_r:tcpdump_exec:s0 -/system/bin/tune2fs -- u:object_r:fsck_exec:s0 -/system/bin/toolbox -- u:object_r:toolbox_exec:s0 -/system/bin/toybox -- u:object_r:toolbox_exec:s0 -/system/bin/ld\.mc u:object_r:rs_exec:s0 -/system/bin/logcat -- u:object_r:logcat_exec:s0 -/system/bin/logcatd -- u:object_r:logcat_exec:s0 -/system/bin/sh -- u:object_r:shell_exec:s0 -/system/bin/run-as -- u:object_r:runas_exec:s0 -/system/bin/bootanimation u:object_r:bootanim_exec:s0 -/system/bin/bootstat u:object_r:bootstat_exec:s0 -/system/bin/app_process32 u:object_r:zygote_exec:s0 -/system/bin/app_process64 u:object_r:zygote_exec:s0 -/system/bin/servicemanager u:object_r:servicemanager_exec:s0 -/system/bin/hwservicemanager u:object_r:hwservicemanager_exec:s0 -/system/bin/surfaceflinger u:object_r:surfaceflinger_exec:s0 -/system/bin/gpuservice u:object_r:gpuservice_exec:s0 -/system/bin/bufferhubd u:object_r:bufferhubd_exec:s0 -/system/bin/performanced u:object_r:performanced_exec:s0 -/system/bin/drmserver u:object_r:drmserver_exec:s0 -/system/bin/dumpstate u:object_r:dumpstate_exec:s0 -/system/bin/incident u:object_r:incident_exec:s0 -/system/bin/incidentd u:object_r:incidentd_exec:s0 -/system/bin/incident_helper u:object_r:incident_helper_exec:s0 -/system/bin/iw u:object_r:iw_exec:s0 -/system/bin/netutils-wrapper-1\.0 u:object_r:netutils_wrapper_exec:s0 -/system/bin/vold u:object_r:vold_exec:s0 -/system/bin/netd u:object_r:netd_exec:s0 -/system/bin/wificond u:object_r:wificond_exec:s0 -/system/bin/audioserver u:object_r:audioserver_exec:s0 -/system/bin/mediadrmserver u:object_r:mediadrmserver_exec:s0 -/system/bin/mediaserver u:object_r:mediaserver_exec:s0 -/system/bin/mediametrics u:object_r:mediametrics_exec:s0 -/system/bin/cameraserver u:object_r:cameraserver_exec:s0 -/system/bin/mediaextractor u:object_r:mediaextractor_exec:s0 -/system/bin/mediaswcodec u:object_r:mediaswcodec_exec:s0 -/system/bin/mdnsd u:object_r:mdnsd_exec:s0 -/system/bin/installd u:object_r:installd_exec:s0 -/system/bin/otapreopt_chroot u:object_r:otapreopt_chroot_exec:s0 -/system/bin/otapreopt_slot u:object_r:otapreopt_slot_exec:s0 -/system/bin/art_apex_boot_integrity u:object_r:art_apex_boot_integrity_exec:s0 -/system/bin/keystore u:object_r:keystore_exec:s0 -/system/bin/fingerprintd u:object_r:fingerprintd_exec:s0 -/system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0 -/system/bin/crash_dump32 u:object_r:crash_dump_exec:s0 -/system/bin/crash_dump64 u:object_r:crash_dump_exec:s0 -/system/bin/tombstoned u:object_r:tombstoned_exec:s0 -/system/bin/recovery-persist u:object_r:recovery_persist_exec:s0 -/system/bin/recovery-refresh u:object_r:recovery_refresh_exec:s0 -/system/bin/sdcard u:object_r:sdcardd_exec:s0 -/system/bin/dhcpcd u:object_r:dhcp_exec:s0 -/system/bin/dhcpcd-6\.8\.2 u:object_r:dhcp_exec:s0 -/system/bin/mtpd u:object_r:mtp_exec:s0 -/system/bin/pppd u:object_r:ppp_exec:s0 -/system/bin/racoon u:object_r:racoon_exec:s0 -/system/xbin/su u:object_r:su_exec:s0 -/system/bin/perfprofd u:object_r:perfprofd_exec:s0 -/system/bin/dnsmasq u:object_r:dnsmasq_exec:s0 -/system/bin/healthd u:object_r:healthd_exec:s0 -/system/bin/clatd u:object_r:clatd_exec:s0 -/system/bin/linker(64)? u:object_r:system_linker_exec:s0 -/system/bin/bootstrap/linker(64)? u:object_r:system_linker_exec:s0 -/system/bin/llkd u:object_r:llkd_exec:s0 -/system/bin/lmkd u:object_r:lmkd_exec:s0 -/system/bin/usbd u:object_r:usbd_exec:s0 -/system/bin/inputflinger u:object_r:inputflinger_exec:s0 -/system/bin/logd u:object_r:logd_exec:s0 -/system/bin/lpdumpd u:object_r:lpdumpd_exec:s0 -/system/bin/rss_hwm_reset u:object_r:rss_hwm_reset_exec:s0 -/system/bin/perfetto u:object_r:perfetto_exec:s0 -/system/bin/traced u:object_r:traced_exec:s0 -/system/bin/traced_probes u:object_r:traced_probes_exec:s0 -/system/bin/heapprofd u:object_r:heapprofd_exec:s0 -/system/bin/uncrypt u:object_r:uncrypt_exec:s0 -/system/bin/update_verifier u:object_r:update_verifier_exec:s0 -/system/bin/logwrapper u:object_r:system_file:s0 -/system/bin/vdc u:object_r:vdc_exec:s0 -/system/bin/cppreopts\.sh u:object_r:cppreopts_exec:s0 -/system/bin/preloads_copy\.sh u:object_r:preloads_copy_exec:s0 -/system/bin/preopt2cachename u:object_r:preopt2cachename_exec:s0 -/system/bin/install-recovery\.sh u:object_r:install_recovery_exec:s0 -/system/bin/dex2oat(d)? u:object_r:dex2oat_exec:s0 -/system/bin/dexoptanalyzer(d)? u:object_r:dexoptanalyzer_exec:s0 -/system/bin/viewcompiler u:object_r:viewcompiler_exec:s0 -/system/bin/profman(d)? u:object_r:profman_exec:s0 -/system/bin/iorapd u:object_r:iorapd_exec:s0 -/system/bin/sgdisk u:object_r:sgdisk_exec:s0 -/system/bin/blkid u:object_r:blkid_exec:s0 -/system/bin/tzdatacheck u:object_r:tzdatacheck_exec:s0 -/system/bin/flags_health_check -- u:object_r:flags_health_check_exec:s0 -/system/bin/idmap u:object_r:idmap_exec:s0 -/system/bin/idmap2(d)? u:object_r:idmap_exec:s0 -/system/bin/update_engine u:object_r:update_engine_exec:s0 -/system/bin/storaged u:object_r:storaged_exec:s0 -/system/bin/thermalserviced u:object_r:thermalserviced_exec:s0 -/system/bin/wpantund u:object_r:wpantund_exec:s0 -/system/bin/virtual_touchpad u:object_r:virtual_touchpad_exec:s0 -/system/bin/hw/android\.frameworks\.bufferhub@1\.0-service u:object_r:fwk_bufferhub_exec:s0 -/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_default_exec:s0 -/system/bin/hw/android\.system\.suspend@1\.0-service u:object_r:system_suspend_exec:s0 -/system/etc/cgroups\.json u:object_r:cgroup_desc_file:s0 -/system/etc/event-log-tags u:object_r:system_event_log_tags_file:s0 -/system/etc/ld\.config.* u:object_r:system_linker_config_file:s0 -/system/etc/seccomp_policy(/.*)? u:object_r:system_seccomp_policy_file:s0 -/system/etc/security/cacerts(/.*)? u:object_r:system_security_cacerts_file:s0 -/system/etc/selinux/mapping/[0-9]+\.[0-9]+\.cil u:object_r:sepolicy_file:s0 -/system/etc/selinux/plat_mac_permissions\.xml u:object_r:mac_perms_file:s0 -/system/etc/selinux/plat_property_contexts u:object_r:property_contexts_file:s0 -/system/etc/selinux/plat_service_contexts u:object_r:service_contexts_file:s0 -/system/etc/selinux/plat_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/system/etc/selinux/plat_file_contexts u:object_r:file_contexts_file:s0 -/system/etc/selinux/plat_seapp_contexts u:object_r:seapp_contexts_file:s0 -/system/etc/selinux/plat_sepolicy\.cil u:object_r:sepolicy_file:s0 -/system/etc/selinux/plat_and_mapping_sepolicy\.cil\.sha256 u:object_r:sepolicy_file:s0 -/system/etc/task_profiles\.json u:object_r:task_profiles_file:s0 -/system/usr/share/zoneinfo(/.*)? u:object_r:system_zoneinfo_file:s0 -/system/bin/vr_hwc u:object_r:vr_hwc_exec:s0 -/system/bin/adbd u:object_r:adbd_exec:s0 -/system/bin/vold_prepare_subdirs u:object_r:vold_prepare_subdirs_exec:s0 -/system/bin/stats u:object_r:stats_exec:s0 -/system/bin/statsd u:object_r:statsd_exec:s0 -/system/bin/bpfloader u:object_r:bpfloader_exec:s0 -/system/bin/wait_for_keymaster u:object_r:wait_for_keymaster_exec:s0 -/system/bin/watchdogd u:object_r:watchdogd_exec:s0 -/system/bin/apexd u:object_r:apexd_exec:s0 -/system/bin/gsid u:object_r:gsid_exec:s0 -/system/bin/simpleperf_app_runner u:object_r:simpleperf_app_runner_exec:s0 -/system/bin/notify_traceur\.sh u:object_r:notify_traceur_exec:s0 - -############################# -# Vendor files -# -/(vendor|system/vendor)(/.*)? u:object_r:vendor_file:s0 -/(vendor|system/vendor)/bin/sh u:object_r:vendor_shell_exec:s0 -/(vendor|system/vendor)/bin/toybox_vendor u:object_r:vendor_toolbox_exec:s0 -/(vendor|system/vendor)/bin/toolbox u:object_r:vendor_toolbox_exec:s0 -/(vendor|system/vendor)/etc(/.*)? u:object_r:vendor_configs_file:s0 -/(vendor|system/vendor)/etc/cgroups\.json u:object_r:vendor_cgroup_desc_file:s0 -/(vendor|system/vendor)/etc/task_profiles\.json u:object_r:vendor_task_profiles_file:s0 - -/(vendor|system/vendor)/lib(64)?/egl(/.*)? u:object_r:same_process_hal_file:s0 - -/(vendor|system/vendor)/lib(64)?/vndk-sp(/.*)? u:object_r:vndk_sp_file:s0 - -/(vendor|system/vendor)/manifest\.xml u:object_r:vendor_configs_file:s0 -/(vendor|system/vendor)/compatibility_matrix\.xml u:object_r:vendor_configs_file:s0 -/(vendor|system/vendor)/etc/vintf(/.*)? u:object_r:vendor_configs_file:s0 -/(vendor|system/vendor)/app(/.*)? u:object_r:vendor_app_file:s0 -/(vendor|system/vendor)/priv-app(/.*)? u:object_r:vendor_app_file:s0 -/(vendor|system/vendor)/overlay(/.*)? u:object_r:vendor_overlay_file:s0 -/(vendor|system/vendor)/framework(/.*)? u:object_r:vendor_framework_file:s0 - -/vendor/bin/misc_writer u:object_r:vendor_misc_writer_exec:s0 - -# HAL location -/(vendor|system/vendor)/lib(64)?/hw u:object_r:vendor_hal_file:s0 - -############################# -# OEM and ODM files -# -/(odm|vendor/odm)(/.*)? u:object_r:vendor_file:s0 -/(odm|vendor/odm)/lib(64)?/egl(/.*)? u:object_r:same_process_hal_file:s0 -/(odm|vendor/odm)/lib(64)?/hw u:object_r:vendor_hal_file:s0 -/(odm|vendor/odm)/lib(64)?/vndk-sp(/.*)? u:object_r:vndk_sp_file:s0 -/(odm|vendor/odm)/bin/sh u:object_r:vendor_shell_exec:s0 -/(odm|vendor/odm)/etc(/.*)? u:object_r:vendor_configs_file:s0 -/(odm|vendor/odm)/app(/.*)? u:object_r:vendor_app_file:s0 -/(odm|vendor/odm)/priv-app(/.*)? u:object_r:vendor_app_file:s0 -/(odm|vendor/odm)/overlay(/.*)? u:object_r:vendor_overlay_file:s0 -/(odm|vendor/odm)/framework(/.*)? u:object_r:vendor_framework_file:s0 - -# Input configuration -/(odm|vendor|vendor/odm)/usr/keylayout(/.*)?\.kl u:object_r:vendor_keylayout_file:s0 -/(odm|vendor|vendor/odm)/usr/keychars(/.*)?\.kcm u:object_r:vendor_keychars_file:s0 -/(odm|vendor|vendor/odm)/usr/idc(/.*)?\.idc u:object_r:vendor_idc_file:s0 - -/oem(/.*)? u:object_r:oemfs:s0 -/oem/overlay(/.*)? u:object_r:vendor_overlay_file:s0 - -# The precompiled monolithic sepolicy will be under /odm only when -# BOARD_USES_ODMIMAGE is true: a separate odm.img is built. -/odm/etc/selinux/precompiled_sepolicy u:object_r:sepolicy_file:s0 -/odm/etc/selinux/precompiled_sepolicy\.plat_and_mapping\.sha256 u:object_r:sepolicy_file:s0 - -/(odm|vendor/odm)/etc/selinux/odm_sepolicy\.cil u:object_r:sepolicy_file:s0 -/(odm|vendor/odm)/etc/selinux/odm_file_contexts u:object_r:file_contexts_file:s0 -/(odm|vendor/odm)/etc/selinux/odm_seapp_contexts u:object_r:seapp_contexts_file:s0 -/(odm|vendor/odm)/etc/selinux/odm_property_contexts u:object_r:property_contexts_file:s0 -/(odm|vendor/odm)/etc/selinux/odm_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/(odm|vendor/odm)/etc/selinux/odm_mac_permissions\.xml u:object_r:mac_perms_file:s0 - -############################# -# Product files -# -/(product|system/product)(/.*)? u:object_r:system_file:s0 -/(product|system/product)/overlay(/.*)? u:object_r:vendor_overlay_file:s0 - -/(product|system/product)/etc/selinux/product_file_contexts u:object_r:file_contexts_file:s0 -/(product|system/product)/etc/selinux/product_hwservice_contexts u:object_r:hwservice_contexts_file:s0 -/(product|system/product)/etc/selinux/product_property_contexts u:object_r:property_contexts_file:s0 -/(product|system/product)/etc/selinux/product_seapp_contexts u:object_r:seapp_contexts_file:s0 -/(product|system/product)/etc/selinux/product_service_contexts u:object_r:service_contexts_file:s0 -/(product|system/product)/etc/selinux/product_mac_permissions\.xml u:object_r:mac_perms_file:s0 - -############################# -# Product-Services files -# -/(product_services|system/product_services)(/.*)? u:object_r:system_file:s0 -/(product_services|system/product_services)/overlay(/.*)? u:object_r:vendor_overlay_file:s0 - -############################# -# Vendor files from /(product|system/product)/vendor_overlay -# -# NOTE: For additional vendor file contexts for vendor overlay files, -# use device specific file_contexts. -# -/(product|system/product)/vendor_overlay/[0-9]+/.* u:object_r:vendor_file:s0 - -############################# -# Data files -# -# NOTE: When modifying existing label rules, changes may also need to -# propagate to the "Expanded data files" section. -# -/data(/.*)? u:object_r:system_data_file:s0 -/data/system/packages\.list u:object_r:packages_list_file:s0 -/data/.layout_version u:object_r:install_data_file:s0 -/data/unencrypted(/.*)? u:object_r:unencrypted_data_file:s0 -/data/backup(/.*)? u:object_r:backup_data_file:s0 -/data/secure/backup(/.*)? u:object_r:backup_data_file:s0 -/data/system/ndebugsocket u:object_r:system_ndebug_socket:s0 -/data/drm(/.*)? u:object_r:drm_data_file:s0 -/data/resource-cache(/.*)? u:object_r:resourcecache_data_file:s0 -/data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0 -/data/ota(/.*)? u:object_r:ota_data_file:s0 -/data/ota_package(/.*)? u:object_r:ota_package_file:s0 -/data/adb(/.*)? u:object_r:adb_data_file:s0 -/data/anr(/.*)? u:object_r:anr_data_file:s0 -/data/apex(/.*)? u:object_r:apex_data_file:s0 -/data/apex/active/(.*)? u:object_r:staging_data_file:s0 -/data/apex/backup/(.*)? u:object_r:staging_data_file:s0 -/data/app(/.*)? u:object_r:apk_data_file:s0 -/data/app/[^/]+/oat(/.*)? u:object_r:dalvikcache_data_file:s0 -/data/app/vmdl[^/]+\.tmp(/.*)? u:object_r:apk_tmp_file:s0 -/data/app/vmdl[^/]+\.tmp/oat(/.*)? u:object_r:dalvikcache_data_file:s0 -/data/app-private(/.*)? u:object_r:apk_private_data_file:s0 -/data/app-private/vmdl.*\.tmp(/.*)? u:object_r:apk_private_tmp_file:s0 -/data/gsi(/.*)? u:object_r:gsi_data_file:s0 -/data/tombstones(/.*)? u:object_r:tombstone_data_file:s0 -/data/vendor/tombstones/wifi(/.*)? u:object_r:tombstone_wifi_data_file:s0 -/data/local/tmp(/.*)? u:object_r:shell_data_file:s0 -/data/local/tmp/ltp(/.*)? u:object_r:nativetest_data_file:s0 -/data/local/traces(/.*)? u:object_r:trace_data_file:s0 -/data/media(/.*)? u:object_r:media_rw_data_file:s0 -/data/mediadrm(/.*)? u:object_r:media_data_file:s0 -/data/nativetest(/.*)? u:object_r:nativetest_data_file:s0 -/data/nativetest64(/.*)? u:object_r:nativetest_data_file:s0 -# This directory was removed after Q Beta 2, but we need to preserve labels for upgrading devices. -/data/pkg_staging(/.*)? u:object_r:staging_data_file:s0 -/data/property(/.*)? u:object_r:property_data_file:s0 -/data/preloads(/.*)? u:object_r:preloads_data_file:s0 -/data/preloads/media(/.*)? u:object_r:preloads_media_file:s0 -/data/preloads/demo(/.*)? u:object_r:preloads_media_file:s0 -/data/server_configurable_flags(/.*)? u:object_r:server_configurable_flags_data_file:s0 -/data/app-staging(/.*)? u:object_r:staging_data_file:s0 - -# Misc data -/data/misc/adb(/.*)? u:object_r:adb_keys_file:s0 -/data/misc/apns(/.*)? u:object_r:radio_data_file:s0 -/data/misc/audio(/.*)? u:object_r:audio_data_file:s0 -/data/misc/audioserver(/.*)? u:object_r:audioserver_data_file:s0 -/data/misc/audiohal(/.*)? u:object_r:audiohal_data_file:s0 -/data/misc/bootstat(/.*)? u:object_r:bootstat_data_file:s0 -/data/misc/boottrace(/.*)? u:object_r:boottrace_data_file:s0 -/data/misc/bluetooth(/.*)? u:object_r:bluetooth_data_file:s0 -/data/misc/bluetooth/logs(/.*)? u:object_r:bluetooth_logs_data_file:s0 -/data/misc/bluedroid(/.*)? u:object_r:bluetooth_data_file:s0 -/data/misc/bluedroid/\.a2dp_ctrl u:object_r:bluetooth_socket:s0 -/data/misc/bluedroid/\.a2dp_data u:object_r:bluetooth_socket:s0 -/data/misc/camera(/.*)? u:object_r:camera_data_file:s0 -/data/misc/carrierid(/.*)? u:object_r:radio_data_file:s0 -/data/misc/dhcp(/.*)? u:object_r:dhcp_data_file:s0 -/data/misc/dhcp-6\.8\.2(/.*)? u:object_r:dhcp_data_file:s0 -/data/misc/gatekeeper(/.*)? u:object_r:gatekeeper_data_file:s0 -/data/misc/incidents(/.*)? u:object_r:incident_data_file:s0 -/data/misc/keychain(/.*)? u:object_r:keychain_data_file:s0 -/data/misc/keystore(/.*)? u:object_r:keystore_data_file:s0 -/data/misc/logd(/.*)? u:object_r:misc_logd_file:s0 -/data/misc/media(/.*)? u:object_r:media_data_file:s0 -/data/misc/net(/.*)? u:object_r:net_data_file:s0 -/data/misc/network_watchlist(/.*)? u:object_r:network_watchlist_data_file:s0 -/data/misc/perfetto-traces(/.*)? u:object_r:perfetto_traces_data_file:s0 -/data/misc/recovery(/.*)? u:object_r:recovery_data_file:s0 -/data/misc/shared_relro(/.*)? u:object_r:shared_relro_file:s0 -/data/misc/sms(/.*)? u:object_r:radio_data_file:s0 -/data/misc/stats-active-metric(/.*)? u:object_r:stats_data_file:s0 -/data/misc/stats-data(/.*)? u:object_r:stats_data_file:s0 -/data/misc/stats-service(/.*)? u:object_r:stats_data_file:s0 -/data/misc/systemkeys(/.*)? u:object_r:systemkeys_data_file:s0 -/data/misc/textclassifier(/.*)? u:object_r:textclassifier_data_file:s0 -/data/misc/train-info(/.*)? u:object_r:stats_data_file:s0 -/data/misc/user(/.*)? u:object_r:misc_user_data_file:s0 -/data/misc/vpn(/.*)? u:object_r:vpn_data_file:s0 -/data/misc/wifi(/.*)? u:object_r:wifi_data_file:s0 -/data/misc/wifi/sockets(/.*)? u:object_r:wpa_socket:s0 -/data/misc/wifi/sockets/wpa_ctrl.* u:object_r:system_wpa_socket:s0 -/data/misc/zoneinfo(/.*)? u:object_r:zoneinfo_data_file:s0 -/data/misc/vold(/.*)? u:object_r:vold_data_file:s0 -/data/misc/iorapd(/.*)? u:object_r:iorapd_data_file:s0 -/data/misc/perfprofd(/.*)? u:object_r:perfprofd_data_file:s0 -/data/misc/update_engine(/.*)? u:object_r:update_engine_data_file:s0 -/data/misc/update_engine_log(/.*)? u:object_r:update_engine_log_data_file:s0 -/data/system/dropbox(/.*)? u:object_r:dropbox_data_file:s0 -/data/system/heapdump(/.*)? u:object_r:heapdump_data_file:s0 -/data/misc/trace(/.*)? u:object_r:method_trace_data_file:s0 -/data/misc/wmtrace(/.*)? u:object_r:wm_trace_data_file:s0 -# TODO(calin) label profile reference differently so that only -# profman run as a special user can write to them -/data/misc/profiles/cur(/.*)? u:object_r:user_profile_data_file:s0 -/data/misc/profiles/ref(/.*)? u:object_r:user_profile_data_file:s0 -/data/misc/profman(/.*)? u:object_r:profman_dump_data_file:s0 -/data/vendor(/.*)? u:object_r:vendor_data_file:s0 -/data/vendor_ce(/.*)? u:object_r:vendor_data_file:s0 -/data/vendor_de(/.*)? u:object_r:vendor_data_file:s0 - -# storaged proto files -/data/misc_de/[0-9]+/storaged(/.*)? u:object_r:storaged_data_file:s0 -/data/misc_ce/[0-9]+/storaged(/.*)? u:object_r:storaged_data_file:s0 - -# Fingerprint data -/data/system/users/[0-9]+/fpdata(/.*)? u:object_r:fingerprintd_data_file:s0 - -# Fingerprint vendor data file -/data/vendor_de/[0-9]+/fpdata(/.*)? u:object_r:fingerprint_vendor_data_file:s0 - -# Face vendor data file -/data/vendor_de/[0-9]+/facedata(/.*)? u:object_r:face_vendor_data_file:s0 - -# Iris vendor data file -/data/vendor_de/[0-9]+/irisdata(/.*)? u:object_r:iris_vendor_data_file:s0 - -# Bootchart data -/data/bootchart(/.*)? u:object_r:bootchart_data_file:s0 - -# App data snapshots (managed by installd). -/data/misc_de/[0-9]+/rollback(/.*)? u:object_r:rollback_data_file:s0 -/data/misc_ce/[0-9]+/rollback(/.*)? u:object_r:rollback_data_file:s0 - -############################# -# Expanded data files -# -/mnt/expand(/.*)? u:object_r:mnt_expand_file:s0 -/mnt/expand/[^/]+(/.*)? u:object_r:system_data_file:s0 -/mnt/expand/[^/]+/app(/.*)? u:object_r:apk_data_file:s0 -/mnt/expand/[^/]+/app/[^/]+/oat(/.*)? u:object_r:dalvikcache_data_file:s0 -/mnt/expand/[^/]+/app/vmdl[^/]+\.tmp(/.*)? u:object_r:apk_tmp_file:s0 -/mnt/expand/[^/]+/app/vmdl[^/]+\.tmp/oat(/.*)? u:object_r:dalvikcache_data_file:s0 -/mnt/expand/[^/]+/local/tmp(/.*)? u:object_r:shell_data_file:s0 -/mnt/expand/[^/]+/media(/.*)? u:object_r:media_rw_data_file:s0 -/mnt/expand/[^/]+/misc/vold(/.*)? u:object_r:vold_data_file:s0 - -# coredump directory for userdebug/eng devices -/cores(/.*)? u:object_r:coredump_file:s0 - -# Wallpaper files -/data/system/users/[0-9]+/wallpaper_lock_orig u:object_r:wallpaper_file:s0 -/data/system/users/[0-9]+/wallpaper_lock u:object_r:wallpaper_file:s0 -/data/system/users/[0-9]+/wallpaper_orig u:object_r:wallpaper_file:s0 -/data/system/users/[0-9]+/wallpaper u:object_r:wallpaper_file:s0 - -# Ringtone files -/data/system_de/[0-9]+/ringtones(/.*)? u:object_r:ringtone_file:s0 - -# ShortcutManager icons, e.g. -# /data/system_ce/0/shortcut_service/bitmaps/com.example.app/1457472879282.png -/data/system_ce/[0-9]+/shortcut_service/bitmaps(/.*)? u:object_r:shortcut_manager_icons:s0 - -# User icon files -/data/system/users/[0-9]+/photo\.png u:object_r:icon_file:s0 - -# vold per-user data -/data/misc_de/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0 -/data/misc_ce/[0-9]+/vold(/.*)? u:object_r:vold_data_file:s0 - -# iorapd per-user data -/data/misc_ce/[0-9]+/iorapd(/.*)? u:object_r:iorapd_data_file:s0 - -# Backup service persistent per-user bookkeeping -/data/system_ce/[0-9]+/backup(/.*)? u:object_r:backup_data_file:s0 -# Backup service temporary per-user data for inter-change with apps -/data/system_ce/[0-9]+/backup_stage(/.*)? u:object_r:backup_data_file:s0 - -############################# -# efs files -# -/efs(/.*)? u:object_r:efs_file:s0 - -############################# -# Cache files -# -/cache(/.*)? u:object_r:cache_file:s0 -/cache/recovery(/.*)? u:object_r:cache_recovery_file:s0 -# General backup/restore interchange with apps -/cache/backup_stage(/.*)? u:object_r:cache_backup_file:s0 -# LocalTransport (backup) uses this subtree -/cache/backup(/.*)? u:object_r:cache_private_backup_file:s0 - -############################# -# Overlayfs support directories -# -/cache/overlay(/.*)? u:object_r:overlayfs_file:s0 -/mnt/scratch(/.*)? u:object_r:overlayfs_file:s0 - -/data/cache(/.*)? u:object_r:cache_file:s0 -/data/cache/recovery(/.*)? u:object_r:cache_recovery_file:s0 -# General backup/restore interchange with apps -/data/cache/backup_stage(/.*)? u:object_r:cache_backup_file:s0 -# LocalTransport (backup) uses this subtree -/data/cache/backup(/.*)? u:object_r:cache_private_backup_file:s0 - -############################# -# Metadata files -# -/metadata(/.*)? u:object_r:metadata_file:s0 -/metadata/apex(/.*)? u:object_r:apex_metadata_file:s0 -/metadata/vold(/.*)? u:object_r:vold_metadata_file:s0 -/metadata/gsi(/.*)? u:object_r:gsi_metadata_file:s0 -/metadata/password_slots(/.*)? u:object_r:password_slot_metadata_file:s0 - -############################# -# asec containers -/mnt/asec(/.*)? u:object_r:asec_apk_file:s0 -/mnt/asec/[^/]+/[^/]+\.zip u:object_r:asec_public_file:s0 -/mnt/asec/[^/]+/lib(/.*)? u:object_r:asec_public_file:s0 -/data/app-asec(/.*)? u:object_r:asec_image_file:s0 - -############################# -# external storage -/mnt/media_rw(/.*)? u:object_r:mnt_media_rw_file:s0 -/mnt/user(/.*)? u:object_r:mnt_user_file:s0 -/mnt/runtime(/.*)? u:object_r:storage_file:s0 -/storage(/.*)? u:object_r:storage_file:s0 - -############################# -# mount point for read-write vendor partitions -/mnt/vendor(/.*)? u:object_r:mnt_vendor_file:s0 - -############################# -# mount point for read-write product partitions -/mnt/product(/.*)? u:object_r:mnt_product_file:s0 diff --git a/prebuilts/api/29.0/private/file_contexts_asan b/prebuilts/api/29.0/private/file_contexts_asan deleted file mode 100644 index bd841a33c..000000000 --- a/prebuilts/api/29.0/private/file_contexts_asan +++ /dev/null @@ -1,12 +0,0 @@ -/data/asan/system/lib(/.*)? u:object_r:system_lib_file:s0 -/data/asan/system/lib64(/.*)? u:object_r:system_lib_file:s0 -/data/asan/vendor/lib(/.*)? u:object_r:system_lib_file:s0 -/data/asan/vendor/lib64(/.*)? u:object_r:system_lib_file:s0 -/data/asan/odm/lib(/.*)? u:object_r:system_lib_file:s0 -/data/asan/odm/lib64(/.*)? u:object_r:system_lib_file:s0 -/system/asan.options u:object_r:system_asan_options_file:s0 -/system/bin/asan_extract u:object_r:asan_extract_exec:s0 -/system/bin/asanwrapper u:object_r:asanwrapper_exec:s0 -/system/bin/asan/app_process u:object_r:zygote_exec:s0 -/system/bin/asan/app_process32 u:object_r:zygote_exec:s0 -/system/bin/asan/app_process64 u:object_r:zygote_exec:s0 diff --git a/prebuilts/api/29.0/private/file_contexts_overlayfs b/prebuilts/api/29.0/private/file_contexts_overlayfs deleted file mode 100644 index e472fade5..000000000 --- a/prebuilts/api/29.0/private/file_contexts_overlayfs +++ /dev/null @@ -1,9 +0,0 @@ -############################# -# Overlayfs support directories for userdebug/eng devices -# -/cache/overlay/(system|product)/upper u:object_r:system_file:s0 -/cache/overlay/(vendor|odm)/upper u:object_r:vendor_file:s0 -/cache/overlay/oem/upper u:object_r:vendor_file:s0 -/mnt/scratch/overlay/(system|product)/upper u:object_r:system_file:s0 -/mnt/scratch/overlay/(vendor|odm)/upper u:object_r:vendor_file:s0 -/mnt/scratch/overlay/oem/upper u:object_r:vendor_file:s0 diff --git a/prebuilts/api/29.0/private/fingerprintd.te b/prebuilts/api/29.0/private/fingerprintd.te deleted file mode 100644 index eb73ef8cc..000000000 --- a/prebuilts/api/29.0/private/fingerprintd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute fingerprintd coredomain; - -init_daemon_domain(fingerprintd) diff --git a/prebuilts/api/29.0/private/flags_health_check.te b/prebuilts/api/29.0/private/flags_health_check.te deleted file mode 100644 index fb41aff79..000000000 --- a/prebuilts/api/29.0/private/flags_health_check.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute flags_health_check coredomain; - -init_daemon_domain(flags_health_check) diff --git a/prebuilts/api/29.0/private/fs_use b/prebuilts/api/29.0/private/fs_use deleted file mode 100644 index 19643487d..000000000 --- a/prebuilts/api/29.0/private/fs_use +++ /dev/null @@ -1,25 +0,0 @@ -# Label inodes via getxattr. -fs_use_xattr yaffs2 u:object_r:labeledfs:s0; -fs_use_xattr jffs2 u:object_r:labeledfs:s0; -fs_use_xattr ext2 u:object_r:labeledfs:s0; -fs_use_xattr ext3 u:object_r:labeledfs:s0; -fs_use_xattr ext4 u:object_r:labeledfs:s0; -fs_use_xattr xfs u:object_r:labeledfs:s0; -fs_use_xattr btrfs u:object_r:labeledfs:s0; -fs_use_xattr f2fs u:object_r:labeledfs:s0; -fs_use_xattr squashfs u:object_r:labeledfs:s0; -fs_use_xattr overlay u:object_r:labeledfs:s0; -fs_use_xattr erofs u:object_r:labeledfs:s0; - -# Label inodes from task label. -fs_use_task pipefs u:object_r:pipefs:s0; -fs_use_task sockfs u:object_r:sockfs:s0; - -# Label inodes from combination of task label and fs label. -# Define type_transition rules if you want per-domain types. -fs_use_trans devpts u:object_r:devpts:s0; -fs_use_trans tmpfs u:object_r:tmpfs:s0; -fs_use_trans devtmpfs u:object_r:device:s0; -fs_use_trans shm u:object_r:shm:s0; -fs_use_trans mqueue u:object_r:mqueue:s0; - diff --git a/prebuilts/api/29.0/private/fsck.te b/prebuilts/api/29.0/private/fsck.te deleted file mode 100644 index f8e09b645..000000000 --- a/prebuilts/api/29.0/private/fsck.te +++ /dev/null @@ -1,5 +0,0 @@ -typeattribute fsck coredomain; - -init_daemon_domain(fsck) - -allow fsck metadata_block_device:blk_file rw_file_perms; diff --git a/prebuilts/api/29.0/private/fsck_untrusted.te b/prebuilts/api/29.0/private/fsck_untrusted.te deleted file mode 100644 index 9a57bf027..000000000 --- a/prebuilts/api/29.0/private/fsck_untrusted.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute fsck_untrusted coredomain; diff --git a/prebuilts/api/29.0/private/fsverity_init.te b/prebuilts/api/29.0/private/fsverity_init.te deleted file mode 100644 index c6a5edd52..000000000 --- a/prebuilts/api/29.0/private/fsverity_init.te +++ /dev/null @@ -1,25 +0,0 @@ -type fsverity_init, domain, coredomain; -type fsverity_init_exec, exec_type, file_type, system_file_type; - -init_daemon_domain(fsverity_init) - -# Allow this shell script to run and execute toybox -allow fsverity_init shell_exec:file rx_file_perms; -allow fsverity_init toolbox_exec:file rx_file_perms; - -# Allow to read /proc/keys for searching key id. -allow fsverity_init proc_keys:file r_file_perms; - -# Kernel only prints the keys that can be accessed and only kernel keyring is needed here. -dontaudit fsverity_init init:key view; -dontaudit fsverity_init vold:key view; -allow fsverity_init kernel:key { view search write setattr }; -allow fsverity_init fsverity_init:key { view search write }; - -# Allow init to write to /proc/sys/fs/verity/require_signatures -allow fsverity_init proc_fs_verity:file w_file_perms; - -# When kernel requests an algorithm, the crypto API first looks for an -# already registered algorithm with that name. If it fails, the kernel creates -# an implementation of the algorithm from templates. -dontaudit fsverity_init kernel:system module_request; diff --git a/prebuilts/api/29.0/private/fwk_bufferhub.te b/prebuilts/api/29.0/private/fwk_bufferhub.te deleted file mode 100644 index 6b69cca61..000000000 --- a/prebuilts/api/29.0/private/fwk_bufferhub.te +++ /dev/null @@ -1,8 +0,0 @@ -type fwk_bufferhub, domain, coredomain; -type fwk_bufferhub_exec, system_file_type, exec_type, file_type; - -hal_client_domain(fwk_bufferhub, hal_graphics_allocator) -allow fwk_bufferhub ion_device:chr_file r_file_perms; - -hal_server_domain(fwk_bufferhub, hal_bufferhub) -init_daemon_domain(fwk_bufferhub) diff --git a/prebuilts/api/29.0/private/gatekeeperd.te b/prebuilts/api/29.0/private/gatekeeperd.te deleted file mode 100644 index 5e4d0a2e9..000000000 --- a/prebuilts/api/29.0/private/gatekeeperd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute gatekeeperd coredomain; - -init_daemon_domain(gatekeeperd) diff --git a/prebuilts/api/29.0/private/genfs_contexts b/prebuilts/api/29.0/private/genfs_contexts deleted file mode 100644 index af3d8b981..000000000 --- a/prebuilts/api/29.0/private/genfs_contexts +++ /dev/null @@ -1,296 +0,0 @@ -# Label inodes with the fs label. -genfscon rootfs / u:object_r:rootfs:s0 -# proc labeling can be further refined (longest matching prefix). -genfscon proc / u:object_r:proc:s0 -genfscon proc /asound u:object_r:proc_asound:s0 -genfscon proc /buddyinfo u:object_r:proc_buddyinfo:s0 -genfscon proc /cmdline u:object_r:proc_cmdline:s0 -genfscon proc /config.gz u:object_r:config_gz:s0 -genfscon proc /diskstats u:object_r:proc_diskstats:s0 -genfscon proc /filesystems u:object_r:proc_filesystems:s0 -genfscon proc /interrupts u:object_r:proc_interrupts:s0 -genfscon proc /iomem u:object_r:proc_iomem:s0 -genfscon proc /keys u:object_r:proc_keys:s0 -genfscon proc /kmsg u:object_r:proc_kmsg:s0 -genfscon proc /loadavg u:object_r:proc_loadavg:s0 -genfscon proc /meminfo u:object_r:proc_meminfo:s0 -genfscon proc /misc u:object_r:proc_misc:s0 -genfscon proc /modules u:object_r:proc_modules:s0 -genfscon proc /mounts u:object_r:proc_mounts:s0 -genfscon proc /net u:object_r:proc_net:s0 -genfscon proc /net/tcp u:object_r:proc_net_tcp_udp:s0 -genfscon proc /net/udp u:object_r:proc_net_tcp_udp:s0 -genfscon proc /net/xt_qtaguid/ctrl u:object_r:proc_qtaguid_ctrl:s0 -genfscon proc /net/xt_qtaguid/ u:object_r:proc_qtaguid_stat:s0 -genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0 -genfscon proc /pagetypeinfo u:object_r:proc_pagetypeinfo:s0 -genfscon proc /pressure/cpu u:object_r:proc_pressure_cpu:s0 -genfscon proc /pressure/io u:object_r:proc_pressure_io:s0 -genfscon proc /pressure/memory u:object_r:proc_pressure_mem:s0 -genfscon proc /slabinfo u:object_r:proc_slabinfo:s0 -genfscon proc /softirqs u:object_r:proc_timer:s0 -genfscon proc /stat u:object_r:proc_stat:s0 -genfscon proc /swaps u:object_r:proc_swaps:s0 -genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0 -genfscon proc /sys/abi/swp u:object_r:proc_abi:s0 -genfscon proc /sys/fs/pipe-max-size u:object_r:proc_pipe_conf:s0 -genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0 -genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0 -genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0 -genfscon proc /sys/fs/verity/require_signatures u:object_r:proc_fs_verity:s0 -genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0 -genfscon proc /sys/kernel/core_pipe_limit u:object_r:usermodehelper:s0 -genfscon proc /sys/kernel/domainname u:object_r:proc_hostname:s0 -genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0 -genfscon proc /sys/kernel/hostname u:object_r:proc_hostname:s0 -genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0 -genfscon proc /sys/kernel/hung_task_ u:object_r:proc_hung_task:s0 -genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0 -genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0 -genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0 -genfscon proc /sys/kernel/panic_on_oops u:object_r:proc_panic:s0 -genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0 -genfscon proc /sys/kernel/perf_event_paranoid u:object_r:proc_perf:s0 -genfscon proc /sys/kernel/perf_cpu_time_max_percent u:object_r:proc_perf:s0 -genfscon proc /sys/kernel/perf_event_mlock_kb u:object_r:proc_perf:s0 -genfscon proc /sys/kernel/pid_max u:object_r:proc_pid_max:s0 -genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0 -genfscon proc /sys/kernel/random u:object_r:proc_random:s0 -genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0 -genfscon proc /sys/kernel/sched_child_runs_first u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_latency_ns u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_rt_period_us u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_rt_runtime_us u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_schedstats u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_tunable_scaling u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sched_wakeup_granularity_ns u:object_r:proc_sched:s0 -genfscon proc /sys/kernel/sysrq u:object_r:proc_sysrq:s0 -genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0 -genfscon proc /sys/net u:object_r:proc_net:s0 -genfscon proc /sys/vm/dirty_background_ratio u:object_r:proc_dirty:s0 -genfscon proc /sys/vm/dirty_expire_centisecs u:object_r:proc_dirty:s0 -genfscon proc /sys/vm/extra_free_kbytes u:object_r:proc_extra_free_kbytes:s0 -genfscon proc /sys/vm/max_map_count u:object_r:proc_max_map_count:s0 -genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0 -genfscon proc /sys/vm/mmap_rnd_bits u:object_r:proc_security:s0 -genfscon proc /sys/vm/mmap_rnd_compat_bits u:object_r:proc_security:s0 -genfscon proc /sys/vm/page-cluster u:object_r:proc_page_cluster:s0 -genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0 -genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0 -genfscon proc /sys/vm/min_free_order_shift u:object_r:proc_min_free_order_shift:s0 -genfscon proc /timer_list u:object_r:proc_timer:s0 -genfscon proc /timer_stats u:object_r:proc_timer:s0 -genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0 -genfscon proc /uid/ u:object_r:proc_uid_time_in_state:s0 -genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0 -genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0 -genfscon proc /uid_io/stats u:object_r:proc_uid_io_stats:s0 -genfscon proc /uid_procstat/set u:object_r:proc_uid_procstat_set:s0 -genfscon proc /uid_time_in_state u:object_r:proc_uid_time_in_state:s0 -genfscon proc /uid_concurrent_active_time u:object_r:proc_uid_concurrent_active_time:s0 -genfscon proc /uid_concurrent_policy_time u:object_r:proc_uid_concurrent_policy_time:s0 -genfscon proc /uid_cpupower/ u:object_r:proc_uid_cpupower:s0 -genfscon proc /uptime u:object_r:proc_uptime:s0 -genfscon proc /version u:object_r:proc_version:s0 -genfscon proc /vmallocinfo u:object_r:proc_vmallocinfo:s0 -genfscon proc /vmstat u:object_r:proc_vmstat:s0 -genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0 - -# selinuxfs booleans can be individually labeled. -genfscon selinuxfs / u:object_r:selinuxfs:s0 -genfscon cgroup / u:object_r:cgroup:s0 -genfscon cgroup2 / u:object_r:cgroup_bpf:s0 -# sysfs labels can be set by userspace. -genfscon sysfs / u:object_r:sysfs:s0 -genfscon sysfs /devices/system/cpu u:object_r:sysfs_devices_system_cpu:s0 -genfscon sysfs /class/android_usb u:object_r:sysfs_android_usb:s0 -genfscon sysfs /class/extcon u:object_r:sysfs_extcon:s0 -genfscon sysfs /class/leds u:object_r:sysfs_leds:s0 -genfscon sysfs /class/net u:object_r:sysfs_net:s0 -genfscon sysfs /class/rfkill/rfkill0/state u:object_r:sysfs_bluetooth_writable:s0 -genfscon sysfs /class/rfkill/rfkill1/state u:object_r:sysfs_bluetooth_writable:s0 -genfscon sysfs /class/rfkill/rfkill2/state u:object_r:sysfs_bluetooth_writable:s0 -genfscon sysfs /class/rfkill/rfkill3/state u:object_r:sysfs_bluetooth_writable:s0 -genfscon sysfs /class/rtc u:object_r:sysfs_rtc:s0 -genfscon sysfs /class/switch u:object_r:sysfs_switch:s0 -genfscon sysfs /devices/platform/nfc-power/nfc_power u:object_r:sysfs_nfc_power_writable:s0 -genfscon sysfs /devices/virtual/android_usb u:object_r:sysfs_android_usb:s0 -genfscon sysfs /devices/virtual/block/ u:object_r:sysfs_devices_block:s0 -genfscon sysfs /devices/virtual/block/dm- u:object_r:sysfs_dm:s0 -genfscon sysfs /devices/virtual/block/loop u:object_r:sysfs_loop:s0 -genfscon sysfs /devices/virtual/block/zram0 u:object_r:sysfs_zram:s0 -genfscon sysfs /devices/virtual/block/zram1 u:object_r:sysfs_zram:s0 -genfscon sysfs /devices/virtual/block/zram0/uevent u:object_r:sysfs_zram_uevent:s0 -genfscon sysfs /devices/virtual/block/zram1/uevent u:object_r:sysfs_zram_uevent:s0 -genfscon sysfs /devices/virtual/misc/hw_random u:object_r:sysfs_hwrandom:s0 -genfscon sysfs /devices/virtual/net u:object_r:sysfs_net:s0 -genfscon sysfs /devices/virtual/switch u:object_r:sysfs_switch:s0 -genfscon sysfs /firmware/devicetree/base/firmware/android u:object_r:sysfs_dt_firmware_android:s0 -genfscon sysfs /fs/ext4/features u:object_r:sysfs_fs_ext4_features:s0 -genfscon sysfs /fs/f2fs u:object_r:sysfs_fs_f2fs:s0 -genfscon sysfs /power/autosleep u:object_r:sysfs_power:s0 -genfscon sysfs /power/state u:object_r:sysfs_power:s0 -genfscon sysfs /power/wakeup_count u:object_r:sysfs_power:s0 -genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0 -genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0 -genfscon sysfs /kernel/memory_state_time u:object_r:sysfs_power:s0 -genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0 -genfscon sysfs /kernel/mm/transparent_hugepage u:object_r:sysfs_transparent_hugepage:s0 -genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0 -genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0 -genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0 -genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0 -genfscon sysfs /module/tcp_cubic/parameters u:object_r:sysfs_net:s0 -genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0 -genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0 - -genfscon debugfs /mmc0 u:object_r:debugfs_mmc:s0 -genfscon debugfs /tracing u:object_r:debugfs_tracing_debug:s0 -genfscon tracefs / u:object_r:debugfs_tracing_debug:s0 -genfscon debugfs /tracing/tracing_on u:object_r:debugfs_tracing:s0 -genfscon tracefs /tracing_on u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/trace u:object_r:debugfs_tracing:s0 -genfscon tracefs /trace u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/per_cpu/cpu u:object_r:debugfs_tracing:s0 -genfscon tracefs /per_cpu/cpu u:object_r:debugfs_tracing:s0 - -genfscon debugfs /tracing/instances u:object_r:debugfs_tracing_instances:s0 -genfscon tracefs /instances u:object_r:debugfs_tracing_instances:s0 -genfscon debugfs /tracing/instances/wifi u:object_r:debugfs_wifi_tracing:s0 -genfscon tracefs /instances/wifi u:object_r:debugfs_wifi_tracing:s0 -genfscon debugfs /tracing/trace_marker u:object_r:debugfs_trace_marker:s0 -genfscon tracefs /trace_marker u:object_r:debugfs_trace_marker:s0 -genfscon debugfs /wakeup_sources u:object_r:debugfs_wakeup_sources:s0 - -genfscon debugfs /tracing/events/header_page u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_get_data_block/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_iget/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_es_lookup_extent_enter/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_es_lookup_extent_exit/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_load_inode/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0 - -genfscon tracefs /events/header_page u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_get_data_block/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_iget/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_es_lookup_extent_enter/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_es_lookup_extent_exit/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_load_inode/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0 - -genfscon tracefs /trace_clock u:object_r:debugfs_tracing:s0 -genfscon tracefs /buffer_size_kb u:object_r:debugfs_tracing:s0 -genfscon tracefs /options/overwrite u:object_r:debugfs_tracing:s0 -genfscon tracefs /options/print-tgid u:object_r:debugfs_tracing:s0 -genfscon tracefs /options/record-tgid u:object_r:debugfs_tracing:s0 -genfscon tracefs /saved_cmdlines_size u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sched/sched_switch/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sched/sched_process_exit/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/cgroup/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/power/cpu_idle/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_lock/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_locked/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/binder/binder_transaction_alloc_buf/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/lowmemorykiller/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/sync/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/fence/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/dma_fence/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/filemap/mm_filemap_add_to_page_cache/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/filemap/mm_filemap_delete_from_page_cache/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/task/task_newtask/ u:object_r:debugfs_tracing:s0 -genfscon tracefs /events/ftrace/print/ u:object_r:debugfs_tracing:s0 - -genfscon debugfs /tracing/trace_clock u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/buffer_size_kb u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/options/overwrite u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/options/print-tgid u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/options/record-tgid u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/saved_cmdlines_size u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sched/sched_switch/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sched/sched_process_exit/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/cgroup/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/power/cpu_idle/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_lock/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_locked/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/binder/binder_transaction_alloc_buf/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/lowmemorykiller/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/sync/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/fence/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/dma_fence/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/filemap/mm_filemap_add_to_page_cache/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/filemap/mm_filemap_delete_from_page_cache/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/task/task_rename/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/task/task_newtask/ u:object_r:debugfs_tracing:s0 -genfscon debugfs /tracing/events/ftrace/print/ u:object_r:debugfs_tracing:s0 - -genfscon debugfs /kcov u:object_r:debugfs_kcov:s0 - - -genfscon inotifyfs / u:object_r:inotify:s0 -genfscon vfat / u:object_r:vfat:s0 -genfscon exfat / u:object_r:exfat:s0 -genfscon debugfs / u:object_r:debugfs:s0 -genfscon fuse / u:object_r:fuse:s0 -genfscon configfs / u:object_r:configfs:s0 -genfscon sdcardfs / u:object_r:sdcardfs:s0 -genfscon esdfs / u:object_r:sdcardfs:s0 -genfscon pstore / u:object_r:pstorefs:s0 -genfscon functionfs / u:object_r:functionfs:s0 -genfscon usbfs / u:object_r:usbfs:s0 -genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0 -genfscon bpf / u:object_r:fs_bpf:s0 diff --git a/prebuilts/api/29.0/private/gpuservice.te b/prebuilts/api/29.0/private/gpuservice.te deleted file mode 100644 index 9e17d064e..000000000 --- a/prebuilts/api/29.0/private/gpuservice.te +++ /dev/null @@ -1,41 +0,0 @@ -# gpuservice - server for gpu stats and other gpu related services -typeattribute gpuservice coredomain; -type gpuservice_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(gpuservice) - -binder_call(gpuservice, adbd) -binder_call(gpuservice, shell) -binder_use(gpuservice) - -# Access the GPU. -allow gpuservice gpu_device:chr_file rw_file_perms; - -# GPU service will need to load GPU driver, for example Vulkan driver in order -# to get the capability of the driver. -allow gpuservice same_process_hal_file:file { open read getattr execute map }; -allow gpuservice ion_device:chr_file r_file_perms; -get_prop(gpuservice, hwservicemanager_prop) -hwbinder_use(gpuservice) - -# Access /dev/graphics/fb0. -allow gpuservice graphics_device:dir search; -allow gpuservice graphics_device:chr_file rw_file_perms; - -# Needed for dumpsys pipes. -allow gpuservice shell:fifo_file write; - -# Use socket supplied by adbd, for cmd gpu vkjson etc. -allow gpuservice adbd:unix_stream_socket { read write getattr }; - -# Needed for interactive shell -allow gpuservice devpts:chr_file { read write getattr }; - -# Needed for dumpstate to dumpsys gpu. -allow gpuservice dumpstate:fd use; -allow gpuservice dumpstate:fifo_file write; - -add_service(gpuservice, gpu_service) - -# Only uncomment below line when in development -# userdebug_or_eng(`permissive gpuservice;') diff --git a/prebuilts/api/29.0/private/gsid.te b/prebuilts/api/29.0/private/gsid.te deleted file mode 100644 index 5dcf74662..000000000 --- a/prebuilts/api/29.0/private/gsid.te +++ /dev/null @@ -1,132 +0,0 @@ -# gsid - Manager for GSI Installation - -type gsid, domain; -type gsid_exec, exec_type, file_type, system_file_type; -typeattribute gsid coredomain; - -init_daemon_domain(gsid) - -binder_use(gsid) -binder_service(gsid) -add_service(gsid, gsi_service) -set_prop(gsid, gsid_prop) - -# Needed to create/delete device-mapper nodes, and read/write to them. -allow gsid dm_device:chr_file rw_file_perms; -allow gsid dm_device:blk_file rw_file_perms; -allow gsid self:global_capability_class_set sys_admin; -dontaudit gsid self:global_capability_class_set dac_override; - -# libfiemap_writer uses sysfs to derive the bottom of a device-mapper stacking. -# This requires traversing /sys/block/dm-N/slaves/* and reading the list of -# file names. -allow gsid sysfs_dm:dir r_dir_perms; - -# Needed to read fstab, which is used to validate that system verity does not -# use check_once_at_most for sdcard installs. (Note: proc_cmdline is needed -# to get the A/B slot suffix). -allow gsid proc_cmdline:file r_file_perms; -allow gsid sysfs_dt_firmware_android:dir r_dir_perms; -allow gsid sysfs_dt_firmware_android:file r_file_perms; - -# Needed to stat /data/gsi/* and realpath on /dev/block/by-name/* -allow gsid block_device:dir r_dir_perms; - -# liblp queries these block alignment properties. -allowxperm gsid { userdata_block_device sdcard_block_device }:blk_file ioctl { - BLKIOMIN - BLKALIGNOFF -}; - -# When installing images to an sdcard, gsid needs to be able to stat() the -# block device. gsid also calls realpath() to remove symlinks. -allow gsid mnt_media_rw_file:dir r_dir_perms; - -# When installing images to an sdcard, gsid must bypass sdcardfs and install -# directly to vfat, which supports the FIBMAP ioctl. -allow gsid vfat:dir rw_dir_perms; -allow gsid vfat:file create_file_perms; -allow gsid sdcard_block_device:blk_file r_file_perms; -# This is needed for FIBMAP unfortunately. Oddly FIEMAP does not carry this -# requirement, but the kernel does not implement FIEMAP support for VFAT. -allow gsid self:global_capability_class_set sys_rawio; - -# gsi_tool passes the system image over the adb connection, via stdin. -allow gsid adbd:fd use; -# Needed when running gsi_tool through "su root" rather than adb root. -allow gsid adbd:unix_stream_socket rw_socket_perms; - -neverallow { domain -gsid -init } gsid_prop:property_service set; - -# gsid needs to store images on /data, but cannot use file I/O. If it did, the -# underlying blocks would be encrypted, and we couldn't mount the GSI image in -# first-stage init. So instead of directly writing to /data, we: -# -# 1. fallocate a file large enough to hold the signed GSI -# 2. extract its block layout with FIEMAP -# 3. create a dm-linear device using the FIEMAP, targeting /dev/block/by-name/userdata -# 4. write system_gsi into that dm device -# -# To make this process work, we need to unwrap the device-mapper stacking for -# userdata to reach the underlying block device. To verify the result we use -# stat(), which requires read access. -allow gsid userdata_block_device:blk_file r_file_perms; - -# gsid uses /metadata/gsi to communicate GSI boot information to first-stage -# init. It cannot use userdata since data cannot be decrypted during this -# stage. -# -# gsid uses /metadata/gsi to store three files: -# install_status - A short string indicating whether a GSI image is bootable. -# lp_metadata - LpMetadata blob describing the block ranges on userdata -# where system_gsi resides. -# booted - An empty file that, if exists, indicates that a GSI is -# currently running. -# -allow gsid metadata_file:dir search; -allow gsid gsi_metadata_file:dir rw_dir_perms; -allow gsid gsi_metadata_file:file create_file_perms; - -allow gsid gsi_data_file:dir rw_dir_perms; -allow gsid gsi_data_file:file create_file_perms; -allowxperm gsid gsi_data_file:file ioctl FS_IOC_FIEMAP; - -neverallow { - domain - -init - -gsid - -fastbootd - -vold -} gsi_metadata_file:dir *; - -neverallow { - domain - -init - -gsid - -fastbootd - -vold -} gsi_metadata_file:notdevfile_class_set ~{ relabelto getattr }; - -neverallow { - domain - -init - -gsid - -fastbootd - -vold -} { gsi_data_file gsi_metadata_file }:notdevfile_class_set *; - -neverallow { - domain - -gsid -} gsi_data_file:dir ~{ open create read getattr setattr search relabelto ioctl }; - -neverallow { - domain - -init - -gsid -} gsi_data_file:dir *; - -neverallow { - domain - -gsid -} gsi_data_file:notdevfile_class_set ~{ relabelto getattr }; diff --git a/prebuilts/api/29.0/private/hal_allocator_default.te b/prebuilts/api/29.0/private/hal_allocator_default.te deleted file mode 100644 index 9dbe9232e..000000000 --- a/prebuilts/api/29.0/private/hal_allocator_default.te +++ /dev/null @@ -1,8 +0,0 @@ -type hal_allocator_default, domain, coredomain; -hal_server_domain(hal_allocator_default, hal_allocator) - -type hal_allocator_default_exec, system_file_type, exec_type, file_type; -init_daemon_domain(hal_allocator_default) - -# To talk to ashmemd -binder_use(hal_allocator_default) diff --git a/prebuilts/api/29.0/private/halclientdomain.te b/prebuilts/api/29.0/private/halclientdomain.te deleted file mode 100644 index 9dcd3ee38..000000000 --- a/prebuilts/api/29.0/private/halclientdomain.te +++ /dev/null @@ -1,13 +0,0 @@ -### -### Rules for all domains which are clients of a HAL -### - -# Find out whether a HAL in passthrough/in-process mode or -# binderized/out-of-process mode -hwbinder_use(halclientdomain) - -# Used to wait for hwservicemanager -get_prop(halclientdomain, hwservicemanager_prop) - -# Wait for HAL server to be up (used by getService) -allow halclientdomain hidl_manager_hwservice:hwservice_manager find; diff --git a/prebuilts/api/29.0/private/halserverdomain.te b/prebuilts/api/29.0/private/halserverdomain.te deleted file mode 100644 index f36e0e7d8..000000000 --- a/prebuilts/api/29.0/private/halserverdomain.te +++ /dev/null @@ -1,12 +0,0 @@ -### -### Rules for all domains which offer a HAL service over HwBinder -### - -# Register the HAL service with hwservicemanager -hwbinder_use(halserverdomain) - -# Find HAL implementations -allow halserverdomain system_file:dir r_dir_perms; - -# Used to wait for hwservicemanager -get_prop(halserverdomain, hwservicemanager_prop) diff --git a/prebuilts/api/29.0/private/healthd.te b/prebuilts/api/29.0/private/healthd.te deleted file mode 100644 index 20d079173..000000000 --- a/prebuilts/api/29.0/private/healthd.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute healthd coredomain; - -init_daemon_domain(healthd) - -# Allow healthd to serve health HAL -hal_server_domain(healthd, hal_health) diff --git a/prebuilts/api/29.0/private/heapprofd.te b/prebuilts/api/29.0/private/heapprofd.te deleted file mode 100644 index a7a5ef526..000000000 --- a/prebuilts/api/29.0/private/heapprofd.te +++ /dev/null @@ -1,77 +0,0 @@ -# Android heap profiling daemon. go/heapprofd. -# -# On user builds, this daemon is responsible for receiving the initial -# profiling configuration, finding matching target processes (if profiling by -# process name), and sending the activation signal to them (+ setting system -# properties for new processes to start profiling from startup). When profiling -# is triggered in a process, it spawns a private heapprofd subprocess (in its -# own SELinux domain), which will exclusively handle profiling of its parent. -# -# On debug builds, this central daemon performs profiling for all target -# processes (which talk directly to this daemon). -type heapprofd_exec, exec_type, file_type, system_file_type; -type heapprofd_tmpfs, file_type; - -init_daemon_domain(heapprofd) -tmpfs_domain(heapprofd) - -# Allow apps in other MLS contexts (for multi-user) to access -# shared memory buffers created by heapprofd. -typeattribute heapprofd_tmpfs mlstrustedobject; - -set_prop(heapprofd, heapprofd_prop); - -# Necessary for /proc/[pid]/cmdline access & sending signals. -typeattribute heapprofd mlstrustedsubject; - -# Allow sending signals to processes. This excludes SIGKILL, SIGSTOP and -# SIGCHLD, which are controlled by separate permissions. -allow heapprofd self:capability kill; - -# When scanning /proc/[pid]/cmdline to find matching processes for by-name -# profiling, only whitelisted domains will be allowed by SELinux. Avoid -# spamming logs with denials for entries that we can not access. -dontaudit heapprofd domain:dir { search open }; - -# Write trace data to the Perfetto traced daemon. This requires connecting to -# its producer socket and obtaining a (per-process) tmpfs fd. -allow heapprofd traced:fd use; -allow heapprofd traced_tmpfs:file { read write getattr map }; -unix_socket_connect(heapprofd, traced_producer, traced) - -# When handling profiling for all processes, heapprofd needs to read -# executables/libraries/etc to do stack unwinding. -userdebug_or_eng(` - r_dir_file(heapprofd, nativetest_data_file) - r_dir_file(heapprofd, system_file_type) - r_dir_file(heapprofd, apk_data_file) - r_dir_file(heapprofd, dalvikcache_data_file) - r_dir_file(heapprofd, vendor_file_type) - # Some dex files are not world-readable. - # We are still constrained by the SELinux rules above. - allow heapprofd self:global_capability_class_set dac_read_search; - -') - -# This is going to happen on user but is benign because central heapprofd -# does not actually need these permission. -# If the dac_read_search capability check is rejected, the kernel then tries -# to perform a dac_override capability check, so we need to dontaudit that -# as well. -dontaudit heapprofd self:global_capability_class_set { dac_read_search dac_override }; - -never_profile_heap(`{ - bpfloader - init - kernel - keystore - llkd - logd - ueventd - vendor_init - vold -}') - -full_treble_only(` - neverallow heapprofd vendor_file:file { no_w_file_perms no_x_file_perms }; -') diff --git a/prebuilts/api/29.0/private/hwservice_contexts b/prebuilts/api/29.0/private/hwservice_contexts deleted file mode 100644 index f3745a3a3..000000000 --- a/prebuilts/api/29.0/private/hwservice_contexts +++ /dev/null @@ -1,82 +0,0 @@ -android.frameworks.bufferhub::IBufferHub u:object_r:fwk_bufferhub_hwservice:s0 -android.frameworks.cameraservice.service::ICameraService u:object_r:fwk_camera_hwservice:s0 -android.frameworks.displayservice::IDisplayService u:object_r:fwk_display_hwservice:s0 -android.frameworks.schedulerservice::ISchedulingPolicyService u:object_r:fwk_scheduler_hwservice:s0 -android.frameworks.sensorservice::ISensorManager u:object_r:fwk_sensor_hwservice:s0 -android.frameworks.stats::IStats u:object_r:fwk_stats_hwservice:s0 -android.hardware.atrace::IAtraceDevice u:object_r:hal_atrace_hwservice:s0 -android.hardware.audio.effect::IEffectsFactory u:object_r:hal_audio_hwservice:s0 -android.hardware.audio::IDevicesFactory u:object_r:hal_audio_hwservice:s0 -android.hardware.authsecret::IAuthSecret u:object_r:hal_authsecret_hwservice:s0 -android.hardware.automotive.audiocontrol::IAudioControl u:object_r:hal_audiocontrol_hwservice:s0 -android.hardware.automotive.evs::IEvsEnumerator u:object_r:hal_evs_hwservice:s0 -android.hardware.automotive.vehicle::IVehicle u:object_r:hal_vehicle_hwservice:s0 -android.hardware.biometrics.face::IBiometricsFace u:object_r:hal_face_hwservice:s0 -android.hardware.biometrics.fingerprint::IBiometricsFingerprint u:object_r:hal_fingerprint_hwservice:s0 -android.hardware.bluetooth::IBluetoothHci u:object_r:hal_bluetooth_hwservice:s0 -android.hardware.bluetooth.a2dp::IBluetoothAudioOffload u:object_r:hal_audio_hwservice:s0 -android.hardware.bluetooth.audio::IBluetoothAudioProvidersFactory u:object_r:hal_audio_hwservice:s0 -android.hardware.boot::IBootControl u:object_r:hal_bootctl_hwservice:s0 -android.hardware.broadcastradio::IBroadcastRadio u:object_r:hal_broadcastradio_hwservice:s0 -android.hardware.broadcastradio::IBroadcastRadioFactory u:object_r:hal_broadcastradio_hwservice:s0 -android.hardware.camera.provider::ICameraProvider u:object_r:hal_camera_hwservice:s0 -android.hardware.configstore::ISurfaceFlingerConfigs u:object_r:hal_configstore_ISurfaceFlingerConfigs:s0 -android.hardware.confirmationui::IConfirmationUI u:object_r:hal_confirmationui_hwservice:s0 -android.hardware.contexthub::IContexthub u:object_r:hal_contexthub_hwservice:s0 -android.hardware.cas::IMediaCasService u:object_r:hal_cas_hwservice:s0 -android.hardware.drm::ICryptoFactory u:object_r:hal_drm_hwservice:s0 -android.hardware.drm::IDrmFactory u:object_r:hal_drm_hwservice:s0 -android.hardware.dumpstate::IDumpstateDevice u:object_r:hal_dumpstate_hwservice:s0 -android.hardware.gatekeeper::IGatekeeper u:object_r:hal_gatekeeper_hwservice:s0 -android.hardware.gnss::IGnss u:object_r:hal_gnss_hwservice:s0 -android.hardware.graphics.allocator::IAllocator u:object_r:hal_graphics_allocator_hwservice:s0 -android.hardware.graphics.composer::IComposer u:object_r:hal_graphics_composer_hwservice:s0 -android.hardware.graphics.mapper::IMapper u:object_r:hal_graphics_mapper_hwservice:s0 -android.hardware.health::IHealth u:object_r:hal_health_hwservice:s0 -android.hardware.health.storage::IStorage u:object_r:hal_health_storage_hwservice:s0 -android.hardware.input.classifier::IInputClassifier u:object_r:hal_input_classifier_hwservice:s0 -android.hardware.ir::IConsumerIr u:object_r:hal_ir_hwservice:s0 -android.hardware.keymaster::IKeymasterDevice u:object_r:hal_keymaster_hwservice:s0 -android.hardware.light::ILight u:object_r:hal_light_hwservice:s0 -android.hardware.lowpan::ILowpanDevice u:object_r:hal_lowpan_hwservice:s0 -android.hardware.media.omx::IOmx u:object_r:hal_omx_hwservice:s0 -android.hardware.media.omx::IOmxStore u:object_r:hal_omx_hwservice:s0 -android.hardware.media.c2::IComponentStore u:object_r:hal_codec2_hwservice:s0 -android.hardware.memtrack::IMemtrack u:object_r:hal_memtrack_hwservice:s0 -android.hardware.neuralnetworks::IDevice u:object_r:hal_neuralnetworks_hwservice:s0 -android.hardware.nfc::INfc u:object_r:hal_nfc_hwservice:s0 -android.hardware.oemlock::IOemLock u:object_r:hal_oemlock_hwservice:s0 -android.hardware.power::IPower u:object_r:hal_power_hwservice:s0 -android.hardware.power.stats::IPowerStats u:object_r:hal_power_stats_hwservice:s0 -android.hardware.radio.config::IRadioConfig u:object_r:hal_telephony_hwservice:s0 -android.hardware.radio.deprecated::IOemHook u:object_r:hal_telephony_hwservice:s0 -android.hardware.radio::IRadio u:object_r:hal_telephony_hwservice:s0 -android.hardware.radio::ISap u:object_r:hal_telephony_hwservice:s0 -android.hardware.renderscript::IDevice u:object_r:hal_renderscript_hwservice:s0 -android.hardware.secure_element::ISecureElement u:object_r:hal_secure_element_hwservice:s0 -android.hardware.sensors::ISensors u:object_r:hal_sensors_hwservice:s0 -android.hardware.soundtrigger::ISoundTriggerHw u:object_r:hal_audio_hwservice:s0 -android.hardware.tetheroffload.config::IOffloadConfig u:object_r:hal_tetheroffload_hwservice:s0 -android.hardware.tetheroffload.control::IOffloadControl u:object_r:hal_tetheroffload_hwservice:s0 -android.hardware.thermal::IThermal u:object_r:hal_thermal_hwservice:s0 -android.hardware.thermal::IThermalCallback u:object_r:thermalcallback_hwservice:s0 -android.hardware.tv.cec::IHdmiCec u:object_r:hal_tv_cec_hwservice:s0 -android.hardware.tv.input::ITvInput u:object_r:hal_tv_input_hwservice:s0 -android.hardware.usb::IUsb u:object_r:hal_usb_hwservice:s0 -android.hardware.usb.gadget::IUsbGadget u:object_r:hal_usb_gadget_hwservice:s0 -android.hardware.vibrator::IVibrator u:object_r:hal_vibrator_hwservice:s0 -android.hardware.vr::IVr u:object_r:hal_vr_hwservice:s0 -android.hardware.weaver::IWeaver u:object_r:hal_weaver_hwservice:s0 -android.hardware.wifi::IWifi u:object_r:hal_wifi_hwservice:s0 -android.hardware.wifi.hostapd::IHostapd u:object_r:hal_wifi_hostapd_hwservice:s0 -android.hardware.wifi.offload::IOffload u:object_r:hal_wifi_offload_hwservice:s0 -android.hardware.wifi.supplicant::ISupplicant u:object_r:hal_wifi_supplicant_hwservice:s0 -android.hidl.allocator::IAllocator u:object_r:hidl_allocator_hwservice:s0 -android.hidl.base::IBase u:object_r:hidl_base_hwservice:s0 -android.hidl.manager::IServiceManager u:object_r:hidl_manager_hwservice:s0 -android.hidl.memory::IMapper u:object_r:hidl_memory_hwservice:s0 -android.hidl.token::ITokenManager u:object_r:hidl_token_hwservice:s0 -android.system.net.netd::INetd u:object_r:system_net_netd_hwservice:s0 -android.system.suspend::ISystemSuspend u:object_r:system_suspend_hwservice:s0 -android.system.wifi.keystore::IKeystore u:object_r:system_wifi_keystore_hwservice:s0 -* u:object_r:default_android_hwservice:s0 diff --git a/prebuilts/api/29.0/private/hwservicemanager.te b/prebuilts/api/29.0/private/hwservicemanager.te deleted file mode 100644 index 0705cc711..000000000 --- a/prebuilts/api/29.0/private/hwservicemanager.te +++ /dev/null @@ -1,8 +0,0 @@ -typeattribute hwservicemanager coredomain; - -init_daemon_domain(hwservicemanager) - -add_hwservice(hwservicemanager, hidl_manager_hwservice) -add_hwservice(hwservicemanager, hidl_token_hwservice) - -set_prop(hwservicemanager, ctl_interface_start_prop) diff --git a/prebuilts/api/29.0/private/idmap.te b/prebuilts/api/29.0/private/idmap.te deleted file mode 100644 index c982783b9..000000000 --- a/prebuilts/api/29.0/private/idmap.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute idmap coredomain; - -init_daemon_domain(idmap) diff --git a/prebuilts/api/29.0/private/incident.te b/prebuilts/api/29.0/private/incident.te deleted file mode 100644 index 98101e031..000000000 --- a/prebuilts/api/29.0/private/incident.te +++ /dev/null @@ -1,30 +0,0 @@ -typeattribute incident coredomain; - -type incident_exec, system_file_type, exec_type, file_type; - -# switch to incident domain for incident command -domain_auto_trans(shell, incident_exec, incident) - -# allow incident access to stdout from its parent shell. -allow incident shell:fd use; - -# allow incident be able to output data for CTS to fetch. -allow incident devpts:chr_file { read write }; - -# allow incident to communicate use, read and write over the adb -# connection. -allow incident adbd:fd use; -allow incident adbd:unix_stream_socket { read write }; - -# allow adbd to reap incident -allow incident adbd:process { sigchld }; - -# Allow the incident command to talk to the incidentd over the binder, and get -# back the incident report data from a ParcelFileDescriptor. -binder_use(incident) -allow incident incident_service:service_manager find; -binder_call(incident, incidentd) -allow incident incidentd:fifo_file write; - -# only allow incident being called by shell -neverallow { domain -su -shell -incident } incident_exec:file { execute execute_no_trans }; diff --git a/prebuilts/api/29.0/private/incident_helper.te b/prebuilts/api/29.0/private/incident_helper.te deleted file mode 100644 index b45385568..000000000 --- a/prebuilts/api/29.0/private/incident_helper.te +++ /dev/null @@ -1,14 +0,0 @@ -typeattribute incident_helper coredomain; - -type incident_helper_exec, system_file_type, exec_type, file_type; - -# switch to incident_helper domain for incident_helper command -domain_auto_trans(incidentd, incident_helper_exec, incident_helper) - -# use pipe to transmit data from/to incidentd/incident_helper for parsing -allow incident_helper { shell incident incidentd dumpstate }:fd use; -allow incident_helper { shell incident incidentd dumpstate }:fifo_file { getattr read write }; -allow incident_helper incidentd:unix_stream_socket { read write }; - -# only allow incidentd and shell to call incident_helper -neverallow { domain -incidentd -incident_helper -shell } incident_helper_exec:file { execute execute_no_trans }; diff --git a/prebuilts/api/29.0/private/incidentd.te b/prebuilts/api/29.0/private/incidentd.te deleted file mode 100644 index 6f1095569..000000000 --- a/prebuilts/api/29.0/private/incidentd.te +++ /dev/null @@ -1,177 +0,0 @@ -typeattribute incidentd coredomain; -typeattribute incidentd mlstrustedsubject; - -init_daemon_domain(incidentd) -type incidentd_exec, system_file_type, exec_type, file_type; -binder_use(incidentd) -wakelock_use(incidentd) - -# Allow incidentd to scan through /proc/pid for all processes -r_dir_file(incidentd, domain) - -# Allow incidentd to kill incident_helper when timeout -allow incidentd incident_helper:process sigkill; - -# Allow executing files on system, such as: -# /system/bin/toolbox -# /system/bin/logcat -# /system/bin/dumpsys -allow incidentd system_file:file execute_no_trans; -allow incidentd toolbox_exec:file rx_file_perms; - -# section id 1002, allow reading kernel version /proc/version -allow incidentd proc_version:file r_file_perms; - -# section id 2001, allow reading /proc/pagetypeinfo -allow incidentd proc_pagetypeinfo:file r_file_perms; - -# section id 2002, allow reading /d/wakeup_sources -allow incidentd debugfs_wakeup_sources:file r_file_perms; - -# section id 2003, allow executing top -allow incidentd proc_meminfo:file { open read }; - -# section id 2004, allow reading /sys/devices/system/cpu/cpufreq/all_time_in_state -allow incidentd sysfs_devices_system_cpu:file r_file_perms; - -# section id 2005, allow reading ps dump in full -allow incidentd domain:process getattr; - -# section id 2006, allow reading /sys/class/power_supply/bms/battery_type -allow incidentd sysfs_batteryinfo:dir { search }; -allow incidentd sysfs_batteryinfo:file r_file_perms; - -# section id 2007, allow reading LAST_KMSG /sys/fs/pstore/console-ramoops -userdebug_or_eng(`allow incidentd pstorefs:dir search'); -userdebug_or_eng(`allow incidentd pstorefs:file r_file_perms'); - -# section id 3023, allow obtaining stats report -allow incidentd stats_service:service_manager find; -binder_call(incidentd, statsd) - -# Create and write into /data/misc/incidents -allow incidentd incident_data_file:dir rw_dir_perms; -allow incidentd incident_data_file:file create_file_perms; - -# Enable incidentd to get stack traces. -binder_use(incidentd) -hwbinder_use(incidentd) -allow incidentd hwservicemanager:hwservice_manager { list }; -get_prop(incidentd, hwservicemanager_prop) -allow incidentd hidl_manager_hwservice:hwservice_manager { find }; - -# Read files in /proc -allow incidentd { - proc_cmdline - proc_pipe_conf - proc_stat -}:file r_file_perms; - -# Signal java processes to dump their stack and get the results -allow incidentd { appdomain ephemeral_app system_server }:process signal; - -# Signal native processes to dump their stack. -# This list comes from native_processes_to_dump in incidentd/utils.c -allow incidentd { - # This list comes from native_processes_to_dump in dumputils/dump_utils.cpp - audioserver - cameraserver - drmserver - inputflinger - mediadrmserver - mediaextractor - mediametrics - mediaserver - sdcardd - statsd - surfaceflinger - - # This list comes from hal_interfaces_to_dump in dumputils/dump_utils.cpp - hal_audio_server - hal_bluetooth_server - hal_camera_server - hal_graphics_allocator_server - hal_graphics_composer_server - hal_health_server - hal_omx_server - hal_sensors_server - hal_vr_server -}:process signal; - -# Allow incidentd to make binder calls to any binder service -binder_call(incidentd, system_server) -binder_call(incidentd, appdomain) - -# Reading /proc/PID/maps of other processes -userdebug_or_eng(`allow incidentd self:global_capability_class_set { sys_ptrace }'); -# incidentd has capability sys_ptrace, but should only use that capability for -# accessing sensitive /proc/PID files, never for using ptrace attach. -neverallow incidentd *:process ptrace; - -allow incidentd self:global_capability_class_set { - # Send signals to processes - kill -}; - -# Connect to tombstoned to intercept dumps. -unix_socket_connect(incidentd, tombstoned_intercept, tombstoned) - -# Run a shell. -allow incidentd shell_exec:file rx_file_perms; - -# logd access - work to be done is a PII safe log (possibly an event log?) -userdebug_or_eng(`read_logd(incidentd)') -# TODO control_logd(incidentd) - -# Allow incidentd to find these standard groups of services. -# Others can be whitelisted individually. -allow incidentd { - system_server_service - app_api_service - system_api_service -}:service_manager find; - -# Only incidentd can publish the binder service -add_service(incidentd, incident_service) - -# Allow pipes only from dumpstate and incident -allow incidentd { dumpstate incident }:fd use; -allow incidentd { dumpstate incident }:fifo_file write; - -# Allow incident to call back to incident with status updates. -binder_call(incidentd, incident) - -### -### neverallow rules -### - -# only dumpstate, system_server, system_app and incident command can find the incident service -neverallow { - domain - -dumpstate - -incident - -incidentd - -priv_app - -statsd - -system_app - -system_server -} incident_service:service_manager find; - -# only incidentd and the other root services in limited circumstances -# can get to the files in /data/misc/incidents -# -# write, execute, append are forbidden almost everywhere -neverallow { domain -incidentd -init -vold } incident_data_file:file { - w_file_perms - x_file_perms - create - rename - setattr - unlink - append -}; -# read is also allowed by system_server, for when the file is handed to dropbox -neverallow { domain -incidentd -init -vold -system_server } incident_data_file:file r_file_perms; -# limited access to the directory itself -neverallow { domain -incidentd -init -vold } incident_data_file:dir create_dir_perms; - diff --git a/prebuilts/api/29.0/private/init.te b/prebuilts/api/29.0/private/init.te deleted file mode 100644 index 374b20791..000000000 --- a/prebuilts/api/29.0/private/init.te +++ /dev/null @@ -1,34 +0,0 @@ -typeattribute init coredomain; - -tmpfs_domain(init) - -# Transitions to seclabel processes in init.rc -domain_trans(init, rootfs, healthd) -domain_trans(init, rootfs, slideshow) -domain_auto_trans(init, charger_exec, charger) -domain_auto_trans(init, e2fs_exec, e2fs) -domain_auto_trans(init, bpfloader_exec, bpfloader) - -recovery_only(` - # Files in recovery image are labeled as rootfs. - domain_trans(init, rootfs, adbd) - domain_trans(init, rootfs, charger) - domain_trans(init, rootfs, fastbootd) - domain_trans(init, rootfs, recovery) -') -domain_trans(init, shell_exec, shell) -domain_trans(init, init_exec, ueventd) -domain_trans(init, init_exec, vendor_init) -domain_trans(init, { rootfs toolbox_exec }, modprobe) -userdebug_or_eng(` - # case where logpersistd is actually logcat -f in logd context (nee: logcatd) - domain_auto_trans(init, logcat_exec, logpersist) - - # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng - allow init su:process transition; - dontaudit init su:process noatsecure; - allow init su:process { siginh rlimitinh }; -') - -# Allow the BoringSSL self test to request a reboot upon failure -set_prop(init, powerctl_prop) diff --git a/prebuilts/api/29.0/private/initial_sid_contexts b/prebuilts/api/29.0/private/initial_sid_contexts deleted file mode 100644 index 98190510f..000000000 --- a/prebuilts/api/29.0/private/initial_sid_contexts +++ /dev/null @@ -1,27 +0,0 @@ -sid kernel u:r:kernel:s0 -sid security u:object_r:kernel:s0 -sid unlabeled u:object_r:unlabeled:s0 -sid fs u:object_r:labeledfs:s0 -sid file u:object_r:unlabeled:s0 -sid file_labels u:object_r:unlabeled:s0 -sid init u:object_r:unlabeled:s0 -sid any_socket u:object_r:unlabeled:s0 -sid port u:object_r:port:s0 -sid netif u:object_r:netif:s0 -sid netmsg u:object_r:unlabeled:s0 -sid node u:object_r:node:s0 -sid igmp_packet u:object_r:unlabeled:s0 -sid icmp_socket u:object_r:unlabeled:s0 -sid tcp_socket u:object_r:unlabeled:s0 -sid sysctl_modprobe u:object_r:unlabeled:s0 -sid sysctl u:object_r:proc:s0 -sid sysctl_fs u:object_r:unlabeled:s0 -sid sysctl_kernel u:object_r:unlabeled:s0 -sid sysctl_net u:object_r:unlabeled:s0 -sid sysctl_net_unix u:object_r:unlabeled:s0 -sid sysctl_vm u:object_r:unlabeled:s0 -sid sysctl_dev u:object_r:unlabeled:s0 -sid kmod u:object_r:unlabeled:s0 -sid policy u:object_r:unlabeled:s0 -sid scmp_packet u:object_r:unlabeled:s0 -sid devnull u:object_r:null_device:s0 diff --git a/prebuilts/api/29.0/private/initial_sids b/prebuilts/api/29.0/private/initial_sids deleted file mode 100644 index 91ac816ba..000000000 --- a/prebuilts/api/29.0/private/initial_sids +++ /dev/null @@ -1,35 +0,0 @@ -# FLASK - -# -# Define initial security identifiers -# - -sid kernel -sid security -sid unlabeled -sid fs -sid file -sid file_labels -sid init -sid any_socket -sid port -sid netif -sid netmsg -sid node -sid igmp_packet -sid icmp_socket -sid tcp_socket -sid sysctl_modprobe -sid sysctl -sid sysctl_fs -sid sysctl_kernel -sid sysctl_net -sid sysctl_net_unix -sid sysctl_vm -sid sysctl_dev -sid kmod -sid policy -sid scmp_packet -sid devnull - -# FLASK diff --git a/prebuilts/api/29.0/private/inputflinger.te b/prebuilts/api/29.0/private/inputflinger.te deleted file mode 100644 index 9696b491b..000000000 --- a/prebuilts/api/29.0/private/inputflinger.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute inputflinger coredomain; - -init_daemon_domain(inputflinger) diff --git a/prebuilts/api/29.0/private/install_recovery.te b/prebuilts/api/29.0/private/install_recovery.te deleted file mode 100644 index b79d683a6..000000000 --- a/prebuilts/api/29.0/private/install_recovery.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute install_recovery coredomain; - -init_daemon_domain(install_recovery) diff --git a/prebuilts/api/29.0/private/installd.te b/prebuilts/api/29.0/private/installd.te deleted file mode 100644 index 3693c5931..000000000 --- a/prebuilts/api/29.0/private/installd.te +++ /dev/null @@ -1,41 +0,0 @@ -typeattribute installd coredomain; - -init_daemon_domain(installd) - -# Run dex2oat in its own sandbox. -domain_auto_trans(installd, dex2oat_exec, dex2oat) - -# Run dexoptanalyzer in its own sandbox. -domain_auto_trans(installd, dexoptanalyzer_exec, dexoptanalyzer) - -# Run viewcompiler in its own sandbox. -domain_auto_trans(installd, viewcompiler_exec, viewcompiler) - -# Run profman in its own sandbox. -domain_auto_trans(installd, profman_exec, profman) - -# Run idmap in its own sandbox. -domain_auto_trans(installd, idmap_exec, idmap) - -# Create /data/.layout_version.* file -type_transition installd system_data_file:file install_data_file; - -# For collecting bugreports. -allow installd dumpstate:fd use; -allow installd dumpstate:fifo_file r_file_perms; - -# Delete /system/bin/bcc generated artifacts -allow installd app_exec_data_file:file unlink; - -# Capture userdata snapshots to /data/misc_[ce|de]/rollback and -# subsequently restore them. -allow installd rollback_data_file:dir create_dir_perms; -allow installd rollback_data_file:file create_file_perms; - -# Allow installd to access the runtime feature flag properties. -get_prop(installd, device_config_runtime_native_prop) -get_prop(installd, device_config_runtime_native_boot_prop) - -# Allow installd to delete files in /data/staging -allow installd staging_data_file:file unlink; -allow installd staging_data_file:dir { open read remove_name rmdir search write }; diff --git a/prebuilts/api/29.0/private/iorapd.te b/prebuilts/api/29.0/private/iorapd.te deleted file mode 100644 index 91f4ddccf..000000000 --- a/prebuilts/api/29.0/private/iorapd.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute iorapd coredomain; - -init_daemon_domain(iorapd) -tmpfs_domain(iorapd) diff --git a/prebuilts/api/29.0/private/isolated_app.te b/prebuilts/api/29.0/private/isolated_app.te deleted file mode 100644 index 94b49b04a..000000000 --- a/prebuilts/api/29.0/private/isolated_app.te +++ /dev/null @@ -1,153 +0,0 @@ -### -### Services with isolatedProcess=true in their manifest. -### -### This file defines the rules for isolated apps. An "isolated -### app" is an APP with UID between AID_ISOLATED_START (99000) -### and AID_ISOLATED_END (99999). -### - -typeattribute isolated_app coredomain; - -app_domain(isolated_app) - -# Access already open app data files received over Binder or local socket IPC. -allow isolated_app { app_data_file privapp_data_file }:file { append read write getattr lock map }; - -allow isolated_app activity_service:service_manager find; -allow isolated_app display_service:service_manager find; -allow isolated_app webviewupdate_service:service_manager find; - -# Google Breakpad (crash reporter for Chrome) relies on ptrace -# functionality. Without the ability to ptrace, the crash reporter -# tool is broken. -# b/20150694 -# https://code.google.com/p/chromium/issues/detail?id=475270 -allow isolated_app self:process ptrace; - -# b/32896414: Allow accessing sdcard file descriptors passed to isolated_apps -# by other processes. Open should never be allowed, and is blocked by -# neverallow rules below. -# media_rw_data_file is included for sdcardfs, and can be removed if sdcardfs -# is modified to change the secontext when accessing the lower filesystem. -allow isolated_app { sdcard_type media_rw_data_file }:file { read write append getattr lock map }; - -# For webviews, isolated_app processes can be forked from the webview_zygote -# in addition to the zygote. Allow access to resources inherited from the -# webview_zygote process. These rules are specialized copies of the ones in app.te. -# Inherit FDs from the webview_zygote. -allow isolated_app webview_zygote:fd use; -# Notify webview_zygote of child death. -allow isolated_app webview_zygote:process sigchld; -# Inherit logd write socket. -allow isolated_app webview_zygote:unix_dgram_socket write; -# Read system properties managed by webview_zygote. -allow isolated_app webview_zygote_tmpfs:file read; - -# Inherit FDs from the app_zygote. -allow isolated_app app_zygote:fd use; -# Notify app_zygote of child death. -allow isolated_app app_zygote:process sigchld; -# Inherit logd write socket. -allow isolated_app app_zygote:unix_dgram_socket write; - -# TODO (b/63631799) fix this access -# suppress denials to /data/local/tmp -dontaudit isolated_app shell_data_file:dir search; - -# Write app-specific trace data to the Perfetto traced damon. This requires -# connecting to its producer socket and obtaining a (per-process) tmpfs fd. -allow isolated_app traced:fd use; -allow isolated_app traced_tmpfs:file { read write getattr map }; -unix_socket_connect(isolated_app, traced_producer, traced) - -# Allow heap profiling if the main app has been marked as profileable or -# debuggable. -can_profile_heap(isolated_app) - -allow isolated_app ashmem_device:chr_file { getattr read ioctl lock map append write }; - -##### -##### Neverallow -##### - -# Isolated apps should not directly open app data files themselves. -neverallow isolated_app { app_data_file privapp_data_file }:file open; - -# Only allow appending to /data/anr/traces.txt (b/27853304, b/18340553) -# TODO: are there situations where isolated_apps write to this file? -# TODO: should we tighten these restrictions further? -neverallow isolated_app anr_data_file:file ~{ open append }; -neverallow isolated_app anr_data_file:dir ~search; - -# Isolated apps must not be permitted to use HwBinder -neverallow isolated_app hwbinder_device:chr_file *; -neverallow isolated_app *:hwservice_manager *; - -# Isolated apps must not be permitted to use VndBinder -neverallow isolated_app vndbinder_device:chr_file *; - -# Isolated apps must not be permitted to perform actions on Binder and VndBinder service_manager -# except the find actions for services whitelisted below. -neverallow isolated_app *:service_manager ~find; - -# b/17487348 -# Isolated apps can only access three services, -# activity_service, display_service, webviewupdate_service, and -# ashmem_device_service. -neverallow isolated_app { - service_manager_type - -activity_service - -ashmem_device_service - -display_service - -webviewupdate_service -}:service_manager find; - -# Isolated apps shouldn't be able to access the driver directly. -neverallow isolated_app gpu_device:chr_file { rw_file_perms execute }; - -# Do not allow isolated_app access to /cache -neverallow isolated_app cache_file:dir ~{ r_dir_perms }; -neverallow isolated_app cache_file:file ~{ read getattr }; - -# Do not allow isolated_app to access external storage, except for files passed -# via file descriptors (b/32896414). -neverallow isolated_app { storage_file mnt_user_file sdcard_type }:dir ~getattr; -neverallow isolated_app { storage_file mnt_user_file }:file_class_set *; -neverallow isolated_app sdcard_type:{ devfile_class_set lnk_file sock_file fifo_file } *; -neverallow isolated_app sdcard_type:file ~{ read write append getattr lock map }; - -# Do not allow USB access -neverallow isolated_app { usb_device usbaccessory_device }:chr_file *; - -# Restrict the webview_zygote control socket. -neverallow isolated_app webview_zygote:sock_file write; - -# Limit the /sys files which isolated_app can access. This is important -# for controlling isolated_app attack surface. -neverallow isolated_app { - sysfs_type - -sysfs_devices_system_cpu - -sysfs_transparent_hugepage - -sysfs_usb # TODO: check with audio team if needed for isolated_app (b/28417852) -}:file no_rw_file_perms; - -# No creation of sockets families other than AF_UNIX sockets. -# List taken from system/sepolicy/public/global_macros - socket_class_set -# excluding unix_stream_socket and unix_dgram_socket. -# Many of these are socket families which have never and will never -# be compiled into the Android kernel. -neverallow isolated_app self:{ - socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket - key_socket appletalk_socket netlink_route_socket - netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket - netlink_selinux_socket netlink_audit_socket netlink_dnrt_socket - netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket - netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket - netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket - netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket - netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket - rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket - bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket - ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket - qipcrtr_socket smc_socket xdp_socket -} create; diff --git a/prebuilts/api/29.0/private/iw.te b/prebuilts/api/29.0/private/iw.te deleted file mode 100644 index adc8c9632..000000000 --- a/prebuilts/api/29.0/private/iw.te +++ /dev/null @@ -1,4 +0,0 @@ -type iw, domain, coredomain; -type iw_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(iw) diff --git a/prebuilts/api/29.0/private/kernel.te b/prebuilts/api/29.0/private/kernel.te deleted file mode 100644 index 207800e08..000000000 --- a/prebuilts/api/29.0/private/kernel.te +++ /dev/null @@ -1,8 +0,0 @@ -typeattribute kernel coredomain; - -domain_auto_trans(kernel, init_exec, init) - -# Allow the kernel to read otapreopt_chroot's file descriptors and files under -# /postinstall, as it uses apexd logic to mount APEX packages in /postinstall/apex. -allow kernel otapreopt_chroot:fd use; -allow kernel postinstall_file:file read; diff --git a/prebuilts/api/29.0/private/keys.conf b/prebuilts/api/29.0/private/keys.conf deleted file mode 100644 index f517b67e8..000000000 --- a/prebuilts/api/29.0/private/keys.conf +++ /dev/null @@ -1,28 +0,0 @@ -# -# Maps an arbitrary tag [TAGNAME] with the string contents found in -# TARGET_BUILD_VARIANT. Common convention is to start TAGNAME with an @ and -# name it after the base file name of the pem file. -# -# Each tag (section) then allows one to specify any string found in -# TARGET_BUILD_VARIANT. Typcially this is user, eng, and userdebug. Another -# option is to use ALL which will match ANY TARGET_BUILD_VARIANT string. -# - -[@PLATFORM] -ALL : $DEFAULT_SYSTEM_DEV_CERTIFICATE/platform.x509.pem - -[@MEDIA] -ALL : $DEFAULT_SYSTEM_DEV_CERTIFICATE/media.x509.pem - -[@NETWORK_STACK] -ALL : $DEFAULT_SYSTEM_DEV_CERTIFICATE/networkstack.x509.pem - -[@SHARED] -ALL : $DEFAULT_SYSTEM_DEV_CERTIFICATE/shared.x509.pem - -# Example of ALL TARGET_BUILD_VARIANTS -[@RELEASE] -ENG : $DEFAULT_SYSTEM_DEV_CERTIFICATE/testkey.x509.pem -USER : $DEFAULT_SYSTEM_DEV_CERTIFICATE/testkey.x509.pem -USERDEBUG : $DEFAULT_SYSTEM_DEV_CERTIFICATE/testkey.x509.pem - diff --git a/prebuilts/api/29.0/private/keystore.te b/prebuilts/api/29.0/private/keystore.te deleted file mode 100644 index 7f71028ba..000000000 --- a/prebuilts/api/29.0/private/keystore.te +++ /dev/null @@ -1,19 +0,0 @@ -typeattribute keystore coredomain; - -init_daemon_domain(keystore) - -# talk to keymaster -hal_client_domain(keystore, hal_keymaster) - -# talk to confirmationui -hal_client_domain(keystore, hal_confirmationui) - -# This is used for the ConfirmationUI async callback. -allow keystore platform_app:binder call; - -# Offer the Wifi Keystore HwBinder service -typeattribute keystore wifi_keystore_service_server; -add_hwservice(keystore, system_wifi_keystore_hwservice) - -# Allow to check whether security logging is enabled. -get_prop(keystore, device_logging_prop) diff --git a/prebuilts/api/29.0/private/llkd.te b/prebuilts/api/29.0/private/llkd.te deleted file mode 100644 index 385f93034..000000000 --- a/prebuilts/api/29.0/private/llkd.te +++ /dev/null @@ -1,53 +0,0 @@ -# llkd Live LocK Daemon -typeattribute llkd coredomain; - -init_daemon_domain(llkd) - -get_prop(llkd, llkd_prop) - -allow llkd self:global_capability_class_set kill; -userdebug_or_eng(` - allow llkd self:global_capability_class_set sys_ptrace; - allow llkd self:global_capability_class_set { dac_override dac_read_search }; -') - -# llkd optionally locks itself in memory, to prevent it from being -# swapped out and unable to discover a kernel in live-lock state. -allow llkd self:global_capability_class_set ipc_lock; - -# Send kill signals to _anyone_ suffering from Live Lock -allow llkd domain:process sigkill; - -# read stack to check for Live Lock -userdebug_or_eng(` - allow llkd { - domain - -apexd - -kernel - -keystore - -init - -llkd - -ueventd - -vendor_init - }:process ptrace; -') - -# live lock watchdog process allowed to look through /proc/ -allow llkd domain:dir r_dir_perms; -allow llkd domain:file r_file_perms; -allow llkd domain:lnk_file read; -# Set /proc/sys/kernel/hung_task_* -allow llkd proc_hung_task:file rw_file_perms; - -# live lock watchdog process allowed to dump process trace and -# reboot because orderly shutdown may not be possible. -allow llkd proc_sysrq:file w_file_perms; -allow llkd kmsg_device:chr_file w_file_perms; - -### neverallow rules - -neverallow { domain -init } llkd:process { dyntransition transition }; -neverallow { domain userdebug_or_eng(`-crash_dump') } llkd:process ptrace; - -# never honor LD_PRELOAD -neverallow * llkd:process noatsecure; diff --git a/prebuilts/api/29.0/private/lmkd.te b/prebuilts/api/29.0/private/lmkd.te deleted file mode 100644 index a07ce879c..000000000 --- a/prebuilts/api/29.0/private/lmkd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute lmkd coredomain; - -init_daemon_domain(lmkd) diff --git a/prebuilts/api/29.0/private/logd.te b/prebuilts/api/29.0/private/logd.te deleted file mode 100644 index 321727baf..000000000 --- a/prebuilts/api/29.0/private/logd.te +++ /dev/null @@ -1,37 +0,0 @@ -typeattribute logd coredomain; - -init_daemon_domain(logd) - -# logd is not allowed to write anywhere other than /data/misc/logd, and then -# only on userdebug or eng builds -neverallow logd { - file_type - -runtime_event_log_tags_file - userdebug_or_eng(`-coredump_file -misc_logd_file') -}:file { create write append }; - -# protect the event-log-tags file -neverallow { - domain - -appdomain # covered below - -bootstat - -dumpstate - -init - -logd - userdebug_or_eng(`-logpersist') - -servicemanager - -system_server - -surfaceflinger - -zygote -} runtime_event_log_tags_file:file no_rw_file_perms; - -neverallow { - appdomain - -bluetooth - -platform_app - -priv_app - -radio - -shell - userdebug_or_eng(`-su') - -system_app -} runtime_event_log_tags_file:file no_rw_file_perms; diff --git a/prebuilts/api/29.0/private/logpersist.te b/prebuilts/api/29.0/private/logpersist.te deleted file mode 100644 index 8cdbd2dd0..000000000 --- a/prebuilts/api/29.0/private/logpersist.te +++ /dev/null @@ -1,24 +0,0 @@ -typeattribute logpersist coredomain; - -# android debug log storage in logpersist domains (eng and userdebug only) -userdebug_or_eng(` - - r_dir_file(logpersist, cgroup) - - allow logpersist misc_logd_file:file create_file_perms; - allow logpersist misc_logd_file:dir rw_dir_perms; - - allow logpersist self:global_capability_class_set sys_nice; - allow logpersist pstorefs:dir search; - allow logpersist pstorefs:file r_file_perms; - - control_logd(logpersist) - unix_socket_connect(logpersist, logdr, logd) - read_runtime_log_tags(logpersist) - -') - -# logpersist is allowed to write to /data/misc/log for userdebug and eng builds -neverallow logpersist { file_type userdebug_or_eng(`-misc_logd_file -coredump_file') }:file { create write append }; -neverallow { domain -init userdebug_or_eng(`-logpersist -logd -dumpstate') } misc_logd_file:file no_rw_file_perms; -neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write }; diff --git a/prebuilts/api/29.0/private/lpdumpd.te b/prebuilts/api/29.0/private/lpdumpd.te deleted file mode 100644 index 458a8f171..000000000 --- a/prebuilts/api/29.0/private/lpdumpd.te +++ /dev/null @@ -1,41 +0,0 @@ -type lpdumpd, domain, coredomain; -type lpdumpd_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(lpdumpd) - -# Allow lpdumpd to register itself as a service. -binder_use(lpdumpd) -add_service(lpdumpd, lpdump_service) - -# Allow lpdumpd to find the super partition block device. -allow lpdumpd block_device:dir r_dir_perms; - -# Allow lpdumpd to read super partition metadata. -allow lpdumpd super_block_device_type:blk_file r_file_perms; - -# Allow lpdumpd to read fstab. -allow lpdumpd sysfs_dt_firmware_android:dir r_dir_perms; -allow lpdumpd sysfs_dt_firmware_android:file r_file_perms; - -# Triggered when lpdumpd tries to read default fstab. -dontaudit lpdumpd metadata_file:dir r_dir_perms; -dontaudit lpdumpd metadata_file:file r_file_perms; -dontaudit lpdumpd gsi_metadata_file:dir r_dir_perms; -dontaudit lpdumpd gsi_metadata_file:file r_file_perms; - -### Neverallow rules - -# Disallow other domains to get lpdump_service and call lpdumpd. -neverallow { - domain - -dumpstate - -lpdumpd - -shell -} lpdump_service:service_manager find; - -neverallow { - domain - -dumpstate - -lpdumpd - -shell -} lpdumpd:binder call; diff --git a/prebuilts/api/29.0/private/mac_permissions.xml b/prebuilts/api/29.0/private/mac_permissions.xml deleted file mode 100644 index 7fc37c13e..000000000 --- a/prebuilts/api/29.0/private/mac_permissions.xml +++ /dev/null @@ -1,62 +0,0 @@ - - - - - - - - - - - - - - - - - - - diff --git a/prebuilts/api/29.0/private/mdnsd.te b/prebuilts/api/29.0/private/mdnsd.te deleted file mode 100644 index 98e95dab3..000000000 --- a/prebuilts/api/29.0/private/mdnsd.te +++ /dev/null @@ -1,12 +0,0 @@ -# mdns daemon - -typeattribute mdnsd coredomain; -typeattribute mdnsd mlstrustedsubject; - -type mdnsd_exec, system_file_type, exec_type, file_type; -init_daemon_domain(mdnsd) - -net_domain(mdnsd) - -# Read from /proc/net -r_dir_file(mdnsd, proc_net_type) diff --git a/prebuilts/api/29.0/private/mediadrmserver.te b/prebuilts/api/29.0/private/mediadrmserver.te deleted file mode 100644 index 4e511a819..000000000 --- a/prebuilts/api/29.0/private/mediadrmserver.te +++ /dev/null @@ -1,8 +0,0 @@ -typeattribute mediadrmserver coredomain; - -init_daemon_domain(mediadrmserver) - -# allocate and use graphic buffers -hal_client_domain(mediadrmserver, hal_graphics_allocator) -auditallow mediadrmserver hal_graphics_allocator_server:binder call; - diff --git a/prebuilts/api/29.0/private/mediaextractor.te b/prebuilts/api/29.0/private/mediaextractor.te deleted file mode 100644 index 2e654d689..000000000 --- a/prebuilts/api/29.0/private/mediaextractor.te +++ /dev/null @@ -1,7 +0,0 @@ -typeattribute mediaextractor coredomain; - -init_daemon_domain(mediaextractor) -tmpfs_domain(mediaextractor) -allow mediaextractor appdomain_tmpfs:file { getattr map read write }; -allow mediaextractor mediaserver_tmpfs:file { getattr map read write }; -allow mediaextractor system_server_tmpfs:file { getattr map read write }; diff --git a/prebuilts/api/29.0/private/mediametrics.te b/prebuilts/api/29.0/private/mediametrics.te deleted file mode 100644 index f8b2fa5cd..000000000 --- a/prebuilts/api/29.0/private/mediametrics.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute mediametrics coredomain; - -init_daemon_domain(mediametrics) diff --git a/prebuilts/api/29.0/private/mediaprovider.te b/prebuilts/api/29.0/private/mediaprovider.te deleted file mode 100644 index 30d3fe0fe..000000000 --- a/prebuilts/api/29.0/private/mediaprovider.te +++ /dev/null @@ -1,46 +0,0 @@ -### -### A domain for android.process.media, which contains both -### MediaProvider and DownloadProvider and associated services. -### - -typeattribute mediaprovider coredomain; -app_domain(mediaprovider) - -# DownloadProvider accesses the network. -net_domain(mediaprovider) - -# DownloadProvider uses /cache. -allow mediaprovider cache_file:dir create_dir_perms; -allow mediaprovider cache_file:file create_file_perms; -# /cache is a symlink to /data/cache on some devices. Allow reading the link. -allow mediaprovider cache_file:lnk_file r_file_perms; -# mediaprovider searches through /cache looking for orphans -# Ignore denials to /cache/recovery and /cache/backup. -dontaudit mediaprovider cache_private_backup_file:dir getattr; -dontaudit mediaprovider cache_recovery_file:dir getattr; - -# Access external sdcards through /mnt/media_rw -allow mediaprovider { mnt_media_rw_file }:dir search; - -allow mediaprovider app_api_service:service_manager find; -allow mediaprovider audioserver_service:service_manager find; -allow mediaprovider drmserver_service:service_manager find; -allow mediaprovider mediaextractor_service:service_manager find; -allow mediaprovider mediaserver_service:service_manager find; - -# Allow MediaProvider to read/write cached ringtones (opened by system). -allow mediaprovider ringtone_file:file { getattr read write }; - -# MtpServer uses /dev/mtp_usb -allow mediaprovider mtp_device:chr_file rw_file_perms; - -# MtpServer uses /dev/usb-ffs/mtp -allow mediaprovider functionfs:dir search; -allow mediaprovider functionfs:file rw_file_perms; -allowxperm mediaprovider functionfs:file ioctl FUNCTIONFS_ENDPOINT_DESC; - -# MtpServer sets sys.usb.ffs.mtp.ready -set_prop(mediaprovider, ffs_prop) -set_prop(mediaprovider, exported_ffs_prop) - -allow mediaprovider ashmem_device:chr_file { getattr read ioctl lock map append write }; diff --git a/prebuilts/api/29.0/private/mediaserver.te b/prebuilts/api/29.0/private/mediaserver.te deleted file mode 100644 index b1cf64ad2..000000000 --- a/prebuilts/api/29.0/private/mediaserver.te +++ /dev/null @@ -1,8 +0,0 @@ -typeattribute mediaserver coredomain; - -init_daemon_domain(mediaserver) -tmpfs_domain(mediaserver) - -# allocate and use graphic buffers -hal_client_domain(mediaserver, hal_graphics_allocator) -hal_client_domain(mediaserver, hal_omx) diff --git a/prebuilts/api/29.0/private/mediaswcodec.te b/prebuilts/api/29.0/private/mediaswcodec.te deleted file mode 100644 index 50f569875..000000000 --- a/prebuilts/api/29.0/private/mediaswcodec.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute mediaswcodec coredomain; - -init_daemon_domain(mediaswcodec) - diff --git a/prebuilts/api/29.0/private/mls b/prebuilts/api/29.0/private/mls deleted file mode 100644 index 9690440e8..000000000 --- a/prebuilts/api/29.0/private/mls +++ /dev/null @@ -1,107 +0,0 @@ -################################################# -# MLS policy constraints -# - -# -# Process constraints -# - -# Process transition: Require equivalence unless the subject is trusted. -mlsconstrain process { transition dyntransition } - ((h1 eq h2 and l1 eq l2) or t1 == mlstrustedsubject); - -# Process read operations: No read up unless trusted. -mlsconstrain process { getsched getsession getpgid getcap getattr ptrace share } - (l1 dom l2 or t1 == mlstrustedsubject); - -# Process write operations: Require equivalence unless trusted. -mlsconstrain process { sigkill sigstop signal setsched setpgid setcap setrlimit ptrace share } - (l1 eq l2 or t1 == mlstrustedsubject); - -# -# Socket constraints -# - -# Create/relabel operations: Subject must be equivalent to object unless -# the subject is trusted. Sockets inherit the range of their creator. -mlsconstrain socket_class_set { create relabelfrom relabelto } - ((h1 eq h2 and l1 eq l2) or t1 == mlstrustedsubject); - -# Datagram send: Sender must be equivalent to the receiver unless one of them -# is trusted. -mlsconstrain unix_dgram_socket { sendto } - (l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedsubject); - -# Stream connect: Client must be equivalent to server unless one of them -# is trusted. -mlsconstrain unix_stream_socket { connectto } - (l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedsubject); - -# -# Directory/file constraints -# - -# Create/relabel operations: Subject must be equivalent to object unless -# the subject is trusted. Also, files should always be single-level. -# Do NOT exempt mlstrustedobject types from this constraint. -mlsconstrain dir_file_class_set { create relabelfrom relabelto } - (l2 eq h2 and (l1 eq l2 or t1 == mlstrustedsubject)); - -# -# Constraints for app data files only. -# - -# Only constrain open, not read/write. -# Also constrain other forms of manipulation, e.g. chmod/chown, unlink, rename, etc. -# Subject must dominate object unless the subject is trusted. -mlsconstrain dir { open search setattr rename add_name remove_name reparent rmdir } - ( (t2 != app_data_file and t2 != privapp_data_file ) or l1 dom l2 or t1 == mlstrustedsubject); -mlsconstrain { file sock_file } { open setattr unlink link rename } - ( (t2 != app_data_file and t2 != privapp_data_file and t2 != appdomain_tmpfs) or l1 dom l2 or t1 == mlstrustedsubject); -# For symlinks in app_data_file, require equivalence in order to manipulate or follow (read). -mlsconstrain { lnk_file } { open setattr unlink link rename read } - ( (t2 != app_data_file) or l1 eq l2 or t1 == mlstrustedsubject); -# For priv_app_data_file, continue to use dominance for symlinks because dynamite relies on this. -# TODO: Migrate to equivalence when it's no longer needed. -mlsconstrain { lnk_file } { open setattr unlink link rename read } - ( (t2 != privapp_data_file and t2 != appdomain_tmpfs) or l1 dom l2 or t1 == mlstrustedsubject); - -# -# Constraints for file types other than app data files. -# - -# Read operations: Subject must dominate object unless the subject -# or the object is trusted. -mlsconstrain dir { read getattr search } - (t2 == app_data_file or t2 == privapp_data_file or l1 dom l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject); - -mlsconstrain { file lnk_file sock_file chr_file blk_file } { read getattr execute } - (t2 == app_data_file or t2 == privapp_data_file or t2 == appdomain_tmpfs or l1 dom l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject); - -# Write operations: Subject must be equivalent to the object unless the -# subject or the object is trusted. -mlsconstrain dir { write setattr rename add_name remove_name reparent rmdir } - (t2 == app_data_file or t2 == privapp_data_file or l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject); - -mlsconstrain { file lnk_file sock_file chr_file blk_file } { write setattr append unlink link rename } - (t2 == app_data_file or t2 == privapp_data_file or t2 == appdomain_tmpfs or l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject); - -# Special case for FIFOs. -# These can be unnamed pipes, in which case they will be labeled with the -# creating process' label. Thus we also have an exemption when the "object" -# is a domain type, so that processes can communicate via unnamed pipes -# passed by binder or local socket IPC. -mlsconstrain fifo_file { read getattr } - (l1 dom l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject or t2 == domain); - -mlsconstrain fifo_file { write setattr append unlink link rename } - (l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedobject or t2 == domain); - -# -# Binder IPC constraints -# -# Presently commented out, as apps are expected to call one another. -# This would only make sense if apps were assigned categories -# based on allowable communications rather than per-app categories. -#mlsconstrain binder call -# (l1 eq l2 or t1 == mlstrustedsubject or t2 == mlstrustedsubject); diff --git a/prebuilts/api/29.0/private/mls_decl b/prebuilts/api/29.0/private/mls_decl deleted file mode 100644 index dd53bea7e..000000000 --- a/prebuilts/api/29.0/private/mls_decl +++ /dev/null @@ -1,10 +0,0 @@ -######################################### -# MLS declarations -# - -# Generate the desired number of sensitivities and categories. -gen_sens(mls_num_sens) -gen_cats(mls_num_cats) - -# Generate level definitions for each sensitivity and category. -gen_levels(mls_num_sens,mls_num_cats) diff --git a/prebuilts/api/29.0/private/mls_macros b/prebuilts/api/29.0/private/mls_macros deleted file mode 100644 index 83e05425b..000000000 --- a/prebuilts/api/29.0/private/mls_macros +++ /dev/null @@ -1,54 +0,0 @@ -######################################## -# -# gen_cats(N) -# -# declares categores c0 to c(N-1) -# -define(`decl_cats',`dnl -category c$1; -ifelse(`$1',`$2',,`decl_cats(incr($1),$2)')dnl -') - -define(`gen_cats',`decl_cats(0,decr($1))') - -######################################## -# -# gen_sens(N) -# -# declares sensitivites s0 to s(N-1) with dominance -# in increasing numeric order with s0 lowest, s(N-1) highest -# -define(`decl_sens',`dnl -sensitivity s$1; -ifelse(`$1',`$2',,`decl_sens(incr($1),$2)')dnl -') - -define(`gen_dominance',`s$1 ifelse(`$1',`$2',,`gen_dominance(incr($1),$2)')') - -define(`gen_sens',` -# Each sensitivity has a name and zero or more aliases. -decl_sens(0,decr($1)) - -# Define the ordering of the sensitivity levels (least to greatest) -dominance { gen_dominance(0,decr($1)) } -') - -######################################## -# -# gen_levels(N,M) -# -# levels from s0 to (N-1) with categories c0 to (M-1) -# -define(`decl_levels',`dnl -level s$1:c0.c$3; -ifelse(`$1',`$2',,`decl_levels(incr($1),$2,$3)')dnl -') - -define(`gen_levels',`decl_levels(0,decr($1),decr($2))') - -######################################## -# -# Basic level names for system low and high -# -define(`mls_systemlow',`s0') -define(`mls_systemhigh',`s`'decr(mls_num_sens):c0.c`'decr(mls_num_cats)') diff --git a/prebuilts/api/29.0/private/modprobe.te b/prebuilts/api/29.0/private/modprobe.te deleted file mode 100644 index 98586756f..000000000 --- a/prebuilts/api/29.0/private/modprobe.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute modprobe coredomain; diff --git a/prebuilts/api/29.0/private/mtp.te b/prebuilts/api/29.0/private/mtp.te deleted file mode 100644 index 732e111ed..000000000 --- a/prebuilts/api/29.0/private/mtp.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute mtp coredomain; - -init_daemon_domain(mtp) diff --git a/prebuilts/api/29.0/private/netd.te b/prebuilts/api/29.0/private/netd.te deleted file mode 100644 index 41473b73d..000000000 --- a/prebuilts/api/29.0/private/netd.te +++ /dev/null @@ -1,30 +0,0 @@ -typeattribute netd coredomain; - -init_daemon_domain(netd) - -# Allow netd to spawn dnsmasq in it's own domain -domain_auto_trans(netd, dnsmasq_exec, dnsmasq) - -# Allow netd to start clatd in its own domain and kill it -domain_auto_trans(netd, clatd_exec, clatd) -allow netd clatd:process signal; - -# give netd permission to setup iptables rule with xt_bpf, attach program to cgroup, and read/write -# the map created by bpfloader -allow netd bpfloader:bpf { prog_run map_read map_write }; - -# in order to invoke side effect of close() on such a socket calling synchronize_rcu() -# TODO: Remove this permission when 4.9 kernel is deprecated. -allow netd self:key_socket create; - -get_prop(netd, bpf_progs_loaded_prop) - -# Allow netd to write to statsd. -unix_socket_send(netd, statsdw, statsd) - -# Allow netd to send callbacks to network_stack -binder_call(netd, network_stack) - -# Allow netd to send dump info to dumpstate -allow netd dumpstate:fd use; -allow netd dumpstate:fifo_file { getattr write }; diff --git a/prebuilts/api/29.0/private/netutils_wrapper.te b/prebuilts/api/29.0/private/netutils_wrapper.te deleted file mode 100644 index ca3b51585..000000000 --- a/prebuilts/api/29.0/private/netutils_wrapper.te +++ /dev/null @@ -1,44 +0,0 @@ -typeattribute netutils_wrapper coredomain; - -r_dir_file(netutils_wrapper, system_file); - -# For netutils (ip, iptables, tc) -allow netutils_wrapper self:global_capability_class_set net_raw; - -allow netutils_wrapper system_file:file { execute execute_no_trans }; -allow netutils_wrapper proc_net_type:file { open read getattr }; -allow netutils_wrapper self:rawip_socket create_socket_perms; -allow netutils_wrapper self:udp_socket create_socket_perms; -allow netutils_wrapper self:global_capability_class_set net_admin; -# ip utils need everything but ioctl -allow netutils_wrapper self:netlink_route_socket ~ioctl; -allow netutils_wrapper self:netlink_xfrm_socket ~ioctl; - -# For netutils (ndc) to be able to talk to netd -allow netutils_wrapper netd_service:service_manager find; -allow netutils_wrapper dnsresolver_service:service_manager find; -binder_use(netutils_wrapper); -binder_call(netutils_wrapper, netd); - -# For vendor code that update the iptables rules at runtime. They need to reload -# the whole chain including the xt_bpf rules. They need to access to the pinned -# program when reloading the rule. -allow netutils_wrapper fs_bpf:dir search; -allow netutils_wrapper fs_bpf:file { read write }; -allow netutils_wrapper bpfloader:bpf prog_run; - -# For /data/misc/net access to ndc and ip -r_dir_file(netutils_wrapper, net_data_file) - -domain_auto_trans({ - domain - -coredomain - -appdomain -}, netutils_wrapper_exec, netutils_wrapper) - -# suppress spurious denials -dontaudit netutils_wrapper self:global_capability_class_set sys_resource; -dontaudit netutils_wrapper sysfs_type:file read; - -# netutils wrapper may only use the following capabilities. -neverallow netutils_wrapper self:global_capability_class_set ~{ net_admin net_raw }; diff --git a/prebuilts/api/29.0/private/network_stack.te b/prebuilts/api/29.0/private/network_stack.te deleted file mode 100644 index b214538aa..000000000 --- a/prebuilts/api/29.0/private/network_stack.te +++ /dev/null @@ -1,30 +0,0 @@ -# Networking service app -typeattribute network_stack coredomain; - -app_domain(network_stack); -net_domain(network_stack); - -allow network_stack self:global_capability_class_set { - net_admin - net_bind_service - net_broadcast - net_raw -}; - -# Allow access to net_admin ioctl, DHCP server uses SIOCSARP -allowxperm network_stack self:udp_socket ioctl priv_sock_ioctls; - -# The DhcpClient uses packet_sockets -allow network_stack self:packet_socket create_socket_perms_no_ioctl; - -# Monitor neighbors via netlink. -allow network_stack self:netlink_route_socket nlmsg_write; - -allow network_stack app_api_service:service_manager find; -allow network_stack dnsresolver_service:service_manager find; -allow network_stack netd_service:service_manager find; -allow network_stack radio_service:service_manager find; -allow network_stack radio_data_file:dir create_dir_perms; -allow network_stack radio_data_file:file create_file_perms; - -binder_call(network_stack, netd); diff --git a/prebuilts/api/29.0/private/nfc.te b/prebuilts/api/29.0/private/nfc.te deleted file mode 100644 index 5e8567291..000000000 --- a/prebuilts/api/29.0/private/nfc.te +++ /dev/null @@ -1,34 +0,0 @@ -# nfc subsystem -typeattribute nfc coredomain; -app_domain(nfc) -net_domain(nfc) - -binder_service(nfc) -add_service(nfc, nfc_service) - -hal_client_domain(nfc, hal_nfc) - -# Data file accesses. -allow nfc nfc_data_file:dir create_dir_perms; -allow nfc nfc_data_file:notdevfile_class_set create_file_perms; - -# SoundPool loading and playback -allow nfc audioserver_service:service_manager find; -allow nfc drmserver_service:service_manager find; -allow nfc mediacodec_service:service_manager find; -allow nfc mediametrics_service:service_manager find; -allow nfc mediaextractor_service:service_manager find; -allow nfc mediaserver_service:service_manager find; - -allow nfc radio_service:service_manager find; -allow nfc app_api_service:service_manager find; -allow nfc system_api_service:service_manager find; -allow nfc vr_manager_service:service_manager find; -allow nfc secure_element_service:service_manager find; - -set_prop(nfc, nfc_prop); - -# already open bugreport file descriptors may be shared with -# the nfc process, from a file in -# /data/data/com.android.shell/files/bugreports/bugreport-*. -allow nfc shell_data_file:file read; diff --git a/prebuilts/api/29.0/private/notify_traceur.te b/prebuilts/api/29.0/private/notify_traceur.te deleted file mode 100644 index ef1fd4f38..000000000 --- a/prebuilts/api/29.0/private/notify_traceur.te +++ /dev/null @@ -1,12 +0,0 @@ -type notify_traceur, domain, coredomain; -type notify_traceur_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(notify_traceur); -binder_use(notify_traceur); - -# This is to execute am -allow notify_traceur activity_service:service_manager find; -allow notify_traceur shell_exec:file rx_file_perms; -allow notify_traceur system_file:file rx_file_perms; - -binder_call(notify_traceur, system_server); diff --git a/prebuilts/api/29.0/private/otapreopt_chroot.te b/prebuilts/api/29.0/private/otapreopt_chroot.te deleted file mode 100644 index e2bc33e3f..000000000 --- a/prebuilts/api/29.0/private/otapreopt_chroot.te +++ /dev/null @@ -1,74 +0,0 @@ -# otapreopt_chroot executable -type otapreopt_chroot, domain, coredomain; -type otapreopt_chroot_exec, system_file_type, exec_type, file_type; - -# Chroot preparation and execution. -# We need to create an unshared mount namespace, and then mount /data. -allow otapreopt_chroot postinstall_file:dir { search mounton }; -allow otapreopt_chroot self:global_capability_class_set { sys_admin sys_chroot }; - -# This is required to mount /vendor and mount/unmount ext4 images from -# APEX packages in /postinstall/apex. -allow otapreopt_chroot block_device:dir search; -allow otapreopt_chroot labeledfs:filesystem { mount unmount }; -# This is required for dynamic partitions. -allow otapreopt_chroot dm_device:chr_file rw_file_perms; - -# This is required to unmount flattened APEX packages under -# /postinstall/system/apex (which are bind-mounted in /postinstall/apex). -allow otapreopt_chroot postinstall_file:filesystem unmount; -# Mounting /vendor can have this side-effect. Ignore denial. -dontaudit otapreopt_chroot kernel:process setsched; - -# Allow otapreopt_chroot to read SELinux policy files. -allow otapreopt_chroot file_contexts_file:file r_file_perms; - -# Allow otapreopt_chroot to open and read the contents of /postinstall/system/apex. -allow otapreopt_chroot postinstall_file:dir r_dir_perms; -# Allow otapreopt_chroot to read the persist.apexd.verity_on_system system property. -get_prop(otapreopt_chroot, apexd_prop) - -# Allow otapreopt to use file descriptors from update-engine. It will -# close them immediately. -allow otapreopt_chroot postinstall:fd use; -allow otapreopt_chroot update_engine:fd use; -allow otapreopt_chroot update_engine:fifo_file write; - -# Allow to transition to postinstall_dexopt, to run otapreopt in its own sandbox. -domain_auto_trans(otapreopt_chroot, postinstall_file, postinstall_dexopt) - -# Allow otapreopt_chroot to create loop devices with /dev/loop-control. -allow otapreopt_chroot loop_control_device:chr_file rw_file_perms; -# Allow otapreopt_chroot to access loop devices. -allow otapreopt_chroot loop_device:blk_file rw_file_perms; -allowxperm otapreopt_chroot loop_device:blk_file ioctl { - LOOP_GET_STATUS64 - LOOP_SET_STATUS64 - LOOP_SET_FD - LOOP_SET_BLOCK_SIZE - LOOP_SET_DIRECT_IO - LOOP_CLR_FD - BLKFLSBUF -}; - -# Allow otapreopt_chroot to configure read-ahead of loop devices. -allow otapreopt_chroot sysfs_loop:dir r_dir_perms; -allow otapreopt_chroot sysfs_loop:file rw_file_perms; - -# Allow otapreopt_chroot to mount a tmpfs filesystem in /postinstall/apex. -allow otapreopt_chroot tmpfs:filesystem mount; -# Allow otapreopt_chroot to restore the security context of /postinstall/apex. -allow otapreopt_chroot tmpfs:dir relabelfrom; -allow otapreopt_chroot postinstall_apex_mnt_dir:dir relabelto; - -# Allow otapreopt_chroot to manipulate directory /postinstall/apex. -allow otapreopt_chroot postinstall_apex_mnt_dir:dir create_dir_perms; -# Allow otapreopt_chroot to mount APEX packages in /postinstall/apex. -allow otapreopt_chroot postinstall_apex_mnt_dir:dir mounton; - -# Allow otapreopt_chroot to access /dev/block (needed to detach loop -# devices used by ext4 images from APEX packages). -allow otapreopt_chroot block_device:dir r_dir_perms; - -# Allow to access the linker through the symlink. -allow otapreopt_chroot postinstall_file:lnk_file r_file_perms; diff --git a/prebuilts/api/29.0/private/otapreopt_slot.te b/prebuilts/api/29.0/private/otapreopt_slot.te deleted file mode 100644 index 27a3b0e08..000000000 --- a/prebuilts/api/29.0/private/otapreopt_slot.te +++ /dev/null @@ -1,28 +0,0 @@ -# This command set moves the artifact corresponding to the current slot -# from /data/ota to /data/dalvik-cache. - -type otapreopt_slot, domain, mlstrustedsubject, coredomain; -type otapreopt_slot_exec, system_file_type, exec_type, file_type; - -# Technically not a daemon but we do want the transition from init domain to -# cppreopts to occur. -init_daemon_domain(otapreopt_slot) - -# The otapreopt_slot renames the OTA dalvik-cache to the regular dalvik-cache, and cleans up -# the directory afterwards. For logging of aggregate size, we need getattr. -allow otapreopt_slot ota_data_file:dir { rw_dir_perms rename reparent rmdir }; -allow otapreopt_slot ota_data_file:{ file lnk_file } getattr; -# (du follows symlinks) -allow otapreopt_slot ota_data_file:lnk_file read; - -# Delete old content of the dalvik-cache. -allow otapreopt_slot dalvikcache_data_file:dir { add_name getattr open read remove_name rmdir search write }; -allow otapreopt_slot dalvikcache_data_file:file { getattr unlink }; -allow otapreopt_slot dalvikcache_data_file:lnk_file { getattr read unlink }; - -# Allow cppreopts to execute itself using #!/system/bin/sh -allow otapreopt_slot shell_exec:file rx_file_perms; - -# Allow running the mv and rm/rmdir commands using otapreopt_slot permissions. -# Needed so we can move artifacts into /data/dalvik-cache/dalvik-cache. -allow otapreopt_slot toolbox_exec:file rx_file_perms; diff --git a/prebuilts/api/29.0/private/perfetto.te b/prebuilts/api/29.0/private/perfetto.te deleted file mode 100644 index 28ea868e7..000000000 --- a/prebuilts/api/29.0/private/perfetto.te +++ /dev/null @@ -1,74 +0,0 @@ -# Perfetto command-line client. Can be used only from the domains that are -# explicitly whitelisted with a domain_auto_trans(X, perfetto_exec, perfetto). -# This command line client accesses the privileged socket of the traced -# daemon. - -type perfetto_exec, system_file_type, exec_type, file_type; -type perfetto_tmpfs, file_type; - -tmpfs_domain(perfetto); - -# Allow to access traced's privileged consumer socket. -unix_socket_connect(perfetto, traced_consumer, traced) - -# Connect to the Perfetto traced daemon as a producer. This requires -# connecting to its producer socket and obtaining a (per-process) tmpfs fd. -allow perfetto traced:fd use; -allow perfetto traced_tmpfs:file { read write getattr map }; -unix_socket_connect(perfetto, traced_producer, traced) - - -# Allow to write and unlink traces into /data/misc/perfetto-traces. -allow perfetto perfetto_traces_data_file:dir rw_dir_perms; -allow perfetto perfetto_traces_data_file:file create_file_perms; - -# Allow to access binder to pass the traces to Dropbox. -binder_use(perfetto) -binder_call(perfetto, system_server) -allow perfetto dropbox_service:service_manager find; - -# Allow perfetto to read the trace config from statsd and shell -# (both root and non-root) on stdin and also to write the resulting trace to -# stdout. -allow perfetto { statsd shell su }:fd use; -allow perfetto { statsd shell su }:fifo_file { getattr read write }; - -# Allow to communicate use, read and write over the adb connection. -allow perfetto adbd:fd use; -allow perfetto adbd:unix_stream_socket { read write }; - -# allow adbd to reap perfetto -allow perfetto adbd:process { sigchld }; - -# Allow to access /dev/pts when launched in an adb shell. -allow perfetto devpts:chr_file rw_file_perms; - -### -### Neverallow rules -### -### perfetto should NEVER do any of this - -# Disallow mapping executable memory (execstack and exec are already disallowed -# globally in domain.te). -neverallow perfetto self:process execmem; - -# Block device access. -neverallow perfetto dev_type:blk_file { read write }; - -# ptrace any other process -neverallow perfetto domain:process ptrace; - -# Disallows access to other /data files. -neverallow perfetto { - data_file_type - -system_data_file - # TODO(b/72998741) Remove exemption. Further restricted in a subsequent - # neverallow. Currently only getattr and search are allowed. - -vendor_data_file - -zoneinfo_data_file - -perfetto_traces_data_file -}:dir *; -neverallow perfetto { system_data_file -perfetto_traces_data_file }:dir ~{ getattr search }; -neverallow perfetto zoneinfo_data_file:dir ~r_dir_perms; -neverallow perfetto { data_file_type -zoneinfo_data_file -perfetto_traces_data_file }:lnk_file *; -neverallow perfetto { data_file_type -zoneinfo_data_file -perfetto_traces_data_file }:file ~write; diff --git a/prebuilts/api/29.0/private/performanced.te b/prebuilts/api/29.0/private/performanced.te deleted file mode 100644 index 792826e02..000000000 --- a/prebuilts/api/29.0/private/performanced.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute performanced coredomain; - -init_daemon_domain(performanced) diff --git a/prebuilts/api/29.0/private/perfprofd.te b/prebuilts/api/29.0/private/perfprofd.te deleted file mode 100644 index c65c6f112..000000000 --- a/prebuilts/api/29.0/private/perfprofd.te +++ /dev/null @@ -1,28 +0,0 @@ -userdebug_or_eng(` - typeattribute perfprofd coredomain; - init_daemon_domain(perfprofd) -') - -neverallow { - domain - userdebug_or_eng(` - -statsd - -system_server - -system_suspend_server - -hal_health_server - -hwservicemanager - ') -} perfprofd:binder call; - -neverallow perfprofd { - domain - userdebug_or_eng(` - -servicemanager - -statsd - -su - -system_server - -system_suspend_server - -hal_health_server - -hwservicemanager - ') -}:binder call; diff --git a/prebuilts/api/29.0/private/platform_app.te b/prebuilts/api/29.0/private/platform_app.te deleted file mode 100644 index bbba1d95c..000000000 --- a/prebuilts/api/29.0/private/platform_app.te +++ /dev/null @@ -1,103 +0,0 @@ -### -### Apps signed with the platform key. -### - -typeattribute platform_app coredomain; - -app_domain(platform_app) - -# Access the network. -net_domain(platform_app) -# Access bluetooth. -bluetooth_domain(platform_app) -# Read from /data/local/tmp or /data/data/com.android.shell. -allow platform_app shell_data_file:dir search; -allow platform_app shell_data_file:file { open getattr read }; -allow platform_app icon_file:file { open getattr read }; -# Populate /data/app/vmdl*.tmp, /data/app-private/vmdl*.tmp files -# created by system server. -allow platform_app { apk_tmp_file apk_private_tmp_file }:dir rw_dir_perms; -allow platform_app { apk_tmp_file apk_private_tmp_file }:file rw_file_perms; -allow platform_app apk_private_data_file:dir search; -# ASEC -allow platform_app asec_apk_file:dir create_dir_perms; -allow platform_app asec_apk_file:file create_file_perms; - -# Access to /data/media. -allow platform_app media_rw_data_file:dir create_dir_perms; -allow platform_app media_rw_data_file:file create_file_perms; - -# Write to /cache. -allow platform_app cache_file:dir create_dir_perms; -allow platform_app cache_file:file create_file_perms; - -# Direct access to vold-mounted storage under /mnt/media_rw -# This is a performance optimization that allows platform apps to bypass the FUSE layer -allow platform_app mnt_media_rw_file:dir r_dir_perms; -allow platform_app sdcard_type:dir create_dir_perms; -allow platform_app sdcard_type:file create_file_perms; - -# com.android.systemui -allow platform_app rootfs:dir getattr; - -# com.android.captiveportallogin reads /proc/vmstat -allow platform_app { - proc_vmstat -}:file r_file_perms; - -# /proc/net access. -# TODO(b/9496886) Audit access for removal. -r_dir_file(platform_app, proc_net_type) -userdebug_or_eng(` - auditallow platform_app proc_net_type:{ dir file lnk_file } { getattr open read }; -') - -allow platform_app audioserver_service:service_manager find; -allow platform_app cameraserver_service:service_manager find; -allow platform_app drmserver_service:service_manager find; -allow platform_app mediaserver_service:service_manager find; -allow platform_app mediametrics_service:service_manager find; -allow platform_app mediaextractor_service:service_manager find; -allow platform_app mediacodec_service:service_manager find; -allow platform_app mediadrmserver_service:service_manager find; -allow platform_app persistent_data_block_service:service_manager find; -allow platform_app radio_service:service_manager find; -allow platform_app thermal_service:service_manager find; -allow platform_app timezone_service:service_manager find; -allow platform_app app_api_service:service_manager find; -allow platform_app system_api_service:service_manager find; -allow platform_app vr_manager_service:service_manager find; -allow platform_app gpu_service:service_manager find; -allow platform_app stats_service:service_manager find; - -# Allow platform apps to interact with gpuservice -binder_call(platform_app, gpuservice) - -# Allow platform apps to log via statsd. -allow platform_app statsd:binder call; - -# Access to /data/preloads -allow platform_app preloads_data_file:file r_file_perms; -allow platform_app preloads_data_file:dir r_dir_perms; -allow platform_app preloads_media_file:file r_file_perms; -allow platform_app preloads_media_file:dir r_dir_perms; - -read_runtime_log_tags(platform_app) - -# allow platform apps to use UDP sockets provided by the system server but not -# modify them other than to connect -allow platform_app system_server:udp_socket { - connect getattr read recvfrom sendto write getopt setopt }; - -# allow platform apps to connect to the property service -set_prop(platform_app, test_boot_reason_prop) - -# allow platform apps to create symbolic link -allow platform_app app_data_file:lnk_file create_file_perms; - -### -### Neverallow rules -### - -# app domains which access /dev/fuse should not run as platform_app -neverallow platform_app fuse_device:chr_file *; diff --git a/prebuilts/api/29.0/private/policy_capabilities b/prebuilts/api/29.0/private/policy_capabilities deleted file mode 100644 index 9290e3ab3..000000000 --- a/prebuilts/api/29.0/private/policy_capabilities +++ /dev/null @@ -1,20 +0,0 @@ -# Enable new networking controls. -policycap network_peer_controls; - -# Enable open permission check. -policycap open_perms; - -# Enable separate security classes for -# all network address families previously -# mapped to the socket class and for -# ICMP and SCTP sockets previously mapped -# to the rawip_socket class. -policycap extended_socket_class; - -# Enable NoNewPrivileges support. Requires libsepol 2.7+ -# and kernel 4.14 (estimated). -# -# Checks enabled; -# process2: nnp_transition, nosuid_transition -# -policycap nnp_nosuid_transition; diff --git a/prebuilts/api/29.0/private/port_contexts b/prebuilts/api/29.0/private/port_contexts deleted file mode 100644 index b473c0c9b..000000000 --- a/prebuilts/api/29.0/private/port_contexts +++ /dev/null @@ -1,3 +0,0 @@ -# portcon statements go here, e.g. -# portcon tcp 80 u:object_r:http_port:s0 - diff --git a/prebuilts/api/29.0/private/postinstall.te b/prebuilts/api/29.0/private/postinstall.te deleted file mode 100644 index 363e362dd..000000000 --- a/prebuilts/api/29.0/private/postinstall.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute postinstall coredomain; - -domain_auto_trans(postinstall, otapreopt_chroot_exec, otapreopt_chroot) diff --git a/prebuilts/api/29.0/private/postinstall_dexopt.te b/prebuilts/api/29.0/private/postinstall_dexopt.te deleted file mode 100644 index fd370c201..000000000 --- a/prebuilts/api/29.0/private/postinstall_dexopt.te +++ /dev/null @@ -1,75 +0,0 @@ -# Domain for the otapreopt executable, running under postinstall_dexopt -# -# Note: otapreopt is a driver for dex2oat, and reuses parts of installd. As such, -# this is derived and adapted from installd.te. - -type postinstall_dexopt, domain, coredomain; - -# Run dex2oat/patchoat in its own sandbox. -# We have to manually transition, as we don't have an entrypoint. -# - Case where dex2oat is in a non-flattened APEX, which has retained -# the correct type (`dex2oat_exec`). -domain_auto_trans(postinstall_dexopt, dex2oat_exec, dex2oat) -# - Case where dex2oat is in a flattened APEX, which has been tagged -# with the `postinstall_file` type by update_engine. -domain_auto_trans(postinstall_dexopt, postinstall_file, dex2oat) - -allow postinstall_dexopt self:global_capability_class_set { chown dac_override dac_read_search fowner fsetid setgid setuid }; - -allow postinstall_dexopt postinstall_file:filesystem getattr; -allow postinstall_dexopt postinstall_file:dir { getattr read search }; -allow postinstall_dexopt postinstall_file:lnk_file { getattr read }; -allow postinstall_dexopt proc_filesystems:file { getattr open read }; -allow postinstall_dexopt tmpfs:file read; - -# Allow access to /postinstall/apex. -allow postinstall_dexopt postinstall_apex_mnt_dir:dir { getattr search }; - -# Note: /data/ota is created by init (see system/core/rootdir/init.rc) to avoid giving access -# here and having to relabel the directory. - -# Read app data (APKs) as input to dex2oat. -r_dir_file(postinstall_dexopt, apk_data_file) -# Read vendor app data (APKs) as input to dex2oat. -r_dir_file(postinstall_dexopt, vendor_app_file) -# Read vendor overlay files (APKs) as input to dex2oat. -r_dir_file(postinstall_dexopt, vendor_overlay_file) -# Access to app oat directory. -r_dir_file(postinstall_dexopt, dalvikcache_data_file) - -# Read profile data. -allow postinstall_dexopt user_profile_data_file:dir { getattr search }; -allow postinstall_dexopt user_profile_data_file:file r_file_perms; -# Suppress deletion denial (we do not want to update the profile). -dontaudit postinstall_dexopt user_profile_data_file:file { write }; - -# Write to /data/ota(/*). Create symlinks in /data/ota(/*) -allow postinstall_dexopt ota_data_file:dir create_dir_perms; -allow postinstall_dexopt ota_data_file:file create_file_perms; -allow postinstall_dexopt ota_data_file:lnk_file create_file_perms; - -# Need to write .b files, which are dalvikcache_data_file, not ota_data_file. -# TODO: See whether we can apply ota_data_file? -allow postinstall_dexopt dalvikcache_data_file:dir rw_dir_perms; -allow postinstall_dexopt dalvikcache_data_file:file create_file_perms; - -# Allow labeling of files under /data/app/com.example/oat/ -# TODO: Restrict to .b suffix? -allow postinstall_dexopt dalvikcache_data_file:dir relabelto; -allow postinstall_dexopt dalvikcache_data_file:file { relabelto link }; - -# Check validity of SELinux context before use. -selinux_check_context(postinstall_dexopt) -selinux_check_access(postinstall_dexopt) - - -# Postinstall wants to know about our child. -allow postinstall_dexopt postinstall:process sigchld; - -# Allow otapreopt to use file descriptors from otapreopt_chroot. -# TODO: Probably we can actually close file descriptors... -allow postinstall_dexopt otapreopt_chroot:fd use; - -# Allow postinstall_dexopt to access the runtime feature flag properties. -get_prop(postinstall_dexopt, device_config_runtime_native_prop) -get_prop(postinstall_dexopt, device_config_runtime_native_boot_prop) diff --git a/prebuilts/api/29.0/private/ppp.te b/prebuilts/api/29.0/private/ppp.te deleted file mode 100644 index 968b221b6..000000000 --- a/prebuilts/api/29.0/private/ppp.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute ppp coredomain; - -domain_auto_trans(mtp, ppp_exec, ppp) diff --git a/prebuilts/api/29.0/private/preloads_copy.te b/prebuilts/api/29.0/private/preloads_copy.te deleted file mode 100644 index 7177839fd..000000000 --- a/prebuilts/api/29.0/private/preloads_copy.te +++ /dev/null @@ -1,14 +0,0 @@ -type preloads_copy, domain, coredomain; -type preloads_copy_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(preloads_copy) - -allow preloads_copy shell_exec:file rx_file_perms; -allow preloads_copy toolbox_exec:file rx_file_perms; -allow preloads_copy preloads_data_file:dir create_dir_perms; -allow preloads_copy preloads_data_file:file create_file_perms; -allow preloads_copy preloads_media_file:dir create_dir_perms; -allow preloads_copy preloads_media_file:file create_file_perms; - -# Allow to copy from /postinstall -allow preloads_copy system_file:dir r_dir_perms; diff --git a/prebuilts/api/29.0/private/preopt2cachename.te b/prebuilts/api/29.0/private/preopt2cachename.te deleted file mode 100644 index dcfba14d5..000000000 --- a/prebuilts/api/29.0/private/preopt2cachename.te +++ /dev/null @@ -1,17 +0,0 @@ -# preopt2cachename executable -# -# This executable translates names from the preopted versions the build system -# creates to the names the runtime expects in the data directory. - -type preopt2cachename, domain, coredomain; -type preopt2cachename_exec, system_file_type, exec_type, file_type; - -# Allow write to stdout. -allow preopt2cachename cppreopts:fd use; -allow preopt2cachename cppreopts:fifo_file { getattr read write }; - -# Allow write to logcat. -allow preopt2cachename proc_net_type:file r_file_perms; -userdebug_or_eng(` - auditallow preopt2cachename proc_net_type:{ dir file lnk_file } { getattr open read }; -') diff --git a/prebuilts/api/29.0/private/priv_app.te b/prebuilts/api/29.0/private/priv_app.te deleted file mode 100644 index 35ad8c245..000000000 --- a/prebuilts/api/29.0/private/priv_app.te +++ /dev/null @@ -1,254 +0,0 @@ -### -### A domain for further sandboxing privileged apps. -### - -typeattribute priv_app coredomain; -app_domain(priv_app) - -# Access the network. -net_domain(priv_app) -# Access bluetooth. -bluetooth_domain(priv_app) - -# Allow the allocation and use of ptys -# Used by: https://play.privileged.com/store/apps/details?id=jackpal.androidterm -create_pty(priv_app) - -# webview crash handling depends on self ptrace (b/27697529, b/20150694, b/19277529#comment7) -allow priv_app self:process ptrace; - -# Allow loading executable code from writable priv-app home -# directories. This is a W^X violation, however, it needs -# to be supported for now for the following reasons. -# * /data/user_*/0/*/code_cache/* POSSIBLE uses (b/117841367) -# 1) com.android.opengl.shaders_cache -# 2) com.android.skia.shaders_cache -# 3) com.android.renderscript.cache -# * /data/user_de/0/com.google.android.gms/app_chimera -# TODO: Tighten (b/112357170) -allow priv_app privapp_data_file:file execute; - -allow priv_app privapp_data_file:lnk_file create_file_perms; - -# Priv apps can find services that expose both @SystemAPI and normal APIs. -allow priv_app app_api_service:service_manager find; -allow priv_app system_api_service:service_manager find; - -allow priv_app audioserver_service:service_manager find; -allow priv_app cameraserver_service:service_manager find; -allow priv_app drmserver_service:service_manager find; -allow priv_app mediacodec_service:service_manager find; -allow priv_app mediadrmserver_service:service_manager find; -allow priv_app mediaextractor_service:service_manager find; -allow priv_app mediametrics_service:service_manager find; -allow priv_app mediaserver_service:service_manager find; -allow priv_app network_watchlist_service:service_manager find; -allow priv_app nfc_service:service_manager find; -allow priv_app oem_lock_service:service_manager find; -allow priv_app persistent_data_block_service:service_manager find; -allow priv_app radio_service:service_manager find; -allow priv_app recovery_service:service_manager find; -allow priv_app stats_service:service_manager find; - -# Allow privileged apps to interact with gpuservice -binder_call(priv_app, gpuservice) -allow priv_app gpu_service:service_manager find; - -# Write to /cache. -allow priv_app { cache_file cache_recovery_file }:dir create_dir_perms; -allow priv_app { cache_file cache_recovery_file }:file create_file_perms; -# /cache is a symlink to /data/cache on some devices. Allow reading the link. -allow priv_app cache_file:lnk_file r_file_perms; - -# Write to /data/ota_package for OTA packages. -allow priv_app ota_package_file:dir rw_dir_perms; -allow priv_app ota_package_file:file create_file_perms; - -# Access to /data/media. -allow priv_app media_rw_data_file:dir create_dir_perms; -allow priv_app media_rw_data_file:file create_file_perms; - -# Used by Finsky / Android "Verify Apps" functionality when -# running "adb install foo.apk". -allow priv_app shell_data_file:file r_file_perms; -allow priv_app shell_data_file:dir r_dir_perms; - -# Allow traceur to pass file descriptors through a content provider to betterbug -allow priv_app trace_data_file:file { getattr read }; - -# Allow verifier to access staged apks. -allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms; -allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms; - -# b/18504118: Allow reads from /data/anr/traces.txt -allow priv_app anr_data_file:file r_file_perms; - -# Allow GMS core to access perfprofd output, which is stored -# in /data/misc/perfprofd/. GMS core will need to list all -# data stored in that directory to process them one by one. -userdebug_or_eng(` - allow priv_app perfprofd_data_file:file r_file_perms; - allow priv_app perfprofd_data_file:dir r_dir_perms; -') - -# For AppFuse. -allow priv_app vold:fd use; -allow priv_app fuse_device:chr_file { read write }; - -# /proc access -allow priv_app { - proc_vmstat -}:file r_file_perms; - -allow priv_app sysfs_type:dir search; -# Read access to /sys/class/net/wlan*/address -r_dir_file(priv_app, sysfs_net) -# Read access to /sys/block/zram*/mm_stat -r_dir_file(priv_app, sysfs_zram) - -r_dir_file(priv_app, rootfs) - -# Allow GMS core to open kernel config for OTA matching through libvintf -allow priv_app config_gz:file { open read getattr }; - -# access the mac address -allowxperm priv_app self:udp_socket ioctl SIOCGIFHWADDR; - -# Allow GMS core to communicate with update_engine for A/B update. -binder_call(priv_app, update_engine) -allow priv_app update_engine_service:service_manager find; - -# Allow GMS core to communicate with dumpsys storaged. -binder_call(priv_app, storaged) -allow priv_app storaged_service:service_manager find; - -# Allow GMS core to access system_update_service (e.g. to publish pending -# system update info). -allow priv_app system_update_service:service_manager find; - -# Allow GMS core to communicate with statsd. -binder_call(priv_app, statsd) - -# Allow Phone to read/write cached ringtones (opened by system). -allow priv_app ringtone_file:file { getattr read write }; - -# Access to /data/preloads -allow priv_app preloads_data_file:file r_file_perms; -allow priv_app preloads_data_file:dir r_dir_perms; -allow priv_app preloads_media_file:file r_file_perms; -allow priv_app preloads_media_file:dir r_dir_perms; - -# Allow privileged apps (e.g. GMS core) to generate unique hardware IDs -allow priv_app keystore:keystore_key gen_unique_id; - -# Allow GMS core to access /sys/fs/selinux/policyvers for compatibility check -allow priv_app selinuxfs:file r_file_perms; - -read_runtime_log_tags(priv_app) - -# Write app-specific trace data to the Perfetto traced damon. This requires -# connecting to its producer socket and obtaining a (per-process) tmpfs fd. -allow priv_app traced:fd use; -allow priv_app traced_tmpfs:file { read write getattr map }; -unix_socket_connect(priv_app, traced_producer, traced) - -# Allow priv_apps to request and collect incident reports. -# (Also requires DUMP and PACKAGE_USAGE_STATS permissions) -allow priv_app incident_service:service_manager find; -binder_call(priv_app, incidentd) -allow priv_app incidentd:fifo_file { read write }; - -# Allow heap profiling if the app opts in by being marked -# profileable/debuggable. -can_profile_heap(priv_app) - -# Allow priv_apps to check whether Dynamic System Update is enabled -get_prop(priv_app, dynamic_system_prop) - -# suppress denials for non-API accesses. -dontaudit priv_app exec_type:file getattr; -dontaudit priv_app device:dir read; -dontaudit priv_app fs_bpf:dir search; -dontaudit priv_app net_dns_prop:file read; -dontaudit priv_app proc:file read; -dontaudit priv_app proc_interrupts:file read; -dontaudit priv_app proc_modules:file read; -dontaudit priv_app proc_net:file read; -dontaudit priv_app proc_stat:file read; -dontaudit priv_app proc_version:file read; -dontaudit priv_app sysfs:dir read; -dontaudit priv_app sysfs:file read; -dontaudit priv_app sysfs_android_usb:file read; -dontaudit priv_app wifi_prop:file read; -dontaudit priv_app { wifi_prop exported_wifi_prop }:file read; - -# allow privileged apps to use UDP sockets provided by the system server but not -# modify them other than to connect -allow priv_app system_server:udp_socket { - connect getattr read recvfrom sendto write getopt setopt }; - -# Attempts to write to system_data_file is generally a sign -# that apps are attempting to access encrypted storage before -# the ACTION_USER_UNLOCKED intent is delivered. Suppress this -# denial to prevent apps from spamming the logs. -dontaudit priv_app system_data_file:dir write; - -### -### neverallow rules -### - -# Receive or send uevent messages. -neverallow priv_app domain:netlink_kobject_uevent_socket *; - -# Receive or send generic netlink messages -neverallow priv_app domain:netlink_socket *; - -# Too much leaky information in debugfs. It's a security -# best practice to ensure these files aren't readable. -neverallow priv_app debugfs:file read; - -# Do not allow privileged apps to register services. -# Only trusted components of Android should be registering -# services. -neverallow priv_app service_manager_type:service_manager add; - -# Do not allow privileged apps to connect to the property service -# or set properties. b/10243159 -neverallow priv_app property_socket:sock_file write; -neverallow priv_app init:unix_stream_socket connectto; -neverallow priv_app property_type:property_service set; - -# Do not allow priv_app to be assigned mlstrustedsubject. -# This would undermine the per-user isolation model being -# enforced via levelFrom=user in seapp_contexts and the mls -# constraints. As there is no direct way to specify a neverallow -# on attribute assignment, this relies on the fact that fork -# permission only makes sense within a domain (hence should -# never be granted to any other domain within mlstrustedsubject) -# and priv_app is allowed fork permission to itself. -neverallow priv_app mlstrustedsubject:process fork; - -# Do not allow priv_app to hard link to any files. -# In particular, if priv_app links to other app data -# files, installd will not be able to guarantee the deletion -# of the linked to file. Hard links also contribute to security -# bugs, so we want to ensure priv_app never has this -# capability. -neverallow priv_app file_type:file link; - -# priv apps should not be able to open trace data files, they should depend -# upon traceur to pass a file descriptor which they can then read -neverallow priv_app trace_data_file:dir *; -neverallow priv_app trace_data_file:file { no_w_file_perms open }; - -# Do not allow priv_app access to cgroups. -neverallow priv_app cgroup:file *; - -# Do not allow loading executable code from non-privileged -# application home directories. Code loading across a security boundary -# is dangerous and allows a full compromise of a privileged process -# by an unprivileged process. b/112357170 -neverallow priv_app app_data_file:file no_x_file_perms; - -# Do not follow untrusted app provided symlinks -neverallow priv_app app_data_file:lnk_file { open read getattr }; diff --git a/prebuilts/api/29.0/private/profman.te b/prebuilts/api/29.0/private/profman.te deleted file mode 100644 index f61d05efe..000000000 --- a/prebuilts/api/29.0/private/profman.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute profman coredomain; diff --git a/prebuilts/api/29.0/private/property_contexts b/prebuilts/api/29.0/private/property_contexts deleted file mode 100644 index abb83ed5e..000000000 --- a/prebuilts/api/29.0/private/property_contexts +++ /dev/null @@ -1,200 +0,0 @@ -########################## -# property service keys -# -# -net.rmnet u:object_r:net_radio_prop:s0 -net.gprs u:object_r:net_radio_prop:s0 -net.ppp u:object_r:net_radio_prop:s0 -net.qmi u:object_r:net_radio_prop:s0 -net.lte u:object_r:net_radio_prop:s0 -net.cdma u:object_r:net_radio_prop:s0 -net.dns u:object_r:net_dns_prop:s0 -sys.usb.config u:object_r:system_radio_prop:s0 -ril. u:object_r:radio_prop:s0 -ro.ril. u:object_r:radio_prop:s0 -gsm. u:object_r:radio_prop:s0 -persist.radio u:object_r:radio_prop:s0 - -net. u:object_r:system_prop:s0 -dev. u:object_r:system_prop:s0 -ro.runtime. u:object_r:system_prop:s0 -ro.runtime.firstboot u:object_r:firstboot_prop:s0 -hw. u:object_r:system_prop:s0 -ro.hw. u:object_r:system_prop:s0 -sys. u:object_r:system_prop:s0 -sys.cppreopt u:object_r:cppreopt_prop:s0 -sys.lpdumpd u:object_r:lpdumpd_prop:s0 -sys.powerctl u:object_r:powerctl_prop:s0 -sys.usb.ffs. u:object_r:ffs_prop:s0 -service. u:object_r:system_prop:s0 -dhcp. u:object_r:dhcp_prop:s0 -dhcp.bt-pan.result u:object_r:pan_result_prop:s0 -bluetooth. u:object_r:bluetooth_prop:s0 - -debug. u:object_r:debug_prop:s0 -debug.db. u:object_r:debuggerd_prop:s0 -dumpstate. u:object_r:dumpstate_prop:s0 -dumpstate.options u:object_r:dumpstate_options_prop:s0 -llk. u:object_r:llkd_prop:s0 -khungtask. u:object_r:llkd_prop:s0 -ro.llk. u:object_r:llkd_prop:s0 -ro.khungtask. u:object_r:llkd_prop:s0 -log. u:object_r:log_prop:s0 -log.tag u:object_r:log_tag_prop:s0 -log.tag.WifiHAL u:object_r:wifi_log_prop:s0 -security.perf_harden u:object_r:shell_prop:s0 -service.adb.root u:object_r:shell_prop:s0 -service.adb.tcp.port u:object_r:shell_prop:s0 - -persist.audio. u:object_r:audio_prop:s0 -persist.bluetooth. u:object_r:bluetooth_prop:s0 -persist.debug. u:object_r:persist_debug_prop:s0 -persist.logd. u:object_r:logd_prop:s0 -ro.logd. u:object_r:logd_prop:s0 -persist.logd.security u:object_r:device_logging_prop:s0 -persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0 -logd.logpersistd u:object_r:logpersistd_logging_prop:s0 -persist.log.tag u:object_r:log_tag_prop:s0 -persist.mmc. u:object_r:mmc_prop:s0 -persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0 -persist.sys. u:object_r:system_prop:s0 -persist.sys.safemode u:object_r:safemode_prop:s0 -persist.sys.fflag.override.settings_dynamic_system u:object_r:dynamic_system_prop:s0 -ro.sys.safemode u:object_r:safemode_prop:s0 -persist.sys.audit_safemode u:object_r:safemode_prop:s0 -persist.service. u:object_r:system_prop:s0 -persist.service.bdroid. u:object_r:bluetooth_prop:s0 -persist.security. u:object_r:system_prop:s0 -persist.traced.enable u:object_r:traced_enabled_prop:s0 -traced.lazy. u:object_r:traced_lazy_prop:s0 -persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0 -persist.vendor.overlay. u:object_r:overlay_prop:s0 -ro.boot.vendor.overlay. u:object_r:overlay_prop:s0 -ro.boottime. u:object_r:boottime_prop:s0 -ro.serialno u:object_r:serialno_prop:s0 -ro.boot.btmacaddr u:object_r:bluetooth_prop:s0 -ro.boot.serialno u:object_r:serialno_prop:s0 -ro.bt. u:object_r:bluetooth_prop:s0 -ro.boot.bootreason u:object_r:bootloader_boot_reason_prop:s0 -persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0 -sys.boot.reason u:object_r:system_boot_reason_prop:s0 -sys.boot.reason.last u:object_r:last_boot_reason_prop:s0 -pm. u:object_r:pm_prop:s0 -test.sys.boot.reason u:object_r:test_boot_reason_prop:s0 -sys.lmk. u:object_r:system_lmk_prop:s0 -sys.trace. u:object_r:system_trace_prop:s0 - -# Boolean property set by system server upon boot indicating -# if device owner is provisioned. -ro.device_owner u:object_r:device_logging_prop:s0 - -# selinux non-persistent properties -selinux.restorecon_recursive u:object_r:restorecon_prop:s0 - -# default property context -* u:object_r:default_prop:s0 - -# data partition encryption properties -vold. u:object_r:vold_prop:s0 -ro.crypto. u:object_r:vold_prop:s0 - -# ro.build.fingerprint is either set in /system/build.prop, or is -# set at runtime by system_server. -ro.build.fingerprint u:object_r:fingerprint_prop:s0 - -ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0 - -# ctl properties -ctl.bootanim u:object_r:ctl_bootanim_prop:s0 -ctl.android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0 -ctl.dumpstate u:object_r:ctl_dumpstate_prop:s0 -ctl.fuse_ u:object_r:ctl_fuse_prop:s0 -ctl.mdnsd u:object_r:ctl_mdnsd_prop:s0 -ctl.ril-daemon u:object_r:ctl_rildaemon_prop:s0 -ctl.bugreport u:object_r:ctl_bugreport_prop:s0 -ctl.console u:object_r:ctl_console_prop:s0 -ctl. u:object_r:ctl_default_prop:s0 - -# Don't allow blind access to all services -ctl.sigstop_on$ u:object_r:ctl_sigstop_prop:s0 -ctl.sigstop_off$ u:object_r:ctl_sigstop_prop:s0 -ctl.start$ u:object_r:ctl_start_prop:s0 -ctl.stop$ u:object_r:ctl_stop_prop:s0 -ctl.restart$ u:object_r:ctl_restart_prop:s0 -ctl.interface_start$ u:object_r:ctl_interface_start_prop:s0 -ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0 -ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0 - - # Restrict access to starting/stopping adbd -ctl.start$adbd u:object_r:ctl_adbd_prop:s0 -ctl.stop$adbd u:object_r:ctl_adbd_prop:s0 -ctl.restart$adbd u:object_r:ctl_adbd_prop:s0 - -# Restrict access to starting/stopping gsid. -ctl.start$gsid u:object_r:ctl_gsid_prop:s0 -ctl.stop$gsid u:object_r:ctl_gsid_prop:s0 -ctl.restart$gsid u:object_r:ctl_gsid_prop:s0 - -# NFC properties -nfc. u:object_r:nfc_prop:s0 - -# These properties are not normally set by processes other than init. -# They are only distinguished here for setting by qemu-props on the -# emulator/goldfish. -config. u:object_r:config_prop:s0 -ro.config. u:object_r:config_prop:s0 -dalvik. u:object_r:dalvik_prop:s0 -ro.dalvik. u:object_r:dalvik_prop:s0 - -# Shared between system server and wificond -wlan. u:object_r:wifi_prop:s0 - -# Lowpan properties -lowpan. u:object_r:lowpan_prop:s0 -ro.lowpan. u:object_r:lowpan_prop:s0 - -# heapprofd properties -heapprofd. u:object_r:heapprofd_prop:s0 - -# hwservicemanager properties -hwservicemanager. u:object_r:hwservicemanager_prop:s0 - -# Common default properties for vendor and odm. -init.svc.odm. u:object_r:vendor_default_prop:s0 -init.svc.vendor. u:object_r:vendor_default_prop:s0 -ro.hardware. u:object_r:vendor_default_prop:s0 -ro.odm. u:object_r:vendor_default_prop:s0 -ro.vendor. u:object_r:vendor_default_prop:s0 -odm. u:object_r:vendor_default_prop:s0 -persist.odm. u:object_r:vendor_default_prop:s0 -persist.vendor. u:object_r:vendor_default_prop:s0 -vendor. u:object_r:vendor_default_prop:s0 -# ro.boot. properties are set based on kernel commandline arguments, which are vendor owned. -ro.boot. u:object_r:exported2_default_prop:s0 - -# Properties that relate to time / time zone detection behavior. -persist.time. u:object_r:time_prop:s0 - -# Properties that relate to server configurable flags -device_config.reset_performed u:object_r:device_config_reset_performed_prop:s0 -persist.device_config.activity_manager_native_boot. u:object_r:device_config_activity_manager_native_boot_prop:s0 -persist.device_config.attempted_boot_count u:object_r:device_config_boot_count_prop:s0 -persist.device_config.input_native_boot. u:object_r:device_config_input_native_boot_prop:s0 -persist.device_config.netd_native. u:object_r:device_config_netd_native_prop:s0 -persist.device_config.runtime_native. u:object_r:device_config_runtime_native_prop:s0 -persist.device_config.runtime_native_boot. u:object_r:device_config_runtime_native_boot_prop:s0 -persist.device_config.media_native. u:object_r:device_config_media_native_prop:s0 - -# Properties that relate to legacy server configurable flags - -apexd. u:object_r:apexd_prop:s0 -persist.apexd. u:object_r:apexd_prop:s0 - -bpf.progs_loaded u:object_r:bpf_progs_loaded_prop:s0 - -gsid. u:object_r:gsid_prop:s0 -ro.gsid. u:object_r:gsid_prop:s0 - -# Property for disabling NNAPI vendor extensions on product image (used on GSI /product image, -# which can't use NNAPI vendor extensions). -ro.nnapi.extensions.deny_on_product u:object_r:nnapi_ext_deny_product_prop:s0 diff --git a/prebuilts/api/29.0/private/racoon.te b/prebuilts/api/29.0/private/racoon.te deleted file mode 100644 index 42ea7c9e4..000000000 --- a/prebuilts/api/29.0/private/racoon.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute racoon coredomain; - -init_daemon_domain(racoon) diff --git a/prebuilts/api/29.0/private/radio.te b/prebuilts/api/29.0/private/radio.te deleted file mode 100644 index 9ac2cf17f..000000000 --- a/prebuilts/api/29.0/private/radio.te +++ /dev/null @@ -1,8 +0,0 @@ -typeattribute radio coredomain; - -app_domain(radio) - -read_runtime_log_tags(radio) - -# Telephony code contains time / time zone detection logic so it reads the associated properties. -get_prop(radio, time_prop) diff --git a/prebuilts/api/29.0/private/recovery.te b/prebuilts/api/29.0/private/recovery.te deleted file mode 100644 index 2a7fdc7e1..000000000 --- a/prebuilts/api/29.0/private/recovery.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute recovery coredomain; diff --git a/prebuilts/api/29.0/private/recovery_persist.te b/prebuilts/api/29.0/private/recovery_persist.te deleted file mode 100644 index 2d244fd59..000000000 --- a/prebuilts/api/29.0/private/recovery_persist.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute recovery_persist coredomain; - -init_daemon_domain(recovery_persist) - -# recovery_persist is not allowed to write anywhere other than recovery_data_file -neverallow recovery_persist { file_type -recovery_data_file userdebug_or_eng(`-coredump_file') }:file write; diff --git a/prebuilts/api/29.0/private/recovery_refresh.te b/prebuilts/api/29.0/private/recovery_refresh.te deleted file mode 100644 index b6cd56f9b..000000000 --- a/prebuilts/api/29.0/private/recovery_refresh.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute recovery_refresh coredomain; - -init_daemon_domain(recovery_refresh) - -# recovery_refresh is not allowed to write anywhere -neverallow recovery_refresh { file_type userdebug_or_eng(`-coredump_file') }:file write; diff --git a/prebuilts/api/29.0/private/roles_decl b/prebuilts/api/29.0/private/roles_decl deleted file mode 100644 index c84fcba0f..000000000 --- a/prebuilts/api/29.0/private/roles_decl +++ /dev/null @@ -1 +0,0 @@ -role r; diff --git a/prebuilts/api/29.0/private/rs.te b/prebuilts/api/29.0/private/rs.te deleted file mode 100644 index bf10841cc..000000000 --- a/prebuilts/api/29.0/private/rs.te +++ /dev/null @@ -1,39 +0,0 @@ -# Any files which would have been created as app_data_file -# will be created as app_exec_data_file instead. -allow rs app_data_file:dir ra_dir_perms; -allow rs app_exec_data_file:file create_file_perms; -type_transition rs app_data_file:file app_exec_data_file; - -# Follow /data/user/0 symlink -allow rs system_data_file:lnk_file read; - -# Read files from the app home directory. -allow rs app_data_file:file r_file_perms; -allow rs app_data_file:dir r_dir_perms; - -# Cleanup app_exec_data_file files in the app home directory. -allow rs app_data_file:dir remove_name; - -# Use vendor resources -allow rs vendor_file:dir r_dir_perms; -r_dir_file(rs, vendor_overlay_file) -r_dir_file(rs, vendor_app_file) - -# Read contents of app apks -r_dir_file(rs, apk_data_file) - -allow rs gpu_device:chr_file rw_file_perms; -allow rs ion_device:chr_file r_file_perms; -allow rs same_process_hal_file:file { r_file_perms execute }; - -# File descriptors passed from app to renderscript -allow rs { untrusted_app_all ephemeral_app }:fd use; - -# rs can access app data, so ensure it can only be entered via an app domain and cannot have -# CAP_DAC_OVERRIDE. -neverallow rs rs:capability_class_set *; -neverallow { domain -appdomain } rs:process { dyntransition transition }; -neverallow rs { domain -crash_dump }:process { dyntransition transition }; -neverallow rs app_data_file:file_class_set ~r_file_perms; -# rs should never use network sockets -neverallow rs *:network_socket_class_set *; diff --git a/prebuilts/api/29.0/private/rss_hwm_reset.te b/prebuilts/api/29.0/private/rss_hwm_reset.te deleted file mode 100644 index 30818c2fa..000000000 --- a/prebuilts/api/29.0/private/rss_hwm_reset.te +++ /dev/null @@ -1,14 +0,0 @@ -type rss_hwm_reset_exec, system_file_type, exec_type, file_type; - -# Start rss_hwm_reset from init. -init_daemon_domain(rss_hwm_reset) - -# Search /proc/pid directories. -allow rss_hwm_reset domain:dir search; - -# Write to /proc/pid/clear_refs of other processes. -# /proc/pid/clear_refs is S_IWUSER, see: fs/proc/base.c -allow rss_hwm_reset self:global_capability_class_set { dac_override }; - -# Write to /prc/pid/clear_refs. -allow rss_hwm_reset domain:file w_file_perms; diff --git a/prebuilts/api/29.0/private/runas.te b/prebuilts/api/29.0/private/runas.te deleted file mode 100644 index ef31aac34..000000000 --- a/prebuilts/api/29.0/private/runas.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute runas coredomain; - -# ndk-gdb invokes adb shell run-as. -domain_auto_trans(shell, runas_exec, runas) diff --git a/prebuilts/api/29.0/private/runas_app.te b/prebuilts/api/29.0/private/runas_app.te deleted file mode 100644 index e6fd9530b..000000000 --- a/prebuilts/api/29.0/private/runas_app.te +++ /dev/null @@ -1,18 +0,0 @@ -typeattribute runas_app coredomain; - -app_domain(runas_app) -untrusted_app_domain(runas_app) -net_domain(runas_app) -bluetooth_domain(runas_app) - -# The ability to call exec() on files in the apps home directories -# when using run-as on a debuggable app. Used to run lldb/ndk-gdb/simpleperf, -# which are copied to the apps home directories. -allow runas_app app_data_file:file execute_no_trans; - -# Allow lldb/ndk-gdb/simpleperf to read maps of debuggable app processes. -r_dir_file(runas_app, untrusted_app_all) - -# Allow lldb/ndk-gdb/simpleperf to ptrace attach to debuggable app processes. -allow runas_app untrusted_app_all:process { ptrace signal sigstop }; -allow runas_app untrusted_app_all:unix_stream_socket connectto; diff --git a/prebuilts/api/29.0/private/sdcardd.te b/prebuilts/api/29.0/private/sdcardd.te deleted file mode 100644 index 126d64349..000000000 --- a/prebuilts/api/29.0/private/sdcardd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute sdcardd coredomain; - -type_transition sdcardd system_data_file:{ dir file } media_rw_data_file; diff --git a/prebuilts/api/29.0/private/seapp_contexts b/prebuilts/api/29.0/private/seapp_contexts deleted file mode 100644 index ad8a76cd9..000000000 --- a/prebuilts/api/29.0/private/seapp_contexts +++ /dev/null @@ -1,164 +0,0 @@ -# The entries in this file define how security contexts for apps are determined. -# Each entry lists input selectors, used to match the app, and outputs which are -# used to determine the security contexts for matching apps. -# -# Input selectors: -# isSystemServer (boolean) -# isEphemeralApp (boolean) -# isOwner (boolean) -# user (string) -# seinfo (string) -# name (string) -# path (string) -# isPrivApp (boolean) -# minTargetSdkVersion (unsigned integer) -# fromRunAs (boolean) -# -# All specified input selectors in an entry must match (i.e. logical AND). -# An unspecified string or boolean selector with no default will match any -# value. -# A user, name, or path string selector that ends in * will perform a prefix -# match. -# String matching is case-insensitive. -# See external/selinux/libselinux/src/android/android_platform.c, -# seapp_context_lookup(). -# -# isSystemServer=true only matches the system server. -# An unspecified isSystemServer defaults to false. -# isEphemeralApp=true will match apps marked by PackageManager as Ephemeral -# isOwner=true will only match for the owner/primary user. -# user=_app will match any regular app process. -# user=_isolated will match any isolated service process. -# Other values of user are matched against the name associated with the process -# UID. -# seinfo= matches aginst the seinfo tag for the app, determined from -# mac_permissions.xml files. -# The ':' character is reserved and may not be used in seinfo. -# name= matches against the package name of the app. -# path= matches against the directory path when labeling app directories. -# isPrivApp=true will only match for applications preinstalled in -# /system/priv-app. -# minTargetSdkVersion will match applications with a targetSdkVersion -# greater than or equal to the specified value. If unspecified, -# it has a default value of 0. -# fromRunAs=true means the process being labeled is started by run-as. Default -# is false. -# -# Precedence: entries are compared using the following rules, in the order shown -# (see external/selinux/libselinux/src/android/android_platform.c, -# seapp_context_cmp()). -# (1) isSystemServer=true before isSystemServer=false. -# (2) Specified isEphemeralApp= before unspecified isEphemeralApp= -# boolean. -# (3) Specified isOwner= before unspecified isOwner= boolean. -# (4) Specified user= string before unspecified user= string; -# more specific user= string before less specific user= string. -# (5) Specified seinfo= string before unspecified seinfo= string. -# (6) Specified name= string before unspecified name= string; -# more specific name= string before less specific name= string. -# (7) Specified path= string before unspecified path= string. -# more specific name= string before less specific name= string. -# (8) Specified isPrivApp= before unspecified isPrivApp= boolean. -# (9) Higher value of minTargetSdkVersion= before lower value of -# minTargetSdkVersion= integer. Note that minTargetSdkVersion= -# defaults to 0 if unspecified. -# (10) fromRunAs=true before fromRunAs=false. -# (A fixed selector is more specific than a prefix, i.e. ending in *, and a -# longer prefix is more specific than a shorter prefix.) -# Apps are checked against entries in precedence order until the first match, -# regardless of their order in this file. -# -# Duplicate entries, i.e. with identical input selectors, are not allowed. -# -# Outputs: -# domain (string) -# type (string) -# levelFrom (string; one of none, all, app, or user) -# level (string) -# -# domain= determines the label to be used for the app process; entries -# without domain= are ignored for this purpose. -# type= specifies the label to be used for the app data directory; entries -# without type= are ignored for this purpose. -# levelFrom and level are used to determine the level (sensitivity + categories) -# for MLS/MCS. -# levelFrom=none omits the level. -# levelFrom=app determines the level from the process UID. -# levelFrom=user determines the level from the user ID. -# levelFrom=all determines the level from both UID and user ID. -# -# levelFrom=user is only supported for _app or _isolated UIDs. -# levelFrom=app or levelFrom=all is only supported for _app UIDs. -# level may be used to specify a fixed level for any UID. -# -# For backwards compatibility levelFromUid=true is equivalent to levelFrom=app -# and levelFromUid=false is equivalent to levelFrom=none. -# -# -# Neverallow Assertions -# Additional compile time assertion checks for the rules in this file can be -# added as well. The assertion -# rules are lines beginning with the keyword neverallow. Full support for PCRE -# regular expressions exists on all input and output selectors. Neverallow -# rules are never output to the built seapp_contexts file. Like all keywords, -# neverallows are case-insensitive. A neverallow is asserted when all key value -# inputs are matched on a key value rule line. -# - -# only the system server can be in system_server domain -neverallow isSystemServer=false domain=system_server -neverallow isSystemServer="" domain=system_server - -# system domains should never be assigned outside of system uid -neverallow user=((?!system).)* domain=system_app -neverallow user=((?!system).)* type=system_app_data_file - -# anything with a non-known uid with a specified name should have a specified seinfo -neverallow user=_app name=.* seinfo="" -neverallow user=_app name=.* seinfo=default - -# neverallow shared relro to any other domain -# and neverallow any other uid into shared_relro -neverallow user=shared_relro domain=((?!shared_relro).)* -neverallow user=((?!shared_relro).)* domain=shared_relro - -# neverallow non-isolated uids into isolated_app domain -# and vice versa -neverallow user=_isolated domain=((?!isolated_app).)* -neverallow user=((?!_isolated).)* domain=isolated_app - -# uid shell should always be in shell domain, however non-shell -# uid's can be in shell domain -neverallow user=shell domain=((?!shell).)* - -# only the package named com.android.shell can run in the shell domain -neverallow domain=shell name=((?!com\.android\.shell).)* -neverallow user=shell name=((?!com\.android\.shell).)* - -# Ephemeral Apps must run in the ephemeral_app domain -neverallow isEphemeralApp=true domain=((?!ephemeral_app).)* - -isSystemServer=true domain=system_server_startup - -user=_app seinfo=platform name=com.android.traceur domain=traceur_app type=app_data_file levelFrom=all -user=system seinfo=platform domain=system_app type=system_app_data_file -user=bluetooth seinfo=platform domain=bluetooth type=bluetooth_data_file -user=network_stack seinfo=network_stack domain=network_stack levelFrom=all type=radio_data_file -user=nfc seinfo=platform domain=nfc type=nfc_data_file -user=secure_element seinfo=platform domain=secure_element levelFrom=all -user=radio seinfo=platform domain=radio type=radio_data_file -user=shared_relro domain=shared_relro -user=shell seinfo=platform domain=shell name=com.android.shell type=shell_data_file -user=webview_zygote seinfo=webview_zygote domain=webview_zygote -user=_isolated domain=isolated_app levelFrom=all -user=_app seinfo=app_zygote domain=app_zygote levelFrom=all -user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user -user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user -user=_app isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all -user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user -user=_app minTargetSdkVersion=29 domain=untrusted_app type=app_data_file levelFrom=all -user=_app minTargetSdkVersion=28 domain=untrusted_app_27 type=app_data_file levelFrom=all -user=_app minTargetSdkVersion=26 domain=untrusted_app_27 type=app_data_file levelFrom=user -user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user -user=_app minTargetSdkVersion=28 fromRunAs=true domain=runas_app levelFrom=all -user=_app fromRunAs=true domain=runas_app levelFrom=user diff --git a/prebuilts/api/29.0/private/secure_element.te b/prebuilts/api/29.0/private/secure_element.te deleted file mode 100644 index 57f512bbd..000000000 --- a/prebuilts/api/29.0/private/secure_element.te +++ /dev/null @@ -1,14 +0,0 @@ -# secure element subsystem -typeattribute secure_element coredomain; -app_domain(secure_element) - -binder_service(secure_element) -add_service(secure_element, secure_element_service) - -allow secure_element app_api_service:service_manager find; -hal_client_domain(secure_element, hal_secure_element) - -# already open bugreport file descriptors may be shared with -# the secure element process, from a file in -# /data/data/com.android.shell/files/bugreports/bugreport-*. -allow secure_element shell_data_file:file read; diff --git a/prebuilts/api/29.0/private/security_classes b/prebuilts/api/29.0/private/security_classes deleted file mode 100644 index 25b4cbaf5..000000000 --- a/prebuilts/api/29.0/private/security_classes +++ /dev/null @@ -1,155 +0,0 @@ -# FLASK - -# -# Define the security object classes -# - -# Classes marked as userspace are classes -# for userspace object managers - -class security -class process -class system -class capability - -# file-related classes -class filesystem -class file -class dir -class fd -class lnk_file -class chr_file -class blk_file -class sock_file -class fifo_file - -# network-related classes -class socket -class tcp_socket -class udp_socket -class rawip_socket -class node -class netif -class netlink_socket -class packet_socket -class key_socket -class unix_stream_socket -class unix_dgram_socket - -# sysv-ipc-related classes -class sem -class msg -class msgq -class shm -class ipc - -# extended netlink sockets -class netlink_route_socket -class netlink_tcpdiag_socket -class netlink_nflog_socket -class netlink_xfrm_socket -class netlink_selinux_socket -class netlink_audit_socket -class netlink_dnrt_socket - -# IPSec association -class association - -# Updated Netlink class for KOBJECT_UEVENT family. -class netlink_kobject_uevent_socket - -class appletalk_socket - -class packet - -# Kernel access key retention -class key - -class dccp_socket - -class memprotect - -# network peer labels -class peer - -# Capabilities >= 32 -class capability2 - -# kernel services that need to override task security, e.g. cachefiles -class kernel_service - -class tun_socket - -class binder - -# Updated netlink classes for more recent netlink protocols. -class netlink_iscsi_socket -class netlink_fib_lookup_socket -class netlink_connector_socket -class netlink_netfilter_socket -class netlink_generic_socket -class netlink_scsitransport_socket -class netlink_rdma_socket -class netlink_crypto_socket - -# Infiniband -class infiniband_pkey -class infiniband_endport - -# Capability checks when on a non-init user namespace -class cap_userns -class cap2_userns - -# New socket classes introduced by extended_socket_class policy capability. -# These two were previously mapped to rawip_socket. -class sctp_socket -class icmp_socket -# These were previously mapped to socket. -class ax25_socket -class ipx_socket -class netrom_socket -class atmpvc_socket -class x25_socket -class rose_socket -class decnet_socket -class atmsvc_socket -class rds_socket -class irda_socket -class pppox_socket -class llc_socket -class can_socket -class tipc_socket -class bluetooth_socket -class iucv_socket -class rxrpc_socket -class isdn_socket -class phonet_socket -class ieee802154_socket -class caif_socket -class alg_socket -class nfc_socket -class vsock_socket -class kcm_socket -class qipcrtr_socket -class smc_socket - -class process2 - -class bpf - -class xdp_socket - -# Property service -class property_service # userspace - -# Service manager -class service_manager # userspace - -# hardware service manager # userspace -class hwservice_manager - -# Keystore Key -class keystore_key # userspace - -class drmservice # userspace -# FLASK diff --git a/prebuilts/api/29.0/private/service.te b/prebuilts/api/29.0/private/service.te deleted file mode 100644 index e597f5bc6..000000000 --- a/prebuilts/api/29.0/private/service.te +++ /dev/null @@ -1,7 +0,0 @@ -type ashmem_device_service, app_api_service, service_manager_type; -type attention_service, system_server_service, service_manager_type; -type dynamic_android_service, system_api_service, system_server_service, service_manager_type; -type gsi_service, service_manager_type; -type incidentcompanion_service, system_api_service, system_server_service, service_manager_type; -type stats_service, service_manager_type; -type statscompanion_service, system_server_service, service_manager_type; diff --git a/prebuilts/api/29.0/private/service_contexts b/prebuilts/api/29.0/private/service_contexts deleted file mode 100644 index a370598ef..000000000 --- a/prebuilts/api/29.0/private/service_contexts +++ /dev/null @@ -1,221 +0,0 @@ -accessibility u:object_r:accessibility_service:s0 -account u:object_r:account_service:s0 -activity u:object_r:activity_service:s0 -activity_task u:object_r:activity_task_service:s0 -adb u:object_r:adb_service:s0 -alarm u:object_r:alarm_service:s0 -android.os.UpdateEngineService u:object_r:update_engine_service:s0 -android.security.keystore u:object_r:keystore_service:s0 -android.service.gatekeeper.IGateKeeperService u:object_r:gatekeeper_service:s0 -app_binding u:object_r:app_binding_service:s0 -app_prediction u:object_r:app_prediction_service:s0 -apexservice u:object_r:apex_service:s0 -ashmem_device_service u:object_r:ashmem_device_service:s0 -gsiservice u:object_r:gsi_service:s0 -appops u:object_r:appops_service:s0 -appwidget u:object_r:appwidget_service:s0 -assetatlas u:object_r:assetatlas_service:s0 -attention u:object_r:attention_service:s0 -audio u:object_r:audio_service:s0 -autofill u:object_r:autofill_service:s0 -backup u:object_r:backup_service:s0 -batteryproperties u:object_r:batteryproperties_service:s0 -batterystats u:object_r:batterystats_service:s0 -battery u:object_r:battery_service:s0 -binder_calls_stats u:object_r:binder_calls_stats_service:s0 -biometric u:object_r:biometric_service:s0 -bluetooth_manager u:object_r:bluetooth_manager_service:s0 -bluetooth u:object_r:bluetooth_service:s0 -broadcastradio u:object_r:broadcastradio_service:s0 -bugreport u:object_r:bugreport_service:s0 -carrier_config u:object_r:radio_service:s0 -clipboard u:object_r:clipboard_service:s0 -com.android.net.IProxyService u:object_r:IProxyService_service:s0 -companiondevice u:object_r:companion_device_service:s0 -connectivity u:object_r:connectivity_service:s0 -connmetrics u:object_r:connmetrics_service:s0 -consumer_ir u:object_r:consumer_ir_service:s0 -content u:object_r:content_service:s0 -content_suggestions u:object_r:content_suggestions_service:s0 -content_capture u:object_r:content_capture_service:s0 -contexthub u:object_r:contexthub_service:s0 -country_detector u:object_r:country_detector_service:s0 -coverage u:object_r:coverage_service:s0 -cpuinfo u:object_r:cpuinfo_service:s0 -crossprofileapps u:object_r:crossprofileapps_service:s0 -dbinfo u:object_r:dbinfo_service:s0 -device_config u:object_r:device_config_service:s0 -device_policy u:object_r:device_policy_service:s0 -device_identifiers u:object_r:device_identifiers_service:s0 -deviceidle u:object_r:deviceidle_service:s0 -devicestoragemonitor u:object_r:devicestoragemonitor_service:s0 -diskstats u:object_r:diskstats_service:s0 -display u:object_r:display_service:s0 -dnsresolver u:object_r:dnsresolver_service:s0 -color_display u:object_r:color_display_service:s0 -netd_listener u:object_r:netd_listener_service:s0 -network_watchlist u:object_r:network_watchlist_service:s0 -DockObserver u:object_r:DockObserver_service:s0 -dreams u:object_r:dreams_service:s0 -drm.drmManager u:object_r:drmserver_service:s0 -dropbox u:object_r:dropbox_service:s0 -dumpstate u:object_r:dumpstate_service:s0 -dynamic_android u:object_r:dynamic_android_service:s0 -econtroller u:object_r:radio_service:s0 -euicc_card_controller u:object_r:radio_service:s0 -external_vibrator_service u:object_r:external_vibrator_service:s0 -lowpan u:object_r:lowpan_service:s0 -ethernet u:object_r:ethernet_service:s0 -face u:object_r:face_service:s0 -fingerprint u:object_r:fingerprint_service:s0 -font u:object_r:font_service:s0 -android.hardware.fingerprint.IFingerprintDaemon u:object_r:fingerprintd_service:s0 -gfxinfo u:object_r:gfxinfo_service:s0 -graphicsstats u:object_r:graphicsstats_service:s0 -gpu u:object_r:gpu_service:s0 -hardware u:object_r:hardware_service:s0 -hardware_properties u:object_r:hardware_properties_service:s0 -hdmi_control u:object_r:hdmi_control_service:s0 -ions u:object_r:radio_service:s0 -idmap u:object_r:idmap_service:s0 -incident u:object_r:incident_service:s0 -incidentcompanion u:object_r:incidentcompanion_service:s0 -inputflinger u:object_r:inputflinger_service:s0 -input_method u:object_r:input_method_service:s0 -input u:object_r:input_service:s0 -installd u:object_r:installd_service:s0 -iorapd u:object_r:iorapd_service:s0 -iphonesubinfo_msim u:object_r:radio_service:s0 -iphonesubinfo2 u:object_r:radio_service:s0 -iphonesubinfo u:object_r:radio_service:s0 -ims u:object_r:radio_service:s0 -imms u:object_r:imms_service:s0 -ipsec u:object_r:ipsec_service:s0 -ircs u:object_r:radio_service:s0 -iris u:object_r:iris_service:s0 -isms_msim u:object_r:radio_service:s0 -isms2 u:object_r:radio_service:s0 -isms u:object_r:radio_service:s0 -isub u:object_r:radio_service:s0 -jobscheduler u:object_r:jobscheduler_service:s0 -launcherapps u:object_r:launcherapps_service:s0 -location u:object_r:location_service:s0 -lock_settings u:object_r:lock_settings_service:s0 -looper_stats u:object_r:looper_stats_service:s0 -lpdump_service u:object_r:lpdump_service:s0 -media.aaudio u:object_r:audioserver_service:s0 -media.audio_flinger u:object_r:audioserver_service:s0 -media.audio_policy u:object_r:audioserver_service:s0 -media.camera u:object_r:cameraserver_service:s0 -media.camera.proxy u:object_r:cameraproxy_service:s0 -media.log u:object_r:audioserver_service:s0 -media.player u:object_r:mediaserver_service:s0 -media.metrics u:object_r:mediametrics_service:s0 -media.extractor u:object_r:mediaextractor_service:s0 -media.codec u:object_r:mediacodec_service:s0 -media.resource_manager u:object_r:mediaserver_service:s0 -media.sound_trigger_hw u:object_r:audioserver_service:s0 -media.drm u:object_r:mediadrmserver_service:s0 -media_projection u:object_r:media_projection_service:s0 -media_resource_monitor u:object_r:media_session_service:s0 -media_router u:object_r:media_router_service:s0 -media_session u:object_r:media_session_service:s0 -meminfo u:object_r:meminfo_service:s0 -midi u:object_r:midi_service:s0 -mount u:object_r:mount_service:s0 -netd u:object_r:netd_service:s0 -netpolicy u:object_r:netpolicy_service:s0 -netstats u:object_r:netstats_service:s0 -network_stack u:object_r:network_stack_service:s0 -network_management u:object_r:network_management_service:s0 -network_score u:object_r:network_score_service:s0 -network_time_update_service u:object_r:network_time_update_service:s0 -nfc u:object_r:nfc_service:s0 -notification u:object_r:notification_service:s0 -oem_lock u:object_r:oem_lock_service:s0 -otadexopt u:object_r:otadexopt_service:s0 -overlay u:object_r:overlay_service:s0 -package u:object_r:package_service:s0 -package_native u:object_r:package_native_service:s0 -perfprofd u:object_r:perfprofd_service:s0 -permission u:object_r:permission_service:s0 -permissionmgr u:object_r:permissionmgr_service:s0 -persistent_data_block u:object_r:persistent_data_block_service:s0 -phone_msim u:object_r:radio_service:s0 -phone1 u:object_r:radio_service:s0 -phone2 u:object_r:radio_service:s0 -phone u:object_r:radio_service:s0 -pinner u:object_r:pinner_service:s0 -power u:object_r:power_service:s0 -print u:object_r:print_service:s0 -processinfo u:object_r:processinfo_service:s0 -procstats u:object_r:procstats_service:s0 -radio.phonesubinfo u:object_r:radio_service:s0 -radio.phone u:object_r:radio_service:s0 -radio.sms u:object_r:radio_service:s0 -rcs u:object_r:radio_service:s0 -recovery u:object_r:recovery_service:s0 -restrictions u:object_r:restrictions_service:s0 -role u:object_r:role_service:s0 -rttmanager u:object_r:rttmanager_service:s0 -runtime u:object_r:runtime_service:s0 -samplingprofiler u:object_r:samplingprofiler_service:s0 -scheduling_policy u:object_r:scheduling_policy_service:s0 -search u:object_r:search_service:s0 -secure_element u:object_r:secure_element_service:s0 -sec_key_att_app_id_provider u:object_r:sec_key_att_app_id_provider_service:s0 -sensorservice u:object_r:sensorservice_service:s0 -sensor_privacy u:object_r:sensor_privacy_service:s0 -serial u:object_r:serial_service:s0 -servicediscovery u:object_r:servicediscovery_service:s0 -settings u:object_r:settings_service:s0 -shortcut u:object_r:shortcut_service:s0 -simphonebook_msim u:object_r:radio_service:s0 -simphonebook2 u:object_r:radio_service:s0 -simphonebook u:object_r:radio_service:s0 -sip u:object_r:radio_service:s0 -slice u:object_r:slice_service:s0 -stats u:object_r:stats_service:s0 -statscompanion u:object_r:statscompanion_service:s0 -soundtrigger u:object_r:voiceinteraction_service:s0 -statusbar u:object_r:statusbar_service:s0 -storaged u:object_r:storaged_service:s0 -storaged_pri u:object_r:storaged_service:s0 -storagestats u:object_r:storagestats_service:s0 -SurfaceFlinger u:object_r:surfaceflinger_service:s0 -suspend_control u:object_r:system_suspend_control_service:s0 -system_update u:object_r:system_update_service:s0 -task u:object_r:task_service:s0 -telecom u:object_r:telecom_service:s0 -telephony.registry u:object_r:registry_service:s0 -testharness u:object_r:testharness_service:s0 -textclassification u:object_r:textclassification_service:s0 -textservices u:object_r:textservices_service:s0 -time_detector u:object_r:timedetector_service:s0 -timezone u:object_r:timezone_service:s0 -thermalservice u:object_r:thermal_service:s0 -trust u:object_r:trust_service:s0 -tv_input u:object_r:tv_input_service:s0 -uimode u:object_r:uimode_service:s0 -updatelock u:object_r:updatelock_service:s0 -uri_grants u:object_r:uri_grants_service:s0 -usagestats u:object_r:usagestats_service:s0 -usb u:object_r:usb_service:s0 -user u:object_r:user_service:s0 -vibrator u:object_r:vibrator_service:s0 -virtual_touchpad u:object_r:virtual_touchpad_service:s0 -voiceinteraction u:object_r:voiceinteraction_service:s0 -vold u:object_r:vold_service:s0 -vr_hwc u:object_r:vr_hwc_service:s0 -vrflinger_vsync u:object_r:vrflinger_vsync_service:s0 -vrmanager u:object_r:vr_manager_service:s0 -wallpaper u:object_r:wallpaper_service:s0 -webviewupdate u:object_r:webviewupdate_service:s0 -wifip2p u:object_r:wifip2p_service:s0 -wifiscanner u:object_r:wifiscanner_service:s0 -wifi u:object_r:wifi_service:s0 -wificond u:object_r:wificond_service:s0 -wifiaware u:object_r:wifiaware_service:s0 -wifirtt u:object_r:rttmanager_service:s0 -window u:object_r:window_service:s0 -* u:object_r:default_android_service:s0 diff --git a/prebuilts/api/29.0/private/servicemanager.te b/prebuilts/api/29.0/private/servicemanager.te deleted file mode 100644 index 9f675a2be..000000000 --- a/prebuilts/api/29.0/private/servicemanager.te +++ /dev/null @@ -1,5 +0,0 @@ -typeattribute servicemanager coredomain; - -init_daemon_domain(servicemanager) - -read_runtime_log_tags(servicemanager) diff --git a/prebuilts/api/29.0/private/sgdisk.te b/prebuilts/api/29.0/private/sgdisk.te deleted file mode 100644 index a17342e01..000000000 --- a/prebuilts/api/29.0/private/sgdisk.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute sgdisk coredomain; diff --git a/prebuilts/api/29.0/private/shared_relro.te b/prebuilts/api/29.0/private/shared_relro.te deleted file mode 100644 index 02f720682..000000000 --- a/prebuilts/api/29.0/private/shared_relro.te +++ /dev/null @@ -1,5 +0,0 @@ -typeattribute shared_relro coredomain; - -# The shared relro process is a Java program forked from the zygote, so it -# inherits from app to get basic permissions it needs to run. -app_domain(shared_relro) diff --git a/prebuilts/api/29.0/private/shell.te b/prebuilts/api/29.0/private/shell.te deleted file mode 100644 index 02b01f5ae..000000000 --- a/prebuilts/api/29.0/private/shell.te +++ /dev/null @@ -1,76 +0,0 @@ -typeattribute shell coredomain; - -# allow shell input injection -allow shell uhid_device:chr_file rw_file_perms; - -# systrace support - allow atrace to run -allow shell debugfs_tracing_debug:dir r_dir_perms; -allow shell debugfs_tracing:dir r_dir_perms; -allow shell debugfs_tracing:file rw_file_perms; -allow shell debugfs_trace_marker:file getattr; -allow shell atrace_exec:file rx_file_perms; - -userdebug_or_eng(` - allow shell debugfs_tracing_debug:file rw_file_perms; -') - -# read config.gz for CTS purposes -allow shell config_gz:file r_file_perms; - -# Run app_process. -# XXX Transition into its own domain? -app_domain(shell) - -# allow shell to call dumpsys storaged -binder_call(shell, storaged) - -# Perform SELinux access checks, needed for CTS -selinux_check_access(shell) -selinux_check_context(shell) - -# Control Perfetto traced and obtain traces from it. -# Needed for Studio and debugging. -unix_socket_connect(shell, traced_consumer, traced) - -# Allow shell binaries to write trace data to Perfetto. Used for testing and -# cmdline utils. -allow shell traced:fd use; -allow shell traced_tmpfs:file { read write getattr map }; -unix_socket_connect(shell, traced_producer, traced) - -domain_auto_trans(shell, vendor_shell_exec, vendor_shell) - -# Allow shell binaries to exec the perfetto cmdline util and have that -# transition into its own domain, so that it behaves consistently to -# when exec()-d by statsd. -domain_auto_trans(shell, perfetto_exec, perfetto) -# Allow to send SIGINT to perfetto when daemonized. -allow shell perfetto:process signal; - -# Allow shell to run adb shell cmd stats commands. Needed for CTS. -binder_call(shell, statsd); - -# Allow shell to read and unlink traces stored in /data/misc/perfetto-traces. -allow shell perfetto_traces_data_file:dir rw_dir_perms; -allow shell perfetto_traces_data_file:file r_file_perms; - -# Allow shell to run adb shell cmd gpu commands. -binder_call(shell, gpuservice); - -# Allow shell to use atrace HAL -hal_client_domain(shell, hal_atrace) - -# For hostside tests such as CTS listening ports test. -allow shell proc_net_tcp_udp:file r_file_perms; - -# The dl.exec_linker* tests need to execute /system/bin/linker -# b/124789393 -allow shell system_linker_exec:file rx_file_perms; - -# Renderscript host side tests depend on being able to execute -# /system/bin/bcc (b/126388046) -allow shell rs_exec:file rx_file_perms; - -# Allow shell to start and comminicate with lpdumpd. -set_prop(shell, lpdumpd_prop); -binder_call(shell, lpdumpd) diff --git a/prebuilts/api/29.0/private/simpleperf_app_runner.te b/prebuilts/api/29.0/private/simpleperf_app_runner.te deleted file mode 100644 index 850182605..000000000 --- a/prebuilts/api/29.0/private/simpleperf_app_runner.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute simpleperf_app_runner coredomain; - -domain_auto_trans(shell, simpleperf_app_runner_exec, simpleperf_app_runner) diff --git a/prebuilts/api/29.0/private/slideshow.te b/prebuilts/api/29.0/private/slideshow.te deleted file mode 100644 index 7dfa994ea..000000000 --- a/prebuilts/api/29.0/private/slideshow.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute slideshow coredomain; diff --git a/prebuilts/api/29.0/private/stats.te b/prebuilts/api/29.0/private/stats.te deleted file mode 100644 index 81ec1cf77..000000000 --- a/prebuilts/api/29.0/private/stats.te +++ /dev/null @@ -1,52 +0,0 @@ -type stats, domain; -typeattribute stats coredomain; -type stats_exec, system_file_type, exec_type, file_type; - -# switch to stats domain for stats command -domain_auto_trans(shell, stats_exec, stats) - -# allow stats access to stdout from its parent shell. -allow stats shell:fd use; - -# allow stats to communicate use, read and write over the adb -# connection. -allow stats adbd:fd use; -allow stats adbd:unix_stream_socket { read write }; - -# allow adbd to reap stats -allow stats adbd:process { sigchld }; - -# Allow the stats command to talk to the statsd over the binder, and get -# back the stats report data from a ParcelFileDescriptor. -binder_use(stats) -allow stats stats_service:service_manager find; -binder_call(stats, statsd) -allow stats statsd:fifo_file write; - -# Only statsd can publish the binder service. -add_service(statsd, stats_service) - -# Allow pipes from (and only from) stats. -allow statsd stats:fd use; -allow statsd stats:fifo_file write; - -# Allow statsd to call back to stats with status updates. -binder_call(statsd, stats) - -### -### neverallow rules -### - -neverallow { - domain - -dumpstate - -incidentd - -platform_app - -priv_app - -shell - -stats - -statsd - -system_app - -system_server - -traceur_app -} stats_service:service_manager find; diff --git a/prebuilts/api/29.0/private/statsd.te b/prebuilts/api/29.0/private/statsd.te deleted file mode 100644 index 9d250bd39..000000000 --- a/prebuilts/api/29.0/private/statsd.te +++ /dev/null @@ -1,23 +0,0 @@ -typeattribute statsd coredomain; -typeattribute statsd stats_service_server; - -init_daemon_domain(statsd) - -binder_call(statsd, statscompanion_service) - -# Allow to exec the perfetto cmdline client and pass it the trace config on -# stdint through a pipe. It allows statsd to capture traces and hand them -# to Android dropbox. -allow statsd perfetto_exec:file rx_file_perms; -domain_auto_trans(statsd, perfetto_exec, perfetto) - -# Grant statsd with permissions to register the services. -allow statsd { - statscompanion_service -}:service_manager find; - -# Allow incidentd to obtain the statsd incident section. -allow statsd incidentd:fifo_file write; - -# Allow StatsCompanionService to pipe data to statsd. -allow statsd system_server:fifo_file { read getattr }; diff --git a/prebuilts/api/29.0/private/storaged.te b/prebuilts/api/29.0/private/storaged.te deleted file mode 100644 index 3ed24b233..000000000 --- a/prebuilts/api/29.0/private/storaged.te +++ /dev/null @@ -1,61 +0,0 @@ -# storaged daemon -type storaged, domain, coredomain, mlstrustedsubject; -type storaged_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(storaged) - -# Read access to pseudo filesystems -r_dir_file(storaged, domain) - -# Read /proc/uid_io/stats -allow storaged proc_uid_io_stats:file r_file_perms; - -# Read /data/system/packages.list -allow storaged system_data_file:file r_file_perms; -allow storaged packages_list_file:file r_file_perms; - -# Store storaged proto file -allow storaged storaged_data_file:dir rw_dir_perms; -allow storaged storaged_data_file:file create_file_perms; - -userdebug_or_eng(` - # Read access to debugfs - allow storaged debugfs_mmc:dir search; - allow storaged debugfs_mmc:file r_file_perms; -') - -# Needed to provide debug dump output via dumpsys pipes. -allow storaged shell:fd use; -allow storaged shell:fifo_file write; - -# Needed for GMScore to call dumpsys storaged -allow storaged priv_app:fd use; -allow storaged { privapp_data_file app_data_file }:file write; -allow storaged permission_service:service_manager find; - -# Binder permissions -add_service(storaged, storaged_service) - -binder_use(storaged) -binder_call(storaged, system_server) - -hal_client_domain(storaged, hal_health) - -# Implements a dumpsys interface. -allow storaged dumpstate:fd use; - -# use a subset of the package manager service -allow storaged package_native_service:service_manager find; - -# Kernel does extra check on CAP_DAC_OVERRIDE for libbinder when storaged is -# running as root. See b/35323867 #3. -dontaudit storaged self:global_capability_class_set { dac_override dac_read_search }; - -# For collecting bugreports. -allow storaged dumpstate:fifo_file write; - -### -### neverallow -### -neverallow storaged domain:process ptrace; -neverallow storaged self:capability_class_set *; diff --git a/prebuilts/api/29.0/private/su.te b/prebuilts/api/29.0/private/su.te deleted file mode 100644 index 16e47bbbf..000000000 --- a/prebuilts/api/29.0/private/su.te +++ /dev/null @@ -1,23 +0,0 @@ -userdebug_or_eng(` - typeattribute su coredomain; - - domain_auto_trans(shell, su_exec, su) - # Allow dumpstate to call su on userdebug / eng builds to collect - # additional information. - domain_auto_trans(dumpstate, su_exec, su) - - # Make sure that dumpstate runs the same from the "su" domain as - # from the "init" domain. - domain_auto_trans(su, dumpstate_exec, dumpstate) - - # Put the incident command into its domain so it is the same on user, userdebug and eng. - domain_auto_trans(su, incident_exec, incident) - - # Put the perfetto command into its domain so it is the same on user, userdebug and eng. - domain_auto_trans(su, perfetto_exec, perfetto) - - # su is also permissive to permit setenforce. - permissive su; - - app_domain(su) -') diff --git a/prebuilts/api/29.0/private/surfaceflinger.te b/prebuilts/api/29.0/private/surfaceflinger.te deleted file mode 100644 index de9c4f1f4..000000000 --- a/prebuilts/api/29.0/private/surfaceflinger.te +++ /dev/null @@ -1,123 +0,0 @@ -# surfaceflinger - display compositor service - -typeattribute surfaceflinger coredomain; - -type surfaceflinger_exec, system_file_type, exec_type, file_type; -init_daemon_domain(surfaceflinger) -tmpfs_domain(surfaceflinger) - -typeattribute surfaceflinger mlstrustedsubject; -typeattribute surfaceflinger display_service_server; - -read_runtime_log_tags(surfaceflinger) - -# Perform HwBinder IPC. -hal_client_domain(surfaceflinger, hal_graphics_allocator) -hal_client_domain(surfaceflinger, hal_graphics_composer) -typeattribute surfaceflinger_tmpfs hal_graphics_composer_client_tmpfs; -hal_client_domain(surfaceflinger, hal_omx) -hal_client_domain(surfaceflinger, hal_configstore) -hal_client_domain(surfaceflinger, hal_power) -hal_client_domain(surfaceflinger, hal_bufferhub) -allow surfaceflinger hidl_token_hwservice:hwservice_manager find; - -# Perform Binder IPC. -binder_use(surfaceflinger) -binder_call(surfaceflinger, binderservicedomain) -binder_call(surfaceflinger, appdomain) -binder_call(surfaceflinger, bootanim) -binder_service(surfaceflinger) - -# Binder IPC to bu, presently runs in adbd domain. -binder_call(surfaceflinger, adbd) - -# Read /proc/pid files for Binder clients. -r_dir_file(surfaceflinger, binderservicedomain) -r_dir_file(surfaceflinger, appdomain) - -# Access the GPU. -allow surfaceflinger gpu_device:chr_file rw_file_perms; - -# Access /dev/graphics/fb0. -allow surfaceflinger graphics_device:dir search; -allow surfaceflinger graphics_device:chr_file rw_file_perms; - -# Access /dev/video1. -allow surfaceflinger video_device:dir r_dir_perms; -allow surfaceflinger video_device:chr_file rw_file_perms; - -# Create and use netlink kobject uevent sockets. -allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Set properties. -set_prop(surfaceflinger, system_prop) -set_prop(surfaceflinger, exported_system_prop) -set_prop(surfaceflinger, exported2_system_prop) -set_prop(surfaceflinger, exported3_system_prop) -set_prop(surfaceflinger, ctl_bootanim_prop) - -# Use open files supplied by an app. -allow surfaceflinger appdomain:fd use; -allow surfaceflinger { app_data_file privapp_data_file }:file { read write }; - -# Allow writing surface traces to /data/misc/wmtrace. -userdebug_or_eng(` - allow surfaceflinger wm_trace_data_file:dir rw_dir_perms; - allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms }; -') - -# Use socket supplied by adbd, for cmd gpu vkjson etc. -allow surfaceflinger adbd:unix_stream_socket { read write getattr }; - -# Allow a dumpstate triggered screenshot -binder_call(surfaceflinger, dumpstate) -binder_call(surfaceflinger, shell) -r_dir_file(surfaceflinger, dumpstate) - -# media.player service - -# do not use add_service() as hal_graphics_composer_default may be the -# provider as well -#add_service(surfaceflinger, surfaceflinger_service) -allow surfaceflinger surfaceflinger_service:service_manager { add find }; - -add_service(surfaceflinger, vrflinger_vsync_service) - -allow surfaceflinger mediaserver_service:service_manager find; -allow surfaceflinger permission_service:service_manager find; -allow surfaceflinger power_service:service_manager find; -allow surfaceflinger vr_manager_service:service_manager find; -allow surfaceflinger window_service:service_manager find; -allow surfaceflinger inputflinger_service:service_manager find; - - -# allow self to set SCHED_FIFO -allow surfaceflinger self:global_capability_class_set sys_nice; -allow surfaceflinger proc_meminfo:file r_file_perms; -r_dir_file(surfaceflinger, cgroup) -r_dir_file(surfaceflinger, system_file) -allow surfaceflinger tmpfs:dir r_dir_perms; -allow surfaceflinger system_server:fd use; -allow surfaceflinger system_server:unix_stream_socket { read write }; -allow surfaceflinger ion_device:chr_file r_file_perms; - -# pdx IPC -pdx_server(surfaceflinger, display_client) -pdx_server(surfaceflinger, display_manager) -pdx_server(surfaceflinger, display_screenshot) -pdx_server(surfaceflinger, display_vsync) - -pdx_client(surfaceflinger, bufferhub_client) -pdx_client(surfaceflinger, performance_client) - -### -### Neverallow rules -### -### surfaceflinger should NEVER do any of this - -# Do not allow accessing SDcard files as unsafe ejection could -# cause the kernel to kill the process. -neverallow surfaceflinger sdcard_type:file rw_file_perms; - -# b/68864350 -dontaudit surfaceflinger unlabeled:dir search; diff --git a/prebuilts/api/29.0/private/system_app.te b/prebuilts/api/29.0/private/system_app.te deleted file mode 100644 index e8627151e..000000000 --- a/prebuilts/api/29.0/private/system_app.te +++ /dev/null @@ -1,145 +0,0 @@ -### -### Apps that run with the system UID, e.g. com.android.system.ui, -### com.android.settings. These are not as privileged as the system -### server. -### - -typeattribute system_app coredomain; - -app_domain(system_app) -net_domain(system_app) -binder_service(system_app) - -# android.ui and system.ui -allow system_app rootfs:dir getattr; - -# Read and write /data/data subdirectory. -allow system_app system_app_data_file:dir create_dir_perms; -allow system_app system_app_data_file:{ file lnk_file } create_file_perms; - -# Read and write to /data/misc/user. -allow system_app misc_user_data_file:dir create_dir_perms; -allow system_app misc_user_data_file:file create_file_perms; - -# Access to vold-mounted storage for measuring free space -allow system_app mnt_media_rw_file:dir search; - -# Read wallpaper file. -allow system_app wallpaper_file:file r_file_perms; - -# Read icon file. -allow system_app icon_file:file r_file_perms; - -# Write to properties -set_prop(system_app, bluetooth_a2dp_offload_prop) -set_prop(system_app, bluetooth_audio_hal_prop) -set_prop(system_app, bluetooth_prop) -set_prop(system_app, debug_prop) -set_prop(system_app, system_prop) -set_prop(system_app, exported_bluetooth_prop) -set_prop(system_app, exported_system_prop) -set_prop(system_app, exported2_system_prop) -set_prop(system_app, exported3_system_prop) -set_prop(system_app, logd_prop) -set_prop(system_app, net_radio_prop) -set_prop(system_app, system_radio_prop) -set_prop(system_app, exported_system_radio_prop) -set_prop(system_app, log_tag_prop) -userdebug_or_eng(`set_prop(system_app, logpersistd_logging_prop)') -auditallow system_app net_radio_prop:property_service set; -auditallow system_app system_radio_prop:property_service set; -auditallow system_app exported_system_radio_prop:property_service set; -# Allow Settings to enable Dynamic System Update -set_prop(system_app, dynamic_system_prop) - -# ctl interface -set_prop(system_app, ctl_default_prop) -set_prop(system_app, ctl_bugreport_prop) - -# Create /data/anr/traces.txt. -allow system_app anr_data_file:dir ra_dir_perms; -allow system_app anr_data_file:file create_file_perms; - -# Settings need to access app name and icon from asec -allow system_app asec_apk_file:file r_file_perms; - -# Allow system apps (like Settings) to interact with statsd -binder_call(system_app, statsd) - -# Allow system apps to interact with incidentd -binder_call(system_app, incidentd) - -# Allow system apps to interact with gpuservice -binder_call(system_app, gpuservice) - -allow system_app servicemanager:service_manager list; -# TODO: scope this down? Too broad? -allow system_app { - service_manager_type - -apex_service - -dnsresolver_service - -dumpstate_service - -installd_service - -iorapd_service - -lpdump_service - -netd_service - -system_suspend_control_service - -virtual_touchpad_service - -vold_service - -vr_hwc_service -}:service_manager find; -# suppress denials for services system_app should not be accessing. -dontaudit system_app { - dnsresolver_service - dumpstate_service - installd_service - iorapd_service - netd_service - virtual_touchpad_service - vold_service - vr_hwc_service -}:service_manager find; - -allow system_app keystore:keystore_key { - get_state - get - insert - delete - exist - list - reset - password - lock - unlock - is_empty - sign - verify - grant - duplicate - clear_uid - user_changed -}; - -# settings app reads /proc/version -allow system_app { - proc_version -}:file r_file_perms; - -# Settings app writes to /dev/stune/foreground/tasks. -allow system_app cgroup:file w_file_perms; - -control_logd(system_app) -read_runtime_log_tags(system_app) -get_prop(system_app, device_logging_prop) - -# allow system apps to use UDP sockets provided by the system server but not -# modify them other than to connect -allow system_app system_server:udp_socket { - connect getattr read recvfrom sendto write getopt setopt }; - -### -### Neverallow rules -### - -# app domains which access /dev/fuse should not run as system_app -neverallow system_app fuse_device:chr_file *; diff --git a/prebuilts/api/29.0/private/system_server.te b/prebuilts/api/29.0/private/system_server.te deleted file mode 100644 index 781bb1899..000000000 --- a/prebuilts/api/29.0/private/system_server.te +++ /dev/null @@ -1,1050 +0,0 @@ -# -# System Server aka system_server spawned by zygote. -# Most of the framework services run in this process. -# - -typeattribute system_server coredomain; -typeattribute system_server mlstrustedsubject; -typeattribute system_server scheduler_service_server; -typeattribute system_server sensor_service_server; - -# Define a type for tmpfs-backed ashmem regions. -tmpfs_domain(system_server) - -# Create a socket for connections from crash_dump. -type_transition system_server system_data_file:sock_file system_ndebug_socket "ndebugsocket"; - -allow system_server zygote_tmpfs:file read; -allow system_server appdomain_tmpfs:file { getattr map read write }; - -# For art. -allow system_server dalvikcache_data_file:dir r_dir_perms; -allow system_server dalvikcache_data_file:file r_file_perms; - -# When running system server under --invoke-with, we'll try to load the boot image under the -# system server domain, following links to the system partition. -with_asan(`allow system_server dalvikcache_data_file:lnk_file r_file_perms;') - -# /data/resource-cache -allow system_server resourcecache_data_file:file r_file_perms; -allow system_server resourcecache_data_file:dir r_dir_perms; - -# ptrace to processes in the same domain for debugging crashes. -allow system_server self:process ptrace; - -# Child of the zygote. -allow system_server zygote:fd use; -allow system_server zygote:process sigchld; - -# May kill zygote on crashes. -allow system_server zygote:process sigkill; -allow system_server crash_dump:process sigkill; -allow system_server webview_zygote:process sigkill; -allow system_server app_zygote:process sigkill; - -# Read /system/bin/app_process. -allow system_server zygote_exec:file r_file_perms; - -# Needed to close the zygote socket, which involves getopt / getattr -allow system_server zygote:unix_stream_socket { getopt getattr }; - -# system server gets network and bluetooth permissions. -net_domain(system_server) -# in addition to ioctls whitelisted for all domains, also allow system_server -# to use privileged ioctls commands. Needed to set up VPNs. -allowxperm system_server self:udp_socket ioctl priv_sock_ioctls; -bluetooth_domain(system_server) - -# Allow setup of tcp keepalive offload. This gives system_server the permission to -# call ioctl on app domains' tcp sockets. Additional ioctl commands still need to -# be granted individually, except for a small set of safe values whitelisted in -# public/domain.te. -allow system_server appdomain:tcp_socket ioctl; - -# These are the capabilities assigned by the zygote to the -# system server. -allow system_server self:global_capability_class_set { - ipc_lock - kill - net_admin - net_bind_service - net_broadcast - net_raw - sys_boot - sys_nice - sys_ptrace - sys_time - sys_tty_config -}; - -# Trigger module auto-load. -allow system_server kernel:system module_request; - -# Allow alarmtimers to be set -allow system_server self:global_capability2_class_set wake_alarm; - -# Create and share netlink_netfilter_sockets for tetheroffload. -allow system_server self:netlink_netfilter_socket create_socket_perms_no_ioctl; - -# Create/use netlink_tcpdiag_socket for looking up connection UIDs for VPN apps. -allow system_server self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read }; - -# Use netlink uevent sockets. -allow system_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Use generic netlink sockets. -allow system_server self:netlink_socket create_socket_perms_no_ioctl; -allow system_server self:netlink_generic_socket create_socket_perms_no_ioctl; - -# libvintf reads the kernel config to verify vendor interface compatibility. -allow system_server config_gz:file { read open }; - -# Use generic "sockets" where the address family is not known -# to the kernel. The ioctl permission is specifically omitted here, but may -# be added to device specific policy along with the ioctl commands to be -# whitelisted. -allow system_server self:socket create_socket_perms_no_ioctl; - -# Set and get routes directly via netlink. -allow system_server self:netlink_route_socket nlmsg_write; - -# Kill apps. -allow system_server appdomain:process { getpgid sigkill signal }; - -# Set scheduling info for apps. -allow system_server appdomain:process { getsched setsched }; -allow system_server audioserver:process { getsched setsched }; -allow system_server hal_audio:process { getsched setsched }; -allow system_server hal_bluetooth:process { getsched setsched }; -allow system_server hal_omx_server:process { getsched setsched }; -allow system_server mediaswcodec:process { getsched setsched }; -allow system_server cameraserver:process { getsched setsched }; -allow system_server hal_camera:process { getsched setsched }; -allow system_server mediaserver:process { getsched setsched }; -allow system_server bootanim:process { getsched setsched }; - -# Set scheduling info for psi monitor thread. -# TODO: delete this line b/131761776 -allow system_server kernel:process { getsched setsched }; - -# Allow system_server to write to /proc//* -allow system_server domain:file w_file_perms; - -# Read /proc/pid data for all domains. This is used by ProcessCpuTracker -# within system_server to keep track of memory and CPU usage for -# all processes on the device. In addition, /proc/pid files access is needed -# for dumping stack traces of native processes. -r_dir_file(system_server, domain) - -# Write /proc/uid_cputime/remove_uid_range. -allow system_server proc_uid_cputime_removeuid:file { w_file_perms getattr }; - -# Write /proc/uid_procstat/set. -allow system_server proc_uid_procstat_set:file { w_file_perms getattr }; - -# Write to /proc/sysrq-trigger. -allow system_server proc_sysrq:file rw_file_perms; - -# Delete /data/misc/stats-data/ and /data/misc/stats-service/ directories. -allow system_server stats_data_file:dir { open read remove_name search write }; -allow system_server stats_data_file:file unlink; - -# Read /sys/kernel/debug/wakeup_sources. -allow system_server debugfs_wakeup_sources:file r_file_perms; - -# Delete /data/misc/stats-data/ and /data/misc/stats-service/ directories. -allow system_server stats_data_file:dir { open read remove_name search write }; -allow system_server stats_data_file:file unlink; - -# The DhcpClient and WifiWatchdog use packet_sockets -allow system_server self:packet_socket create_socket_perms_no_ioctl; - -# 3rd party VPN clients require a tun_socket to be created -allow system_server self:tun_socket create_socket_perms_no_ioctl; - -# Talk to init and various daemons via sockets. -unix_socket_connect(system_server, lmkd, lmkd) -unix_socket_connect(system_server, mtpd, mtp) -unix_socket_connect(system_server, netd, netd) -unix_socket_connect(system_server, zygote, zygote) -unix_socket_connect(system_server, racoon, racoon) -unix_socket_connect(system_server, uncrypt, uncrypt) - -# Allow system_server to write to statsd. -unix_socket_send(system_server, statsdw, statsd) - -# Communicate over a socket created by surfaceflinger. -allow system_server surfaceflinger:unix_stream_socket { read write setopt }; - -allow system_server gpuservice:unix_stream_socket { read write setopt }; - -# Communicate over a socket created by webview_zygote. -allow system_server webview_zygote:unix_stream_socket { read write connectto setopt }; - -# Communicate over a socket created by app_zygote. -allow system_server app_zygote:unix_stream_socket { read write connectto setopt }; - -# Perform Binder IPC. -binder_use(system_server) -binder_call(system_server, appdomain) -binder_call(system_server, binderservicedomain) -binder_call(system_server, dumpstate) -binder_call(system_server, fingerprintd) -binder_call(system_server, gatekeeperd) -binder_call(system_server, idmap) -binder_call(system_server, installd) -binder_call(system_server, incidentd) -binder_call(system_server, iorapd) -binder_call(system_server, netd) -binder_call(system_server, notify_traceur) -binder_call(system_server, statsd) -binder_call(system_server, storaged) -binder_call(system_server, update_engine) -binder_call(system_server, vold) -binder_call(system_server, wificond) -binder_call(system_server, wpantund) -userdebug_or_eng(` - binder_call(system_server, perfprofd) -') -binder_service(system_server) - -# Use HALs -hal_client_domain(system_server, hal_allocator) -hal_client_domain(system_server, hal_authsecret) -hal_client_domain(system_server, hal_broadcastradio) -hal_client_domain(system_server, hal_configstore) -hal_client_domain(system_server, hal_contexthub) -hal_client_domain(system_server, hal_face) -hal_client_domain(system_server, hal_fingerprint) -hal_client_domain(system_server, hal_gnss) -hal_client_domain(system_server, hal_graphics_allocator) -hal_client_domain(system_server, hal_health) -hal_client_domain(system_server, hal_input_classifier) -hal_client_domain(system_server, hal_ir) -hal_client_domain(system_server, hal_light) -hal_client_domain(system_server, hal_memtrack) -hal_client_domain(system_server, hal_neuralnetworks) -hal_client_domain(system_server, hal_oemlock) -hal_client_domain(system_server, hal_omx) -hal_client_domain(system_server, hal_power) -hal_client_domain(system_server, hal_power_stats) -hal_client_domain(system_server, hal_sensors) -hal_client_domain(system_server, hal_tetheroffload) -hal_client_domain(system_server, hal_thermal) -hal_client_domain(system_server, hal_tv_cec) -hal_client_domain(system_server, hal_tv_input) -hal_client_domain(system_server, hal_usb) -hal_client_domain(system_server, hal_usb_gadget) -hal_client_domain(system_server, hal_vibrator) -hal_client_domain(system_server, hal_vr) -hal_client_domain(system_server, hal_weaver) -hal_client_domain(system_server, hal_wifi) -hal_client_domain(system_server, hal_wifi_hostapd) -hal_client_domain(system_server, hal_wifi_offload) -hal_client_domain(system_server, hal_wifi_supplicant) - -# Talk with graphics composer fences -allow system_server hal_graphics_composer:fd use; - -# Use RenderScript always-passthrough HAL -allow system_server hal_renderscript_hwservice:hwservice_manager find; -allow system_server same_process_hal_file:file { execute read open getattr map }; - -# Talk to tombstoned to get ANR traces. -unix_socket_connect(system_server, tombstoned_intercept, tombstoned) - -# List HAL interfaces to get ANR traces. -allow system_server hwservicemanager:hwservice_manager list; - -# Send signals to trigger ANR traces. -allow system_server { - # This is derived from the list that system server defines as interesting native processes - # to dump during ANRs or watchdog aborts, defined in NATIVE_STACKS_OF_INTEREST in - # frameworks/base/services/core/java/com/android/server/Watchdog.java. - audioserver - cameraserver - drmserver - gpuservice - inputflinger - mediadrmserver - mediaextractor - mediametrics - mediaserver - mediaswcodec - sdcardd - statsd - surfaceflinger - vold - - # This list comes from HAL_INTERFACES_OF_INTEREST in - # frameworks/base/services/core/java/com/android/server/Watchdog.java. - hal_audio_server - hal_bluetooth_server - hal_camera_server - hal_graphics_allocator_server - hal_graphics_composer_server - hal_health_server - hal_omx_server - hal_sensors_server - hal_vr_server -}:process { signal }; - -# Use sockets received over binder from various services. -allow system_server audioserver:tcp_socket rw_socket_perms; -allow system_server audioserver:udp_socket rw_socket_perms; -allow system_server mediaserver:tcp_socket rw_socket_perms; -allow system_server mediaserver:udp_socket rw_socket_perms; - -# Use sockets received over binder from various services. -allow system_server mediadrmserver:tcp_socket rw_socket_perms; -allow system_server mediadrmserver:udp_socket rw_socket_perms; - -# Get file context -allow system_server file_contexts_file:file r_file_perms; -# access for mac_permissions -allow system_server mac_perms_file: file r_file_perms; -# Check SELinux permissions. -selinux_check_access(system_server) - -allow system_server sysfs_type:dir search; - -r_dir_file(system_server, sysfs_android_usb) -allow system_server sysfs_android_usb:file w_file_perms; - -allow system_server sysfs_extcon:dir r_dir_perms; - -r_dir_file(system_server, sysfs_ipv4) -allow system_server sysfs_ipv4:file w_file_perms; - -r_dir_file(system_server, sysfs_rtc) -r_dir_file(system_server, sysfs_switch) -r_dir_file(system_server, sysfs_wakeup_reasons) - -allow system_server sysfs_nfc_power_writable:file rw_file_perms; -allow system_server sysfs_mac_address:file r_file_perms; -allow system_server sysfs_power:dir search; -allow system_server sysfs_power:file rw_file_perms; -allow system_server sysfs_thermal:dir search; -allow system_server sysfs_thermal:file r_file_perms; - -# TODO: Remove when HALs are forced into separate processes -allow system_server sysfs_vibrator:file { write append }; - -# TODO: added to match above sysfs rule. Remove me? -allow system_server sysfs_usb:file w_file_perms; - -# Access devices. -allow system_server device:dir r_dir_perms; -allow system_server mdns_socket:sock_file rw_file_perms; -allow system_server gpu_device:chr_file rw_file_perms; -allow system_server input_device:dir r_dir_perms; -allow system_server input_device:chr_file rw_file_perms; -allow system_server tty_device:chr_file rw_file_perms; -allow system_server usbaccessory_device:chr_file rw_file_perms; -allow system_server video_device:dir r_dir_perms; -allow system_server video_device:chr_file rw_file_perms; -allow system_server adbd_socket:sock_file rw_file_perms; -allow system_server rtc_device:chr_file rw_file_perms; -allow system_server audio_device:dir r_dir_perms; - -# write access to ALSA interfaces (/dev/snd/*) needed for MIDI -allow system_server audio_device:chr_file rw_file_perms; - -# tun device used for 3rd party vpn apps -allow system_server tun_device:chr_file rw_file_perms; -allowxperm system_server tun_device:chr_file ioctl { TUNGETIFF TUNSETIFF }; - -# Manage data/ota_package -allow system_server ota_package_file:dir rw_dir_perms; -allow system_server ota_package_file:file create_file_perms; - -# Manage system data files. -allow system_server system_data_file:dir create_dir_perms; -allow system_server system_data_file:notdevfile_class_set create_file_perms; -allow system_server packages_list_file:file create_file_perms; -allow system_server keychain_data_file:dir create_dir_perms; -allow system_server keychain_data_file:file create_file_perms; -allow system_server keychain_data_file:lnk_file create_file_perms; - -# Manage /data/app. -allow system_server apk_data_file:dir create_dir_perms; -allow system_server apk_data_file:{ file lnk_file } { create_file_perms link }; -allow system_server apk_tmp_file:dir create_dir_perms; -allow system_server apk_tmp_file:file create_file_perms; - -# Access input configuration files in the /vendor directory -r_dir_file(system_server, vendor_keylayout_file) -r_dir_file(system_server, vendor_keychars_file) -r_dir_file(system_server, vendor_idc_file) - -# Access /vendor/{app,framework,overlay} -r_dir_file(system_server, vendor_app_file) -r_dir_file(system_server, vendor_framework_file) -r_dir_file(system_server, vendor_overlay_file) - -# Manage /data/app-private. -allow system_server apk_private_data_file:dir create_dir_perms; -allow system_server apk_private_data_file:file create_file_perms; -allow system_server apk_private_tmp_file:dir create_dir_perms; -allow system_server apk_private_tmp_file:file create_file_perms; - -# Manage files within asec containers. -allow system_server asec_apk_file:dir create_dir_perms; -allow system_server asec_apk_file:file create_file_perms; -allow system_server asec_public_file:file create_file_perms; - -# Manage /data/anr. -# -# TODO: Some of these permissions can be withdrawn once we've switched to the -# new stack dumping mechanism, see b/32064548 and the rules below. In particular, -# the system_server should never need to create a new anr_data_file:file or write -# to one, but it will still need to read and append to existing files. -allow system_server anr_data_file:dir create_dir_perms; -allow system_server anr_data_file:file create_file_perms; - -# New stack dumping scheme : request an output FD from tombstoned via a unix -# domain socket. -# -# Allow system_server to connect and write to the tombstoned java trace socket in -# order to dump its traces. Also allow the system server to write its traces to -# dumpstate during bugreport capture and incidentd during incident collection. -unix_socket_connect(system_server, tombstoned_java_trace, tombstoned) -allow system_server tombstoned:fd use; -allow system_server dumpstate:fifo_file append; -allow system_server incidentd:fifo_file append; -# Write to a pipe created from `adb shell` (for debuggerd -j `pidof system_server`) -userdebug_or_eng(` - allow system_server su:fifo_file append; -') - -# Allow system_server to read pipes from incidentd (used to deliver incident reports -# to dropbox) -allow system_server incidentd:fifo_file read; - -# Read /data/misc/incidents - only read. The fd will be sent over binder, -# with no DAC access to it, for dropbox to read. -allow system_server incident_data_file:file read; - -# Allow dropbox to read /data/misc/perfetto-traces. Only the fd is sent over -# binder. -allow system_server perfetto_traces_data_file:file read; -allow system_server perfetto:fd use; - -# Allow dropbox to read /data/misc/perfprofd. Only the fd is sent over binder. -userdebug_or_eng(` - allow system_server perfprofd_data_file:file { getattr read }; - allow system_server perfprofd:fd use; -') - -# Manage /data/backup. -allow system_server backup_data_file:dir create_dir_perms; -allow system_server backup_data_file:file create_file_perms; - -# Write to /data/system/dropbox -allow system_server dropbox_data_file:dir create_dir_perms; -allow system_server dropbox_data_file:file create_file_perms; - -# Write to /data/system/heapdump -allow system_server heapdump_data_file:dir rw_dir_perms; -allow system_server heapdump_data_file:file create_file_perms; - -# Manage /data/misc/adb. -allow system_server adb_keys_file:dir create_dir_perms; -allow system_server adb_keys_file:file create_file_perms; - -# Manage /data/misc/network_watchlist -allow system_server network_watchlist_data_file:dir create_dir_perms; -allow system_server network_watchlist_data_file:file create_file_perms; - -# Manage /data/misc/sms. -# TODO: Split into a separate type? -allow system_server radio_data_file:dir create_dir_perms; -allow system_server radio_data_file:file create_file_perms; - -# Manage /data/misc/systemkeys. -allow system_server systemkeys_data_file:dir create_dir_perms; -allow system_server systemkeys_data_file:file create_file_perms; - -# Manage /data/misc/textclassifier. -allow system_server textclassifier_data_file:dir create_dir_perms; -allow system_server textclassifier_data_file:file create_file_perms; - -# Access /data/tombstones. -allow system_server tombstone_data_file:dir r_dir_perms; -allow system_server tombstone_data_file:file r_file_perms; - -# Manage /data/misc/vpn. -allow system_server vpn_data_file:dir create_dir_perms; -allow system_server vpn_data_file:file create_file_perms; - -# Manage /data/misc/wifi. -allow system_server wifi_data_file:dir create_dir_perms; -allow system_server wifi_data_file:file create_file_perms; - -# Manage /data/misc/zoneinfo. -allow system_server zoneinfo_data_file:dir create_dir_perms; -allow system_server zoneinfo_data_file:file create_file_perms; - -# Manage /data/app-staging. -allow system_server staging_data_file:dir create_dir_perms; -allow system_server staging_data_file:file create_file_perms; - -# Walk /data/data subdirectories. -# Types extracted from seapp_contexts type= fields. -allow system_server { - system_app_data_file - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file - app_data_file - privapp_data_file -}:dir { getattr read search }; - -# Also permit for unlabeled /data/data subdirectories and -# for unlabeled asec containers on upgrades from 4.2. -allow system_server unlabeled:dir r_dir_perms; -# Read pkg.apk file before it has been relabeled by vold. -allow system_server unlabeled:file r_file_perms; - -# Populate com.android.providers.settings/databases/settings.db. -allow system_server system_app_data_file:dir create_dir_perms; -allow system_server system_app_data_file:file create_file_perms; - -# Receive and use open app data files passed over binder IPC. -# Types extracted from seapp_contexts type= fields. -allow system_server { - system_app_data_file - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file - app_data_file - privapp_data_file -}:file { getattr read write append map }; - -# Access to /data/media for measuring disk usage. -allow system_server media_rw_data_file:dir { search getattr open read }; - -# Receive and use open /data/media files passed over binder IPC. -# Also used for measuring disk usage. -allow system_server media_rw_data_file:file { getattr read write append }; - -# System server needs to setfscreate to packages_list_file when writing -# /data/system/packages.list -allow system_server system_server:process setfscreate; - -# Relabel apk files. -allow system_server { apk_tmp_file apk_private_tmp_file }:{ dir file } { relabelfrom relabelto }; -allow system_server { apk_data_file apk_private_data_file }:{ dir file } { relabelfrom relabelto }; - -# Relabel wallpaper. -allow system_server system_data_file:file relabelfrom; -allow system_server wallpaper_file:file relabelto; -allow system_server wallpaper_file:file { rw_file_perms rename unlink }; - -# Backup of wallpaper imagery uses temporary hard links to avoid data churn -allow system_server { system_data_file wallpaper_file }:file link; - -# ShortcutManager icons -allow system_server system_data_file:dir relabelfrom; -allow system_server shortcut_manager_icons:dir { create_dir_perms relabelto }; -allow system_server shortcut_manager_icons:file create_file_perms; - -# Manage ringtones. -allow system_server ringtone_file:dir { create_dir_perms relabelto }; -allow system_server ringtone_file:file create_file_perms; - -# Relabel icon file. -allow system_server icon_file:file relabelto; -allow system_server icon_file:file { rw_file_perms unlink }; - -# FingerprintService.java does a restorecon of the directory /data/system/users/[0-9]+/fpdata(/.*)? -allow system_server system_data_file:dir relabelfrom; - -# server_configurable_flags_data_file is used for storing server configurable flags which -# have been reset during current booting. system_server needs to read the data to perform related -# disaster recovery actions. -allow system_server server_configurable_flags_data_file:dir r_dir_perms; -allow system_server server_configurable_flags_data_file:file r_file_perms; - -# Property Service write -set_prop(system_server, system_prop) -set_prop(system_server, exported_system_prop) -set_prop(system_server, exported2_system_prop) -set_prop(system_server, exported3_system_prop) -set_prop(system_server, safemode_prop) -set_prop(system_server, dhcp_prop) -set_prop(system_server, net_radio_prop) -set_prop(system_server, net_dns_prop) -set_prop(system_server, system_radio_prop) -set_prop(system_server, exported_system_radio_prop) -set_prop(system_server, debug_prop) -set_prop(system_server, powerctl_prop) -set_prop(system_server, fingerprint_prop) -set_prop(system_server, exported_fingerprint_prop) -set_prop(system_server, device_logging_prop) -set_prop(system_server, dumpstate_options_prop) -set_prop(system_server, overlay_prop) -set_prop(system_server, exported_overlay_prop) -set_prop(system_server, pm_prop) -set_prop(system_server, exported_pm_prop) -userdebug_or_eng(`set_prop(system_server, wifi_log_prop)') - -# ctl interface -set_prop(system_server, ctl_default_prop) -set_prop(system_server, ctl_bugreport_prop) -set_prop(system_server, ctl_gsid_prop) - -# cppreopt property -set_prop(system_server, cppreopt_prop) - -# server configurable flags properties -set_prop(system_server, device_config_input_native_boot_prop) -set_prop(system_server, device_config_netd_native_prop) -set_prop(system_server, device_config_activity_manager_native_boot_prop) -set_prop(system_server, device_config_runtime_native_boot_prop) -set_prop(system_server, device_config_runtime_native_prop) -set_prop(system_server, device_config_media_native_prop) - -# BootReceiver to read ro.boot.bootreason -get_prop(system_server, bootloader_boot_reason_prop) -# PowerManager to read sys.boot.reason -get_prop(system_server, system_boot_reason_prop) - -# Collect metrics on boot time created by init -get_prop(system_server, boottime_prop) - -# Read device's serial number from system properties -get_prop(system_server, serialno_prop) - -# Read/write the property which keeps track of whether this is the first start of system_server -set_prop(system_server, firstboot_prop) - -# Audio service in system server can read exported audio properties, -# such as camera shutter enforcement -get_prop(system_server, exported_audio_prop) - -# system server reads this property to keep track of whether server configurable flags have been -# reset during current boot. -get_prop(system_server, device_config_reset_performed_prop) - -# Read/write the property that enables Test Harness Mode -set_prop(system_server, test_harness_prop) - -# Read gsid.image_running. -get_prop(system_server, gsid_prop) - -# Create a socket for connections from debuggerd. -allow system_server system_ndebug_socket:sock_file create_file_perms; - -# Manage cache files. -allow system_server cache_file:lnk_file r_file_perms; -allow system_server { cache_file cache_recovery_file }:dir { relabelfrom create_dir_perms }; -allow system_server { cache_file cache_recovery_file }:file { relabelfrom create_file_perms }; -allow system_server { cache_file cache_recovery_file }:fifo_file create_file_perms; - -allow system_server system_file:dir r_dir_perms; -allow system_server system_file:lnk_file r_file_perms; - -# ART locks profile files. -allow system_server system_file:file lock; - -# LocationManager(e.g, GPS) needs to read and write -# to uart driver and ctrl proc entry -allow system_server gps_control:file rw_file_perms; - -# Allow system_server to use app-created sockets and pipes. -allow system_server appdomain:{ tcp_socket udp_socket } { getattr getopt setopt read write shutdown }; -allow system_server appdomain:{ fifo_file unix_stream_socket } { getattr read write }; - -# BackupManagerService needs to manipulate backup data files -allow system_server cache_backup_file:dir rw_dir_perms; -allow system_server cache_backup_file:file create_file_perms; -# LocalTransport works inside /cache/backup -allow system_server cache_private_backup_file:dir create_dir_perms; -allow system_server cache_private_backup_file:file create_file_perms; - -# Allow system to talk to usb device -allow system_server usb_device:chr_file rw_file_perms; -allow system_server usb_device:dir r_dir_perms; - -# Read from HW RNG (needed by EntropyMixer). -allow system_server hw_random_device:chr_file r_file_perms; - -# Read and delete files under /dev/fscklogs. -r_dir_file(system_server, fscklogs) -allow system_server fscklogs:dir { write remove_name }; -allow system_server fscklogs:file unlink; - -# logd access, system_server inherit logd write socket -# (urge is to deprecate this long term) -allow system_server zygote:unix_dgram_socket write; - -# Read from log daemon. -read_logd(system_server) -read_runtime_log_tags(system_server) - -# Be consistent with DAC permissions. Allow system_server to write to -# /sys/module/lowmemorykiller/parameters/adj -# /sys/module/lowmemorykiller/parameters/minfree -allow system_server sysfs_lowmemorykiller:file { getattr w_file_perms }; - -# Read /sys/fs/pstore/console-ramoops -# Don't worry about overly broad permissions for now, as there's -# only one file in /sys/fs/pstore -allow system_server pstorefs:dir r_dir_perms; -allow system_server pstorefs:file r_file_perms; - -# /sys access -allow system_server sysfs_zram:dir search; -allow system_server sysfs_zram:file r_file_perms; - -add_service(system_server, system_server_service); -allow system_server audioserver_service:service_manager find; -allow system_server batteryproperties_service:service_manager find; -allow system_server cameraserver_service:service_manager find; -allow system_server dnsresolver_service:service_manager find; -allow system_server drmserver_service:service_manager find; -allow system_server dumpstate_service:service_manager find; -allow system_server fingerprintd_service:service_manager find; -allow system_server gatekeeper_service:service_manager find; -allow system_server gpu_service:service_manager find; -allow system_server gsi_service:service_manager find; -allow system_server hal_fingerprint_service:service_manager find; -allow system_server idmap_service:service_manager find; -allow system_server incident_service:service_manager find; -allow system_server installd_service:service_manager find; -allow system_server iorapd_service:service_manager find; -allow system_server keystore_service:service_manager find; -allow system_server mediaserver_service:service_manager find; -allow system_server mediametrics_service:service_manager find; -allow system_server mediaextractor_service:service_manager find; -allow system_server mediacodec_service:service_manager find; -allow system_server mediadrmserver_service:service_manager find; -allow system_server netd_service:service_manager find; -allow system_server nfc_service:service_manager find; -allow system_server radio_service:service_manager find; -allow system_server stats_service:service_manager find; -allow system_server thermal_service:service_manager find; -allow system_server storaged_service:service_manager find; -allow system_server surfaceflinger_service:service_manager find; -allow system_server update_engine_service:service_manager find; -allow system_server vold_service:service_manager find; -allow system_server wificond_service:service_manager find; -userdebug_or_eng(` - allow system_server perfprofd_service:service_manager find; -') - -add_service(system_server, batteryproperties_service) - -allow system_server keystore:keystore_key { - get_state - get - insert - delete - exist - list - reset - password - lock - unlock - is_empty - sign - verify - grant - duplicate - clear_uid - add_auth - user_changed -}; - -# Allow system server to search and write to the persistent factory reset -# protection partition. This block device does not get wiped in a factory reset. -allow system_server block_device:dir search; -allow system_server frp_block_device:blk_file rw_file_perms; -allowxperm system_server frp_block_device:blk_file ioctl { BLKSECDISCARD BLKDISCARD }; - -# Clean up old cgroups -allow system_server cgroup:dir { remove_name rmdir }; - -# /oem access -r_dir_file(system_server, oemfs) - -# Allow resolving per-user storage symlinks -allow system_server { mnt_user_file storage_file }:dir { getattr search }; -allow system_server { mnt_user_file storage_file }:lnk_file { getattr read }; - -# Allow statfs() on storage devices, which happens fast enough that -# we shouldn't be killed during unsafe removal -allow system_server sdcard_type:dir { getattr search }; - -# Traverse into expanded storage -allow system_server mnt_expand_file:dir r_dir_perms; - -# Allow system process to relabel the fingerprint directory after mkdir -# and delete the directory and files when no longer needed -allow system_server fingerprintd_data_file:dir { r_dir_perms remove_name rmdir relabelto write }; -allow system_server fingerprintd_data_file:file { getattr unlink }; - -# Allow system process to read network MAC address -allow system_server sysfs_mac_address:file r_file_perms; - -userdebug_or_eng(` - # Allow system server to create and write method traces in /data/misc/trace. - allow system_server method_trace_data_file:dir w_dir_perms; - allow system_server method_trace_data_file:file { create w_file_perms }; - - # Allow system server to read dmesg - allow system_server kernel:system syslog_read; - - # Allow writing and removing window traces in /data/misc/wmtrace. - allow system_server wm_trace_data_file:dir rw_dir_perms; - allow system_server wm_trace_data_file:file { getattr setattr create unlink w_file_perms }; -') - -# For AppFuse. -allow system_server vold:fd use; -allow system_server fuse_device:chr_file { read write ioctl getattr }; -allow system_server app_fuse_file:file { read write getattr }; - -# For configuring sdcardfs -allow system_server configfs:dir { create_dir_perms }; -allow system_server configfs:file { getattr open create unlink write }; - -# Connect to adbd and use a socket transferred from it. -# Used for e.g. jdwp. -allow system_server adbd:unix_stream_socket connectto; -allow system_server adbd:fd use; -allow system_server adbd:unix_stream_socket { getattr getopt ioctl read write shutdown }; - -# Allow invoking tools like "timeout" -allow system_server toolbox_exec:file rx_file_perms; - -# Allow system process to setup and measure fs-verity -allowxperm system_server apk_data_file:file ioctl { - FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY -}; - -# Postinstall -# -# For OTA dexopt, allow calls coming from postinstall. -binder_call(system_server, postinstall) - -allow system_server postinstall:fifo_file write; -allow system_server update_engine:fd use; -allow system_server update_engine:fifo_file write; - -# Access to /data/preloads -allow system_server preloads_data_file:file { r_file_perms unlink }; -allow system_server preloads_data_file:dir { r_dir_perms write remove_name rmdir }; -allow system_server preloads_media_file:file { r_file_perms unlink }; -allow system_server preloads_media_file:dir { r_dir_perms write remove_name rmdir }; - -r_dir_file(system_server, cgroup) -allow system_server ion_device:chr_file r_file_perms; - -r_dir_file(system_server, proc_asound) -r_dir_file(system_server, proc_net_type) -r_dir_file(system_server, proc_qtaguid_stat) -allow system_server { - proc_loadavg - proc_meminfo - proc_pagetypeinfo - proc_pipe_conf - proc_stat - proc_uid_cputime_showstat - proc_uid_io_stats - proc_uid_time_in_state - proc_uid_concurrent_active_time - proc_uid_concurrent_policy_time - proc_version - proc_vmallocinfo -}:file r_file_perms; - -allow system_server proc_uid_time_in_state:dir r_dir_perms; -allow system_server proc_uid_cpupower:file r_file_perms; - -r_dir_file(system_server, rootfs) - -# Allow WifiService to start, stop, and read wifi-specific trace events. -allow system_server debugfs_tracing_instances:dir search; -allow system_server debugfs_wifi_tracing:dir search; -allow system_server debugfs_wifi_tracing:file rw_file_perms; - -# allow system_server to exec shell, asanwrapper & zygote(app_process) on ASAN builds. Needed to run -# asanwrapper. -with_asan(` - allow system_server shell_exec:file rx_file_perms; - allow system_server asanwrapper_exec:file rx_file_perms; - allow system_server zygote_exec:file rx_file_perms; -') - -# allow system_server to read the eBPF maps that stores the traffic stats information and update -# the map after snapshot is recorded -allow system_server fs_bpf:dir search; -allow system_server fs_bpf:file { read write }; -allow system_server bpfloader:bpf { map_read map_write }; - -# ART Profiles. -# Allow system_server to open profile snapshots for read. -# System server never reads the actual content. It passes the descriptor to -# to privileged apps which acquire the permissions to inspect the profiles. -allow system_server user_profile_data_file:dir { getattr search }; -allow system_server user_profile_data_file:file { getattr open read }; - -# System server may dump profile data for debuggable apps in the /data/misc/profman. -# As such it needs to be able create files but it should never read from them. -allow system_server profman_dump_data_file:file { create getattr setattr w_file_perms}; -allow system_server profman_dump_data_file:dir w_dir_perms; - -# On userdebug build we may profile system server. Allow it to write and create its own profile. -userdebug_or_eng(` - allow system_server user_profile_data_file:file create_file_perms; -') - -userdebug_or_eng(` - # Allow system server to notify mediaextractor of the plugin update. -') - -# UsbDeviceManager uses /dev/usb-ffs -allow system_server functionfs:dir search; -allow system_server functionfs:file rw_file_perms; - -# system_server contains time / time zone detection logic so reads the associated properties. -get_prop(system_server, time_prop) - -### -### Neverallow rules -### -### system_server should NEVER do any of this - -# Do not allow opening files from external storage as unsafe ejection -# could cause the kernel to kill the system_server. -neverallow system_server sdcard_type:dir { open read write }; -neverallow system_server sdcard_type:file rw_file_perms; - -# system server should never be operating on zygote spawned app data -# files directly. Rather, they should always be passed via a -# file descriptor. -# Types extracted from seapp_contexts type= fields, excluding -# those types that system_server needs to open directly. -neverallow system_server { - bluetooth_data_file - nfc_data_file - shell_data_file - app_data_file - privapp_data_file -}:file { open create unlink link }; - -# Forking and execing is inherently dangerous and racy. See, for -# example, https://www.linuxprogrammingblog.com/threads-and-fork-think-twice-before-using-them -# Prevent the addition of new file execs to stop the problem from -# getting worse. b/28035297 -neverallow system_server { - file_type - -toolbox_exec - -logcat_exec - with_asan(`-shell_exec -asanwrapper_exec -zygote_exec') -}:file execute_no_trans; - -# Ensure that system_server doesn't perform any domain transitions other than -# transitioning to the crash_dump domain when a crash occurs. -neverallow system_server { domain -crash_dump }:process transition; -neverallow system_server *:process dyntransition; - -# Only allow crash_dump to connect to system_ndebug_socket. -neverallow { domain -init -system_server -crash_dump } system_ndebug_socket:sock_file { open write }; - -# Only allow init, system_server, flags_health_check to set properties for server configurable flags -neverallow { - domain - -init - -system_server - -flags_health_check -} { - device_config_activity_manager_native_boot_prop - device_config_input_native_boot_prop - device_config_netd_native_prop - device_config_runtime_native_boot_prop - device_config_runtime_native_prop - device_config_media_native_prop -}:property_service set; - -# system_server should never be executing dex2oat. This is either -# a bug (for example, bug 16317188), or represents an attempt by -# system server to dynamically load a dex file, something we do not -# want to allow. -neverallow system_server dex2oat_exec:file no_x_file_perms; - -# system_server should never execute or load executable shared libraries -# in /data. Executable files in /data are a persistence vector. -# https://bugs.chromium.org/p/project-zero/issues/detail?id=955 for example. -neverallow system_server data_file_type:file no_x_file_perms; - -# The only block device system_server should be accessing is -# the frp_block_device. This helps avoid a system_server to root -# escalation by writing to raw block devices. -neverallow system_server { dev_type -frp_block_device }:blk_file no_rw_file_perms; - -# system_server should never use JIT functionality -# See https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.html -# in the section titled "A Short ROP Chain" for why. -neverallow system_server self:process execmem; -neverallow system_server ashmem_device:chr_file execute; - -# TODO: deal with tmpfs_domain pub/priv split properly -neverallow system_server system_server_tmpfs:file execute; - -# Resources handed off by system_server_startup -allow system_server system_server_startup:fd use; -allow system_server system_server_startup_tmpfs:file { read write map }; -allow system_server system_server_startup:unix_dgram_socket write; - -# Allow system server to communicate to apexd -allow system_server apex_service:service_manager find; -allow system_server apexd:binder call; - -# Allow system server to communicate to system-suspend's control interface -allow system_server system_suspend_control_service:service_manager find; -binder_call(system_server, system_suspend) -binder_call(system_suspend, system_server) - -# Allow system server to communicate to system-suspend's wakelock interface -wakelock_use(system_server) - -# Allow the system server to read files under /data/apex. The system_server -# needs these privileges to compare file signatures while processing installs. -# -# Only apexd is allowed to create new entries or write to any file under /data/apex. -allow system_server apex_data_file:dir search; -allow system_server apex_data_file:file r_file_perms; - -# Allow PasswordSlotManager rw access to /metadata/password_slots, so GSIs and the host image can -# communicate which slots are available for use. -allow system_server metadata_file:dir search; -allow system_server password_slot_metadata_file:dir rw_dir_perms; -allow system_server password_slot_metadata_file:file create_file_perms; - -# Read/Write /proc/pressure/memory -allow system_server proc_pressure_mem:file rw_file_perms; - -# dexoptanalyzer is currently used only for secondary dex files which -# system_server should never access. -neverallow system_server dexoptanalyzer_exec:file no_x_file_perms; - -# No ptracing others -neverallow system_server { domain -system_server }:process ptrace; - -# CAP_SYS_RESOURCE was traditionally needed for sensitive /proc/PID -# file read access. However, that is now unnecessary (b/34951864) -neverallow system_server system_server:global_capability_class_set sys_resource; - -# Only system_server/init should access /metadata/password_slots. -neverallow { domain -init -system_server } password_slot_metadata_file:dir *; -neverallow { - domain - -init - -system_server -} password_slot_metadata_file:notdevfile_class_set ~{ relabelto getattr }; -neverallow { domain -init -system_server } password_slot_metadata_file:notdevfile_class_set *; diff --git a/prebuilts/api/29.0/private/system_server_startup.te b/prebuilts/api/29.0/private/system_server_startup.te deleted file mode 100644 index f1427a9e2..000000000 --- a/prebuilts/api/29.0/private/system_server_startup.te +++ /dev/null @@ -1,23 +0,0 @@ -type system_server_startup, domain, coredomain; -type system_server_startup_tmpfs, file_type; - -tmpfs_domain(system_server_startup) - -# Create JIT memory -allow system_server_startup self:process execmem; -allow system_server_startup system_server_startup_tmpfs:file { execute read write open map }; - -# Allow to pick up integrity-checked artifacts from the dalvik cache. -allow system_server_startup dalvikcache_data_file:dir r_dir_perms; -allow system_server_startup dalvikcache_data_file:file { r_file_perms execute }; - -# While doing the above, will touch the apex mount dir. -allow system_server_startup mnt_expand_file:dir getattr; - -# Allow system_server_startup to run setcon() and enter the -# system_server domain -allow system_server_startup self:process setcurrent; -allow system_server_startup system_server:process dyntransition; - -# Child of the zygote. -allow system_server_startup zygote:process sigchld; diff --git a/prebuilts/api/29.0/private/system_suspend.te b/prebuilts/api/29.0/private/system_suspend.te deleted file mode 100644 index 961cd67bd..000000000 --- a/prebuilts/api/29.0/private/system_suspend.te +++ /dev/null @@ -1,25 +0,0 @@ -type system_suspend, domain, coredomain, system_suspend_server; - -type system_suspend_exec, system_file_type, exec_type, file_type; -init_daemon_domain(system_suspend) - -# To serve ISuspendControlService.aidl. -binder_use(system_suspend) -add_service(system_suspend, system_suspend_control_service) - -# Access to /sys/power/{ wakeup_count, state } suspend interface. -allow system_suspend sysfs_power:file rw_file_perms; - -# TODO(b/128923994): remove once all debugging info moves to SystemSuspend. -# Access to /sys/power/{ wake_lock, wake_unlock } suspend blocker interface. -allow system_suspend self:global_capability2_class_set block_suspend; -allow system_suspend sysfs_wake_lock:file rw_file_perms; - -neverallow { - domain - -atrace # tracing - -dumpstate # bug reports - -system_suspend # implements system_suspend_control_service - -system_server # configures system_suspend via ISuspendControlService - -traceur_app # tracing -} system_suspend_control_service:service_manager find; diff --git a/prebuilts/api/29.0/private/technical_debt.cil b/prebuilts/api/29.0/private/technical_debt.cil deleted file mode 100644 index d1215fea8..000000000 --- a/prebuilts/api/29.0/private/technical_debt.cil +++ /dev/null @@ -1,57 +0,0 @@ -; THIS IS A WORKAROUND for the current limitations of the module policy language -; This should be used sparingly until we figure out a saner way to achieve the -; stuff below, for example, by improving typeattribute statement of module -; language. -; -; NOTE: This file has no effect on recovery policy. - -; Apps, except isolated apps, are clients of Allocator HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_allocator_client; -; typeattribute hal_allocator_client halclientdomain; -(typeattributeset hal_allocator_client ((and (appdomain) ((not (isolated_app)))))) -(typeattributeset halclientdomain (hal_allocator_client)) - -; Apps, except isolated apps, are clients of OMX-related services -; Unfortunately, we can't currently express this in module policy language: -(typeattributeset hal_omx_client ((and (appdomain) ((not (isolated_app)))))) - -; Apps, except isolated apps, are clients of Configstore HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_configstore_client; -(typeattributeset hal_configstore_client ((and (appdomain) ((not (isolated_app)))))) - -; Apps, except isolated apps, are clients of Graphics Allocator HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_graphics_allocator_client; -(typeattributeset hal_graphics_allocator_client ((and (appdomain) ((not (isolated_app)))))) - -; Apps, except isolated apps, are clients of Cas HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_cas_client; -(typeattributeset hal_cas_client ((and (appdomain) ((not (isolated_app)))))) - -; Domains hosting Camera HAL implementations are clients of Allocator HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute hal_camera hal_allocator_client; -(typeattributeset hal_allocator_client (hal_camera)) - -; Apps, except isolated apps, are clients of Neuralnetworks HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_neuralnetworks_client; -(typeattributeset hal_neuralnetworks_client ((and (appdomain) ((not (isolated_app)))))) - -; TODO(b/112056006): move these to mapping files when/if we implement 'versioned' attributes. -; Rename untrusted_app_visible_* to untrusted_app_visible_*_violators. -; Unfortunately, we can't currently express this in module policy language: -; typeattribute untrusted_app_visible_hwservice untrusted_app_visible_hwservice_violators; -; typeattribute untrusted_app_visible_halserver untrusted_app_visible_halserver_violators; -(typeattribute untrusted_app_visible_hwservice) -(typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice)) -(typeattribute untrusted_app_visible_halserver) -(typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver)) - -; Apps, except isolated apps, are clients of BufferHub HAL -; Unfortunately, we can't currently express this in module policy language: -; typeattribute { appdomain -isolated_app } hal_cas_client; -(typeattributeset hal_bufferhub_client ((and (appdomain) ((not (isolated_app)))))) diff --git a/prebuilts/api/29.0/private/thermalserviced.te b/prebuilts/api/29.0/private/thermalserviced.te deleted file mode 100644 index 1a09e203e..000000000 --- a/prebuilts/api/29.0/private/thermalserviced.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute thermalserviced coredomain; - -init_daemon_domain(thermalserviced) - diff --git a/prebuilts/api/29.0/private/tombstoned.te b/prebuilts/api/29.0/private/tombstoned.te deleted file mode 100644 index 305f9d006..000000000 --- a/prebuilts/api/29.0/private/tombstoned.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute tombstoned coredomain; - -init_daemon_domain(tombstoned) diff --git a/prebuilts/api/29.0/private/toolbox.te b/prebuilts/api/29.0/private/toolbox.te deleted file mode 100644 index a2b958dba..000000000 --- a/prebuilts/api/29.0/private/toolbox.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute toolbox coredomain; - -init_daemon_domain(toolbox) diff --git a/prebuilts/api/29.0/private/traced.te b/prebuilts/api/29.0/private/traced.te deleted file mode 100644 index 1e2d7d67b..000000000 --- a/prebuilts/api/29.0/private/traced.te +++ /dev/null @@ -1,82 +0,0 @@ -# Perfetto user-space tracing daemon (unprivileged) - -# type traced is defined under /public (because iorapd rules -# under public/ need to refer to it). -type traced_exec, system_file_type, exec_type, file_type; -type traced_tmpfs, file_type; - -# Allow init to exec the daemon. -init_daemon_domain(traced) -tmpfs_domain(traced) - -# Allow apps in other MLS contexts (for multi-user) to access -# share memory buffers created by traced. -typeattribute traced_tmpfs mlstrustedobject; - -# Allow traced to start with a lower scheduling class and change -# class accordingly to what defined in the config provided by -# the privileged process that controls it. -allow traced self:global_capability_class_set { sys_nice }; - -# Allow to pass a file descriptor for the output trace from "perfetto" (the -# cmdline client) and other shell binaries to traced and let traced write -# directly into that (rather than returning the trace contents over the socket). -allow traced perfetto:fd use; -allow traced shell:fd use; -allow traced shell:fifo_file { read write }; -allow traced perfetto_traces_data_file:file { read write }; - -# Allow traceur to pass open file descriptors to traced, so traced can directly -# write into the output file without doing roundtrips over IPC. -allow traced traceur_app:fd use; -allow traced trace_data_file:file { read write }; - -# Allow iorapd to pass memfd descriptors to traced, so traced can directly -# write into the shmem buffer file without doing roundtrips over IPC. -allow traced iorapd:fd use; -allow traced iorapd_tmpfs:file { read write }; - -# Allow traced to notify Traceur when a trace ends by setting the -# sys.trace.trace_end_signal property. -set_prop(traced, system_trace_prop) -# Allow to lazily start producers. -set_prop(traced, traced_lazy_prop) - -### -### Neverallow rules -### -### traced should NEVER do any of this - -# Disallow mapping executable memory (execstack and exec are already disallowed -# globally in domain.te). -neverallow traced self:process execmem; - -# Block device access. -neverallow traced dev_type:blk_file { read write }; - -# ptrace any other process -neverallow traced domain:process ptrace; - -# Disallows access to /data files, still allowing to write to file descriptors -# passed through the socket. -neverallow traced { - data_file_type - -system_data_file - # TODO(b/72998741) Remove vendor_data_file exemption. Further restricted in a - # subsequent neverallow. Currently only getattr and search are allowed. - -vendor_data_file - -zoneinfo_data_file -}:dir *; -neverallow traced { system_data_file }:dir ~{ getattr search }; -neverallow traced zoneinfo_data_file:dir ~r_dir_perms; -neverallow traced { data_file_type -zoneinfo_data_file }:lnk_file *; -neverallow traced { - data_file_type - -zoneinfo_data_file - -perfetto_traces_data_file - -trace_data_file -}:file ~write; - -# Only init is allowed to enter the traced domain via exec() -neverallow { domain -init } traced:process transition; -neverallow * traced:process dyntransition; diff --git a/prebuilts/api/29.0/private/traced_probes.te b/prebuilts/api/29.0/private/traced_probes.te deleted file mode 100644 index d8d573a1e..000000000 --- a/prebuilts/api/29.0/private/traced_probes.te +++ /dev/null @@ -1,122 +0,0 @@ -# Perfetto tracing probes, has tracefs access. -type traced_probes_exec, system_file_type, exec_type, file_type; - -# Allow init to exec the daemon. -init_daemon_domain(traced_probes) - -# Write trace data to the Perfetto traced damon. This requires connecting to its -# producer socket and obtaining a (per-process) tmpfs fd. -allow traced_probes traced:fd use; -allow traced_probes traced_tmpfs:file { read write getattr map }; -unix_socket_connect(traced_probes, traced_producer, traced) - -# Allow traced_probes to access tracefs. -allow traced_probes debugfs_tracing:dir r_dir_perms; -allow traced_probes debugfs_tracing:file rw_file_perms; -allow traced_probes debugfs_trace_marker:file getattr; - -# TODO(primiano): temporarily I/O tracing categories are still -# userdebug only until we nail down the blacklist/whitelist. -userdebug_or_eng(` -allow traced_probes debugfs_tracing_debug:dir r_dir_perms; -allow traced_probes debugfs_tracing_debug:file rw_file_perms; -') - -# Allow traced_probes to start with a higher scheduling class and then downgrade -# itself. -allow traced_probes self:global_capability_class_set { sys_nice }; - -# Allow procfs access -r_dir_file(traced_probes, domain) - -# Allow to read packages.list file. -allow traced_probes packages_list_file:file r_file_perms; - -# Allow to log to kernel dmesg when starting / stopping ftrace. -allow traced_probes kmsg_device:chr_file write; - -# Allow traced_probes to list the system partition. -allow traced_probes system_file:dir { open read }; - -# Allow traced_probes to list some of the data partition. -allow traced_probes self:global_capability_class_set dac_read_search; - -allow traced_probes apk_data_file:dir { getattr open read search }; -allow traced_probes dalvikcache_data_file:dir { getattr open read search }; -userdebug_or_eng(` -# search and getattr are granted via domain and coredomain, respectively. -allow traced_probes system_data_file:dir { open read }; -') -allow traced_probes system_app_data_file:dir { getattr open read search }; -allow traced_probes backup_data_file:dir { getattr open read search }; -allow traced_probes bootstat_data_file:dir { getattr open read search }; -allow traced_probes update_engine_data_file:dir { getattr open read search }; -allow traced_probes update_engine_log_data_file:dir { getattr open read search }; -allow traced_probes user_profile_data_file:dir { getattr open read search }; - -# Allow traced_probes to run atrace. atrace pokes at system services to enable -# their userspace TRACE macros. -domain_auto_trans(traced_probes, atrace_exec, atrace); - -# Allow traced_probes to kill atrace on timeout. -allow traced_probes atrace:process sigkill; - -# Allow traced_probes to access /proc files for system stats. -# Note: trace data is NOT exposed to anything other than shell and privileged -# system apps that have access to the traced consumer socket. -allow traced_probes { - proc_meminfo - proc_vmstat - proc_stat -}:file r_file_perms; - -# Allow access to the IHealth and IPowerStats HAL service for tracing battery counters. -hal_client_domain(traced_probes, hal_health) -hal_client_domain(traced_probes, hal_power_stats) - -# Allow access to Atrace HAL for enabling vendor/device specific tracing categories. -hal_client_domain(traced_probes, hal_atrace) - -# On debug builds allow to ingest system logs into the trace. -userdebug_or_eng(`read_logd(traced_probes)') - -### -### Neverallow rules -### -### traced_probes should NEVER do any of this - -# Disallow mapping executable memory (execstack and exec are already disallowed -# globally in domain.te). -neverallow traced_probes self:process execmem; - -# Block device access. -neverallow traced_probes dev_type:blk_file { read write }; - -# ptrace any other app -neverallow traced_probes domain:process ptrace; - -# Disallows access to /data files. -neverallow traced_probes { - data_file_type - -apk_data_file - -dalvikcache_data_file - -system_data_file - -system_app_data_file - -backup_data_file - -bootstat_data_file - -update_engine_data_file - -update_engine_log_data_file - -user_profile_data_file - # TODO(b/72998741) Remove vendor_data_file exemption. Further restricted in a - # subsequent neverallow. Currently only getattr and search are allowed. - -vendor_data_file - -zoneinfo_data_file -}:dir *; -neverallow traced_probes system_data_file:dir ~{ getattr userdebug_or_eng(`open read') search }; -neverallow traced_probes zoneinfo_data_file:dir ~r_dir_perms; -neverallow traced_probes { data_file_type -zoneinfo_data_file }:lnk_file *; -neverallow traced_probes { data_file_type -zoneinfo_data_file -packages_list_file }:file *; - -# Only init is allowed to enter the traced_probes domain via exec() -neverallow { domain -init } traced_probes:process transition; -neverallow * traced_probes:process dyntransition; diff --git a/prebuilts/api/29.0/private/traceur_app.te b/prebuilts/api/29.0/private/traceur_app.te deleted file mode 100644 index 94841df10..000000000 --- a/prebuilts/api/29.0/private/traceur_app.te +++ /dev/null @@ -1,22 +0,0 @@ -typeattribute traceur_app coredomain; - -app_domain(traceur_app); -allow traceur_app debugfs_tracing:file rw_file_perms; -allow traceur_app debugfs_tracing_debug:dir r_dir_perms; - -userdebug_or_eng(` - allow traceur_app debugfs_tracing_debug:file rw_file_perms; -') - -allow traceur_app trace_data_file:file create_file_perms; -allow traceur_app trace_data_file:dir rw_dir_perms; -allow traceur_app atrace_exec:file rx_file_perms; - -# To exec the perfetto cmdline client and pass it the trace config on -# stdint through a pipe. -allow traceur_app perfetto_exec:file rx_file_perms; - -# Allow to access traced's privileged consumer socket. -unix_socket_connect(traceur_app, traced_consumer, traced) - -dontaudit traceur_app debugfs_tracing_debug:file audit_access; diff --git a/prebuilts/api/29.0/private/tzdatacheck.te b/prebuilts/api/29.0/private/tzdatacheck.te deleted file mode 100644 index 502735cad..000000000 --- a/prebuilts/api/29.0/private/tzdatacheck.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute tzdatacheck coredomain; - -init_daemon_domain(tzdatacheck) diff --git a/prebuilts/api/29.0/private/ueventd.te b/prebuilts/api/29.0/private/ueventd.te deleted file mode 100644 index 1bd67735e..000000000 --- a/prebuilts/api/29.0/private/ueventd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute ueventd coredomain; - -tmpfs_domain(ueventd) diff --git a/prebuilts/api/29.0/private/uncrypt.te b/prebuilts/api/29.0/private/uncrypt.te deleted file mode 100644 index e4e9224d9..000000000 --- a/prebuilts/api/29.0/private/uncrypt.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute uncrypt coredomain; - -init_daemon_domain(uncrypt) diff --git a/prebuilts/api/29.0/private/untrusted_app.te b/prebuilts/api/29.0/private/untrusted_app.te deleted file mode 100644 index c15fa2244..000000000 --- a/prebuilts/api/29.0/private/untrusted_app.te +++ /dev/null @@ -1,25 +0,0 @@ -### -### Untrusted apps. -### -### This file defines the rules for untrusted apps. -### Apps are labeled based on mac_permissions.xml (maps signer and -### optionally package name to seinfo value) and seapp_contexts (maps UID -### and optionally seinfo value to domain for process and type for data -### directory). The untrusted_app domain is the default assignment in -### seapp_contexts for any app with UID between APP_AID (10000) -### and AID_ISOLATED_START (99000) if the app has no specific seinfo -### value as determined from mac_permissions.xml. In current AOSP, this -### domain is assigned to all non-system apps as well as to any system apps -### that are not signed by the platform key. To move -### a system app into a specific domain, add a signer entry for it to -### mac_permissions.xml and assign it one of the pre-existing seinfo values -### or define and use a new seinfo value in both mac_permissions.xml and -### seapp_contexts. -### - -typeattribute untrusted_app coredomain; - -app_domain(untrusted_app) -untrusted_app_domain(untrusted_app) -net_domain(untrusted_app) -bluetooth_domain(untrusted_app) diff --git a/prebuilts/api/29.0/private/untrusted_app_25.te b/prebuilts/api/29.0/private/untrusted_app_25.te deleted file mode 100644 index 251ce6887..000000000 --- a/prebuilts/api/29.0/private/untrusted_app_25.te +++ /dev/null @@ -1,64 +0,0 @@ -### -### Untrusted_app_25 -### -### This file defines the rules for untrusted apps running with -### targetSdkVersion <= 25. -### -### Apps are labeled based on mac_permissions.xml (maps signer and -### optionally package name to seinfo value) and seapp_contexts (maps UID -### and optionally seinfo value to domain for process and type for data -### directory). The untrusted_app domain is the default assignment in -### seapp_contexts for any app with UID between APP_AID (10000) -### and AID_ISOLATED_START (99000) if the app has no specific seinfo -### value as determined from mac_permissions.xml. In current AOSP, this -### domain is assigned to all non-system apps as well as to any system apps -### that are not signed by the platform key. To move -### a system app into a specific domain, add a signer entry for it to -### mac_permissions.xml and assign it one of the pre-existing seinfo values -### or define and use a new seinfo value in both mac_permissions.xml and -### seapp_contexts. -### - -typeattribute untrusted_app_25 coredomain; - -app_domain(untrusted_app_25) -untrusted_app_domain(untrusted_app_25) -net_domain(untrusted_app_25) -bluetooth_domain(untrusted_app_25) - -# b/34115651 - net.dns* properties read -# This will go away in a future Android release -get_prop(untrusted_app_25, net_dns_prop) - -# b/35917228 - /proc/misc access -# This will go away in a future Android release -allow untrusted_app_25 proc_misc:file r_file_perms; - -# Access to /proc/tty/drivers, to allow apps to determine if they -# are running in an emulated environment. -# b/33214085 b/33814662 b/33791054 b/33211769 -# https://github.com/strazzere/anti-emulator/blob/master/AntiEmulator/src/diff/strazzere/anti/emulator/FindEmulator.java -# This will go away in a future Android release -allow untrusted_app_25 proc_tty_drivers:file r_file_perms; - -# Text relocation support for API < 23. This is now disallowed for targetSdkVersion>=Q. -# https://android.googlesource.com/platform/bionic/+/master/android-changes-for-ndk-developers.md#text-relocations-enforced-for-api-level-23 -allow untrusted_app_25 { apk_data_file app_data_file asec_public_file }:file execmod; - -# The ability to call exec() on files in the apps home directories -# for targetApi<=25. This is also allowed for targetAPIs 26, 27, -# and 28 in untrusted_app_27.te. -allow untrusted_app_25 app_data_file:file execute_no_trans; -auditallow untrusted_app_25 app_data_file:file { execute execute_no_trans }; - -# The ability to invoke dex2oat. Historically required by ART, now only -# allowed for targetApi<=28 for compat reasons. -allow untrusted_app_25 dex2oat_exec:file rx_file_perms; -userdebug_or_eng(`auditallow untrusted_app_25 dex2oat_exec:file rx_file_perms;') - -# The ability to talk to /dev/ashmem directly. targetApi>=29 must use -# ASharedMemory instead. -allow untrusted_app_25 ashmem_device:chr_file rw_file_perms; -auditallow untrusted_app_25 ashmem_device:chr_file open; - -# Read /mnt/sdcard symlink. diff --git a/prebuilts/api/29.0/private/untrusted_app_27.te b/prebuilts/api/29.0/private/untrusted_app_27.te deleted file mode 100644 index 5217cbba3..000000000 --- a/prebuilts/api/29.0/private/untrusted_app_27.te +++ /dev/null @@ -1,49 +0,0 @@ -### -### Untrusted_27. -### -### This file defines the rules for untrusted apps running with -### 25 < targetSdkVersion <= 28. -### -### This file defines the rules for untrusted apps. -### Apps are labeled based on mac_permissions.xml (maps signer and -### optionally package name to seinfo value) and seapp_contexts (maps UID -### and optionally seinfo value to domain for process and type for data -### directory). The untrusted_app_27 domain is the default assignment in -### seapp_contexts for any app with UID between APP_AID (10000) -### and AID_ISOLATED_START (99000) if the app has no specific seinfo -### value as determined from mac_permissions.xml. In current AOSP, this -### domain is assigned to all non-system apps as well as to any system apps -### that are not signed by the platform key. To move -### a system app into a specific domain, add a signer entry for it to -### mac_permissions.xml and assign it one of the pre-existing seinfo values -### or define and use a new seinfo value in both mac_permissions.xml and -### seapp_contexts. -### - -typeattribute untrusted_app_27 coredomain; - -app_domain(untrusted_app_27) -untrusted_app_domain(untrusted_app_27) -net_domain(untrusted_app_27) -bluetooth_domain(untrusted_app_27) - -# Text relocation support for API < 23. This is now disallowed for targetSdkVersion>=Q. -# https://android.googlesource.com/platform/bionic/+/master/android-changes-for-ndk-developers.md#text-relocations-enforced-for-api-level-23 -allow untrusted_app_27 { apk_data_file app_data_file asec_public_file }:file execmod; - -# The ability to call exec() on files in the apps home directories -# for targetApi 26, 27, and 28. -allow untrusted_app_27 app_data_file:file execute_no_trans; -auditallow untrusted_app_27 app_data_file:file { execute execute_no_trans }; - -# The ability to invoke dex2oat. Historically required by ART, now only -# allowed for targetApi<=28 for compat reasons. -allow untrusted_app_27 dex2oat_exec:file rx_file_perms; -userdebug_or_eng(`auditallow untrusted_app_27 dex2oat_exec:file rx_file_perms;') - -# The ability to talk to /dev/ashmem directly. targetApi>=29 must use -# ASharedMemory instead. -allow untrusted_app_27 ashmem_device:chr_file rw_file_perms; -auditallow untrusted_app_27 ashmem_device:chr_file open; - -# Read /mnt/sdcard symlink. diff --git a/prebuilts/api/29.0/private/untrusted_app_all.te b/prebuilts/api/29.0/private/untrusted_app_all.te deleted file mode 100644 index 3c20c082b..000000000 --- a/prebuilts/api/29.0/private/untrusted_app_all.te +++ /dev/null @@ -1,191 +0,0 @@ -### -### Untrusted_app_all. -### -### This file defines the rules shared by all untrusted app domains except -### ephemeral_app for instant apps. -### Apps are labeled based on mac_permissions.xml (maps signer and -### optionally package name to seinfo value) and seapp_contexts (maps UID -### and optionally seinfo value to domain for process and type for data -### directory). The untrusted_app_all attribute is assigned to all default -### seapp_contexts for any app with UID between APP_AID (10000) -### and AID_ISOLATED_START (99000) if the app has no specific seinfo -### value as determined from mac_permissions.xml. In current AOSP, this -### attribute is assigned to all non-system apps as well as to any system apps -### that are not signed by the platform key. To move -### a system app into a specific domain, add a signer entry for it to -### mac_permissions.xml and assign it one of the pre-existing seinfo values -### or define and use a new seinfo value in both mac_permissions.xml and -### seapp_contexts. -### -### Note that rules that should apply to all untrusted apps must be in app.te or also -### added to ephemeral_app.te. - -# Some apps ship with shared libraries and binaries that they write out -# to their sandbox directory and then execute. -allow untrusted_app_all privapp_data_file:file { r_file_perms execute }; -allow untrusted_app_all app_data_file:file { r_file_perms execute }; -auditallow untrusted_app_all app_data_file:file execute; - -# Chrome Crashpad uses the the dynamic linker to load native executables -# from an APK (b/112050209, crbug.com/928422) -allow untrusted_app_all system_linker_exec:file execute_no_trans; - -# Follow priv-app symlinks. This is used for dynamite functionality. -allow untrusted_app_all privapp_data_file:lnk_file r_file_perms; - -# Allow handling of less common filesystem objects -allow untrusted_app_all app_data_file:{ lnk_file sock_file fifo_file } create_file_perms; - -# Allow loading and deleting executable shared libraries -# within an application home directory. Such shared libraries would be -# created by things like renderscript or via other mechanisms. -allow untrusted_app_all app_exec_data_file:file { r_file_perms execute unlink }; - -# ASEC -allow untrusted_app_all asec_apk_file:file r_file_perms; -allow untrusted_app_all asec_apk_file:dir r_dir_perms; -# Execute libs in asec containers. -allow untrusted_app_all asec_public_file:file { execute }; - -# Used by Finsky / Android "Verify Apps" functionality when -# running "adb install foo.apk". -# TODO: Long term, we don't want apps probing into shell data files. -# Figure out a way to remove these rules. -allow untrusted_app_all shell_data_file:file r_file_perms; -allow untrusted_app_all shell_data_file:dir r_dir_perms; - -# Allow traceur to pass file descriptors through a content provider to untrusted apps -# for the purpose of sharing files through e.g. gmail -allow untrusted_app_all trace_data_file:file { getattr read }; - -# untrusted apps should not be able to open trace data files, they should depend -# upon traceur to pass a file descriptor -neverallow untrusted_app_all trace_data_file:dir *; -neverallow untrusted_app_all trace_data_file:file { no_w_file_perms open }; - -# Allow to read staged apks. -allow untrusted_app_all { apk_tmp_file apk_private_tmp_file }:file {read getattr}; - -# Read and write system app data files passed over Binder. -# Motivating case was /data/data/com.android.settings/cache/*.jpg for -# cropping or taking user photos. -allow untrusted_app_all system_app_data_file:file { read write getattr }; - -# -# Rules migrated from old app domains coalesced into untrusted_app. -# This includes what used to be media_app, shared_app, and release_app. -# - -# Access to /data/media. -allow untrusted_app_all media_rw_data_file:dir create_dir_perms; -allow untrusted_app_all media_rw_data_file:file create_file_perms; - -# Traverse into /mnt/media_rw for bypassing FUSE daemon -# TODO: narrow this to just MediaProvider -allow untrusted_app_all mnt_media_rw_file:dir search; - -# allow cts to query all services -allow untrusted_app_all servicemanager:service_manager list; - -allow untrusted_app_all audioserver_service:service_manager find; -allow untrusted_app_all cameraserver_service:service_manager find; -allow untrusted_app_all drmserver_service:service_manager find; -allow untrusted_app_all mediaserver_service:service_manager find; -allow untrusted_app_all mediaextractor_service:service_manager find; -allow untrusted_app_all mediacodec_service:service_manager find; -allow untrusted_app_all mediametrics_service:service_manager find; -allow untrusted_app_all mediadrmserver_service:service_manager find; -allow untrusted_app_all nfc_service:service_manager find; -allow untrusted_app_all radio_service:service_manager find; -allow untrusted_app_all app_api_service:service_manager find; -allow untrusted_app_all vr_manager_service:service_manager find; -allow untrusted_app_all gpu_service:service_manager find; - -# Allow untrusted apps to interact with gpuservice -binder_call(untrusted_app_all, gpuservice) - -# Allow GMS core to access perfprofd output, which is stored -# in /data/misc/perfprofd/. GMS core will need to list all -# data stored in that directory to process them one by one. -userdebug_or_eng(` - allow untrusted_app_all perfprofd_data_file:file r_file_perms; - allow untrusted_app_all perfprofd_data_file:dir r_dir_perms; -') - -# gdbserver for ndk-gdb ptrace attaches to app process. -allow untrusted_app_all self:process ptrace; - -# Android Studio Instant Run has the application connect to a -# runas_app socket listening in the abstract namespace. -# https://developer.android.com/studio/run/ -# b/123297648 -allow untrusted_app_all runas_app:unix_stream_socket connectto; - -# Untrusted apps need to be able to send a SIGCHLD to runas_app -# when running under a debugger (b/123612207) -allow untrusted_app_all runas_app:process sigchld; - -# Cts: HwRngTest -allow untrusted_app_all sysfs_hwrandom:dir search; -allow untrusted_app_all sysfs_hwrandom:file r_file_perms; - -# Allow apps to view preloaded media content -allow untrusted_app_all preloads_media_file:dir r_dir_perms; -allow untrusted_app_all preloads_media_file:file r_file_perms; -allow untrusted_app_all preloads_data_file:dir search; - -# Allow untrusted apps read / execute access to /vendor/app for there can -# be pre-installed vendor apps that package a library within themselves. -# TODO (b/37784178) Consider creating a special type for /vendor/app installed -# apps. -allow untrusted_app_all vendor_app_file:dir { open getattr read search }; -allow untrusted_app_all vendor_app_file:file { r_file_perms execute }; -allow untrusted_app_all vendor_app_file:lnk_file { open getattr read }; - -# Write app-specific trace data to the Perfetto traced damon. This requires -# connecting to its producer socket and obtaining a (per-process) tmpfs fd. -allow untrusted_app_all traced:fd use; -allow untrusted_app_all traced_tmpfs:file { read write getattr map }; -unix_socket_connect(untrusted_app_all, traced_producer, traced) - -# Allow heap profiling if the app opts in by being marked -# profileable/debuggable. -can_profile_heap(untrusted_app_all) - -# allow untrusted apps to use UDP sockets provided by the system server but not -# modify them other than to connect -allow untrusted_app_all system_server:udp_socket { - connect getattr read recvfrom sendto write getopt setopt }; - -# Allow the renderscript compiler to be run. -domain_auto_trans(untrusted_app_all, rs_exec, rs) - -# This is allowed for targetSdkVersion <= 25 but disallowed on newer versions. -dontaudit untrusted_app_all net_dns_prop:file read; - -# These have been disallowed since Android O. -# For P, we assume that apps are safely handling the denial. -dontaudit untrusted_app_all proc_stat:file read; -dontaudit untrusted_app_all proc_vmstat:file read; -dontaudit untrusted_app_all proc_uptime:file read; - -# Allow the allocation and use of ptys -# Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm -create_pty(untrusted_app_all) - -# Attempts to write to system_data_file is generally a sign -# that apps are attempting to access encrypted storage before -# the ACTION_USER_UNLOCKED intent is delivered. Suppress this -# denial to prevent third party apps from spamming the logs. -dontaudit untrusted_app_all system_data_file:dir write; - -# Allow access to kcov via its ioctl interface for coverage -# guided kernel fuzzing. -userdebug_or_eng(` - allow untrusted_app_all debugfs_kcov:file rw_file_perms; - allowxperm untrusted_app_all debugfs_kcov:file ioctl { KCOV_INIT_TRACE KCOV_ENABLE KCOV_DISABLE }; -') - -# Allow access to ashmemd to request /dev/ashmem fds. -binder_call(untrusted_app_all, ashmemd) -allow untrusted_app_all ashmem_device:chr_file { getattr read ioctl lock map append write }; diff --git a/prebuilts/api/29.0/private/update_engine.te b/prebuilts/api/29.0/private/update_engine.te deleted file mode 100644 index 5af7db681..000000000 --- a/prebuilts/api/29.0/private/update_engine.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute update_engine coredomain; - -init_daemon_domain(update_engine); diff --git a/prebuilts/api/29.0/private/update_engine_common.te b/prebuilts/api/29.0/private/update_engine_common.te deleted file mode 100644 index a7fb58471..000000000 --- a/prebuilts/api/29.0/private/update_engine_common.te +++ /dev/null @@ -1,5 +0,0 @@ -# type_transition must be private policy the domain_trans rules could stay -# public, but conceptually should go with this -# The postinstall program is run by update_engine_common and will always be tagged as a -# postinstall_file regardless of its attributes in the new system. -domain_auto_trans(update_engine_common, postinstall_file, postinstall) diff --git a/prebuilts/api/29.0/private/update_verifier.te b/prebuilts/api/29.0/private/update_verifier.te deleted file mode 100644 index 1b934d980..000000000 --- a/prebuilts/api/29.0/private/update_verifier.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute update_verifier coredomain; - -init_daemon_domain(update_verifier) diff --git a/prebuilts/api/29.0/private/usbd.te b/prebuilts/api/29.0/private/usbd.te deleted file mode 100644 index 13a0ad7a6..000000000 --- a/prebuilts/api/29.0/private/usbd.te +++ /dev/null @@ -1,12 +0,0 @@ -typeattribute usbd coredomain; - -init_daemon_domain(usbd) - -# Access usb gadget hal -hal_client_domain(usbd, hal_usb_gadget) - -# Access persist.sys.usb.config -get_prop(usbd, system_prop) - -# start adbd during boot if adb is enabled -set_prop(usbd, ctl_default_prop) diff --git a/prebuilts/api/29.0/private/users b/prebuilts/api/29.0/private/users deleted file mode 100644 index 51b7b57e6..000000000 --- a/prebuilts/api/29.0/private/users +++ /dev/null @@ -1 +0,0 @@ -user u roles { r } level s0 range s0 - mls_systemhigh; diff --git a/prebuilts/api/29.0/private/vdc.te b/prebuilts/api/29.0/private/vdc.te deleted file mode 100644 index bc7409eee..000000000 --- a/prebuilts/api/29.0/private/vdc.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute vdc coredomain; - -init_daemon_domain(vdc) diff --git a/prebuilts/api/29.0/private/vendor_init.te b/prebuilts/api/29.0/private/vendor_init.te deleted file mode 100644 index 50efc22d6..000000000 --- a/prebuilts/api/29.0/private/vendor_init.te +++ /dev/null @@ -1,4 +0,0 @@ -# Creating files on sysfs is impossible so this isn't a threat -# Sometimes we have to write to non-existent files to avoid conditional -# init behavior. See b/35303861 for an example. -dontaudit vendor_init sysfs:dir write; diff --git a/prebuilts/api/29.0/private/viewcompiler.te b/prebuilts/api/29.0/private/viewcompiler.te deleted file mode 100644 index 3c9c1ee03..000000000 --- a/prebuilts/api/29.0/private/viewcompiler.te +++ /dev/null @@ -1,25 +0,0 @@ -# viewcompiler -type viewcompiler, domain, coredomain, mlstrustedsubject; -type viewcompiler_exec, system_file_type, exec_type, file_type; -type viewcompiler_tmpfs, file_type; - -# Reading an APK opens a ZipArchive, which unpack to tmpfs. -# Use tmpfs_domain() which will give tmpfs files created by viewcompiler their -# own label, which differs from other labels created by other processes. -# This allows to distinguish in policy files created by viewcompiler vs other -# processes. -tmpfs_domain(viewcompiler) - -allow viewcompiler installd:fd use; - -# Include write permission for app data files so viewcompiler can generate -# compiled layout dex files -allow viewcompiler app_data_file:file { getattr write }; - -# Allow the view compiler to read resources from the apps APK. -allow viewcompiler apk_data_file:file read; - -# priv-apps are moving to a world where they can only execute -# signed code. Make sure viewcompiler never can write to privapp -# directories to avoid introducing unsigned executable code -neverallow viewcompiler privapp_data_file:file no_w_file_perms; diff --git a/prebuilts/api/29.0/private/virtual_touchpad.te b/prebuilts/api/29.0/private/virtual_touchpad.te deleted file mode 100644 index e735172fe..000000000 --- a/prebuilts/api/29.0/private/virtual_touchpad.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute virtual_touchpad coredomain; - -init_daemon_domain(virtual_touchpad) diff --git a/prebuilts/api/29.0/private/vold.te b/prebuilts/api/29.0/private/vold.te deleted file mode 100644 index dea24a576..000000000 --- a/prebuilts/api/29.0/private/vold.te +++ /dev/null @@ -1,19 +0,0 @@ -typeattribute vold coredomain; - -init_daemon_domain(vold) - -# Switch to more restrictive domains when executing common tools -domain_auto_trans(vold, sgdisk_exec, sgdisk); -domain_auto_trans(vold, sdcardd_exec, sdcardd); - -# For a handful of probing tools, we choose an even more restrictive -# domain when working with untrusted block devices -domain_trans(vold, blkid_exec, blkid); -domain_trans(vold, blkid_exec, blkid_untrusted); -domain_trans(vold, fsck_exec, fsck); -domain_trans(vold, fsck_exec, fsck_untrusted); - -# Newly created storage dirs are always treated as mount stubs to prevent us -# from accidentally writing when the mount point isn't present. -type_transition vold storage_file:dir storage_stub_file; -type_transition vold mnt_media_rw_file:dir mnt_media_rw_stub_file; diff --git a/prebuilts/api/29.0/private/vold_prepare_subdirs.te b/prebuilts/api/29.0/private/vold_prepare_subdirs.te deleted file mode 100644 index 348d3ce32..000000000 --- a/prebuilts/api/29.0/private/vold_prepare_subdirs.te +++ /dev/null @@ -1,36 +0,0 @@ -domain_auto_trans(vold, vold_prepare_subdirs_exec, vold_prepare_subdirs) - -allow vold_prepare_subdirs system_file:file execute_no_trans; -allow vold_prepare_subdirs shell_exec:file rx_file_perms; -allow vold_prepare_subdirs toolbox_exec:file rx_file_perms; -allow vold_prepare_subdirs devpts:chr_file rw_file_perms; -allow vold_prepare_subdirs vold:fd use; -allow vold_prepare_subdirs vold:fifo_file { read write }; -allow vold_prepare_subdirs file_contexts_file:file r_file_perms; -allow vold_prepare_subdirs self:global_capability_class_set { chown dac_override dac_read_search fowner }; -allow vold_prepare_subdirs self:process setfscreate; -allow vold_prepare_subdirs { - system_data_file - vendor_data_file -}:dir { open read write add_name remove_name rmdir relabelfrom }; -allow vold_prepare_subdirs { - backup_data_file - face_vendor_data_file - fingerprint_vendor_data_file - iris_vendor_data_file - rollback_data_file - storaged_data_file - vold_data_file -}:dir { create_dir_perms relabelto }; -allow vold_prepare_subdirs { - backup_data_file - face_vendor_data_file - fingerprint_vendor_data_file - iris_vendor_data_file - rollback_data_file - storaged_data_file - system_data_file - vold_data_file -}:file { getattr unlink }; - -dontaudit vold_prepare_subdirs { proc unlabeled }:file r_file_perms; diff --git a/prebuilts/api/29.0/private/vr_hwc.te b/prebuilts/api/29.0/private/vr_hwc.te deleted file mode 100644 index 053c03d98..000000000 --- a/prebuilts/api/29.0/private/vr_hwc.te +++ /dev/null @@ -1,6 +0,0 @@ -typeattribute vr_hwc coredomain; - -# Daemon started by init. -init_daemon_domain(vr_hwc) - -hal_server_domain(vr_hwc, hal_graphics_composer) diff --git a/prebuilts/api/29.0/private/wait_for_keymaster.te b/prebuilts/api/29.0/private/wait_for_keymaster.te deleted file mode 100644 index 85a28da5f..000000000 --- a/prebuilts/api/29.0/private/wait_for_keymaster.te +++ /dev/null @@ -1,9 +0,0 @@ -# wait_for_keymaster service -type wait_for_keymaster, domain, coredomain; -type wait_for_keymaster_exec, system_file_type, exec_type, file_type; - -init_daemon_domain(wait_for_keymaster) - -hal_client_domain(wait_for_keymaster, hal_keymaster) - -allow wait_for_keymaster kmsg_device:chr_file w_file_perms; diff --git a/prebuilts/api/29.0/private/watchdogd.te b/prebuilts/api/29.0/private/watchdogd.te deleted file mode 100644 index 91ece7052..000000000 --- a/prebuilts/api/29.0/private/watchdogd.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute watchdogd coredomain; - -init_daemon_domain(watchdogd) diff --git a/prebuilts/api/29.0/private/webview_zygote.te b/prebuilts/api/29.0/private/webview_zygote.te deleted file mode 100644 index 2f5007aaa..000000000 --- a/prebuilts/api/29.0/private/webview_zygote.te +++ /dev/null @@ -1,151 +0,0 @@ -# webview_zygote is an auxiliary zygote process that is used to spawn -# isolated_app processes for rendering untrusted web content. - -typeattribute webview_zygote coredomain; - -# The webview_zygote needs to be able to transition domains. -typeattribute webview_zygote mlstrustedsubject; - -# Allow access to temporary files, which is normally permitted through -# a domain macro. -tmpfs_domain(webview_zygote); - -# Allow reading/executing installed binaries to enable preloading the -# installed WebView implementation. -allow webview_zygote apk_data_file:dir r_dir_perms; -allow webview_zygote apk_data_file:file { r_file_perms execute }; - -# Access to the WebView relro file. -allow webview_zygote shared_relro_file:dir search; -allow webview_zygote shared_relro_file:file r_file_perms; - -# Set the UID/GID of the process. -allow webview_zygote self:global_capability_class_set { setgid setuid }; -# Drop capabilities from bounding set. -allow webview_zygote self:global_capability_class_set setpcap; -# Switch SELinux context to app domains. -allow webview_zygote self:process setcurrent; -allow webview_zygote isolated_app:process dyntransition; - -# For art. -allow webview_zygote dalvikcache_data_file:dir r_dir_perms; -allow webview_zygote dalvikcache_data_file:lnk_file r_file_perms; -allow webview_zygote dalvikcache_data_file:file { r_file_perms execute }; - -# Allow webview_zygote to create JIT memory. -allow webview_zygote self:process execmem; - -# Allow webview_zygote to stat the files that it opens. It must -# be able to inspect them so that it can reopen them on fork -# if necessary: b/30963384. -allow webview_zygote debugfs_trace_marker:file getattr; - -# Allow webview_zygote to manage the pgroup of its children. -allow webview_zygote system_server:process getpgid; - -# Interaction between the webview_zygote and its children. -allow webview_zygote isolated_app:process setpgid; - -# TODO (b/63631799) fix this access -# Suppress denials to storage. Webview zygote should not be accessing. -dontaudit webview_zygote mnt_expand_file:dir getattr; - -# TODO (b/72957399) remove this when webview_zygote is reparented to -# app_process zygote -dontaudit webview_zygote dex2oat_exec:file execute; - -# Get seapp_contexts -allow webview_zygote seapp_contexts_file:file r_file_perms; -# Check validity of SELinux context before use. -selinux_check_context(webview_zygote) -# Check SELinux permissions. -selinux_check_access(webview_zygote) - -# Directory listing in /system. -allow webview_zygote system_file:dir r_dir_perms; - -# Read system properties managed by zygote. -allow webview_zygote zygote_tmpfs:file read; -# Child of zygote. -allow webview_zygote zygote:fd use; -allow webview_zygote zygote:process sigchld; - -# Allow apps access to /vendor/overlay -r_dir_file(webview_zygote, vendor_overlay_file) - -allow webview_zygote same_process_hal_file:file { execute read open getattr map }; - -allow webview_zygote system_data_file:lnk_file r_file_perms; - -##### -##### Neverallow -##### - -# Only permit transition to isolated_app. -neverallow webview_zygote { domain -isolated_app }:process dyntransition; - -# Only setcon() transitions, no exec() based transitions, except for crash_dump. -neverallow webview_zygote { domain -crash_dump }:process transition; - -# Must not exec() a program without changing domains. -# Having said that, exec() above is not allowed. -neverallow webview_zygote *:file execute_no_trans; - -# The only way to enter this domain is for the zygote to fork a new -# webview_zygote child. -neverallow { domain -zygote } webview_zygote:process dyntransition; - -# Disallow write access to properties. -neverallow webview_zygote property_socket:sock_file write; -neverallow webview_zygote property_type:property_service set; - -# Should not have any access to app data files. -neverallow webview_zygote { - app_data_file - privapp_data_file - system_app_data_file - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file -}:file { rwx_file_perms }; - -neverallow webview_zygote { - service_manager_type - -activity_service - -ashmem_device_service - -webviewupdate_service -}:service_manager find; - -# Isolated apps shouldn't be able to access the driver directly. -neverallow webview_zygote gpu_device:chr_file { rwx_file_perms }; - -# Do not allow webview_zygote access to /cache. -neverallow webview_zygote cache_file:dir ~{ r_dir_perms }; -neverallow webview_zygote cache_file:file ~{ read getattr }; - -# Do not allow most socket access. This is socket_class_set, excluding unix_dgram_socket, -# unix_stream_socket, and netlink_selinux_socket. -neverallow webview_zygote domain:{ - socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket - appletalk_socket netlink_route_socket netlink_tcpdiag_socket - netlink_nflog_socket netlink_xfrm_socket netlink_audit_socket - netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket - netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket - netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket - sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket - x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket - pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket - rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket - alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket - xdp_socket -} *; - -# Do not allow access to Bluetooth-related system properties. -# neverallow rules for Bluetooth-related data files are listed above. -neverallow webview_zygote { - bluetooth_a2dp_offload_prop - bluetooth_audio_hal_prop - bluetooth_prop - exported_bluetooth_prop -}:file create_file_perms; diff --git a/prebuilts/api/29.0/private/wificond.te b/prebuilts/api/29.0/private/wificond.te deleted file mode 100644 index cc7644745..000000000 --- a/prebuilts/api/29.0/private/wificond.te +++ /dev/null @@ -1,4 +0,0 @@ -typeattribute wificond coredomain; - -init_daemon_domain(wificond) -hal_client_domain(wificond, hal_wifi_offload) diff --git a/prebuilts/api/29.0/private/wpantund.te b/prebuilts/api/29.0/private/wpantund.te deleted file mode 100644 index e91662cb7..000000000 --- a/prebuilts/api/29.0/private/wpantund.te +++ /dev/null @@ -1,3 +0,0 @@ -typeattribute wpantund coredomain; - -init_daemon_domain(wpantund) diff --git a/prebuilts/api/29.0/private/zygote.te b/prebuilts/api/29.0/private/zygote.te deleted file mode 100644 index 0466372c0..000000000 --- a/prebuilts/api/29.0/private/zygote.te +++ /dev/null @@ -1,176 +0,0 @@ -# zygote -typeattribute zygote coredomain; -typeattribute zygote mlstrustedsubject; - -init_daemon_domain(zygote) - -read_runtime_log_tags(zygote) - -# Override DAC on files and switch uid/gid. -allow zygote self:global_capability_class_set { dac_override dac_read_search setgid setuid fowner chown }; - -# Drop capabilities from bounding set. -allow zygote self:global_capability_class_set setpcap; - -# Switch SELinux context to app domains. -allow zygote self:process setcurrent; -allow zygote system_server_startup:process dyntransition; -allow zygote appdomain:process dyntransition; -allow zygote webview_zygote:process dyntransition; -allow zygote app_zygote:process dyntransition; - -# Allow zygote to read app /proc/pid dirs (b/10455872). -allow zygote appdomain:dir { getattr search }; -allow zygote appdomain:file { r_file_perms }; - -# Move children into the peer process group. -allow zygote system_server:process { getpgid setpgid }; -allow zygote appdomain:process { getpgid setpgid }; -allow zygote webview_zygote:process { getpgid setpgid }; -allow zygote app_zygote:process { getpgid setpgid }; - -# Read system data. -allow zygote system_data_file:dir r_dir_perms; -allow zygote system_data_file:file r_file_perms; - -# Write to /data/dalvik-cache. -allow zygote dalvikcache_data_file:dir create_dir_perms; -allow zygote dalvikcache_data_file:file create_file_perms; - -# Create symlinks in /data/dalvik-cache. -allow zygote dalvikcache_data_file:lnk_file create_file_perms; - -# Write to /data/resource-cache. -allow zygote resourcecache_data_file:dir rw_dir_perms; -allow zygote resourcecache_data_file:file create_file_perms; - -# For updateability, the zygote may fetch the current boot -# classpath from the dalvik cache. Integrity of the files -# is ensured by fsverity protection (checked in art_apex_boot_integrity). -allow zygote dalvikcache_data_file:file execute; - -# Allow zygote to create JIT memory. -allow zygote self:process execmem; - -# Execute idmap and dex2oat within zygote's own domain. -# TODO: Should either of these be transitioned to the same domain -# used by installd or stay in-domain for zygote? -allow zygote idmap_exec:file rx_file_perms; -allow zygote dex2oat_exec:file rx_file_perms; - -# Allow apps access to /vendor/overlay -r_dir_file(zygote, vendor_overlay_file) - -# Control cgroups. -allow zygote cgroup:dir create_dir_perms; -allow zygote cgroup:{ file lnk_file } r_file_perms; -allow zygote self:global_capability_class_set sys_admin; - -# Allow zygote to stat the files that it opens. The zygote must -# be able to inspect them so that it can reopen them on fork -# if necessary: b/30963384. -allow zygote pmsg_device:chr_file getattr; -allow zygote debugfs_trace_marker:file getattr; - -# Get seapp_contexts -allow zygote seapp_contexts_file:file r_file_perms; -# Check validity of SELinux context before use. -selinux_check_context(zygote) -# Check SELinux permissions. -selinux_check_access(zygote) - -# Native bridge functionality requires that zygote replaces -# /proc/cpuinfo with /system/lib//cpuinfo using a bind mount -allow zygote proc_cpuinfo:file mounton; - -# Allow remounting rootfs as MS_SLAVE. -allow zygote rootfs:dir mounton; -allow zygote tmpfs:filesystem { mount unmount }; -allow zygote fuse:filesystem { unmount }; -allow zygote sdcardfs:filesystem { unmount }; - -# Allow creating user-specific storage source if started before vold. -allow zygote mnt_user_file:dir { create_dir_perms mounton }; -allow zygote mnt_user_file:lnk_file create_file_perms; -allow zygote mnt_user_file:file create_file_perms; -# Allowed to mount user-specific storage into place -allow zygote storage_file:dir { search mounton }; - -# Allow mounting and creating files, dirs on sdcardfs. -# TODO: reduce this back to only sdcardfs once b/123533205 is root-caused -# (Technically "sdcardfs" and "media_rw_data_file" are equivalent, since -# sdcardfs simply wraps files stored under /data/media.) -allow zygote { sdcard_type media_rw_data_file }:dir { create_dir_perms mounton }; -allow zygote { sdcard_type media_rw_data_file }:file { create_file_perms }; - -# Allow zygote to expand app files while preloading libraries -allow zygote mnt_expand_file:dir getattr; - -# Handle --invoke-with command when launching Zygote with a wrapper command. -allow zygote zygote_exec:file rx_file_perms; - -# Allow zygote to write to statsd. -unix_socket_send(zygote, statsdw, statsd) - -# Root fs. -r_dir_file(zygote, rootfs) - -# System file accesses. -r_dir_file(zygote, system_file) - -# /oem accesses. -allow zygote oemfs:dir search; - -userdebug_or_eng(` - # Allow zygote to create and write method traces in /data/misc/trace. - allow zygote method_trace_data_file:dir w_dir_perms; - allow zygote method_trace_data_file:file { create w_file_perms }; -') - -allow zygote ion_device:chr_file r_file_perms; -allow zygote tmpfs:dir r_dir_perms; - -allow zygote same_process_hal_file:file { execute read open getattr map }; - -# Let the zygote access overlays so it can initialize the AssetManager. -get_prop(zygote, overlay_prop) -get_prop(zygote, exported_overlay_prop) - -# Allow the zygote to access the runtime feature flag properties. -get_prop(zygote, device_config_runtime_native_prop) -get_prop(zygote, device_config_runtime_native_boot_prop) - -# ingore spurious denials -dontaudit zygote self:global_capability_class_set sys_resource; - -### -### neverallow rules -### - -# Ensure that all types assigned to app processes are included -# in the appdomain attribute, so that all allow and neverallow rules -# written on appdomain are applied to all app processes. -# This is achieved by ensuring that it is impossible for zygote to -# setcon (dyntransition) to any types other than those associated -# with appdomain plus system_server_startup, webview_zygote and -# app_zygote. -neverallow zygote ~{ - appdomain - system_server_startup - webview_zygote - app_zygote -}:process dyntransition; - -# Zygote should never execute anything from /data except for /data/dalvik-cache files. -neverallow zygote { - data_file_type - -dalvikcache_data_file # map PROT_EXEC -}:file no_x_file_perms; - -# Do not allow access to Bluetooth-related system properties and files -neverallow zygote { - bluetooth_a2dp_offload_prop - bluetooth_audio_hal_prop - bluetooth_prop - exported_bluetooth_prop -}:file create_file_perms; diff --git a/prebuilts/api/29.0/public/adbd.te b/prebuilts/api/29.0/public/adbd.te deleted file mode 100644 index 4a1f63388..000000000 --- a/prebuilts/api/29.0/public/adbd.te +++ /dev/null @@ -1,11 +0,0 @@ -# adbd seclabel is specified in init.rc since -# it lives in the rootfs and has no unique file type. -type adbd, domain; -type adbd_exec, exec_type, file_type, system_file_type; - -# Only init is allowed to enter the adbd domain via exec() -neverallow { domain -init } adbd:process transition; -neverallow * adbd:process dyntransition; - -# Allow adbd start/stop mdnsd via ctl.start -set_prop(adbd, ctl_mdnsd_prop) diff --git a/prebuilts/api/29.0/public/apexd.te b/prebuilts/api/29.0/public/apexd.te deleted file mode 100644 index 3957ed6bb..000000000 --- a/prebuilts/api/29.0/public/apexd.te +++ /dev/null @@ -1,15 +0,0 @@ -# apexd -- manager for APEX packages -type apexd, domain; -type apexd_exec, exec_type, file_type, system_file_type; - -binder_use(apexd) -add_service(apexd, apex_service) -set_prop(apexd, apexd_prop) - -neverallow { domain -init -apexd -system_server } apex_service:service_manager find; -neverallow { domain -init -apexd -system_server } apexd:binder call; - -neverallow { domain userdebug_or_eng(`-crash_dump') } apexd:process ptrace; - -# only apexd can set apexd sysprop -neverallow { domain -apexd -init } apexd_prop:property_service set; diff --git a/prebuilts/api/29.0/public/app.te b/prebuilts/api/29.0/public/app.te deleted file mode 100644 index 5c48e71f5..000000000 --- a/prebuilts/api/29.0/public/app.te +++ /dev/null @@ -1,594 +0,0 @@ -### -### Domain for all zygote spawned apps -### -### This file is the base policy for all zygote spawned apps. -### Other policy files, such as isolated_app.te, untrusted_app.te, etc -### extend from this policy. Only policies which should apply to ALL -### zygote spawned apps should be added here. -### -type appdomain_tmpfs, file_type; - -# WebView and other application-specific JIT compilers -allow appdomain self:process execmem; - -allow appdomain ashmem_device:chr_file execute; - -# Receive and use open file descriptors inherited from zygote. -allow appdomain zygote:fd use; - -# gdbserver for ndk-gdb reads the zygote. -# valgrind needs mmap exec for zygote -allow appdomain zygote_exec:file rx_file_perms; - -# Notify zygote of death; -allow appdomain zygote:process sigchld; - -# Read /data/dalvik-cache. -allow appdomain dalvikcache_data_file:dir { search getattr }; -allow appdomain dalvikcache_data_file:file r_file_perms; - -# Read the /sdcard and /mnt/sdcard symlinks -allow { appdomain -isolated_app } rootfs:lnk_file r_file_perms; -allow { appdomain -isolated_app } tmpfs:lnk_file r_file_perms; - -# Search /storage/emulated tmpfs mount. -allow appdomain tmpfs:dir r_dir_perms; - -# Notify zygote of the wrapped process PID when using --invoke-with. -allow appdomain zygote:fifo_file write; - -userdebug_or_eng(` - # Allow apps to create and write method traces in /data/misc/trace. - allow appdomain method_trace_data_file:dir w_dir_perms; - allow appdomain method_trace_data_file:file { create w_file_perms }; -') - -# Notify shell and adbd of death when spawned via runas for ndk-gdb. -allow appdomain shell:process sigchld; -allow appdomain adbd:process sigchld; - -# child shell or gdbserver pty access for runas. -allow appdomain devpts:chr_file { getattr read write ioctl }; - -# Use pipes and sockets provided by system_server via binder or local socket. -allow appdomain system_server:fd use; -allow appdomain system_server:fifo_file rw_file_perms; -allow appdomain system_server:unix_stream_socket { read write setopt getattr getopt shutdown }; -allow appdomain system_server:tcp_socket { read write getattr getopt shutdown }; - -# For AppFuse. -allow appdomain vold:fd use; - -# Communication with other apps via fifos -allow appdomain appdomain:fifo_file rw_file_perms; - -# Communicate with surfaceflinger. -allow appdomain surfaceflinger:unix_stream_socket { read write setopt getattr getopt shutdown }; - -# App sandbox file accesses. -allow { appdomain -isolated_app } { app_data_file privapp_data_file }:dir create_dir_perms; -allow { appdomain -isolated_app } { app_data_file privapp_data_file }:file create_file_perms; - -# Traverse into expanded storage -allow appdomain mnt_expand_file:dir r_dir_perms; - -# Keychain and user-trusted credentials -r_dir_file(appdomain, keychain_data_file) -allow appdomain misc_user_data_file:dir r_dir_perms; -allow appdomain misc_user_data_file:file r_file_perms; - -# TextClassifier -r_dir_file({ appdomain -isolated_app }, textclassifier_data_file) - -# Access to OEM provided data and apps -allow appdomain oemfs:dir r_dir_perms; -allow appdomain oemfs:file rx_file_perms; - -# Execute the shell or other system executables. -allow { appdomain -ephemeral_app } shell_exec:file rx_file_perms; -allow { appdomain -ephemeral_app } toolbox_exec:file rx_file_perms; -allow appdomain system_file:file x_file_perms; -not_full_treble(`allow { appdomain -ephemeral_app } vendor_file:file x_file_perms;') - -# Renderscript needs the ability to read directories on /system -allow appdomain system_file:dir r_dir_perms; -allow appdomain system_file:lnk_file { getattr open read }; -# Renderscript specific permissions to open /system/vendor/lib64. -not_full_treble(` - allow appdomain vendor_file_type:dir r_dir_perms; - allow appdomain vendor_file_type:lnk_file { getattr open read }; -') - -full_treble_only(` - # For looking up Renderscript vendor drivers - allow { appdomain -isolated_app } vendor_file:dir { open read }; -') - -# Allow apps access to /vendor/app except for privileged -# apps which cannot be in /vendor. -r_dir_file({ appdomain -ephemeral_app }, vendor_app_file) -allow { appdomain -ephemeral_app } vendor_app_file:file execute; - -# Allow apps access to /vendor/overlay -r_dir_file(appdomain, vendor_overlay_file) - -# Allow apps access to /vendor/framework -# for vendor provided libraries. -r_dir_file(appdomain, vendor_framework_file) - -# Allow apps read / execute access to vendor public libraries. -allow appdomain vendor_public_lib_file:dir r_dir_perms; -allow appdomain vendor_public_lib_file:file { execute read open getattr map }; - -# Read/write wallpaper file (opened by system). -allow appdomain wallpaper_file:file { getattr read write map }; - -# Read/write cached ringtones (opened by system). -allow appdomain ringtone_file:file { getattr read write map }; - -# Read ShortcutManager icon files (opened by system). -allow appdomain shortcut_manager_icons:file { getattr read map }; - -# Read icon file (opened by system). -allow appdomain icon_file:file { getattr read map }; - -# Old stack dumping scheme : append to a global trace file (/data/anr/traces.txt). -# -# TODO: All of these permissions except for anr_data_file:file append can be -# withdrawn once we've switched to the new stack dumping mechanism, see b/32064548 -# and the rules below. -allow appdomain anr_data_file:dir search; -allow appdomain anr_data_file:file { open append }; - -# New stack dumping scheme : request an output FD from tombstoned via a unix -# domain socket. -# -# Allow apps to connect and write to the tombstoned java trace socket in -# order to dump their traces. Also allow them to append traces to pipes -# created by dumptrace. (Also see the rules below where they are given -# additional permissions to dumpstate pipes for other aspects of bug report -# creation). -unix_socket_connect(appdomain, tombstoned_java_trace, tombstoned) -allow appdomain tombstoned:fd use; -allow appdomain dumpstate:fifo_file append; -allow appdomain incidentd:fifo_file append; - -# Allow apps to send dump information to dumpstate -allow appdomain dumpstate:fd use; -allow appdomain dumpstate:unix_stream_socket { read write getopt getattr shutdown }; -allow appdomain dumpstate:fifo_file { write getattr }; -allow appdomain shell_data_file:file { write getattr }; - -# Allow apps to send dump information to incidentd -allow appdomain incidentd:fd use; -allow appdomain incidentd:fifo_file { write getattr }; - -# Allow apps to send information to statsd socket. -unix_socket_send(appdomain, statsdw, statsd) - -# Write profiles /data/misc/profiles -allow appdomain user_profile_data_file:dir { search write add_name }; -allow appdomain user_profile_data_file:file create_file_perms; - -# Send heap dumps to system_server via an already open file descriptor -# % adb shell am set-watch-heap com.android.systemui 1048576 -# % adb shell dumpsys procstats --start-testing -# debuggable builds only. -userdebug_or_eng(` - allow appdomain heapdump_data_file:file append; -') - -# /proc/net access. -# TODO(b/9496886) Audit access for removal. -# proc_net access for the negated domains below is granted (or not) in their -# individual .te files. -r_dir_file({ - appdomain - -ephemeral_app - -isolated_app - -platform_app - -priv_app - -shell - -system_app - -untrusted_app_all -}, proc_net_type) -# audit access for all these non-core app domains. -userdebug_or_eng(` - auditallow { - appdomain - -ephemeral_app - -isolated_app - -platform_app - -priv_app - -shell - -su - -system_app - -untrusted_app_all - } proc_net_type:{ dir file lnk_file } { getattr open read }; -') - -# Grant GPU access to all processes started by Zygote. -# They need that to render the standard UI. -allow { appdomain -isolated_app } gpu_device:chr_file rw_file_perms; - -# Use the Binder. -binder_use(appdomain) -# Perform binder IPC to binder services. -binder_call(appdomain, binderservicedomain) -# Perform binder IPC to other apps. -binder_call(appdomain, appdomain) -# Perform binder IPC to ephemeral apps. -binder_call(appdomain, ephemeral_app) - -# Talk with graphics composer fences -allow appdomain hal_graphics_composer:fd use; - -# Already connected, unnamed sockets being passed over some other IPC -# hence no sock_file or connectto permission. This appears to be how -# Chrome works, may need to be updated as more apps using isolated services -# are examined. -allow appdomain appdomain:unix_stream_socket { getopt getattr read write shutdown }; - -# Backup ability for every app. BMS opens and passes the fd -# to any app that has backup ability. Hence, no open permissions here. -allow appdomain backup_data_file:file { read write getattr map }; -allow appdomain cache_backup_file:file { read write getattr map }; -allow appdomain cache_backup_file:dir getattr; -# Backup ability using 'adb backup' -allow appdomain system_data_file:lnk_file r_file_perms; -allow appdomain system_data_file:file { getattr read map }; - -# Allow read/stat of /data/media files passed by Binder or local socket IPC. -allow { appdomain -isolated_app } media_rw_data_file:file { read getattr }; - -# Read and write /data/data/com.android.providers.telephony files passed over Binder. -allow { appdomain -isolated_app } radio_data_file:file { read write getattr }; - -# Allow access to external storage; we have several visible mount points under /storage -# and symlinks to primary storage at places like /storage/sdcard0 and /mnt/user/0/primary -allow { appdomain -isolated_app -ephemeral_app } storage_file:dir r_dir_perms; -allow { appdomain -isolated_app -ephemeral_app } storage_file:lnk_file r_file_perms; -allow { appdomain -isolated_app -ephemeral_app } mnt_user_file:dir r_dir_perms; -allow { appdomain -isolated_app -ephemeral_app } mnt_user_file:lnk_file r_file_perms; - -# Read/write visible storage -allow { appdomain -isolated_app -ephemeral_app } sdcard_type:dir create_dir_perms; -allow { appdomain -isolated_app -ephemeral_app } sdcard_type:file create_file_perms; -# This should be removed if sdcardfs is modified to alter the secontext for its -# accesses to the underlying FS. -allow { appdomain -isolated_app -ephemeral_app } media_rw_data_file:dir create_dir_perms; -allow { appdomain -isolated_app -ephemeral_app } media_rw_data_file:file create_file_perms; - -# Allow apps to use the USB Accessory interface. -# http://developer.android.com/guide/topics/connectivity/usb/accessory.html -# -# USB devices are first opened by the system server (USBDeviceManagerService) -# and the file descriptor is passed to the right Activity via binder. -allow { appdomain -isolated_app -ephemeral_app } usb_device:chr_file { read write getattr ioctl }; -allow { appdomain -isolated_app -ephemeral_app } usbaccessory_device:chr_file { read write getattr }; - -# For art. -allow appdomain dalvikcache_data_file:file execute; -allow appdomain dalvikcache_data_file:lnk_file r_file_perms; - -# Allow any app to read shared RELRO files. -allow appdomain shared_relro_file:dir search; -allow appdomain shared_relro_file:file r_file_perms; - -# Allow apps to read/execute installed binaries -allow appdomain apk_data_file:dir r_dir_perms; -allow appdomain apk_data_file:file rx_file_perms; - -# /data/resource-cache -allow appdomain resourcecache_data_file:file r_file_perms; -allow appdomain resourcecache_data_file:dir r_dir_perms; - -# logd access -read_logd(appdomain) -control_logd({ appdomain -ephemeral_app }) -# application inherit logd write socket (urge is to deprecate this long term) -allow appdomain zygote:unix_dgram_socket write; - -allow { appdomain -isolated_app -ephemeral_app } keystore:keystore_key { get_state get insert delete exist list sign verify }; - -use_keystore({ appdomain -isolated_app -ephemeral_app }) - -allow appdomain console_device:chr_file { read write }; - -# only allow unprivileged socket ioctl commands -allowxperm { appdomain -bluetooth } self:{ rawip_socket tcp_socket udp_socket } - ioctl { unpriv_sock_ioctls unpriv_tty_ioctls }; - -allow { appdomain -isolated_app } ion_device:chr_file r_file_perms; - -# Allow AAudio apps to use shared memory file descriptors from the HAL -allow { appdomain -isolated_app } hal_audio:fd use; - -# Allow app to access shared memory created by camera HAL1 -allow { appdomain -isolated_app } hal_camera:fd use; - -# RenderScript always-passthrough HAL -allow { appdomain -isolated_app } hal_renderscript_hwservice:hwservice_manager find; -allow appdomain same_process_hal_file:file { execute read open getattr map }; - -# TODO: switch to meminfo service -allow appdomain proc_meminfo:file r_file_perms; - -# For app fuse. -allow appdomain app_fuse_file:file { getattr read append write }; - -pdx_client({ appdomain -isolated_app -ephemeral_app }, display_client) -pdx_client({ appdomain -isolated_app -ephemeral_app }, display_manager) -pdx_client({ appdomain -isolated_app -ephemeral_app }, display_vsync) -pdx_client({ appdomain -isolated_app -ephemeral_app }, performance_client) -# Apps do not directly open the IPC socket for bufferhubd. -pdx_use({ appdomain -isolated_app -ephemeral_app }, bufferhub_client) - -### -### CTS-specific rules -### - -# For cts/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java. -# testRunAsHasCorrectCapabilities -allow appdomain runas_exec:file getattr; -# Others are either allowed elsewhere or not desired. - -# Apps receive an open tun fd from the framework for -# device traffic. Do not allow untrusted app to directly open tun_device -allow { appdomain -isolated_app -ephemeral_app } tun_device:chr_file { read write getattr append ioctl }; -allowxperm { appdomain -isolated_app -ephemeral_app } tun_device:chr_file ioctl TUNGETIFF; - -# Connect to adbd and use a socket transferred from it. -# This is used for e.g. adb backup/restore. -allow appdomain adbd:unix_stream_socket connectto; -allow appdomain adbd:fd use; -allow appdomain adbd:unix_stream_socket { getattr getopt ioctl read write shutdown }; - -allow appdomain cache_file:dir getattr; - -# Allow apps to run with asanwrapper. -with_asan(`allow appdomain asanwrapper_exec:file rx_file_perms;') - -# Read access to FDs from the DropboxManagerService. -allow appdomain dropbox_data_file:file { getattr read }; - -# Read tmpfs types from these processes. -allow appdomain audioserver_tmpfs:file { getattr map read write }; -allow appdomain system_server_tmpfs:file { getattr map read write }; -allow appdomain zygote_tmpfs:file { map read }; - -# Allow vendor apps access to ashmemd to request /dev/ashmem fds. -binder_call({ appdomain -coredomain }, ashmemd) - -### -### Neverallow rules -### -### These are things that Android apps should NEVER be able to do -### - -# Superuser capabilities. -# bluetooth requires net_admin and wake_alarm. network stack app requires net_admin. -neverallow { appdomain -bluetooth -network_stack } self:capability_class_set *; - -# Block device access. -neverallow appdomain dev_type:blk_file { read write }; - -# Access to any of the following character devices. -neverallow appdomain { - audio_device - camera_device - dm_device - radio_device - rpmsg_device - video_device -}:chr_file { read write }; - -# Note: Try expanding list of app domains in the future. -neverallow { untrusted_app isolated_app shell } graphics_device:chr_file { read write }; - -neverallow { appdomain -nfc } nfc_device:chr_file - { read write }; -neverallow { appdomain -bluetooth } hci_attach_dev:chr_file - { read write }; -neverallow appdomain tee_device:chr_file { read write }; - -# Privileged netlink socket interfaces. -neverallow appdomain - domain:{ - netlink_tcpdiag_socket - netlink_nflog_socket - netlink_xfrm_socket - netlink_audit_socket - netlink_dnrt_socket - } *; - -# These messages are broadcast messages from the kernel to userspace. -# Do not allow the writing of netlink messages, which has been a source -# of rooting vulns in the past. -neverallow appdomain domain:netlink_kobject_uevent_socket { write append }; - -# Sockets under /dev/socket that are not specifically typed. -neverallow appdomain socket_device:sock_file write; - -# Unix domain sockets. -neverallow appdomain adbd_socket:sock_file write; -neverallow { appdomain -radio } rild_socket:sock_file write; - -# ptrace access to non-app domains. -neverallow appdomain { domain -appdomain }:process ptrace; - -# The Android security model guarantees the confidentiality and integrity -# of application data and execution state. Ptrace bypasses those -# confidentiality guarantees. Disallow ptrace access from system components -# to apps. Crash_dump is excluded, as it needs ptrace access to -# produce stack traces. llkd is excluded, as it needs ptrace access to -# inspect stack traces for live lock conditions. - -neverallow { - domain - -appdomain - -crash_dump - userdebug_or_eng(`-llkd') -} appdomain:process ptrace; - -# Read or write access to /proc/pid entries for any non-app domain. -# A different form of hidepid=2 like protections -neverallow appdomain { domain -appdomain }:file no_w_file_perms; -neverallow { appdomain -shell } { domain -appdomain }:file no_rw_file_perms; - -# signal access to non-app domains. -# sigchld allowed for parent death notification. -# signull allowed for kill(pid, 0) existence test. -# All others prohibited. -# -perfetto is to allow shell (which is an appdomain) to kill perfetto -# (see private/shell.te). -neverallow appdomain { domain -appdomain -perfetto }:process - { sigkill sigstop signal }; - -# Write to rootfs. -neverallow appdomain rootfs:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; - -# Write to /system. -neverallow appdomain system_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; - -# Write to entrypoint executables. -neverallow appdomain exec_type:file - { create write setattr relabelfrom relabelto append unlink link rename }; - -# Write to system-owned parts of /data. -# This is the default type for anything under /data not otherwise -# specified in file_contexts. Define a different type for portions -# that should be writable by apps. -neverallow appdomain system_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; - -# Write to various other parts of /data. -neverallow appdomain drm_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -platform_app } - apk_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -platform_app } - apk_tmp_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -platform_app } - apk_private_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -platform_app } - apk_private_tmp_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -shell } - shell_data_file:dir_file_class_set - { create setattr relabelfrom relabelto append unlink link rename }; -neverallow { appdomain -bluetooth } - bluetooth_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow appdomain - keystore_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow appdomain - systemkeys_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow appdomain - wifi_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; -neverallow appdomain - dhcp_data_file:dir_file_class_set - { create write setattr relabelfrom relabelto append unlink link rename }; - -# access tmp apk files -neverallow { appdomain -untrusted_app_all -platform_app -priv_app } - { apk_tmp_file apk_private_tmp_file }:dir_file_class_set *; - -neverallow untrusted_app_all { apk_tmp_file apk_private_tmp_file }:{ devfile_class_set dir fifo_file lnk_file sock_file } *; -neverallow untrusted_app_all { apk_tmp_file apk_private_tmp_file }:file ~{ getattr read }; - -# Access to factory files. -neverallow appdomain efs_file:dir_file_class_set write; -neverallow { appdomain -shell } efs_file:dir_file_class_set read; - -# Write to various pseudo file systems. -neverallow { appdomain -bluetooth -nfc } - sysfs:dir_file_class_set write; -neverallow appdomain - proc:dir_file_class_set write; - -# Access to syslog(2) or /proc/kmsg. -neverallow appdomain kernel:system { syslog_read syslog_mod syslog_console }; - -# SELinux is not an API for apps to use -neverallow { appdomain -shell } *:security { compute_av check_context }; -neverallow { appdomain -shell } *:netlink_selinux_socket *; - -# Ability to perform any filesystem operation other than statfs(2). -# i.e. no mount(2), unmount(2), etc. -neverallow appdomain fs_type:filesystem ~getattr; - -# prevent creation/manipulation of globally readable symlinks -neverallow appdomain { - apk_data_file - cache_file - cache_recovery_file - dev_type - rootfs - system_file - tmpfs -}:lnk_file no_w_file_perms; - -# Blacklist app domains not allowed to execute from /data -neverallow { - bluetooth - isolated_app - nfc - radio - shared_relro - system_app -} { - data_file_type - -dalvikcache_data_file - -system_data_file # shared libs in apks - -apk_data_file -}:file no_x_file_perms; - -# Applications should use the activity model for receiving events -neverallow { - appdomain - -shell # bugreport -} input_device:chr_file ~getattr; - -# Do not allow access to Bluetooth-related system properties except for a few whitelisted domains. -# neverallow rules for access to Bluetooth-related data files are above. -neverallow { - appdomain - -bluetooth - -system_app -} { bluetooth_audio_hal_prop bluetooth_a2dp_offload_prop bluetooth_prop exported_bluetooth_prop }:file create_file_perms; - -# Apps cannot access proc_uid_time_in_state -neverallow appdomain proc_uid_time_in_state:file *; - -# Apps cannot access proc_uid_concurrent_active_time -neverallow appdomain proc_uid_concurrent_active_time:file *; - -# Apps cannot access proc_uid_concurrent_policy_time -neverallow appdomain proc_uid_concurrent_policy_time:file *; - -# Apps cannot access proc_uid_cpupower -neverallow appdomain proc_uid_cpupower:file *; - -# Apps may not read /proc/net/{tcp,tcp6,udp,udp6}. These files leak information across the -# application boundary. VPN apps may use the ConnectivityManager.getConnectionOwnerUid() API to -# perform UID lookups. -neverallow { appdomain -shell } proc_net_tcp_udp:file *; - -# Apps cannot access bootstrap files. The bootstrap files are only for -# extremely early processes (like init, etc.) which are started before -# the runtime APEX is activated and Bionic libs are provided from there. -# If app process accesses (or even load/execute) the bootstrap files, -# it might cause problems such as ODR violation, etc. -neverallow appdomain system_bootstrap_lib_file:file - { open read write append execute execute_no_trans map }; -neverallow appdomain system_bootstrap_lib_file:dir - { open read getattr search }; diff --git a/prebuilts/api/29.0/public/app_zygote.te b/prebuilts/api/29.0/public/app_zygote.te deleted file mode 100644 index 4c1ec9652..000000000 --- a/prebuilts/api/29.0/public/app_zygote.te +++ /dev/null @@ -1,6 +0,0 @@ -# app_zygote is an auxiliary zygote process that is used to spawn -# isolated service processes for individual applications. It is -# spawned from the regular zygote process as a "child zygote". - -type app_zygote, domain; -type app_zygote_tmpfs, file_type; diff --git a/prebuilts/api/29.0/public/asan_extract.te b/prebuilts/api/29.0/public/asan_extract.te deleted file mode 100644 index 15c5a09fd..000000000 --- a/prebuilts/api/29.0/public/asan_extract.te +++ /dev/null @@ -1,36 +0,0 @@ -# asan_extract -# -# This command set moves the artifact corresponding to the current slot -# from /data/ota to /data/dalvik-cache. - -with_asan(` - type asan_extract, domain, coredomain; - type asan_extract_exec, exec_type, file_type; - - # Allow asan_extract to execute itself using #!/system/bin/sh - allow asan_extract shell_exec:file rx_file_perms; - - # We execute log, rm, gzip and tar. - allow asan_extract toolbox_exec:file rx_file_perms; - allow asan_extract system_file:file execute_no_trans; - - # asan_extract deletes old /data/lib. - allow asan_extract system_file:dir { open read remove_name rmdir write }; - allow asan_extract system_file:file unlink; - - # asan_extract untars ASAN libraries into /data. - allow asan_extract system_data_file:dir create_dir_perms ; - allow asan_extract system_data_file:{ file lnk_file } create_file_perms ; - - # Relabel the libraries with restorecon. - allow asan_extract file_contexts_file:file r_file_perms; - allow asan_extract system_data_file:{ dir file } relabelfrom; - allow asan_extract system_file:dir { relabelto setattr }; - allow asan_extract system_file:file relabelto; - - # Restorecon will actually already try to run with sanitized libraries (libpackagelistparser). - allow asan_extract system_data_file:file execute; - - # We need to signal a reboot when done. - set_prop(asan_extract, powerctl_prop) -') diff --git a/prebuilts/api/29.0/public/ashmemd.te b/prebuilts/api/29.0/public/ashmemd.te deleted file mode 100644 index 542f093be..000000000 --- a/prebuilts/api/29.0/public/ashmemd.te +++ /dev/null @@ -1 +0,0 @@ -type ashmemd, domain; diff --git a/prebuilts/api/29.0/public/attributes b/prebuilts/api/29.0/public/attributes deleted file mode 100644 index 67979dafb..000000000 --- a/prebuilts/api/29.0/public/attributes +++ /dev/null @@ -1,316 +0,0 @@ -###################################### -# Attribute declarations -# - -# All types used for devices. -# On change, update CHECK_FC_ASSERT_ATTRS -# in tools/checkfc.c -attribute dev_type; - -# All types used for processes. -attribute domain; - -# All types used for filesystems. -# On change, update CHECK_FC_ASSERT_ATTRS -# definition in tools/checkfc.c. -attribute fs_type; - -# All types used for context= mounts. -attribute contextmount_type; - -# All types used for files that can exist on a labeled fs. -# Do not use for pseudo file types. -# On change, update CHECK_FC_ASSERT_ATTRS -# definition in tools/checkfc.c. -attribute file_type; - -# All types used for domain entry points. -attribute exec_type; - -# All types used for /data files. -attribute data_file_type; -expandattribute data_file_type false; -# All types in /data, not in /data/vendor -attribute core_data_file_type; -expandattribute core_data_file_type false; - -# All types in /system -attribute system_file_type; - -# All types in /vendor -attribute vendor_file_type; - -# All types used for procfs files. -attribute proc_type; -expandattribute proc_type false; - -# Types in /proc/net, excluding qtaguid types. -# TODO(b/9496886) Lock down access to /proc/net. -# This attribute is used to audit access to proc_net. it is temporary and will -# be removed. -attribute proc_net_type; -expandattribute proc_net_type true; - -# All types used for sysfs files. -attribute sysfs_type; - -# All types use for debugfs files. -attribute debugfs_type; - -# Attribute used for all sdcards -attribute sdcard_type; - -# All types used for nodes/hosts. -attribute node_type; - -# All types used for network interfaces. -attribute netif_type; - -# All types used for network ports. -attribute port_type; - -# All types used for property service -# On change, update CHECK_PC_ASSERT_ATTRS -# definition in tools/checkfc.c. -attribute property_type; - -# All properties defined in core SELinux policy. Should not be -# used by device specific properties -attribute core_property_type; - -# All properties used to configure log filtering. -attribute log_property_type; - -# All properties that are not specific to device but are added from -# outside of AOSP. (e.g. OEM-specific properties) -# These properties are not accessible from device-specific domains -attribute extended_core_property_type; - -# All service_manager types created by system_server -attribute system_server_service; - -# services which should be available to all but isolated apps -attribute app_api_service; - -# services which should be available to all ephemeral apps -attribute ephemeral_app_api_service; - -# services which export only system_api -attribute system_api_service; - -# All types used for services managed by servicemanager. -# On change, update CHECK_SC_ASSERT_ATTRS -# definition in tools/checkfc.c. -attribute service_manager_type; - -# All types used for services managed by hwservicemanager -attribute hwservice_manager_type; - -# All HwBinder services guaranteed to be passthrough. These services always run -# in the process of their clients, and thus operate with the same access as -# their clients. -attribute same_process_hwservice; - -# All HwBinder services guaranteed to be offered only by core domain components -attribute coredomain_hwservice; - -# All types used for services managed by vndservicemanager -attribute vndservice_manager_type; - - -# All domains that can override MLS restrictions. -# i.e. processes that can read up and write down. -attribute mlstrustedsubject; - -# All types that can override MLS restrictions. -# i.e. files that can be read by lower and written by higher -attribute mlstrustedobject; - -# All domains used for apps. -attribute appdomain; - -# All third party apps. -attribute untrusted_app_all; - -# All domains used for apps with network access. -attribute netdomain; - -# All domains used for apps with bluetooth access. -attribute bluetoothdomain; - -# All domains used for binder service domains. -attribute binderservicedomain; - -# update_engine related domains that need to apply an update and run -# postinstall. This includes the background daemon and the sideload tool from -# recovery for A/B devices. -attribute update_engine_common; - -# All core domains (as opposed to vendor/device-specific domains) -attribute coredomain; - -# All socket devices owned by core domain components -attribute coredomain_socket; -expandattribute coredomain_socket false; - -# All vendor domains which violate the requirement of not using Binder -# TODO(b/35870313): Remove this once there are no violations -attribute binder_in_vendor_violators; -expandattribute binder_in_vendor_violators false; - -# All vendor domains which violate the requirement of not using sockets for -# communicating with core components -# TODO(b/36577153): Remove this once there are no violations -attribute socket_between_core_and_vendor_violators; -expandattribute socket_between_core_and_vendor_violators false; - -# All vendor domains which violate the requirement of not executing -# system processes -# TODO(b/36463595) -attribute vendor_executes_system_violators; -expandattribute vendor_executes_system_violators false; - -# All domains which violate the requirement of not sharing files by path -# between between vendor and core domains. -# TODO(b/34980020) -attribute data_between_core_and_vendor_violators; -expandattribute data_between_core_and_vendor_violators false; - -# All system domains which violate the requirement of not executing vendor -# binaries/libraries. -# TODO(b/62041836) -attribute system_executes_vendor_violators; -expandattribute system_executes_vendor_violators false; - -# All system domains which violate the requirement of not writing vendor -# properties. -# TODO(b/78598545): Remove this once there are no violations -attribute system_writes_vendor_properties_violators; -expandattribute system_writes_vendor_properties_violators false; - -# All system domains which violate the requirement of not writing to -# /mnt/vendor/*. Must not be used on devices launched with P or later. -attribute system_writes_mnt_vendor_violators; -expandattribute system_writes_mnt_vendor_violators false; - -# hwservices that are accessible from untrusted applications -# WARNING: Use of this attribute should be avoided unless -# absolutely necessary. It is a temporary allowance to aid the -# transition to treble and will be removed in a future platform -# version, requiring all hwservices that are labeled with this -# attribute to be submitted to AOSP in order to maintain their -# app-visibility. -attribute untrusted_app_visible_hwservice_violators; -expandattribute untrusted_app_visible_hwservice_violators false; - -# halserver domains that are accessible to untrusted applications. These -# domains are typically those hosting hwservices attributed by the -# untrusted_app_visible_hwservice_violators. -# WARNING: Use of this attribute should be avoided unless absolutely necessary. -# It is a temporary allowance to aid the transition to treble and will be -# removed in the future platform version, requiring all halserver domains that -# are labeled with this attribute to be submitted to AOSP in order to maintain -# their app-visibility. -attribute untrusted_app_visible_halserver_violators; -expandattribute untrusted_app_visible_halserver_violators false; - -# PDX services -attribute pdx_endpoint_dir_type; -attribute pdx_endpoint_socket_type; -expandattribute pdx_endpoint_socket_type false; -attribute pdx_channel_socket_type; -expandattribute pdx_channel_socket_type false; - -pdx_service_attributes(display_client) -pdx_service_attributes(display_manager) -pdx_service_attributes(display_screenshot) -pdx_service_attributes(display_vsync) -pdx_service_attributes(performance_client) -pdx_service_attributes(bufferhub_client) - -# All HAL servers -attribute halserverdomain; -# All HAL clients -attribute halclientdomain; -expandattribute halclientdomain true; - -# Exempt for halserverdomain to access sockets. Only builds for automotive -# device types are allowed to use this attribute (enforced by CTS). -# Unlike phone, in a car many modules are external from Android perspective and -# HALs should be able to communicate with those devices through sockets. -attribute hal_automotive_socket_exemption; - -# HALs -hal_attribute(allocator); -hal_attribute(atrace); -hal_attribute(audio); -hal_attribute(audiocontrol); -hal_attribute(authsecret); -hal_attribute(bluetooth); -hal_attribute(bootctl); -hal_attribute(bufferhub); -hal_attribute(broadcastradio); -hal_attribute(camera); -hal_attribute(cas); -hal_attribute(configstore); -hal_attribute(confirmationui); -hal_attribute(contexthub); -hal_attribute(drm); -hal_attribute(dumpstate); -hal_attribute(evs); -hal_attribute(face); -hal_attribute(fingerprint); -hal_attribute(gatekeeper); -hal_attribute(gnss); -hal_attribute(graphics_allocator); -hal_attribute(graphics_composer); -hal_attribute(health); -hal_attribute(health_storage); -hal_attribute(input_classifier); -hal_attribute(ir); -hal_attribute(keymaster); -hal_attribute(light); -hal_attribute(lowpan); -hal_attribute(memtrack); -hal_attribute(neuralnetworks); -hal_attribute(nfc); -hal_attribute(oemlock); -hal_attribute(omx); -hal_attribute(power); -hal_attribute(power_stats); -hal_attribute(secure_element); -hal_attribute(sensors); -hal_attribute(telephony); -hal_attribute(tetheroffload); -hal_attribute(thermal); -hal_attribute(tv_cec); -hal_attribute(tv_input); -hal_attribute(usb); -hal_attribute(usb_gadget); -hal_attribute(vehicle); -hal_attribute(vibrator); -hal_attribute(vr); -hal_attribute(weaver); -hal_attribute(wifi); -hal_attribute(wifi_hostapd); -hal_attribute(wifi_offload); -hal_attribute(wifi_supplicant); - -# HwBinder services offered across the core-vendor boundary -# -# We annotate server domains with x_server to loosen the coupling between -# system and vendor images. For example, it should be possible to move a service -# from one core domain to another, without having to update the vendor image -# which contains clients of this service. - -attribute camera_service_server; -attribute display_service_server; -attribute mediaswcodec_server; -attribute scheduler_service_server; -attribute sensor_service_server; -attribute stats_service_server; -attribute system_suspend_server; -attribute wifi_keystore_service_server; - -# All types used for super partition block devices. -attribute super_block_device_type; diff --git a/prebuilts/api/29.0/public/audioserver.te b/prebuilts/api/29.0/public/audioserver.te deleted file mode 100644 index 2ad86e3d0..000000000 --- a/prebuilts/api/29.0/public/audioserver.te +++ /dev/null @@ -1,3 +0,0 @@ -# audioserver - audio services daemon -type audioserver, domain; -type audioserver_tmpfs, file_type; diff --git a/prebuilts/api/29.0/public/blkid.te b/prebuilts/api/29.0/public/blkid.te deleted file mode 100644 index dabe01452..000000000 --- a/prebuilts/api/29.0/public/blkid.te +++ /dev/null @@ -1,2 +0,0 @@ -# blkid called from vold -type blkid, domain; diff --git a/prebuilts/api/29.0/public/blkid_untrusted.te b/prebuilts/api/29.0/public/blkid_untrusted.te deleted file mode 100644 index 4be4c0cb2..000000000 --- a/prebuilts/api/29.0/public/blkid_untrusted.te +++ /dev/null @@ -1,2 +0,0 @@ -# blkid for untrusted block devices -type blkid_untrusted, domain; diff --git a/prebuilts/api/29.0/public/bluetooth.te b/prebuilts/api/29.0/public/bluetooth.te deleted file mode 100644 index 9b3442aa5..000000000 --- a/prebuilts/api/29.0/public/bluetooth.te +++ /dev/null @@ -1,2 +0,0 @@ -# bluetooth subsystem -type bluetooth, domain; diff --git a/prebuilts/api/29.0/public/bootanim.te b/prebuilts/api/29.0/public/bootanim.te deleted file mode 100644 index e8cb98bbc..000000000 --- a/prebuilts/api/29.0/public/bootanim.te +++ /dev/null @@ -1,42 +0,0 @@ -# bootanimation oneshot service -type bootanim, domain; -type bootanim_exec, system_file_type, exec_type, file_type; - -hal_client_domain(bootanim, hal_configstore) -hal_client_domain(bootanim, hal_graphics_allocator) -hal_client_domain(bootanim, hal_graphics_composer) - -binder_use(bootanim) -binder_call(bootanim, surfaceflinger) -binder_call(bootanim, audioserver) - -hwbinder_use(bootanim) - -allow bootanim gpu_device:chr_file rw_file_perms; - -# /oem access -allow bootanim oemfs:dir search; -allow bootanim oemfs:file r_file_perms; - -allow bootanim audio_device:dir r_dir_perms; -allow bootanim audio_device:chr_file rw_file_perms; - -allow bootanim audioserver_service:service_manager find; -allow bootanim surfaceflinger_service:service_manager find; - -# Allow access to ion memory allocation device -allow bootanim ion_device:chr_file rw_file_perms; -allow bootanim hal_graphics_allocator:fd use; - -# Fences -allow bootanim hal_graphics_composer:fd use; - -# Read access to pseudo filesystems. -allow bootanim proc_meminfo:file r_file_perms; - -# System file accesses. -allow bootanim system_file:dir r_dir_perms; - -# Read ro.boot.bootreason b/30654343 -get_prop(bootanim, bootloader_boot_reason_prop) - diff --git a/prebuilts/api/29.0/public/bootstat.te b/prebuilts/api/29.0/public/bootstat.te deleted file mode 100644 index a2a060bc2..000000000 --- a/prebuilts/api/29.0/public/bootstat.te +++ /dev/null @@ -1,60 +0,0 @@ -# bootstat command -type bootstat, domain; -type bootstat_exec, system_file_type, exec_type, file_type; - -read_runtime_log_tags(bootstat) - -# Allow persistent storage in /data/misc/bootstat. -allow bootstat bootstat_data_file:dir rw_dir_perms; -allow bootstat bootstat_data_file:file create_file_perms; - -# Collect metrics on boot time created by init -get_prop(bootstat, boottime_prop) - -# Read/Write [persist.]sys.boot.reason and ro.boot.bootreason (write if empty) -set_prop(bootstat, bootloader_boot_reason_prop) -set_prop(bootstat, system_boot_reason_prop) -set_prop(bootstat, last_boot_reason_prop) - -# ToDo: TBI move access for the following to a system health HAL - -# Allow access to /sys/fs/pstore/ and syslog -allow bootstat pstorefs:dir search; -allow bootstat pstorefs:file r_file_perms; -allow bootstat kernel:system syslog_read; - -# Allow access to reading the logs to read aspects of system health -read_logd(bootstat) - -# Allow bootstat write to statsd. -unix_socket_send(bootstat, statsdw, statsd) - -# ToDo: end - -neverallow { - domain - -bootanim - -bootstat - -dumpstate - -init - -recovery - -shell - -system_server -} { bootloader_boot_reason_prop last_boot_reason_prop }:file r_file_perms; -# ... and refine, as these components should not set the last boot reason -neverallow { bootanim recovery } last_boot_reason_prop:file r_file_perms; - -neverallow { - domain - -bootstat - -init - -system_server -} { bootloader_boot_reason_prop last_boot_reason_prop }:property_service set; -# ... and refine ... for a ro propertly no less ... keep this _tight_ -neverallow system_server bootloader_boot_reason_prop:property_service set; - -neverallow { - domain - -bootstat - -init -} system_boot_reason_prop:property_service set; diff --git a/prebuilts/api/29.0/public/bufferhubd.te b/prebuilts/api/29.0/public/bufferhubd.te deleted file mode 100644 index 7acfa6952..000000000 --- a/prebuilts/api/29.0/public/bufferhubd.te +++ /dev/null @@ -1,21 +0,0 @@ -# bufferhubd -type bufferhubd, domain, mlstrustedsubject; -type bufferhubd_exec, system_file_type, exec_type, file_type; - -hal_client_domain(bufferhubd, hal_graphics_allocator) - -# TODO(b/112338294): remove these after migrate to Binder -pdx_server(bufferhubd, bufferhub_client) -pdx_client(bufferhubd, performance_client) - -# Access the GPU. -allow bufferhubd gpu_device:chr_file rw_file_perms; - -# Access /dev/ion -allow bufferhubd ion_device:chr_file r_file_perms; - -# Receive sync fence FDs from hal_omx_server. Note that hal_omx_server never directly -# connects to bufferhubd via PDX. Instead, a VR app acts as a bridge between -# those two: it talks to hal_omx_server via Binder and talks to bufferhubd via PDX. -# Thus, there is no need to use pdx_client macro. -allow bufferhubd hal_omx_server:fd use; diff --git a/prebuilts/api/29.0/public/camera_service_server.te b/prebuilts/api/29.0/public/camera_service_server.te deleted file mode 100644 index 352e1b7aa..000000000 --- a/prebuilts/api/29.0/public/camera_service_server.te +++ /dev/null @@ -1 +0,0 @@ -add_hwservice(camera_service_server, fwk_camera_hwservice) diff --git a/prebuilts/api/29.0/public/cameraserver.te b/prebuilts/api/29.0/public/cameraserver.te deleted file mode 100644 index f4eed4815..000000000 --- a/prebuilts/api/29.0/public/cameraserver.te +++ /dev/null @@ -1,71 +0,0 @@ -# cameraserver - camera daemon -type cameraserver, domain; -type cameraserver_exec, system_file_type, exec_type, file_type; -type cameraserver_tmpfs, file_type; - -binder_use(cameraserver) -binder_call(cameraserver, binderservicedomain) -binder_call(cameraserver, appdomain) -binder_service(cameraserver) - -hal_client_domain(cameraserver, hal_camera) - -hal_client_domain(cameraserver, hal_graphics_allocator) - -allow cameraserver ion_device:chr_file rw_file_perms; - -# Talk with graphics composer fences -allow cameraserver hal_graphics_composer:fd use; - -add_service(cameraserver, cameraserver_service) - -allow cameraserver activity_service:service_manager find; -allow cameraserver appops_service:service_manager find; -allow cameraserver audioserver_service:service_manager find; -allow cameraserver batterystats_service:service_manager find; -allow cameraserver cameraproxy_service:service_manager find; -allow cameraserver mediaserver_service:service_manager find; -allow cameraserver processinfo_service:service_manager find; -allow cameraserver scheduling_policy_service:service_manager find; -allow cameraserver surfaceflinger_service:service_manager find; - -allow cameraserver hidl_token_hwservice:hwservice_manager find; - -### -### neverallow rules -### - -# cameraserver should never execute any executable without a -# domain transition -neverallow cameraserver { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow cameraserver domain:{ tcp_socket udp_socket rawip_socket } *; - -# Allow shell commands from ADB for CTS testing/dumping -allow cameraserver adbd:fd use; -allow cameraserver adbd:unix_stream_socket { read write }; -allow cameraserver shell:fd use; -allow cameraserver shell:unix_stream_socket { read write }; -allow cameraserver shell:fifo_file { read write }; - -# Allow to talk with media codec -allow cameraserver mediametrics_service:service_manager find; -hal_client_domain(cameraserver, hal_omx) -hal_client_domain(cameraserver, hal_allocator) - -# Allow shell commands from ADB for CTS testing/dumping -userdebug_or_eng(` - allow cameraserver su:fd use; - allow cameraserver su:fifo_file { read write }; - allow cameraserver su:unix_stream_socket { read write }; -') diff --git a/prebuilts/api/29.0/public/charger.te b/prebuilts/api/29.0/public/charger.te deleted file mode 100644 index 238b41373..000000000 --- a/prebuilts/api/29.0/public/charger.te +++ /dev/null @@ -1,44 +0,0 @@ -type charger, domain; -type charger_exec, system_file_type, exec_type, file_type; - -# Write to /dev/kmsg -allow charger kmsg_device:chr_file rw_file_perms; - -# Read access to pseudo filesystems. -r_dir_file(charger, rootfs) -r_dir_file(charger, cgroup) - -# Allow to read /sys/class/power_supply directory -allow charger sysfs_type:dir r_dir_perms; - -allow charger self:global_capability_class_set { sys_tty_config }; -allow charger self:global_capability_class_set sys_boot; - -wakelock_use(charger) - -allow charger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Read/write to /sys/power/state -allow charger sysfs_power:file rw_file_perms; - -r_dir_file(charger, sysfs_batteryinfo) - -# Read /sys/fs/pstore/console-ramoops -# Don't worry about overly broad permissions for now, as there's -# only one file in /sys/fs/pstore -allow charger pstorefs:dir r_dir_perms; -allow charger pstorefs:file r_file_perms; - -allow charger graphics_device:dir r_dir_perms; -allow charger graphics_device:chr_file rw_file_perms; -allow charger input_device:dir r_dir_perms; -allow charger input_device:chr_file r_file_perms; -allow charger tty_device:chr_file rw_file_perms; -allow charger proc_sysrq:file rw_file_perms; - -# charger needs to tell init to continue the boot -# process when running in charger mode. -set_prop(charger, system_prop) -set_prop(charger, exported_system_prop) -set_prop(charger, exported2_system_prop) -set_prop(charger, exported3_system_prop) diff --git a/prebuilts/api/29.0/public/crash_dump.te b/prebuilts/api/29.0/public/crash_dump.te deleted file mode 100644 index 5188d1958..000000000 --- a/prebuilts/api/29.0/public/crash_dump.te +++ /dev/null @@ -1,68 +0,0 @@ -type crash_dump, domain; -type crash_dump_exec, system_file_type, exec_type, file_type; - -# crash_dump might inherit CAP_SYS_PTRACE from a privileged process, -# which will result in an audit log even when it's allowed to trace. -dontaudit crash_dump self:global_capability_class_set { sys_ptrace }; - -userdebug_or_eng(` - allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill }; - - # Let crash_dump write to /dev/kmsg_debug crashes that happen before logd comes up. - allow crash_dump kmsg_debug_device:chr_file { open append }; -') - -# Use inherited file descriptors -allow crash_dump domain:fd use; - -# Read/write IPC pipes inherited from crashing processes. -allow crash_dump domain:fifo_file { read write }; - -# Append to pipes given to us by processes requesting dumps (e.g. dumpstate) -allow crash_dump domain:fifo_file { append }; - -r_dir_file(crash_dump, domain) -allow crash_dump exec_type:file r_file_perms; - -# Read /data/dalvik-cache. -allow crash_dump dalvikcache_data_file:dir { search getattr }; -allow crash_dump dalvikcache_data_file:file r_file_perms; - -# Read APK files. -r_dir_file(crash_dump, apk_data_file); - -# Read all /vendor -r_dir_file(crash_dump, { vendor_file same_process_hal_file }) - -# Talk to tombstoned -unix_socket_connect(crash_dump, tombstoned_crash, tombstoned) - -# Talk to ActivityManager. -unix_socket_connect(crash_dump, system_ndebug, system_server) - -# Append to ANR files. -allow crash_dump anr_data_file:file { append getattr }; - -# Append to tombstone files. -allow crash_dump tombstone_data_file:file { append getattr }; - -# crash_dump writes out logcat logs at the bottom of tombstones, -# which is super useful in some cases. -unix_socket_connect(crash_dump, logdr, logd) - -# Crash dump is not intended to access the following files. Since these -# are WAI, suppress the denials to clean up the logs. -dontaudit crash_dump { - core_data_file_type - vendor_file_type -}:dir search; -dontaudit crash_dump system_data_file:file read; -dontaudit crash_dump property_type:file read; - -### -### neverallow assertions -### - -# A domain transition must occur for crash_dump to get the privileges needed to trace the process. -# Do not allow the execution of crash_dump without a domain transition. -neverallow domain crash_dump_exec:file execute_no_trans; diff --git a/prebuilts/api/29.0/public/device.te b/prebuilts/api/29.0/public/device.te deleted file mode 100644 index e20a68bd0..000000000 --- a/prebuilts/api/29.0/public/device.te +++ /dev/null @@ -1,112 +0,0 @@ -# Device types -type device, dev_type, fs_type; -type ashmem_device, dev_type, mlstrustedobject; -type audio_device, dev_type; -type binder_device, dev_type, mlstrustedobject; -type hwbinder_device, dev_type, mlstrustedobject; -type vndbinder_device, dev_type; -type block_device, dev_type; -type camera_device, dev_type; -type dm_device, dev_type; -type keychord_device, dev_type; -type loop_control_device, dev_type; -type loop_device, dev_type; -type pmsg_device, dev_type, mlstrustedobject; -type radio_device, dev_type; -type ram_device, dev_type; -type rtc_device, dev_type; -type vold_device, dev_type; -type console_device, dev_type; -type fscklogs, dev_type; -# GPU (used by most UI apps) -type gpu_device, dev_type, mlstrustedobject; -type graphics_device, dev_type; -type hw_random_device, dev_type; -type input_device, dev_type; -type port_device, dev_type; -type lowpan_device, dev_type; -type mtp_device, dev_type, mlstrustedobject; -type nfc_device, dev_type; -type ptmx_device, dev_type, mlstrustedobject; -type kmsg_device, dev_type; -type kmsg_debug_device, dev_type; -type null_device, dev_type, mlstrustedobject; -type random_device, dev_type, mlstrustedobject; -type secure_element_device, dev_type; -type sensors_device, dev_type; -type serial_device, dev_type; -type socket_device, dev_type; -type owntty_device, dev_type, mlstrustedobject; -type tty_device, dev_type; -type video_device, dev_type; -type zero_device, dev_type, mlstrustedobject; -type fuse_device, dev_type, mlstrustedobject; -type iio_device, dev_type; -type ion_device, dev_type, mlstrustedobject; -type qtaguid_device, dev_type; -type watchdog_device, dev_type; -type uhid_device, dev_type; -type uio_device, dev_type; -type tun_device, dev_type, mlstrustedobject; -type usbaccessory_device, dev_type, mlstrustedobject; -type usb_device, dev_type, mlstrustedobject; -type properties_device, dev_type; -type properties_serial, dev_type; -type property_info, dev_type; - -# All devices have a uart for the hci -# attach service. The uart dev node -# varies per device. This type -# is used in per device policy -type hci_attach_dev, dev_type; - -# All devices have a rpmsg device for -# achieving remoteproc and rpmsg modules -type rpmsg_device, dev_type; - -# Partition layout block device -type root_block_device, dev_type; - -# factory reset protection block device -type frp_block_device, dev_type; - -# System block device mounted on /system. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type system_block_device, dev_type; - -# Recovery block device. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type recovery_block_device, dev_type; - -# boot block device. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type boot_block_device, dev_type; - -# Userdata block device mounted on /data. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type userdata_block_device, dev_type; - -# Cache block device mounted on /cache. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type cache_block_device, dev_type; - -# Block device for any swap partition. -type swap_block_device, dev_type; - -# Metadata block device used for encryption metadata. -# Assign this type to the partition specified by the encryptable= -# mount option in your fstab file in the entry for userdata. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type metadata_block_device, dev_type; - -# The 'misc' partition used by recovery and A/B. -# Documented at https://source.android.com/devices/bootloader/partitions-images -type misc_block_device, dev_type; - -# 'super' partition to be used for logical partitioning. -type super_block_device, super_block_device_type, dev_type; - -# sdcard devices; normally vold uses the vold_block_device label and creates a -# separate device node. gsid, however, accesses the original devide node -# created through uevents, so we use a separate label. -type sdcard_block_device, dev_type; diff --git a/prebuilts/api/29.0/public/dhcp.te b/prebuilts/api/29.0/public/dhcp.te deleted file mode 100644 index 4f2369d2d..000000000 --- a/prebuilts/api/29.0/public/dhcp.te +++ /dev/null @@ -1,30 +0,0 @@ -type dhcp, domain; -type dhcp_exec, system_file_type, exec_type, file_type; - -net_domain(dhcp) - -allow dhcp cgroup:dir { create write add_name }; -allow dhcp self:global_capability_class_set { setgid setuid net_admin net_raw net_bind_service }; -allow dhcp self:packet_socket create_socket_perms_no_ioctl; -allow dhcp self:netlink_route_socket nlmsg_write; -allow dhcp shell_exec:file rx_file_perms; -allow dhcp system_file:file rx_file_perms; -not_full_treble(`allow dhcp vendor_file:file rx_file_perms;') - -# dhcpcd runs dhcpcd-hooks/*, which runs getprop / setprop (toolbox_exec) -allow dhcp toolbox_exec:file rx_file_perms; - -# For /proc/sys/net/ipv4/conf/*/promote_secondaries -allow dhcp proc_net_type:file write; - -set_prop(dhcp, dhcp_prop) -set_prop(dhcp, pan_result_prop) - -allow dhcp dhcp_data_file:dir create_dir_perms; -allow dhcp dhcp_data_file:file create_file_perms; - -# PAN connections -allow dhcp netd:fd use; -allow dhcp netd:fifo_file rw_file_perms; -allow dhcp netd:{ dgram_socket_class_set unix_stream_socket } { read write }; -allow dhcp netd:{ netlink_kobject_uevent_socket netlink_route_socket netlink_nflog_socket } { read write }; diff --git a/prebuilts/api/29.0/public/display_service_server.te b/prebuilts/api/29.0/public/display_service_server.te deleted file mode 100644 index c5839fa54..000000000 --- a/prebuilts/api/29.0/public/display_service_server.te +++ /dev/null @@ -1 +0,0 @@ -add_hwservice(display_service_server, fwk_display_hwservice) diff --git a/prebuilts/api/29.0/public/dnsmasq.te b/prebuilts/api/29.0/public/dnsmasq.te deleted file mode 100644 index d189c8942..000000000 --- a/prebuilts/api/29.0/public/dnsmasq.te +++ /dev/null @@ -1,25 +0,0 @@ -# DNS, DHCP services -type dnsmasq, domain; -type dnsmasq_exec, system_file_type, exec_type, file_type; - -net_domain(dnsmasq) -allowxperm dnsmasq self:udp_socket ioctl priv_sock_ioctls; - -# TODO: Run with dhcp group to avoid need for dac_override. -allow dnsmasq self:global_capability_class_set { dac_override dac_read_search }; - -allow dnsmasq self:global_capability_class_set { net_admin net_raw net_bind_service setgid setuid }; - -allow dnsmasq dhcp_data_file:dir w_dir_perms; -allow dnsmasq dhcp_data_file:file create_file_perms; - -# Inherit and use open files from netd. -allow dnsmasq netd:fd use; -allow dnsmasq netd:fifo_file { getattr read write }; -# TODO: Investigate whether these inherited sockets should be closed on exec. -allow dnsmasq netd:netlink_kobject_uevent_socket { read write }; -allow dnsmasq netd:netlink_nflog_socket { read write }; -allow dnsmasq netd:netlink_route_socket { read write }; -allow dnsmasq netd:unix_stream_socket { getattr read write }; -allow dnsmasq netd:unix_dgram_socket { read write }; -allow dnsmasq netd:udp_socket { read write }; diff --git a/prebuilts/api/29.0/public/domain.te b/prebuilts/api/29.0/public/domain.te deleted file mode 100644 index 3528a8532..000000000 --- a/prebuilts/api/29.0/public/domain.te +++ /dev/null @@ -1,1389 +0,0 @@ -# Rules for all domains. - -# Allow reaping by init. -allow domain init:process sigchld; - -# Intra-domain accesses. -allow domain self:process { - fork - sigchld - sigkill - sigstop - signull - signal - getsched - setsched - getsession - getpgid - setpgid - getcap - setcap - getattr - setrlimit -}; -allow domain self:fd use; -allow domain proc:dir r_dir_perms; -allow domain proc_net_type:dir search; -r_dir_file(domain, self) -allow domain self:{ fifo_file file } rw_file_perms; -allow domain self:unix_dgram_socket { create_socket_perms sendto }; -allow domain self:unix_stream_socket { create_stream_socket_perms connectto }; - -# Inherit or receive open files from others. -allow domain init:fd use; - -userdebug_or_eng(` - allow domain su:fd use; - allow domain su:unix_stream_socket { connectto getattr getopt read write shutdown }; - allow domain su:unix_dgram_socket sendto; - - allow { domain -init } su:binder { call transfer }; - - # Running something like "pm dump com.android.bluetooth" requires - # fifo writes - allow domain su:fifo_file { write getattr }; - - # allow "gdbserver --attach" to work for su. - allow domain su:process sigchld; - - # Allow writing coredumps to /cores/* - allow domain coredump_file:file create_file_perms; - allow domain coredump_file:dir ra_dir_perms; -') - -# Root fs. -allow domain tmpfs:dir { getattr search }; -allow domain rootfs:dir search; -allow domain rootfs:lnk_file { read getattr }; - -# Device accesses. -allow domain device:dir search; -allow domain dev_type:lnk_file r_file_perms; -allow domain devpts:dir search; -allow domain socket_device:dir r_dir_perms; -allow domain owntty_device:chr_file rw_file_perms; -allow domain null_device:chr_file rw_file_perms; -allow domain zero_device:chr_file rw_file_perms; -allow { - domain - # TODO(b/113362644): route coredomain to ashmemd - #-coredomain - -mediaprovider - -ephemeral_app - -isolated_app - -untrusted_app_all -} ashmem_device:chr_file rw_file_perms; - -# Allow using fds to /dev/ashmem. -allow domain ashmemd:fd use; - -# /dev/binder can be accessed by non-vendor domains and by apps -allow { - coredomain - appdomain - binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone - -hwservicemanager -} binder_device:chr_file rw_file_perms; -# Devices which are not full TREBLE have fewer restrictions on access to /dev/binder -not_full_treble(`allow { domain -hwservicemanager -vndservicemanager } binder_device:chr_file rw_file_perms;') -allow { domain -servicemanager -vndservicemanager -isolated_app } hwbinder_device:chr_file rw_file_perms; -allow domain ptmx_device:chr_file rw_file_perms; -allow domain random_device:chr_file rw_file_perms; -allow domain proc_random:dir r_dir_perms; -allow domain proc_random:file r_file_perms; -allow domain properties_device:dir { search getattr }; -allow domain properties_serial:file r_file_perms; -allow domain property_info:file r_file_perms; - -# Public readable properties -get_prop(domain, debug_prop) -get_prop(domain, exported_config_prop) -get_prop(domain, exported_default_prop) -get_prop(domain, exported_dumpstate_prop) -get_prop(domain, exported_fingerprint_prop) -get_prop(domain, exported_radio_prop) -get_prop(domain, exported_secure_prop) -get_prop(domain, exported_system_prop) -get_prop(domain, exported_vold_prop) -get_prop(domain, exported2_default_prop) -get_prop(domain, logd_prop) - -# Let everyone read log properties, so that liblog can avoid sending unloggable -# messages to logd. -get_prop(domain, log_property_type) -dontaudit domain property_type:file audit_access; -allow domain property_contexts_file:file r_file_perms; - -allow domain init:key search; -allow domain vold:key search; - -# logd access -write_logd(domain) - -# Directory/link file access for path resolution. -allow domain { - system_file - system_lib_file - system_seccomp_policy_file - system_security_cacerts_file -}:dir r_dir_perms; -allow domain system_file:lnk_file { getattr read }; - -# Global access to /system/etc/security/cacerts/*, /system/etc/seccomp_policy/*, /system/lib[64]/*, -# linker and its config. -allow domain system_seccomp_policy_file:file r_file_perms; -# cacerts are accessible from public Java API. -allow domain system_security_cacerts_file:file r_file_perms; -allow domain system_linker_exec:file { execute read open getattr map }; -allow domain system_linker_config_file:file r_file_perms; -allow domain system_lib_file:file { execute read open getattr map }; -# To allow following symlinks at /system/bin/linker, /system/lib/libc.so, etc. -allow domain system_linker_exec:lnk_file { read open getattr }; -allow domain system_lib_file:lnk_file { read open getattr }; - -allow domain system_event_log_tags_file:file r_file_perms; - -allow { appdomain coredomain } system_file:file { execute read open getattr map }; - -# Make sure system/vendor split doesn not affect non-treble -# devices -not_full_treble(` - allow domain system_file:file { execute read open getattr map }; - allow domain vendor_file_type:dir { search getattr }; - allow domain vendor_file_type:file { execute read open getattr map }; - allow domain vendor_file_type:lnk_file { getattr read }; -') - -# All domains are allowed to open and read directories -# that contain HAL implementations (e.g. passthrough -# HALs require clients to have these permissions) -allow domain vendor_hal_file:dir r_dir_perms; - -# Everyone can read and execute all same process HALs -allow domain same_process_hal_file:dir r_dir_perms; -allow { - domain - -coredomain # access is explicitly granted to individual coredomains -} same_process_hal_file:file { execute read open getattr map }; - -# Any process can load vndk-sp libraries, which are system libraries -# used by same process HALs -allow domain vndk_sp_file:dir r_dir_perms; -allow domain vndk_sp_file:file { execute read open getattr map }; - -# All domains get access to /vendor/etc -allow domain vendor_configs_file:dir r_dir_perms; -allow domain vendor_configs_file:file { read open getattr map }; - -full_treble_only(` - # Allow all domains to be able to follow /system/vendor and/or - # /vendor/odm symlinks. - allow domain vendor_file_type:lnk_file { getattr open read }; - - # This is required to be able to search & read /vendor/lib64 - # in order to lookup vendor libraries. The execute permission - # for coredomains is granted *only* for same process HALs - allow domain vendor_file:dir { getattr search }; - - # Allow reading and executing out of /vendor to all vendor domains - allow { domain -coredomain } vendor_file_type:dir r_dir_perms; - allow { domain -coredomain } vendor_file_type:file { read open getattr execute map }; - allow { domain -coredomain } vendor_file_type:lnk_file { getattr read }; -') - -# read and stat any sysfs symlinks -allow domain sysfs:lnk_file { getattr read }; - -# libc references /data/misc/zoneinfo and /system/usr/share/zoneinfo for -# timezone related information. -# This directory is considered to be a VNDK-stable -allow domain { system_zoneinfo_file zoneinfo_data_file }:file r_file_perms; -allow domain { system_zoneinfo_file zoneinfo_data_file }:dir r_dir_perms; - -# Lots of processes access current CPU information -r_dir_file(domain, sysfs_devices_system_cpu) - -r_dir_file(domain, sysfs_usb); - -# If kernel CONFIG_TRANSPARENT_HUGEPAGE is enabled, libjemalloc5 (statically -# included by libc) reads /sys/kernel/mm/transparent_hugepage/enabled. -allow domain sysfs_transparent_hugepage:dir search; -allow domain sysfs_transparent_hugepage:file r_file_perms; - -# files under /data. -not_full_treble(` - allow domain system_data_file:dir getattr; -') -allow { coredomain appdomain } system_data_file:dir getattr; -# /data has the label system_data_file. Vendor components need the search -# permission on system_data_file for path traversal to /data/vendor. -allow domain system_data_file:dir search; -# TODO restrict this to non-coredomain -allow domain vendor_data_file:dir { getattr search }; - -# required by the dynamic linker -allow domain proc:lnk_file { getattr read }; - -# /proc/cpuinfo -allow domain proc_cpuinfo:file r_file_perms; - -# /dev/cpu_variant:.* -allow domain dev_cpu_variant:file r_file_perms; - -# jemalloc needs to read /proc/sys/vm/overcommit_memory -allow domain proc_overcommit_memory:file r_file_perms; - -# profiling needs to read /proc/sys/kernel/perf_event_max_sample_rate -allow domain proc_perf:file r_file_perms; - -# toybox loads libselinux which stats /sys/fs/selinux/ -allow domain selinuxfs:dir search; -allow domain selinuxfs:file getattr; -allow domain sysfs:dir search; -allow domain selinuxfs:filesystem getattr; - -# Almost all processes log tracing information to -# /sys/kernel/debug/tracing/trace_marker -# The reason behind this is documented in b/6513400 -allow domain debugfs:dir search; -allow domain debugfs_tracing:dir search; -allow domain debugfs_tracing_debug:dir search; -allow domain debugfs_trace_marker:file w_file_perms; - -# Filesystem access. -allow domain fs_type:filesystem getattr; -allow domain fs_type:dir getattr; - -# Restrict all domains to a whitelist for common socket types. Additional -# ioctl commands may be added to individual domains, but this sets safe -# defaults for all processes. Note that granting this whitelist to domain does -# not grant the ioctl permission on these socket types. That must be granted -# separately. -allowxperm domain domain:{ icmp_socket rawip_socket tcp_socket udp_socket } - ioctl { unpriv_sock_ioctls unpriv_tty_ioctls }; -# default whitelist for unix sockets. -allowxperm domain { domain pdx_channel_socket_type }:{ unix_dgram_socket unix_stream_socket } - ioctl unpriv_unix_sock_ioctls; - -# Restrict PTYs to only whitelisted ioctls. -# Note that granting this whitelist to domain does -# not grant the wider ioctl permission. That must be granted -# separately. -allowxperm domain devpts:chr_file ioctl unpriv_tty_ioctls; - -# All domains must clearly enumerate what ioctls they use -# on filesystem objects (plain files, directories, symbolic links, -# named pipes, and named sockets). We start off with a safe set. -allowxperm domain { file_type fs_type domain dev_type }:{ dir notdevfile_class_set blk_file } ioctl { FIOCLEX FIONCLEX }; - -# If a domain has ioctl access to tun_device, it must clearly enumerate the -# ioctls used. Safe defaults are listed below. -allowxperm domain tun_device:chr_file ioctl { FIOCLEX FIONCLEX }; - -# Allow a process to make a determination whether a file descriptor -# for a plain file or pipe (fifo_file) is a tty. Note that granting -# this whitelist to domain does not grant the ioctl permission to -# these files. That must be granted separately. -allowxperm domain { file_type fs_type }:file ioctl { TCGETS }; -allowxperm domain domain:fifo_file ioctl { TCGETS }; - -# If a domain has access to perform an ioctl on a block device, allow these -# very common, benign ioctls -allowxperm domain dev_type:blk_file ioctl { BLKGETSIZE64 BLKSSZGET }; - -# Support sqlite F2FS specific optimizations -# ioctl permission on the specific file type is still required -# TODO: consider only compiling these rules if we know the -# /data partition is F2FS -allowxperm domain { file_type sdcard_type }:file ioctl { - F2FS_IOC_ABORT_VOLATILE_WRITE - F2FS_IOC_COMMIT_ATOMIC_WRITE - F2FS_IOC_GET_FEATURES - F2FS_IOC_GET_PIN_FILE - F2FS_IOC_SET_PIN_FILE - F2FS_IOC_START_ATOMIC_WRITE -}; - -# Workaround for policy compiler being too aggressive and removing hwservice_manager_type -# when it's not explicitly used in allow rules -allow { domain -domain } hwservice_manager_type:hwservice_manager { add find }; -# Workaround for policy compiler being too aggressive and removing vndservice_manager_type -# when it's not explicitly used in allow rules -allow { domain -domain } vndservice_manager_type:service_manager { add find }; - -# Under ASAN, processes will try to read /data, as the sanitized libraries are there. -with_asan(`allow domain system_data_file:dir getattr;') -# Under ASAN, /system/asan.options needs to be globally accessible. -with_asan(`allow domain system_asan_options_file:file r_file_perms;') - -# read APEX dir and stat any symlink pointing to APEXs. -allow domain apex_mnt_dir:dir { getattr search }; -allow domain apex_mnt_dir:lnk_file r_file_perms; - -### -### neverallow rules -### - -# All ioctls on file-like objects (except chr_file and blk_file) and -# sockets must be restricted to a whitelist. -neverallowxperm * *:{ dir notdevfile_class_set socket_class_set blk_file } ioctl { 0 }; - -# b/68014825 and https://android-review.googlesource.com/516535 -# rfc6093 says that processes should not use the TCP urgent mechanism -neverallowxperm domain domain:socket_class_set ioctl { SIOCATMARK }; - -# TIOCSTI is only ever used for exploits. Block it. -# b/33073072, b/7530569 -# http://www.openwall.com/lists/oss-security/2016/09/26/14 -neverallowxperm * devpts:chr_file ioctl TIOCSTI; - -# Do not allow any domain other than init to create unlabeled files. -neverallow { domain -init -recovery } unlabeled:dir_file_class_set create; - -# Limit device node creation to these whitelisted domains. -neverallow { - domain - -kernel - -init - -ueventd - -vold -} self:global_capability_class_set mknod; - -# No process can map low memory (< CONFIG_LSM_MMAP_MIN_ADDR). -neverallow * self:memprotect mmap_zero; - -# No domain needs mac_override as it is unused by SELinux. -neverallow * self:global_capability2_class_set mac_override; - -# Disallow attempts to set contexts not defined in current policy -# This helps guarantee that unknown or dangerous contents will not ever -# be set. -neverallow * self:global_capability2_class_set mac_admin; - -# Once the policy has been loaded there shall be none to modify the policy. -# It is sealed. -neverallow * kernel:security load_policy; - -# Only init prior to switching context should be able to set enforcing mode. -# init starts in kernel domain and switches to init domain via setcon in -# the init.rc, so the setenforce occurs while still in kernel. After -# switching domains, there is never any need to setenforce again by init. -neverallow * kernel:security setenforce; -neverallow { domain -kernel } kernel:security setcheckreqprot; - -# No booleans in AOSP policy, so no need to ever set them. -neverallow * kernel:security setbool; - -# Adjusting the AVC cache threshold. -# Not presently allowed to anything in policy, but possibly something -# that could be set from init.rc. -neverallow { domain -init } kernel:security setsecparam; - -# Only init, ueventd, shell and system_server should be able to access HW RNG -neverallow { - domain - -init - -shell # For CTS and is restricted to getattr in shell.te - -system_server - -ueventd -} hw_random_device:chr_file *; -# b/78174219 b/64114943 -neverallow { - domain - -shell # stat of /dev, getattr only - -ueventd -} keychord_device:chr_file *; - -# Ensure that all entrypoint executables are in exec_type or postinstall_file. -neverallow * { file_type -exec_type -postinstall_file }:file entrypoint; - -# The dynamic linker always calls access(2) on the path. Don't generate SElinux -# denials since the linker does not actually access the path in case the path -# does not exist or isn't accessible for the process. -dontaudit domain postinstall_mnt_dir:dir audit_access; - -#Ensure that nothing in userspace can access /dev/port -neverallow { - domain - -shell # Shell user should not have any abilities outside of getattr - -ueventd -} port_device:chr_file *; -neverallow * port_device:chr_file ~{ create relabelto unlink setattr getattr }; -# Only init should be able to configure kernel usermodehelpers or -# security-sensitive proc settings. -neverallow { domain -init } usermodehelper:file { append write }; -neverallow { domain -init -ueventd } sysfs_usermodehelper:file { append write }; -neverallow { domain -init -vendor_init } proc_security:file { append open read write }; - -# Nobody is allowed to make binder calls into init. -# Only servicemanager may transfer binder references to init -# vendor_init shouldn't use binder at all. -neverallow * init:binder ~{ transfer }; -neverallow { domain -servicemanager } init:binder { transfer }; -neverallow * vendor_init:binder *; - -# Don't allow raw read/write/open access to block_device -# Rather force a relabel to a more specific type -neverallow { domain -kernel -init -recovery } block_device:blk_file { open read write }; - -# Do not allow renaming of block files or character files -# Ability to do so can lead to possible use in an exploit chain -# e.g. https://googleprojectzero.blogspot.com/2016/12/chrome-os-exploit-one-byte-overflow-and.html -neverallow * *:{ blk_file chr_file } rename; - -# Don't allow raw read/write/open access to generic devices. -# Rather force a relabel to a more specific type. -neverallow domain device:chr_file { open read write }; - -# Files from cache should never be executed -neverallow domain { cache_file cache_backup_file cache_private_backup_file cache_recovery_file }:file execute; - -# Protect most domains from executing arbitrary content from /data. -neverallow { - domain - -appdomain -} { - data_file_type - -dalvikcache_data_file - -system_data_file # shared libs in apks - -apk_data_file -}:file no_x_file_perms; - -# The test files and executables MUST not be accessible to any domain -neverallow { domain userdebug_or_eng(`-kernel') } nativetest_data_file:file_class_set no_w_file_perms; -neverallow domain nativetest_data_file:dir no_w_dir_perms; -neverallow { domain userdebug_or_eng(`-shell') } nativetest_data_file:file no_x_file_perms; - -# Only the init property service should write to /data/property and /dev/__properties__ -neverallow { domain -init } property_data_file:dir no_w_dir_perms; -neverallow { domain -init } property_data_file:file { no_w_file_perms no_x_file_perms }; -neverallow { domain -init } property_type:file { no_w_file_perms no_x_file_perms }; -neverallow { domain -init } properties_device:file { no_w_file_perms no_x_file_perms }; -neverallow { domain -init } properties_serial:file { no_w_file_perms no_x_file_perms }; - -# Nobody should be doing writes to /system & /vendor -# These partitions are intended to be read-only and must never be -# modified. Doing so would violate important Android security guarantees -# and invalidate dm-verity signatures. -neverallow { - domain - with_asan(`-asan_extract') - recovery_only(`userdebug_or_eng(`-fastbootd')') -} { - system_file_type - vendor_file_type - exec_type -}:dir_file_class_set { create write setattr relabelfrom append unlink link rename }; - -neverallow { domain -kernel with_asan(`-asan_extract') } { system_file_type vendor_file_type exec_type }:dir_file_class_set relabelto; - -# Don't allow mounting on top of /system files or directories -neverallow * exec_type:dir_file_class_set mounton; -neverallow { domain -init } { system_file_type vendor_file_type }:dir_file_class_set mounton; - -# Nothing should be writing to files in the rootfs. -neverallow * rootfs:file { create write setattr relabelto append unlink link rename }; - -# Restrict context mounts to specific types marked with -# the contextmount_type attribute. -neverallow * {fs_type -contextmount_type}:filesystem relabelto; - -# Ensure that context mount types are not writable, to ensure that -# the write to /system restriction above is not bypassed via context= -# mount to another type. -neverallow * contextmount_type:dir_file_class_set - { create setattr relabelfrom relabelto append link rename }; -neverallow { domain recovery_only(`userdebug_or_eng(`-fastbootd')') } contextmount_type:dir_file_class_set { write unlink }; - -# Do not allow service_manager add for default service labels. -# Instead domains should use a more specific type such as -# system_app_service rather than the generic type. -# New service_types are defined in {,hw,vnd}service.te and new mappings -# from service name to service_type are defined in {,hw,vnd}service_contexts. -neverallow * default_android_service:service_manager add; -neverallow * default_android_vndservice:service_manager { add find }; -neverallow * default_android_hwservice:hwservice_manager { add find }; - -# Looking up the base class/interface of all HwBinder services is a bad idea. -# hwservicemanager currently offer such lookups only to make it so that security -# decisions are expressed in SELinux policy. However, it's unclear whether this -# lookup has security implications. If it doesn't, hwservicemanager should be -# modified to not offer this lookup. -# This rule can be removed if hwservicemanager is modified to not permit these -# lookups. -neverallow * hidl_base_hwservice:hwservice_manager find; - -# Require that domains explicitly label unknown properties, and do not allow -# anyone but init to modify unknown properties. -neverallow { domain -init -vendor_init } default_prop:property_service set; -neverallow { domain -init -vendor_init } mmc_prop:property_service set; - -compatible_property_only(` - neverallow { domain -init } default_prop:property_service set; - neverallow { domain -init } mmc_prop:property_service set; - neverallow { domain -init -vendor_init } exported_default_prop:property_service set; - neverallow { domain -init } exported_secure_prop:property_service set; - neverallow { domain -init } exported2_default_prop:property_service set; - neverallow { domain -init -vendor_init } exported3_default_prop:property_service set; - neverallow { domain -init -vendor_init } vendor_default_prop:property_service set; -') - -# Only core domains are allowed to access package_manager properties -neverallow { domain -init -system_server } pm_prop:property_service set; -neverallow { domain -coredomain } pm_prop:file no_rw_file_perms; - -compatible_property_only(` - neverallow { domain -init -system_server -vendor_init } exported_pm_prop:property_service set; - neverallow { domain -coredomain -vendor_init } exported_pm_prop:file no_rw_file_perms; -') - -# Do not allow reading device's serial number from system properties except form -# a few whitelisted domains. -neverallow { - domain - -adbd - -dumpstate - -fastbootd - -hal_camera_server - -hal_cas_server - -hal_drm_server - -init - -mediadrmserver - -recovery - -shell - -system_server - -vendor_init -} serialno_prop:file r_file_perms; - -# Do not allow reading the last boot timestamp from system properties -neverallow { domain -init -system_server -dumpstate } firstboot_prop:file r_file_perms; - -neverallow { - domain - -init - -recovery - -system_server - -shell # Shell is further restricted in shell.te - -ueventd # Further restricted in ueventd.te -} frp_block_device:blk_file no_rw_file_perms; - -# The metadata block device is set aside for device encryption and -# verified boot metadata. It may be reset at will and should not -# be used by other domains. -neverallow { - domain - -init - -recovery - -vold - -e2fs - -fsck - -fastbootd -} metadata_block_device:blk_file { append link rename write open read ioctl lock }; - -# No domain other than recovery, update_engine and fastbootd can write to system partition(s). -neverallow { - domain - -fastbootd - userdebug_or_eng(`-fsck') - userdebug_or_eng(`-init') - -recovery - -update_engine -} system_block_device:blk_file { write append }; - -# No domains other than a select few can access the misc_block_device. This -# block device is reserved for OTA use. -# Do not assert this rule on userdebug/eng builds, due to some devices using -# this partition for testing purposes. -neverallow { - domain - userdebug_or_eng(`-domain') # exclude debuggable builds - -fastbootd - -hal_bootctl_server - -init - -uncrypt - -update_engine - -vendor_init - -vendor_misc_writer - -vold - -recovery - -ueventd -} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock }; - -# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager -neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr; -# The service managers are only allowed to access their own device node -neverallow servicemanager hwbinder_device:chr_file no_rw_file_perms; -neverallow servicemanager vndbinder_device:chr_file no_rw_file_perms; -neverallow hwservicemanager binder_device:chr_file no_rw_file_perms; -neverallow hwservicemanager vndbinder_device:chr_file no_rw_file_perms; -neverallow vndservicemanager binder_device:chr_file no_rw_file_perms; -neverallow vndservicemanager hwbinder_device:chr_file no_rw_file_perms; - -# On full TREBLE devices, only core components and apps can use Binder and servicemanager. Non-core -# domain apps need this because Android framework offers many of its services to apps as Binder -# services. -full_treble_only(` - neverallow { - domain - -coredomain - -appdomain - -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone - } binder_device:chr_file rw_file_perms; -') - -# libcutils can probe for /dev/binder permissions with access(). Ignore -# generated denials. See b/129073672 for details. -dontaudit domain binder_device:chr_file audit_access; - -full_treble_only(` - neverallow { - domain - -coredomain - -appdomain # restrictions for vendor apps are declared lower down - -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone - } service_manager_type:service_manager find; -') -full_treble_only(` - # Vendor apps are permited to use only stable public services. If they were to use arbitrary - # services which can change any time framework/core is updated, breakage is likely. - neverallow { - appdomain - -coredomain - } { - service_manager_type - -app_api_service - -ephemeral_app_api_service - -audioserver_service # TODO(b/36783122) remove exemptions below once app_api_service is fixed - -cameraserver_service - -drmserver_service - -keystore_service - -mediadrmserver_service - -mediaextractor_service - -mediametrics_service - -mediaserver_service - -nfc_service - -radio_service - -virtual_touchpad_service - -vr_hwc_service - -vr_manager_service - }:service_manager find; -') -full_treble_only(` - neverallow { - domain - -coredomain - -appdomain - -binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone - } servicemanager:binder { call transfer }; -') - -# On full TREBLE devices, only vendor components, shell, and su can use VendorBinder. -full_treble_only(` - neverallow { - coredomain - -shell - userdebug_or_eng(`-su') - -ueventd # uevent is granted create for this device, but we still neverallow I/O below - } vndbinder_device:chr_file rw_file_perms; -') -full_treble_only(` - neverallow ueventd vndbinder_device:chr_file { read write append ioctl }; -') -full_treble_only(` - neverallow { - coredomain - -shell - userdebug_or_eng(`-su') - } vndservice_manager_type:service_manager *; -') -full_treble_only(` - neverallow { - coredomain - -shell - userdebug_or_eng(`-su') - } vndservicemanager:binder *; -') - -# On full TREBLE devices, socket communications between core components and vendor components are -# not permitted. - # Most general rules first, more specific rules below. - - # Core domains are not permitted to initiate communications to vendor domain sockets. - # We are not restricting the use of already established sockets because it is fine for a process - # to obtain an already established socket via some public/official/stable API and then exchange - # data with its peer over that socket. The wire format in this scenario is dicatated by the API - # and thus does not break the core-vendor separation. -full_treble_only(` - neverallow_establish_socket_comms({ - coredomain - -init - -adbd - }, { - domain - -coredomain - -socket_between_core_and_vendor_violators - }); -') - # Vendor domains are not permitted to initiate communications to core domain sockets -full_treble_only(` - neverallow_establish_socket_comms({ - domain - -coredomain - -appdomain - -socket_between_core_and_vendor_violators - }, { - coredomain - -logd # Logging by writing to logd Unix domain socket is public API - -netd # netdomain needs this - -mdnsd # netdomain needs this - userdebug_or_eng(`-su') # communications with su are permitted only on userdebug or eng builds - -init - -tombstoned # linker to tombstoned - userdebug_or_eng('-heapprofd`) - }); -') - - # Vendor domains are not permitted to initiate create/open sockets owned by core domains -full_treble_only(` - neverallow { - domain - -coredomain - -appdomain # appdomain restrictions below - -data_between_core_and_vendor_violators # b/70393317 - -socket_between_core_and_vendor_violators - -vendor_init - } { - coredomain_socket - core_data_file_type - unlabeled # used only by core domains - }:sock_file ~{ append getattr ioctl read write }; -') -full_treble_only(` - neverallow { - appdomain - -coredomain - } { - coredomain_socket - unlabeled # used only by core domains - core_data_file_type - -app_data_file - -privapp_data_file - -pdx_endpoint_socket_type # used by VR layer - -pdx_channel_socket_type # used by VR layer - }:sock_file ~{ append getattr ioctl read write }; -') - - # Core domains are not permitted to create/open sockets owned by vendor domains -full_treble_only(` - neverallow { - coredomain - -init - -ueventd - -socket_between_core_and_vendor_violators - } { - file_type - dev_type - -coredomain_socket - -core_data_file_type - -unlabeled - }:sock_file ~{ append getattr ioctl read write }; -') - -# On TREBLE devices, vendor and system components are only allowed to share -# files by passing open FDs over hwbinder. Ban all directory access and all file -# accesses other than what can be applied to an open FD such as -# ioctl/stat/read/write/append. This is enforced by segregating /data. -# Vendor domains may directly access file in /data/vendor by path, but may only -# access files outside of /data/vendor via an open FD passed over hwbinder. -# Likewise, core domains may only directly access files outside /data/vendor by -# path and files in /data/vendor by open FD. -full_treble_only(` - # only coredomains may only access core_data_file_type, particularly not - # /data/vendor - neverallow { - coredomain - -appdomain # TODO(b/34980020) remove exemption for appdomain - -data_between_core_and_vendor_violators - -init - -vold_prepare_subdirs - } { - data_file_type - -core_data_file_type - }:file_class_set ~{ append getattr ioctl read write map }; -') -full_treble_only(` - neverallow { - coredomain - -appdomain # TODO(b/34980020) remove exemption for appdomain - -data_between_core_and_vendor_violators - -init - -vold_prepare_subdirs - } { - data_file_type - -core_data_file_type - # TODO(b/72998741) Remove exemption. Further restricted in a subsequent - # neverallow. Currently only getattr and search are allowed. - -vendor_data_file - }:dir *; - -') -full_treble_only(` - # vendor domains may only access files in /data/vendor, never core_data_file_types - neverallow { - domain - -appdomain # TODO(b/34980020) remove exemption for appdomain - -coredomain - -data_between_core_and_vendor_violators # TODO(b/34980020) Remove once all violators have been cleaned up - -vendor_init - } { - core_data_file_type - # libc includes functions like mktime and localtime which attempt to access - # files in /data/misc/zoneinfo/tzdata and /system/usr/share/zoneinfo/tzdata. - # These functions are considered vndk-stable and thus must be allowed for - # all processes. - -zoneinfo_data_file - }:file_class_set ~{ append getattr ioctl read write map }; - neverallow { - vendor_init - -data_between_core_and_vendor_violators - } { - core_data_file_type - -unencrypted_data_file - -zoneinfo_data_file - }:file_class_set ~{ append getattr ioctl read write map }; - # vendor init needs to be able to read unencrypted_data_file to create directories with FBE. - # The vendor init binary lives on the system partition so there is not a concern with stability. - neverallow vendor_init unencrypted_data_file:file ~r_file_perms; -') -full_treble_only(` - # vendor domains may only access dirs in /data/vendor, never core_data_file_types - neverallow { - domain - -appdomain # TODO(b/34980020) remove exemption for appdomain - -coredomain - -data_between_core_and_vendor_violators - -vendor_init - } { - core_data_file_type - -system_data_file # default label for files on /data. Covered below... - -vendor_data_file - -zoneinfo_data_file - }:dir *; - neverallow { - vendor_init - -data_between_core_and_vendor_violators - } { - core_data_file_type - -unencrypted_data_file - -system_data_file - -vendor_data_file - -zoneinfo_data_file - }:dir *; - # vendor init needs to be able to read unencrypted_data_file to create directories with FBE. - # The vendor init binary lives on the system partition so there is not a concern with stability. - neverallow vendor_init unencrypted_data_file:dir ~search; -') -full_treble_only(` - # vendor domains may only access dirs in /data/vendor, never core_data_file_types - neverallow { - domain - -appdomain # TODO(b/34980020) remove exemption for appdomain - -coredomain - -data_between_core_and_vendor_violators # TODO(b/34980020) Remove once all violators have been cleaned up - } { - system_data_file # default label for files on /data. Covered below - }:dir ~{ getattr search }; -') - -full_treble_only(` - # coredomains may not access dirs in /data/vendor. - neverallow { - coredomain - -data_between_core_and_vendor_violators # TODO(b/34980020) Remove once all violators have been cleaned up - -init - -vold # vold creates per-user storage for both system and vendor - -vold_prepare_subdirs - } { - vendor_data_file # default label for files on /data. Covered below - }:dir ~{ getattr search }; -') - -full_treble_only(` - # coredomains may not access dirs in /data/vendor. - neverallow { - coredomain - -data_between_core_and_vendor_violators # TODO(b/34980020) Remove once all violators have been cleaned up - -init - } { - vendor_data_file # default label for files on /data/vendor{,_ce,_de}. - }:file_class_set ~{ append getattr ioctl read write map }; -') - -full_treble_only(` - # Non-vendor domains are not allowed to file execute shell - # from vendor - neverallow { - coredomain - -init - -shell - } vendor_shell_exec:file { execute execute_no_trans }; -') - -full_treble_only(` - # Do not allow vendor components to execute files from system - # except for the ones whitelist here. - neverallow { - domain - -coredomain - -appdomain - -vendor_executes_system_violators - -vendor_init - } { - system_file_type - -system_lib_file - -system_linker_exec - -crash_dump_exec - -netutils_wrapper_exec - userdebug_or_eng(`-tcpdump_exec') - }:file { entrypoint execute execute_no_trans }; -') - -full_treble_only(` - # Do not allow system components to execute files from vendor - # except for the ones whitelisted here. - neverallow { - coredomain - -init - -shell - -system_executes_vendor_violators - } { - vendor_file_type - -same_process_hal_file - -vndk_sp_file - -vendor_app_file - -vendor_public_lib_file - }:file execute; -') - -full_treble_only(` - neverallow { - coredomain - -shell - -system_executes_vendor_violators - } { - vendor_file_type - -same_process_hal_file - }:file execute_no_trans; -') - -full_treble_only(` - # Do not allow system components access to /vendor files except for the - # ones whitelisted here. - neverallow { - coredomain - # TODO(b/37168747): clean up fwk access to /vendor - -crash_dump - -init # starts vendor executables - -kernel # loads /vendor/firmware - userdebug_or_eng(`-perfprofd') - userdebug_or_eng(`-heapprofd') - -shell - -system_executes_vendor_violators - -ueventd # reads /vendor/ueventd.rc - } { - vendor_file_type - -same_process_hal_file - -vendor_app_file - -vendor_configs_file - -vendor_framework_file - -vendor_idc_file - -vendor_keychars_file - -vendor_keylayout_file - -vendor_overlay_file - -vendor_public_lib_file - -vendor_task_profiles_file - -vndk_sp_file - }:file *; -') - -full_treble_only(` - # Do not allow vendor components access to /system files except for the - # ones whitelisted here. - neverallow { - domain - -appdomain - -coredomain - -vendor_executes_system_violators - # vendor_init needs access to init_exec for domain transition. vendor_init - # neverallows are covered in public/vendor_init.te - -vendor_init - } { - system_file_type - -crash_dump_exec - -file_contexts_file - -netutils_wrapper_exec - -property_contexts_file - -system_event_log_tags_file - -system_lib_file - with_asan(`-system_asan_options_file') - -system_linker_exec - -system_linker_config_file - -system_seccomp_policy_file - -system_security_cacerts_file - -system_zoneinfo_file - -task_profiles_file - userdebug_or_eng(`-tcpdump_exec') - }:file *; -') - -# Only system_server should be able to send commands via the zygote socket -neverallow { domain -zygote -system_server } zygote:unix_stream_socket connectto; -neverallow { domain -system_server } zygote_socket:sock_file write; - -neverallow { domain -system_server -webview_zygote -app_zygote } webview_zygote:unix_stream_socket connectto; -neverallow { domain -system_server } webview_zygote:sock_file write; -neverallow { domain -system_server } app_zygote:sock_file write; - -neverallow { - domain - -tombstoned - -crash_dump - -dumpstate - -incidentd - -system_server - - # Processes that can't exec crash_dump - -hal_omx_server - -mediaswcodec_server - -mediaextractor -} tombstoned_crash_socket:unix_stream_socket connectto; - -# Never allow anyone except dumpstate, incidentd, or the system server to connect or write to -# the tombstoned intercept socket. -neverallow { domain -dumpstate -incidentd -system_server } tombstoned_intercept_socket:sock_file write; -neverallow { domain -dumpstate -incidentd -system_server } tombstoned_intercept_socket:unix_stream_socket connectto; - -# Android does not support System V IPCs. -# -# The reason for this is due to the fact that, by design, they lead to global -# kernel resource leakage. -# -# For example, there is no way to automatically release a SysV semaphore -# allocated in the kernel when: -# -# - a buggy or malicious process exits -# - a non-buggy and non-malicious process crashes or is explicitly killed. -# -# Killing processes automatically to make room for new ones is an -# important part of Android's application lifecycle implementation. This means -# that, even assuming only non-buggy and non-malicious code, it is very likely -# that over time, the kernel global tables used to implement SysV IPCs will fill -# up. -neverallow * *:{ shm sem msg msgq } *; - -# Do not mount on top of symlinks, fifos, or sockets. -# Feature parity with Chromium LSM. -neverallow * { file_type fs_type dev_type }:{ lnk_file fifo_file sock_file } mounton; - -# Nobody should be able to execute su on user builds. -# On userdebug/eng builds, only dumpstate, shell, and -# su itself execute su. -neverallow { domain userdebug_or_eng(`-dumpstate -shell -su') } su_exec:file no_x_file_perms; - -# Do not allow the introduction of new execmod rules. Text relocations -# and modification of executable pages are unsafe. -# The only exceptions are for NDK text relocations associated with -# https://code.google.com/p/android/issues/detail?id=23203 -# which, long term, need to go away. -neverallow * { - file_type - -apk_data_file - -app_data_file - -asec_public_file -}:file execmod; - -# Do not allow making the stack or heap executable. -# We would also like to minimize execmem but it seems to be -# required by some device-specific service domains. -neverallow * self:process { execstack execheap }; - -# Do not allow the introduction of new execmod rules. Text relocations -# and modification of executable pages are unsafe. -neverallow { domain -untrusted_app_25 -untrusted_app_27 } file_type:file execmod; - -neverallow { domain -init } proc:{ file dir } mounton; - -# Ensure that all types assigned to processes are included -# in the domain attribute, so that all allow and neverallow rules -# written on domain are applied to all processes. -# This is achieved by ensuring that it is impossible to transition -# from a domain to a non-domain type and vice versa. -# TODO - rework this: neverallow domain ~domain:process { transition dyntransition }; -neverallow ~domain domain:process { transition dyntransition }; - -# -# Only system_app and system_server should be creating or writing -# their files. The proper way to share files is to setup -# type transitions to a more specific type or assigning a type -# to its parent directory via a file_contexts entry. -# Example type transition: -# mydomain.te:file_type_auto_trans(mydomain, system_data_file, new_file_type) -# -neverallow { - domain - -system_server - -system_app - -init - -installd # for relabelfrom and unlink, check for this in explicit neverallow - -vold_prepare_subdirs # For unlink - with_asan(`-asan_extract') -} system_data_file:file no_w_file_perms; -# do not grant anything greater than r_file_perms and relabelfrom unlink -# to installd -neverallow installd system_data_file:file ~{ r_file_perms relabelfrom unlink }; - -# respect system_app sandboxes -neverallow { - domain - -appdomain # finer-grained rules for appdomain are listed below - -system_server #populate com.android.providers.settings/databases/settings.db. - -installd # creation of app sandbox - -traced_probes # resolve inodes for i/o tracing. - # only needs open and read, the rest is neverallow in - # traced_probes.te. -} system_app_data_file:dir_file_class_set { create unlink open }; -neverallow { - isolated_app - untrusted_app_all # finer-grained rules for appdomain are listed below - ephemeral_app - priv_app -} system_app_data_file:dir_file_class_set { create unlink open }; - -# -# Only these domains should transition to shell domain. This domain is -# permissible for the "shell user". If you need a process to exec a shell -# script with differing privilege, define a domain and set up a transition. -# -neverallow { - domain - -adbd - -init - -runas - -zygote -} shell:process { transition dyntransition }; - -# Only domains spawned from zygote, runas and simpleperf_app_runner may have the appdomain -# attribute. -neverallow { domain -simpleperf_app_runner -runas -app_zygote -webview_zygote -zygote } { - appdomain -shell userdebug_or_eng(`-su') -}:process { transition dyntransition }; - -# Minimize read access to shell- or app-writable symlinks. -# This is to prevent malicious symlink attacks. -neverallow { - domain - -appdomain - -installd -} { app_data_file privapp_data_file }:lnk_file read; - -neverallow { - domain - -shell - userdebug_or_eng(`-uncrypt') - -installd -} shell_data_file:lnk_file read; - -# In addition to the symlink reading restrictions above, restrict -# write access to shell owned directories. The /data/local/tmp -# directory is untrustworthy, and non-whitelisted domains should -# not be trusting any content in those directories. -neverallow { - domain - -adbd - -dumpstate - -installd - -init - -shell - -vold -} shell_data_file:dir no_w_dir_perms; - -neverallow { - domain - -adbd - -appdomain - -dumpstate - -init - -installd - -simpleperf_app_runner - -system_server # why? - userdebug_or_eng(`-uncrypt') -} shell_data_file:dir { open search }; - -# Same as above for /data/local/tmp files. We allow shell files -# to be passed around by file descriptor, but not directly opened. -neverallow { - domain - -adbd - -appdomain - -dumpstate - -installd - userdebug_or_eng(`-uncrypt') -} shell_data_file:file open; - -# servicemanager and vndservicemanager are the only processes which handle the -# service_manager list request -neverallow * ~{ - servicemanager - vndservicemanager - }:service_manager list; - -# hwservicemanager is the only process which handles hw list requests -neverallow * ~{ - hwservicemanager - }:hwservice_manager list; - -# only service_manager_types can be added to service_manager -# TODO - rework this: neverallow * ~service_manager_type:service_manager { add find }; - -# Prevent assigning non property types to properties -# TODO - rework this: neverallow * ~property_type:property_service set; - -# Domain types should never be assigned to any files other -# than the /proc/pid files associated with a process. The -# executable file used to enter a domain should be labeled -# with its own _exec type, not with the domain type. -# Conventionally, this looks something like: -# $ cat mydaemon.te -# type mydaemon, domain; -# type mydaemon_exec, exec_type, file_type; -# init_daemon_domain(mydaemon) -# $ grep mydaemon file_contexts -# /system/bin/mydaemon -- u:object_r:mydaemon_exec:s0 -neverallow * domain:file { execute execute_no_trans entrypoint }; - -# Do not allow access to the generic debugfs label. This is too broad. -# Instead, if access to part of debugfs is desired, it should have a -# more specific label. -# TODO: fix dumpstate -neverallow { domain -init -vendor_init -dumpstate } debugfs:{ file lnk_file } no_rw_file_perms; - -# Do not allow executable files in debugfs. -neverallow domain debugfs_type:file { execute execute_no_trans }; - -# Profiles contain untrusted data and profman parses that. We should only run -# in from installd forked processes. -neverallow { - domain - -installd - -profman -} profman_exec:file no_x_file_perms; - -# Enforce restrictions on kernel module origin. -# Do not allow kernel module loading except from system, -# vendor, and boot partitions. -neverallow * ~{ system_file vendor_file rootfs }:system module_load; - -# Only allow filesystem caps to be set at build time. Runtime changes -# to filesystem capabilities are not permitted. -neverallow * self:global_capability_class_set setfcap; - -# Enforce AT_SECURE for executing crash_dump. -neverallow domain crash_dump:process noatsecure; - -# Do not permit non-core domains to register HwBinder services which are -# guaranteed to be provided by core domains only. -neverallow ~coredomain coredomain_hwservice:hwservice_manager add; - -# Do not permit the registeration of HwBinder services which are guaranteed to -# be passthrough only (i.e., run in the process of their clients instead of a -# separate server process). -neverallow * same_process_hwservice:hwservice_manager add; - -# On TREBLE devices, most coredomains should not access vendor_files. -# TODO(b/71553434): Remove exceptions here. -full_treble_only(` - neverallow { - coredomain - -appdomain - -bootanim - -crash_dump - -init - -kernel - -perfprofd - -heapprofd - -ueventd - } vendor_file:file { no_w_file_perms no_x_file_perms open }; -') - -# If an already existing file is opened with O_CREAT, the kernel might generate -# a false report of a create denial. Silence these denials and make sure that -# inappropriate permissions are not granted. - -# These filesystems don't allow files or directories to be created, so the permission -# to do so should never be granted. -neverallow domain { - proc_type - sysfs_type -}:dir { add_name create link remove_name rename reparent rmdir write }; - -# cgroupfs directories can be created, but not files within them. -neverallow domain cgroup:file create; - -dontaudit domain proc_type:dir write; -dontaudit domain sysfs_type:dir write; -dontaudit domain cgroup:file create; - -# These are only needed in permissive mode - in enforcing mode the -# directory write check fails and so these are never attempted. -userdebug_or_eng(` - dontaudit domain proc_type:dir add_name; - dontaudit domain sysfs_type:dir add_name; - dontaudit domain proc_type:file create; - dontaudit domain sysfs_type:file create; -') - -# Platform must not have access to /mnt/vendor. -neverallow { - coredomain - -init - -ueventd - -vold - -system_writes_mnt_vendor_violators -} mnt_vendor_file:dir *; - -# Only apps are allowed access to vendor public libraries. -full_treble_only(` - neverallow { - coredomain - -appdomain - } vendor_public_lib_file:file { execute execute_no_trans }; -') - -# Vendor domian must not have access to /mnt/product. -neverallow { - domain - -coredomain -} mnt_product_file:dir *; - -# Platform must not have access to sysfs_batteryinfo, but should do it via health HAL and healthd -full_treble_only(` - neverallow { - coredomain - -healthd - -shell - # Generate uevents for health info - -ueventd - # Recovery uses health HAL passthrough implementation. - -recovery - # Charger uses health HAL passthrough implementation. - -charger - # TODO(b/110891300): remove this exception - -incidentd - } sysfs_batteryinfo:file { open read }; -') - -neverallow { - domain - -mediaswcodec_server - -hal_omx_server -} hal_codec2_hwservice:hwservice_manager add; diff --git a/prebuilts/api/29.0/public/drmserver.te b/prebuilts/api/29.0/public/drmserver.te deleted file mode 100644 index b7b641c18..000000000 --- a/prebuilts/api/29.0/public/drmserver.te +++ /dev/null @@ -1,57 +0,0 @@ -# drmserver - DRM service -type drmserver, domain; -type drmserver_exec, system_file_type, exec_type, file_type; - -typeattribute drmserver mlstrustedsubject; - -net_domain(drmserver) - -# Perform Binder IPC to system server. -binder_use(drmserver) -binder_call(drmserver, system_server) -binder_call(drmserver, appdomain) -binder_service(drmserver) -# Inherit or receive open files from system_server. -allow drmserver system_server:fd use; - -# Perform Binder IPC to mediaserver -binder_call(drmserver, mediaserver) - -allow drmserver sdcard_type:dir search; -allow drmserver drm_data_file:dir create_dir_perms; -allow drmserver drm_data_file:file create_file_perms; -allow drmserver { app_data_file privapp_data_file }:file { read write getattr map }; -allow drmserver sdcard_type:file { read write getattr map }; -r_dir_file(drmserver, efs_file) - -type drmserver_socket, file_type; - -# /data/app/tlcd_sock socket file. -# Clearly, /data/app is the most logical place to create a socket. Not. -allow drmserver apk_data_file:dir rw_dir_perms; -allow drmserver drmserver_socket:sock_file create_file_perms; -# Delete old socket file if present. -allow drmserver apk_data_file:sock_file unlink; - -# After taking a video, drmserver looks at the video file. -r_dir_file(drmserver, media_rw_data_file) - -# Read resources from open apk files passed over Binder. -allow drmserver apk_data_file:file { read getattr map }; -allow drmserver asec_apk_file:file { read getattr map }; -allow drmserver ringtone_file:file { read getattr map }; - -# Read /data/data/com.android.providers.telephony files passed over Binder. -allow drmserver radio_data_file:file { read getattr map }; - -# /oem access -allow drmserver oemfs:dir search; -allow drmserver oemfs:file r_file_perms; - -add_service(drmserver, drmserver_service) -allow drmserver permission_service:service_manager find; - -selinux_check_access(drmserver) - -r_dir_file(drmserver, cgroup) -r_dir_file(drmserver, system_file) diff --git a/prebuilts/api/29.0/public/dumpstate.te b/prebuilts/api/29.0/public/dumpstate.te deleted file mode 100644 index 614e1b87c..000000000 --- a/prebuilts/api/29.0/public/dumpstate.te +++ /dev/null @@ -1,320 +0,0 @@ -# dumpstate -type dumpstate, domain, mlstrustedsubject; -type dumpstate_exec, system_file_type, exec_type, file_type; - -net_domain(dumpstate) -binder_use(dumpstate) -wakelock_use(dumpstate) - -# Allow setting process priority, protect from OOM killer, and dropping -# privileges by switching UID / GID -allow dumpstate self:global_capability_class_set { setuid setgid sys_resource }; - -# Allow dumpstate to scan through /proc/pid for all processes -r_dir_file(dumpstate, domain) - -allow dumpstate self:global_capability_class_set { - # Send signals to processes - kill - # Run iptables - net_raw - net_admin -}; - -# Allow executing files on system, such as: -# /system/bin/toolbox -# /system/bin/logcat -# /system/bin/dumpsys -allow dumpstate system_file:file execute_no_trans; -not_full_treble(`allow dumpstate vendor_file:file execute_no_trans;') -allow dumpstate toolbox_exec:file rx_file_perms; - -# hidl searches for files in /system/lib(64)/hw/ -allow dumpstate system_file:dir r_dir_perms; - -# Create and write into /data/anr/ -allow dumpstate self:global_capability_class_set { dac_override dac_read_search chown fowner fsetid }; -allow dumpstate anr_data_file:dir rw_dir_perms; -allow dumpstate anr_data_file:file create_file_perms; - -# Allow reading /data/system/uiderrors.txt -# TODO: scope this down. -allow dumpstate system_data_file:file r_file_perms; - -# Allow dumpstate to append into privileged apps private files. -allow dumpstate privapp_data_file:file append; - -# Read dmesg -allow dumpstate self:global_capability2_class_set syslog; -allow dumpstate kernel:system syslog_read; - -# Read /sys/fs/pstore/console-ramoops -allow dumpstate pstorefs:dir r_dir_perms; -allow dumpstate pstorefs:file r_file_perms; - -# Get process attributes -allow dumpstate domain:process getattr; - -# Signal java processes to dump their stack -allow dumpstate { appdomain system_server zygote }:process signal; - -# Signal native processes to dump their stack. -allow dumpstate { - # This list comes from native_processes_to_dump in dumputils/dump_utils.c - audioserver - cameraserver - drmserver - inputflinger - mediadrmserver - mediaextractor - mediametrics - mediaserver - mediaswcodec - sdcardd - surfaceflinger - vold - - # This list comes from hal_interfaces_to_dump in dumputils/dump_utils.c - hal_audio_server - hal_bluetooth_server - hal_camera_server - hal_drm_server - hal_graphics_allocator_server - hal_graphics_composer_server - hal_health_server - hal_omx_server - hal_power_server - hal_power_stats_server - hal_sensors_server - hal_thermal_server - hal_vr_server -}:process signal; - -# Connect to tombstoned to intercept dumps. -unix_socket_connect(dumpstate, tombstoned_intercept, tombstoned) - -# Access to /sys -allow dumpstate sysfs_type:dir r_dir_perms; - -allow dumpstate { - sysfs_devices_block - sysfs_dm - sysfs_loop - sysfs_usb - sysfs_zram -}:file r_file_perms; - -# Other random bits of data we want to collect -allow dumpstate debugfs:file r_file_perms; -auditallow dumpstate debugfs:file r_file_perms; - -allow dumpstate debugfs_mmc:file r_file_perms; - -# df for -allow dumpstate { - block_device - cache_file - metadata_file - rootfs - selinuxfs - storage_file - tmpfs -}:dir { search getattr }; -allow dumpstate fuse_device:chr_file getattr; -allow dumpstate { dm_device cache_block_device }:blk_file getattr; -allow dumpstate { cache_file rootfs }:lnk_file { getattr read }; - -# Read /dev/cpuctl and /dev/cpuset -r_dir_file(dumpstate, cgroup) - -# Allow dumpstate to make binder calls to any binder service -binder_call(dumpstate, binderservicedomain) -binder_call(dumpstate, { appdomain netd wificond }) - -hal_client_domain(dumpstate, hal_dumpstate) -hal_client_domain(dumpstate, hal_wifi) -hal_client_domain(dumpstate, hal_graphics_allocator) -# Vibrate the device after we are done collecting the bugreport -hal_client_domain(dumpstate, hal_vibrator) - -# Reading /proc/PID/maps of other processes -allow dumpstate self:global_capability_class_set sys_ptrace; - -# Allow the bugreport service to create a file in -# /data/data/com.android.shell/files/bugreports/bugreport -allow dumpstate shell_data_file:dir create_dir_perms; -allow dumpstate shell_data_file:file create_file_perms; - -# Run a shell. -allow dumpstate shell_exec:file rx_file_perms; - -# For running am and similar framework commands. -# Run /system/bin/app_process. -allow dumpstate zygote_exec:file rx_file_perms; - -# For Bluetooth -allow dumpstate bluetooth_data_file:dir search; -allow dumpstate bluetooth_logs_data_file:dir r_dir_perms; -allow dumpstate bluetooth_logs_data_file:file r_file_perms; - -# Dumpstate calls screencap, which grabs a screenshot. Needs gpu access -allow dumpstate gpu_device:chr_file rw_file_perms; - -# logd access -read_logd(dumpstate) -control_logd(dumpstate) -read_runtime_log_tags(dumpstate) - -# Read files in /proc -allow dumpstate { - proc_buddyinfo - proc_cmdline - proc_meminfo - proc_modules - proc_net_type - proc_pipe_conf - proc_pagetypeinfo - proc_qtaguid_ctrl - proc_qtaguid_stat - proc_slabinfo - proc_version - proc_vmallocinfo - proc_vmstat -}:file r_file_perms; - -# Read network state info files. -allow dumpstate net_data_file:dir search; -allow dumpstate net_data_file:file r_file_perms; - -# List sockets via ss. -allow dumpstate self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read }; - -# Access /data/tombstones. -allow dumpstate tombstone_data_file:dir r_dir_perms; -allow dumpstate tombstone_data_file:file r_file_perms; - -# Access /cache/recovery -allow dumpstate cache_recovery_file:dir r_dir_perms; -allow dumpstate cache_recovery_file:file r_file_perms; - -# Access /data/misc/recovery -allow dumpstate recovery_data_file:dir r_dir_perms; -allow dumpstate recovery_data_file:file r_file_perms; - -#Access /data/misc/update_engine_log -allow dumpstate update_engine_log_data_file:dir r_dir_perms; -allow dumpstate update_engine_log_data_file:file r_file_perms; - -# Access /data/misc/profiles/{cur,ref}/ -userdebug_or_eng(` - allow dumpstate user_profile_data_file:dir r_dir_perms; - allow dumpstate user_profile_data_file:file r_file_perms; -') - -# Access /data/misc/logd -userdebug_or_eng(` - allow dumpstate misc_logd_file:dir r_dir_perms; - allow dumpstate misc_logd_file:file r_file_perms; -') - -allow dumpstate app_fuse_file:dir r_dir_perms; -allow dumpstate overlayfs_file:dir r_dir_perms; - -allow dumpstate { - service_manager_type - -apex_service - -dumpstate_service - -gatekeeper_service - -iorapd_service - -virtual_touchpad_service - -vold_service - -vr_hwc_service -}:service_manager find; -# suppress denials for services dumpstate should not be accessing. -dontaudit dumpstate { - apex_service - dumpstate_service - gatekeeper_service - iorapd_service - virtual_touchpad_service - vold_service - vr_hwc_service -}:service_manager find; - -# Most of these are neverallowed. -dontaudit dumpstate hwservice_manager_type:hwservice_manager find; - -allow dumpstate servicemanager:service_manager list; -allow dumpstate hwservicemanager:hwservice_manager list; - -allow dumpstate devpts:chr_file rw_file_perms; - -# Set properties. -# dumpstate_prop is used to share state with the Shell app. -set_prop(dumpstate, dumpstate_prop) -set_prop(dumpstate, exported_dumpstate_prop) -# dumpstate_options_prop is used to pass extra command-line args. -set_prop(dumpstate, dumpstate_options_prop) - -# Read any system properties -get_prop(dumpstate, property_type) - -# Access to /data/media. -# This should be removed if sdcardfs is modified to alter the secontext for its -# accesses to the underlying FS. -allow dumpstate media_rw_data_file:dir getattr; -allow dumpstate proc_interrupts:file r_file_perms; -allow dumpstate proc_zoneinfo:file r_file_perms; - -# Create a service for talking back to system_server -add_service(dumpstate, dumpstate_service) - -# use /dev/ion for screen capture -allow dumpstate ion_device:chr_file r_file_perms; - -# Allow dumpstate to run top -allow dumpstate proc_stat:file r_file_perms; - -# Allow dumpstate to talk to installd over binder -binder_call(dumpstate, installd); - -# Allow dumpstate to run ip xfrm policy -allow dumpstate self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_read }; - -# Allow dumpstate to run iotop -allow dumpstate self:netlink_socket create_socket_perms_no_ioctl; -# newer kernels (e.g. 4.4) have a new class for sockets -allow dumpstate self:netlink_generic_socket create_socket_perms_no_ioctl; - -# Allow dumpstate to run ss -allow dumpstate { domain pdx_channel_socket_type pdx_endpoint_socket_type }:socket_class_set getattr; - -# For when dumpstate runs df -dontaudit dumpstate mnt_vendor_file:dir search; -dontaudit dumpstate apex_mnt_dir:dir getattr; - -# Allow dumpstate to talk to bufferhubd over binder -binder_call(dumpstate, bufferhubd); - -# Allow dumpstate to talk to mediaswcodec over binder -binder_call(dumpstate, mediaswcodec); - -# Allow dumpstate to kill vendor dumpstate service by init -set_prop(dumpstate, ctl_dumpstate_prop) - -### -### neverallow rules -### - -# dumpstate has capability sys_ptrace, but should only use that capability for -# accessing sensitive /proc/PID files, never for using ptrace attach. -neverallow dumpstate *:process ptrace; - -# only system_server, dumpstate, traceur_app and shell can find the dumpstate service -neverallow { - domain - -system_server - -shell - -traceur_app - -dumpstate -} dumpstate_service:service_manager find; diff --git a/prebuilts/api/29.0/public/e2fs.te b/prebuilts/api/29.0/public/e2fs.te deleted file mode 100644 index dd5bd69de..000000000 --- a/prebuilts/api/29.0/public/e2fs.te +++ /dev/null @@ -1,26 +0,0 @@ -type e2fs, domain, coredomain; -type e2fs_exec, system_file_type, exec_type, file_type; - -allow e2fs devpts:chr_file { read write getattr ioctl }; - -allow e2fs dev_type:blk_file getattr; -allow e2fs block_device:dir search; -allow e2fs userdata_block_device:blk_file rw_file_perms; -allow e2fs metadata_block_device:blk_file rw_file_perms; -allow e2fs dm_device:blk_file rw_file_perms; -allowxperm e2fs { userdata_block_device metadata_block_device dm_device }:blk_file ioctl { - BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET -}; - -allow e2fs { - proc_filesystems - proc_mounts - proc_swaps -}:file r_file_perms; - -# access /sys/fs/ext4/features -allow e2fs sysfs_fs_ext4_features:dir search; -allow e2fs sysfs_fs_ext4_features:file r_file_perms; - -# access SELinux context files -allow e2fs file_contexts_file:file r_file_perms; diff --git a/prebuilts/api/29.0/public/ephemeral_app.te b/prebuilts/api/29.0/public/ephemeral_app.te deleted file mode 100644 index dc39a22b5..000000000 --- a/prebuilts/api/29.0/public/ephemeral_app.te +++ /dev/null @@ -1,14 +0,0 @@ -### -### Ephemeral apps. -### -### This file defines the security policy for apps with the ephemeral -### feature. -### -### The ephemeral_app domain is a reduced permissions sandbox allowing -### ephemeral applications to be safely installed and run. Non ephemeral -### applications may also opt-in to ephemeral to take advantage of the -### additional security features. -### -### PackageManager flags an app as ephemeral at install time. - -type ephemeral_app, domain; diff --git a/prebuilts/api/29.0/public/fastbootd.te b/prebuilts/api/29.0/public/fastbootd.te deleted file mode 100644 index 8ebe387f2..000000000 --- a/prebuilts/api/29.0/public/fastbootd.te +++ /dev/null @@ -1,117 +0,0 @@ -# fastbootd (used in recovery init.rc for /sbin/fastbootd) - -# Declare the domain unconditionally so we can always reference it -# in neverallow rules. -type fastbootd, domain; - -# But the allow rules are only included in the recovery policy. -# Otherwise fastbootd is only allowed the domain rules. -recovery_only(` - # fastbootd can only use HALs in passthrough mode - passthrough_hal_client_domain(fastbootd, hal_bootctl) - - # Access /dev/usb-ffs/fastbootd/ep0 - allow fastbootd functionfs:dir search; - allow fastbootd functionfs:file rw_file_perms; - - allowxperm fastbootd functionfs:file ioctl { FUNCTIONFS_ENDPOINT_DESC }; - # Log to serial - allow fastbootd kmsg_device:chr_file { open getattr write }; - - # battery info - allow fastbootd sysfs_batteryinfo:file r_file_perms; - - allow fastbootd device:dir r_dir_perms; - - # Reboot the device - set_prop(fastbootd, powerctl_prop) - - # Read serial number of the device from system properties - get_prop(fastbootd, serialno_prop) - - # For dev/block/by-name dir - allow fastbootd block_device:dir r_dir_perms; - - # Needed for DM_DEV_CREATE ioctl call - allow fastbootd self:capability sys_admin; - - # Set sys.usb.ffs.ready. - set_prop(fastbootd, ffs_prop) - set_prop(fastbootd, exported_ffs_prop) - - unix_socket_connect(fastbootd, recovery, recovery) - - # Required for flashing - allow fastbootd dm_device:chr_file rw_file_perms; - allow fastbootd dm_device:blk_file rw_file_perms; - - allow fastbootd super_block_device_type:blk_file rw_file_perms; - allow fastbootd { - boot_block_device - metadata_block_device - system_block_device - userdata_block_device - }:blk_file { w_file_perms getattr ioctl }; - - # For disabling/wiping GSI. - allow fastbootd metadata_block_device:blk_file r_file_perms; - allow fastbootd {rootfs tmpfs}:dir mounton; - allow fastbootd metadata_file:dir search; - allow fastbootd gsi_metadata_file:dir r_dir_perms; - allow fastbootd gsi_metadata_file:file rw_file_perms; - - allowxperm fastbootd super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; - - allowxperm fastbootd { - metadata_block_device - userdata_block_device - dm_device - }:blk_file ioctl { BLKSECDISCARD BLKDISCARD }; - - allow fastbootd misc_block_device:blk_file rw_file_perms; - - allow fastbootd proc_cmdline:file r_file_perms; - allow fastbootd rootfs:dir r_dir_perms; - - # Needed to read fstab node from device tree. - allow fastbootd sysfs_dt_firmware_android:file r_file_perms; - allow fastbootd sysfs_dt_firmware_android:dir r_dir_perms; - - # Needed for realpath() call to resolve symlinks. - allow fastbootd block_device:dir getattr; - userdebug_or_eng(` - # Refined manipulation of /mnt/scratch, without these perms resorts - # to deleting scratch partition when partition(s) are flashed. - allow fastbootd self:process setfscreate; - allow fastbootd cache_file:dir search; - allow fastbootd proc_filesystems:file { getattr open read }; - allow fastbootd self:capability sys_rawio; - dontaudit fastbootd kernel:system module_request; - allowxperm fastbootd dev_type:blk_file ioctl BLKROSET; - allow fastbootd overlayfs_file:dir { create_dir_perms mounton }; - allow fastbootd { - system_file_type - unlabeled - vendor_file_type - }:dir { remove_name rmdir search write }; - allow fastbootd { - overlayfs_file - system_file_type - unlabeled - vendor_file_type - }:{ file lnk_file } unlink; - allow fastbootd tmpfs:dir rw_dir_perms; - allow fastbootd labeledfs:filesystem { mount unmount }; - get_prop(fastbootd, persistent_properties_ready_prop) - ') -') - -### -### neverallow rules -### - -# Write permission is required to wipe userdata -# until recovery supports vold. -neverallow fastbootd { - data_file_type -}:file { no_x_file_perms }; diff --git a/prebuilts/api/29.0/public/file.te b/prebuilts/api/29.0/public/file.te deleted file mode 100644 index 986fbe94b..000000000 --- a/prebuilts/api/29.0/public/file.te +++ /dev/null @@ -1,505 +0,0 @@ -# Filesystem types -type labeledfs, fs_type; -type pipefs, fs_type; -type sockfs, fs_type; -type rootfs, fs_type; -type proc, fs_type, proc_type; -# Security-sensitive proc nodes that should not be writable to most. -type proc_security, fs_type, proc_type; -type proc_drop_caches, fs_type, proc_type; -type proc_overcommit_memory, fs_type, proc_type; -type proc_min_free_order_shift, fs_type, proc_type; -# proc, sysfs, or other nodes that permit configuration of kernel usermodehelpers. -type usermodehelper, fs_type, proc_type; -type sysfs_usermodehelper, fs_type, sysfs_type; -type proc_qtaguid_ctrl, fs_type, mlstrustedobject, proc_type; -type proc_qtaguid_stat, fs_type, mlstrustedobject, proc_type; -type proc_bluetooth_writable, fs_type, proc_type; -type proc_abi, fs_type, proc_type; -type proc_asound, fs_type, proc_type; -type proc_buddyinfo, fs_type, proc_type; -type proc_cmdline, fs_type, proc_type; -type proc_cpuinfo, fs_type, proc_type; -type proc_dirty, fs_type, proc_type; -type proc_diskstats, fs_type, proc_type; -type proc_extra_free_kbytes, fs_type, proc_type; -type proc_filesystems, fs_type, proc_type; -type proc_fs_verity, fs_type, proc_type; -type proc_hostname, fs_type, proc_type; -type proc_hung_task, fs_type, proc_type; -type proc_interrupts, fs_type, proc_type; -type proc_iomem, fs_type, proc_type; -type proc_keys, fs_type, proc_type; -type proc_kmsg, fs_type, proc_type; -type proc_loadavg, fs_type, proc_type; -type proc_max_map_count, fs_type, proc_type; -type proc_meminfo, fs_type, proc_type; -type proc_misc, fs_type, proc_type; -type proc_modules, fs_type, proc_type; -type proc_mounts, fs_type, proc_type; -type proc_net, fs_type, proc_type, proc_net_type; -type proc_net_tcp_udp, fs_type, proc_type; -type proc_page_cluster, fs_type, proc_type; -type proc_pagetypeinfo, fs_type, proc_type; -type proc_panic, fs_type, proc_type; -type proc_perf, fs_type, proc_type; -type proc_pid_max, fs_type, proc_type; -type proc_pipe_conf, fs_type, proc_type; -type proc_pressure_cpu, fs_type, proc_type; -type proc_pressure_io, fs_type, proc_type; -type proc_pressure_mem, fs_type, proc_type; -type proc_random, fs_type, proc_type; -type proc_sched, fs_type, proc_type; -type proc_slabinfo, fs_type, proc_type; -type proc_stat, fs_type, proc_type; -type proc_swaps, fs_type, proc_type; -type proc_sysrq, fs_type, proc_type; -type proc_timer, fs_type, proc_type; -type proc_tty_drivers, fs_type, proc_type; -type proc_uid_cputime_showstat, fs_type, proc_type; -type proc_uid_cputime_removeuid, fs_type, proc_type; -type proc_uid_io_stats, fs_type, proc_type; -type proc_uid_procstat_set, fs_type, proc_type; -type proc_uid_time_in_state, fs_type, proc_type; -type proc_uid_concurrent_active_time, fs_type, proc_type; -type proc_uid_concurrent_policy_time, fs_type, proc_type; -type proc_uid_cpupower, fs_type, proc_type; -type proc_uptime, fs_type, proc_type; -type proc_version, fs_type, proc_type; -type proc_vmallocinfo, fs_type, proc_type; -type proc_vmstat, fs_type, proc_type; -type proc_zoneinfo, fs_type, proc_type; -type selinuxfs, fs_type, mlstrustedobject; -type cgroup, fs_type, mlstrustedobject; -type cgroup_bpf, fs_type; -type sysfs, fs_type, sysfs_type, mlstrustedobject; -type sysfs_android_usb, fs_type, sysfs_type; -type sysfs_uio, sysfs_type, fs_type; -type sysfs_batteryinfo, fs_type, sysfs_type; -type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject; -type sysfs_devices_block, fs_type, sysfs_type; -type sysfs_dm, fs_type, sysfs_type; -type sysfs_dt_firmware_android, fs_type, sysfs_type; -type sysfs_extcon, fs_type, sysfs_type; -type sysfs_ipv4, fs_type, sysfs_type; -type sysfs_kernel_notes, fs_type, sysfs_type, mlstrustedobject; -type sysfs_leds, fs_type, sysfs_type; -type sysfs_loop, fs_type, sysfs_type; -type sysfs_hwrandom, fs_type, sysfs_type; -type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject; -type sysfs_wake_lock, fs_type, sysfs_type; -type sysfs_mac_address, fs_type, sysfs_type; -type sysfs_net, fs_type, sysfs_type; -type sysfs_power, fs_type, sysfs_type; -type sysfs_rtc, fs_type, sysfs_type; -type sysfs_switch, fs_type, sysfs_type; -type sysfs_transparent_hugepage, fs_type, sysfs_type; -type sysfs_usb, fs_type, sysfs_type; -type sysfs_wakeup_reasons, fs_type, sysfs_type; -type sysfs_fs_ext4_features, sysfs_type, fs_type; -type sysfs_fs_f2fs, sysfs_type, fs_type; -type fs_bpf, fs_type; -type configfs, fs_type; -# /sys/devices/system/cpu -type sysfs_devices_system_cpu, fs_type, sysfs_type; -# /sys/module/lowmemorykiller -type sysfs_lowmemorykiller, fs_type, sysfs_type; -# /sys/module/wlan/parameters/fwpath -type sysfs_wlan_fwpath, fs_type, sysfs_type; -type sysfs_vibrator, fs_type, sysfs_type; - -type sysfs_thermal, sysfs_type, fs_type; - -type sysfs_zram, fs_type, sysfs_type; -type sysfs_zram_uevent, fs_type, sysfs_type; -type inotify, fs_type, mlstrustedobject; -type devpts, fs_type, mlstrustedobject; -type tmpfs, fs_type; -type shm, fs_type; -type mqueue, fs_type; -type fuse, sdcard_type, fs_type, mlstrustedobject; -type sdcardfs, sdcard_type, fs_type, mlstrustedobject; -type vfat, sdcard_type, fs_type, mlstrustedobject; -type exfat, sdcard_type, fs_type, mlstrustedobject; -type debugfs, fs_type, debugfs_type; -type debugfs_mmc, fs_type, debugfs_type; -type debugfs_trace_marker, fs_type, debugfs_type, mlstrustedobject; -type debugfs_tracing, fs_type, debugfs_type, mlstrustedobject; -type debugfs_tracing_debug, fs_type, debugfs_type, mlstrustedobject; -type debugfs_tracing_instances, fs_type, debugfs_type; -type debugfs_wakeup_sources, fs_type, debugfs_type; -type debugfs_wifi_tracing, fs_type, debugfs_type; - -type pstorefs, fs_type; -type functionfs, fs_type, mlstrustedobject; -type oemfs, fs_type, contextmount_type; -type usbfs, fs_type; -type binfmt_miscfs, fs_type; -type app_fusefs, fs_type, contextmount_type; - -# File types -type unlabeled, file_type; - -# Default type for anything under /system. -type system_file, system_file_type, file_type; -# Default type for /system/asan.options -type system_asan_options_file, system_file_type, file_type; -# Type for /system/etc/event-log-tags (liblog implementation detail) -type system_event_log_tags_file, system_file_type, file_type; -# Default type for anything under /system/lib[64]. -type system_lib_file, system_file_type, file_type; -# system libraries that are available only to bootstrap processes -type system_bootstrap_lib_file, system_file_type, file_type; -# Default type for linker executable /system/bin/linker[64]. -type system_linker_exec, system_file_type, file_type; -# Default type for linker config /system/etc/ld.config.*. -type system_linker_config_file, system_file_type, file_type; -# Default type for linker config /system/etc/seccomp_policy/*. -type system_seccomp_policy_file, system_file_type, file_type; -# Default type for cacerts in /system/etc/security/cacerts/*. -type system_security_cacerts_file, system_file_type, file_type; -# Default type for /system/bin/tcpdump. -type tcpdump_exec, system_file_type, exec_type, file_type; -# Default type for zoneinfo files in /system/usr/share/zoneinfo/*. -type system_zoneinfo_file, system_file_type, file_type; -# Cgroups description file under /system/etc/cgroups.json -type cgroup_desc_file, system_file_type, file_type; -# Vendor cgroups description file under /vendor/etc/cgroups.json -type vendor_cgroup_desc_file, vendor_file_type, file_type; -# Task profiles file under /system/etc/task_profiles.json -type task_profiles_file, system_file_type, file_type; -# Vendor task profiles file under /vendor/etc/task_profiles.json -type vendor_task_profiles_file, vendor_file_type, file_type; - -# Default type for directories search for -# HAL implementations -type vendor_hal_file, vendor_file_type, file_type; -# Default type for under /vendor or /system/vendor -type vendor_file, vendor_file_type, file_type; -# Default type for everything in /vendor/app -type vendor_app_file, vendor_file_type, file_type; -# Default type for everything under /vendor/etc/ -type vendor_configs_file, vendor_file_type, file_type; -# Default type for all *same process* HALs and their lib/bin dependencies. -# e.g. libEGL_xxx.so, android.hardware.graphics.mapper@2.0-impl.so -type same_process_hal_file, vendor_file_type, file_type; -# Default type for vndk-sp libs. /vendor/lib/vndk-sp -type vndk_sp_file, vendor_file_type, file_type; -# Default type for everything in /vendor/framework -type vendor_framework_file, vendor_file_type, file_type; -# Default type for everything in /vendor/overlay -type vendor_overlay_file, vendor_file_type, file_type; -# Type for all vendor public libraries. These libs should only be exposed to -# apps. ABI stability of these libs is vendor's responsibility. -type vendor_public_lib_file, vendor_file_type, file_type; - -# Input configuration -type vendor_keylayout_file, vendor_file_type, file_type; -type vendor_keychars_file, vendor_file_type, file_type; -type vendor_idc_file, vendor_file_type, file_type; - -# /metadata partition itself -type metadata_file, file_type; -# Vold files within /metadata -type vold_metadata_file, file_type; -# GSI files within /metadata -type gsi_metadata_file, file_type; -# system_server shares Weaver slot information in /metadata -type password_slot_metadata_file, file_type; -# APEX files within /metadata -type apex_metadata_file, file_type; - -# Type for /dev/cpu_variant:.*. -type dev_cpu_variant, file_type; -# Speedup access for trusted applications to the runtime event tags -type runtime_event_log_tags_file, file_type; -# Type for /system/bin/logcat. -type logcat_exec, system_file_type, exec_type, file_type; -# Speedup access to cgroup map file -type cgroup_rc_file, file_type; -# /cores for coredumps on userdebug / eng builds -type coredump_file, file_type; -# Default type for anything under /data. -type system_data_file, file_type, data_file_type, core_data_file_type; -# Type for /data/system/packages.list. -# TODO(b/129332765): Narrow down permissions to this. -# Find out users of system_data_file that should be granted only this. -type packages_list_file, file_type, data_file_type, core_data_file_type; -# Default type for anything under /data/vendor{_ce,_de}. -type vendor_data_file, file_type, data_file_type; -# Unencrypted data -type unencrypted_data_file, file_type, data_file_type, core_data_file_type; -# /data/.layout_version or other installd-created files that -# are created in a system_data_file directory. -type install_data_file, file_type, data_file_type, core_data_file_type; -# /data/drm - DRM plugin data -type drm_data_file, file_type, data_file_type, core_data_file_type; -# /data/adb - adb debugging files -type adb_data_file, file_type, data_file_type, core_data_file_type; -# /data/anr - ANR traces -type anr_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/tombstones - core dumps -type tombstone_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/vendor/tombstones/wifi - vendor wifi dumps -type tombstone_wifi_data_file, file_type, data_file_type; -# /data/apex - APEX data files -type apex_data_file, file_type, data_file_type, core_data_file_type; -# /data/app - user-installed apps -type apk_data_file, file_type, data_file_type, core_data_file_type; -type apk_tmp_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/app-private - forward-locked apps -type apk_private_data_file, file_type, data_file_type, core_data_file_type; -type apk_private_tmp_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/dalvik-cache -type dalvikcache_data_file, file_type, data_file_type, core_data_file_type; -# /data/ota -type ota_data_file, file_type, data_file_type, core_data_file_type; -# /data/ota_package -type ota_package_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/misc/profiles -type user_profile_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/misc/profman -type profman_dump_data_file, file_type, data_file_type, core_data_file_type; -# /data/resource-cache -type resourcecache_data_file, file_type, data_file_type, core_data_file_type; -# /data/local - writable by shell -type shell_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/property -type property_data_file, file_type, data_file_type, core_data_file_type; -# /data/bootchart -type bootchart_data_file, file_type, data_file_type, core_data_file_type; -# /data/system/dropbox -type dropbox_data_file, file_type, data_file_type, core_data_file_type; -# /data/system/heapdump -type heapdump_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/nativetest -type nativetest_data_file, file_type, data_file_type, core_data_file_type; -# /data/system_de/0/ringtones -type ringtone_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# /data/preloads -type preloads_data_file, file_type, data_file_type, core_data_file_type; -# /data/preloads/media -type preloads_media_file, file_type, data_file_type, core_data_file_type; -# /data/misc/dhcp and /data/misc/dhcp-6.8.2 -type dhcp_data_file, file_type, data_file_type, core_data_file_type; -# /data/server_configurable_flags -type server_configurable_flags_data_file, file_type, data_file_type, core_data_file_type; -# /data/app-staging -type staging_data_file, file_type, data_file_type, core_data_file_type; -# /vendor/apex - -# Mount locations managed by vold -type mnt_media_rw_file, file_type; -type mnt_user_file, file_type; -type mnt_expand_file, file_type; -type storage_file, file_type; - -# Label for storage dirs which are just mount stubs -type mnt_media_rw_stub_file, file_type; -type storage_stub_file, file_type; - -# Mount location for read-write vendor partitions. -type mnt_vendor_file, file_type; - -# Mount location for read-write product partitions. -type mnt_product_file, file_type; - -# Mount point used for APEX images -type apex_mnt_dir, file_type; - -# /postinstall: Mount point used by update_engine to run postinstall. -type postinstall_mnt_dir, file_type; -# Files inside the /postinstall mountpoint are all labeled as postinstall_file. -type postinstall_file, file_type; -# /postinstall/apex: Mount point used for APEX images within /postinstall. -type postinstall_apex_mnt_dir, file_type; - -# /data/misc subdirectories -type adb_keys_file, file_type, data_file_type, core_data_file_type; -type audio_data_file, file_type, data_file_type, core_data_file_type; -type audioserver_data_file, file_type, data_file_type, core_data_file_type; -type bluetooth_data_file, file_type, data_file_type, core_data_file_type; -type bluetooth_logs_data_file, file_type, data_file_type, core_data_file_type; -type bootstat_data_file, file_type, data_file_type, core_data_file_type; -type boottrace_data_file, file_type, data_file_type, core_data_file_type; -type camera_data_file, file_type, data_file_type, core_data_file_type; -type gatekeeper_data_file, file_type, data_file_type, core_data_file_type; -type incident_data_file, file_type, data_file_type, core_data_file_type; -type keychain_data_file, file_type, data_file_type, core_data_file_type; -type keystore_data_file, file_type, data_file_type, core_data_file_type; -type media_data_file, file_type, data_file_type, core_data_file_type; -type media_rw_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -type misc_user_data_file, file_type, data_file_type, core_data_file_type; -type net_data_file, file_type, data_file_type, core_data_file_type; -type network_watchlist_data_file, file_type, data_file_type, core_data_file_type; -type nfc_data_file, file_type, data_file_type, core_data_file_type; -type radio_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -type recovery_data_file, file_type, data_file_type, core_data_file_type; -type shared_relro_file, file_type, data_file_type, core_data_file_type; -type stats_data_file, file_type, data_file_type, core_data_file_type; -type systemkeys_data_file, file_type, data_file_type, core_data_file_type; -type textclassifier_data_file, file_type, data_file_type, core_data_file_type; -type trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -type vpn_data_file, file_type, data_file_type, core_data_file_type; -type wifi_data_file, file_type, data_file_type, core_data_file_type; -type zoneinfo_data_file, file_type, data_file_type, core_data_file_type; -type vold_data_file, file_type, data_file_type, core_data_file_type; -type iorapd_data_file, file_type, data_file_type, core_data_file_type; -type perfprofd_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -type tee_data_file, file_type, data_file_type; -type update_engine_data_file, file_type, data_file_type, core_data_file_type; -type update_engine_log_data_file, file_type, data_file_type, core_data_file_type; -# /data/misc/trace for method traces on userdebug / eng builds -type method_trace_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -type gsi_data_file, file_type, data_file_type, core_data_file_type; - -# /data/data subdirectories - app sandboxes -type app_data_file, file_type, data_file_type, core_data_file_type; -# /data/data subdirectories - priv-app sandboxes -type privapp_data_file, file_type, data_file_type, core_data_file_type; -# /data/data subdirectory for system UID apps. -type system_app_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Compatibility with type name used in Android 4.3 and 4.4. -# Default type for anything under /cache -type cache_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Type for /cache/overlay /mnt/scratch/overlay -type overlayfs_file, file_type, data_file_type, core_data_file_type; -# Type for /cache/backup_stage/* (fd interchange with apps) -type cache_backup_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# type for anything under /cache/backup (local transport storage) -type cache_private_backup_file, file_type, data_file_type, core_data_file_type; -# Type for anything under /cache/recovery -type cache_recovery_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Default type for anything under /efs -type efs_file, file_type; -# Type for wallpaper file. -type wallpaper_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Type for shortcut manager icon file. -type shortcut_manager_icons, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Type for user icon file. -type icon_file, file_type, data_file_type, core_data_file_type; -# /mnt/asec -type asec_apk_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Elements of asec files (/mnt/asec) that are world readable -type asec_public_file, file_type, data_file_type, core_data_file_type; -# /data/app-asec -type asec_image_file, file_type, data_file_type, core_data_file_type; -# /data/backup and /data/secure/backup -type backup_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# All devices have bluetooth efs files. But they -# vary per device, so this type is used in per -# device policy -type bluetooth_efs_file, file_type; -# Type for fingerprint template file -type fingerprintd_data_file, file_type, data_file_type, core_data_file_type; -# Type for _new_ fingerprint template file -type fingerprint_vendor_data_file, file_type, data_file_type; -# Type for appfuse file. -type app_fuse_file, file_type, data_file_type, core_data_file_type, mlstrustedobject; -# Type for face template file -type face_vendor_data_file, file_type, data_file_type; -# Type for iris template file -type iris_vendor_data_file, file_type, data_file_type; - -# Socket types -type adbd_socket, file_type, coredomain_socket; -type bluetooth_socket, file_type, data_file_type, core_data_file_type, coredomain_socket; -type dnsproxyd_socket, file_type, coredomain_socket, mlstrustedobject; -type dumpstate_socket, file_type, coredomain_socket; -type fwmarkd_socket, file_type, coredomain_socket, mlstrustedobject; -type lmkd_socket, file_type, coredomain_socket; -type logd_socket, file_type, coredomain_socket, mlstrustedobject; -type logdr_socket, file_type, coredomain_socket, mlstrustedobject; -type logdw_socket, file_type, coredomain_socket, mlstrustedobject; -type mdns_socket, file_type, coredomain_socket; -type mdnsd_socket, file_type, coredomain_socket, mlstrustedobject; -type misc_logd_file, coredomain_socket, file_type, data_file_type, core_data_file_type; -type mtpd_socket, file_type, coredomain_socket; -type netd_socket, file_type, coredomain_socket; -type property_socket, file_type, coredomain_socket, mlstrustedobject; -type racoon_socket, file_type, coredomain_socket; -type recovery_socket, file_type, coredomain_socket; -type rild_socket, file_type; -type rild_debug_socket, file_type; -type statsdw_socket, file_type, coredomain_socket, mlstrustedobject; -type system_wpa_socket, file_type, data_file_type, core_data_file_type, coredomain_socket; -type system_ndebug_socket, file_type, data_file_type, core_data_file_type, coredomain_socket, mlstrustedobject; -type tombstoned_crash_socket, file_type, coredomain_socket, mlstrustedobject; -type tombstoned_java_trace_socket, file_type, mlstrustedobject; -type tombstoned_intercept_socket, file_type, coredomain_socket; -type traced_producer_socket, file_type, coredomain_socket, mlstrustedobject; -type traced_consumer_socket, file_type, coredomain_socket, mlstrustedobject; -type uncrypt_socket, file_type, coredomain_socket; -type wpa_socket, file_type, data_file_type, core_data_file_type; -type zygote_socket, file_type, coredomain_socket; -type heapprofd_socket, file_type, coredomain_socket, mlstrustedobject; -# UART (for GPS) control proc file -type gps_control, file_type; - -# PDX endpoint types -type pdx_display_dir, pdx_endpoint_dir_type, file_type; -type pdx_performance_dir, pdx_endpoint_dir_type, file_type; -type pdx_bufferhub_dir, pdx_endpoint_dir_type, file_type; - -pdx_service_socket_types(display_client, pdx_display_dir) -pdx_service_socket_types(display_manager, pdx_display_dir) -pdx_service_socket_types(display_screenshot, pdx_display_dir) -pdx_service_socket_types(display_vsync, pdx_display_dir) -pdx_service_socket_types(performance_client, pdx_performance_dir) -pdx_service_socket_types(bufferhub_client, pdx_bufferhub_dir) - -# file_contexts files -type file_contexts_file, system_file_type, file_type; - -# mac_permissions file -type mac_perms_file, system_file_type, file_type; - -# property_contexts file -type property_contexts_file, system_file_type, file_type; - -# seapp_contexts file -type seapp_contexts_file, system_file_type, file_type; - -# sepolicy files binary and others -type sepolicy_file, system_file_type, file_type; - -# service_contexts file -type service_contexts_file, system_file_type, file_type; - -# nonplat service_contexts file (only accessible on non full-treble devices) -type nonplat_service_contexts_file, file_type; - -# hwservice_contexts file -type hwservice_contexts_file, system_file_type, file_type; - -# vndservice_contexts file -type vndservice_contexts_file, file_type; - -# Allow files to be created in their appropriate filesystems. -allow fs_type self:filesystem associate; -allow cgroup tmpfs:filesystem associate; -allow cgroup_bpf tmpfs:filesystem associate; -allow cgroup_rc_file tmpfs:filesystem associate; -allow sysfs_type sysfs:filesystem associate; -allow debugfs_type { debugfs debugfs_tracing debugfs_tracing_debug }:filesystem associate; -allow file_type labeledfs:filesystem associate; -allow file_type tmpfs:filesystem associate; -allow file_type rootfs:filesystem associate; -allow dev_type tmpfs:filesystem associate; -allow app_fuse_file app_fusefs:filesystem associate; -allow postinstall_file self:filesystem associate; - -# asanwrapper (run a sanitized app_process, to be used with wrap properties) -with_asan(`type asanwrapper_exec, exec_type, file_type;') - -# Deprecated in SDK version 28 -type audiohal_data_file, file_type, data_file_type, core_data_file_type; - -# It's a bug to assign the file_type attribute and fs_type attribute -# to any type. Do not allow it. -# -# For example, the following is a bug: -# type apk_data_file, file_type, data_file_type, fs_type; -# Should be: -# type apk_data_file, file_type, data_file_type; -neverallow fs_type file_type:filesystem associate; diff --git a/prebuilts/api/29.0/public/fingerprintd.te b/prebuilts/api/29.0/public/fingerprintd.te deleted file mode 100644 index ff7a884e3..000000000 --- a/prebuilts/api/29.0/public/fingerprintd.te +++ /dev/null @@ -1,26 +0,0 @@ -type fingerprintd, domain; -type fingerprintd_exec, system_file_type, exec_type, file_type; - -binder_use(fingerprintd) - -# Scan through /system/lib64/hw looking for installed HALs -allow fingerprintd system_file:dir r_dir_perms; - -# need to find KeyStore and add self -add_service(fingerprintd, fingerprintd_service) - -# allow HAL module to read dir contents -allow fingerprintd fingerprintd_data_file:file { create_file_perms }; - -# allow HAL module to read/write/unlink contents of this dir -allow fingerprintd fingerprintd_data_file:dir rw_dir_perms; - -# Need to add auth tokens to KeyStore -use_keystore(fingerprintd) -allow fingerprintd keystore:keystore_key { add_auth }; - -# For permissions checking -binder_call(fingerprintd, system_server); -allow fingerprintd permission_service:service_manager find; - -allow fingerprintd ion_device:chr_file r_file_perms; diff --git a/prebuilts/api/29.0/public/flags_health_check.te b/prebuilts/api/29.0/public/flags_health_check.te deleted file mode 100644 index 151c7c097..000000000 --- a/prebuilts/api/29.0/public/flags_health_check.te +++ /dev/null @@ -1,31 +0,0 @@ -# The flags_health_check command run by init. -type flags_health_check, domain, coredomain; -type flags_health_check_exec, system_file_type, exec_type, file_type; - -set_prop(flags_health_check, device_config_boot_count_prop) -set_prop(flags_health_check, device_config_reset_performed_prop) -set_prop(flags_health_check, device_config_runtime_native_boot_prop) -set_prop(flags_health_check, device_config_runtime_native_prop) -set_prop(flags_health_check, device_config_input_native_boot_prop) -set_prop(flags_health_check, device_config_netd_native_prop) -set_prop(flags_health_check, device_config_activity_manager_native_boot_prop) -set_prop(flags_health_check, device_config_media_native_prop) - -allow flags_health_check server_configurable_flags_data_file:dir rw_dir_perms; -allow flags_health_check server_configurable_flags_data_file:file create_file_perms; - -# system property device_config_boot_count_prop is used for deciding when to perform server -# configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a -# wrong timing, trigger server configurable flag related disaster recovery, which will override -# server configured values of all flags with default values. -neverallow { domain -init -flags_health_check } device_config_boot_count_prop:property_service set; - -# system property device_config_reset_performed_prop is used for indicating whether server -# configurable flags have been reset during booting. Mistakenly modified by unrelated components can -# cause bad server configurable flags synced back to device. -neverallow { domain -init -flags_health_check } device_config_reset_performed_prop:property_service set; - -# server_configurable_flags_data_file is used for storing whether server configurable flags which -# have been reset during current booting. Mistakenly modified by unrelated components can -# cause bad server configurable flags synced back to device. -neverallow { domain -init -flags_health_check } server_configurable_flags_data_file:file no_w_file_perms; diff --git a/prebuilts/api/29.0/public/fsck.te b/prebuilts/api/29.0/public/fsck.te deleted file mode 100644 index 7a9fbeef1..000000000 --- a/prebuilts/api/29.0/public/fsck.te +++ /dev/null @@ -1,68 +0,0 @@ -# Any fsck program run by init -type fsck, domain; -type fsck_exec, system_file_type, exec_type, file_type; - -# /dev/__null__ created by init prior to policy load, -# open fd inherited by fsck. -allow fsck tmpfs:chr_file { read write ioctl }; - -# Inherit and use pty created by android_fork_execvp_ext(). -allow fsck devpts:chr_file { read write ioctl getattr }; - -# Allow stdin/out back to vold -allow fsck vold:fd use; -allow fsck vold:fifo_file { read write getattr }; - -# Run fsck on certain block devices -allow fsck block_device:dir search; -allow fsck userdata_block_device:blk_file rw_file_perms; -allow fsck cache_block_device:blk_file rw_file_perms; -allow fsck dm_device:blk_file rw_file_perms; -userdebug_or_eng(` -allow fsck system_block_device:blk_file rw_file_perms; -') - -# For the block devices where we have ioctl access, -# allow at a minimum the following common fsck ioctls. -allowxperm fsck dev_type:blk_file ioctl { - BLKDISCARDZEROES - BLKROGET -}; - -# To determine if it is safe to run fsck on a filesystem, e2fsck -# must first determine if the filesystem is mounted. To do that, -# e2fsck scans through /proc/mounts and collects all the mounted -# block devices. With that information, it runs stat() on each block -# device, comparing the major and minor numbers to the filesystem -# passed in on the command line. If there is a match, then the filesystem -# is currently mounted and running fsck is dangerous. -# Allow stat access to all block devices so that fsck can compare -# major/minor values. -allow fsck dev_type:blk_file getattr; - -allow fsck { - proc_mounts - proc_swaps -}:file r_file_perms; -allow fsck rootfs:dir r_dir_perms; - -### -### neverallow rules -### - -# fsck should never be run on these block devices -neverallow fsck { - boot_block_device - frp_block_device - recovery_block_device - root_block_device - swap_block_device - system_block_device - userdebug_or_eng(`-system_block_device') - vold_device -}:blk_file no_rw_file_perms; - -# Only allow entry from init or vold via fsck binaries -neverallow { domain -init -vold } fsck:process transition; -neverallow * fsck:process dyntransition; -neverallow fsck { file_type fs_type -fsck_exec }:file entrypoint; diff --git a/prebuilts/api/29.0/public/fsck_untrusted.te b/prebuilts/api/29.0/public/fsck_untrusted.te deleted file mode 100644 index 8510c9424..000000000 --- a/prebuilts/api/29.0/public/fsck_untrusted.te +++ /dev/null @@ -1,49 +0,0 @@ -# Any fsck program run on untrusted block devices -type fsck_untrusted, domain; - -# Inherit and use pty created by android_fork_execvp_ext(). -allow fsck_untrusted devpts:chr_file { read write ioctl getattr }; - -# Allow stdin/out back to vold -allow fsck_untrusted vold:fd use; -allow fsck_untrusted vold:fifo_file { read write getattr }; - -# Run fsck on vold block devices -allow fsck_untrusted block_device:dir search; -allow fsck_untrusted vold_device:blk_file rw_file_perms; - -allow fsck_untrusted proc_mounts:file r_file_perms; - -# To determine if it is safe to run fsck on a filesystem, e2fsck -# must first determine if the filesystem is mounted. To do that, -# e2fsck scans through /proc/mounts and collects all the mounted -# block devices. With that information, it runs stat() on each block -# device, comparing the major and minor numbers to the filesystem -# passed in on the command line. If there is a match, then the filesystem -# is currently mounted and running fsck is dangerous. -# Allow stat access to all block devices so that fsck can compare -# major/minor values. -allow fsck_untrusted dev_type:blk_file getattr; - -### -### neverallow rules -### - -# Untrusted fsck should never be run on block devices holding sensitive data -neverallow fsck_untrusted { - boot_block_device - frp_block_device - metadata_block_device - recovery_block_device - root_block_device - swap_block_device - system_block_device - userdata_block_device - cache_block_device - dm_device -}:blk_file no_rw_file_perms; - -# Only allow entry from vold via fsck binaries -neverallow { domain -vold } fsck_untrusted:process transition; -neverallow * fsck_untrusted:process dyntransition; -neverallow fsck_untrusted { file_type fs_type -fsck_exec }:file entrypoint; diff --git a/prebuilts/api/29.0/public/fwk_bufferhub.te b/prebuilts/api/29.0/public/fwk_bufferhub.te deleted file mode 100644 index 03486bd1e..000000000 --- a/prebuilts/api/29.0/public/fwk_bufferhub.te +++ /dev/null @@ -1,4 +0,0 @@ -binder_call(hal_bufferhub_client, hal_bufferhub_server) -binder_call(hal_bufferhub_server, hal_bufferhub_client) - -hal_attribute_hwservice(hal_bufferhub, fwk_bufferhub_hwservice) diff --git a/prebuilts/api/29.0/public/gatekeeperd.te b/prebuilts/api/29.0/public/gatekeeperd.te deleted file mode 100644 index dc46d0789..000000000 --- a/prebuilts/api/29.0/public/gatekeeperd.te +++ /dev/null @@ -1,41 +0,0 @@ -type gatekeeperd, domain; -type gatekeeperd_exec, system_file_type, exec_type, file_type; - -# gatekeeperd -binder_service(gatekeeperd) -binder_use(gatekeeperd) - -### Rules needed when Gatekeeper HAL runs inside gatekeeperd process. -### These rules should eventually be granted only when needed. -allow gatekeeperd ion_device:chr_file r_file_perms; -# Load HAL implementation -allow gatekeeperd system_file:dir r_dir_perms; -### - -### Rules needed when Gatekeeper HAL runs outside of gatekeeperd process. -### These rules should eventually be granted only when needed. -hal_client_domain(gatekeeperd, hal_gatekeeper) -### - -# need to find KeyStore and add self -add_service(gatekeeperd, gatekeeper_service) - -# Need to add auth tokens to KeyStore -use_keystore(gatekeeperd) -allow gatekeeperd keystore:keystore_key { add_auth }; - -# For permissions checking -allow gatekeeperd system_server:binder call; -allow gatekeeperd permission_service:service_manager find; - -# for SID file access -allow gatekeeperd gatekeeper_data_file:dir rw_dir_perms; -allow gatekeeperd gatekeeper_data_file:file create_file_perms; - -# For hardware properties retrieval -allow gatekeeperd hardware_properties_service:service_manager find; - -# For checking whether GSI is running -get_prop(gatekeeperd, gsid_prop) - -r_dir_file(gatekeeperd, cgroup) diff --git a/prebuilts/api/29.0/public/global_macros b/prebuilts/api/29.0/public/global_macros deleted file mode 100644 index 1a1d593b3..000000000 --- a/prebuilts/api/29.0/public/global_macros +++ /dev/null @@ -1,51 +0,0 @@ -##################################### -# Common groupings of object classes. -# -define(`capability_class_set', `{ capability capability2 cap_userns cap2_userns }') -define(`global_capability_class_set', `{ capability cap_userns }') -define(`global_capability2_class_set', `{ capability2 cap2_userns }') - -define(`devfile_class_set', `{ chr_file blk_file }') -define(`notdevfile_class_set', `{ file lnk_file sock_file fifo_file }') -define(`file_class_set', `{ devfile_class_set notdevfile_class_set }') -define(`dir_file_class_set', `{ dir file_class_set }') - -define(`socket_class_set', `{ socket tcp_socket udp_socket rawip_socket netlink_socket packet_socket key_socket unix_stream_socket unix_dgram_socket appletalk_socket netlink_route_socket netlink_tcpdiag_socket netlink_nflog_socket netlink_xfrm_socket netlink_selinux_socket netlink_audit_socket netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket netlink_rdma_socket netlink_crypto_socket sctp_socket icmp_socket ax25_socket ipx_socket netrom_socket atmpvc_socket x25_socket rose_socket decnet_socket atmsvc_socket rds_socket irda_socket pppox_socket llc_socket can_socket tipc_socket bluetooth_socket iucv_socket rxrpc_socket isdn_socket phonet_socket ieee802154_socket caif_socket alg_socket nfc_socket vsock_socket kcm_socket qipcrtr_socket smc_socket xdp_socket }') -define(`dgram_socket_class_set', `{ udp_socket unix_dgram_socket }') -define(`stream_socket_class_set', `{ tcp_socket unix_stream_socket sctp_socket }') -define(`unpriv_socket_class_set', `{ tcp_socket udp_socket unix_stream_socket unix_dgram_socket sctp_socket }') -define(`network_socket_class_set', `{ icmp_socket rawip_socket tcp_socket udp_socket }') - -define(`ipc_class_set', `{ sem msgq shm ipc }') - -##################################### -# Common groupings of permissions. -# -define(`x_file_perms', `{ getattr execute execute_no_trans map }') -define(`r_file_perms', `{ getattr open read ioctl lock map }') -define(`w_file_perms', `{ open append write lock map }') -define(`rx_file_perms', `{ r_file_perms x_file_perms }') -define(`ra_file_perms', `{ r_file_perms append }') -define(`rw_file_perms', `{ r_file_perms w_file_perms }') -define(`rwx_file_perms', `{ rw_file_perms x_file_perms }') -define(`create_file_perms', `{ create rename setattr unlink rw_file_perms }') - -define(`r_dir_perms', `{ open getattr read search ioctl lock }') -define(`w_dir_perms', `{ open search write add_name remove_name lock }') -define(`ra_dir_perms', `{ r_dir_perms add_name write }') -define(`rw_dir_perms', `{ r_dir_perms w_dir_perms }') -define(`create_dir_perms', `{ create reparent rename rmdir setattr rw_dir_perms }') - -define(`r_ipc_perms', `{ getattr read associate unix_read }') -define(`w_ipc_perms', `{ write unix_write }') -define(`rw_ipc_perms', `{ r_ipc_perms w_ipc_perms }') -define(`create_ipc_perms', `{ create setattr destroy rw_ipc_perms }') - -##################################### -# Common socket permission sets. -define(`rw_socket_perms', `{ ioctl read getattr write setattr lock append bind connect getopt setopt shutdown map }') -define(`rw_socket_perms_no_ioctl', `{ read getattr write setattr lock append bind connect getopt setopt shutdown map }') -define(`create_socket_perms', `{ create rw_socket_perms }') -define(`create_socket_perms_no_ioctl', `{ create rw_socket_perms_no_ioctl }') -define(`rw_stream_socket_perms', `{ rw_socket_perms listen accept }') -define(`create_stream_socket_perms', `{ create rw_stream_socket_perms }') diff --git a/prebuilts/api/29.0/public/gpuservice.te b/prebuilts/api/29.0/public/gpuservice.te deleted file mode 100644 index c862d0b7f..000000000 --- a/prebuilts/api/29.0/public/gpuservice.te +++ /dev/null @@ -1,2 +0,0 @@ -# gpuservice - server for gpu stats and other gpu related services -type gpuservice, domain; diff --git a/prebuilts/api/29.0/public/hal_allocator.te b/prebuilts/api/29.0/public/hal_allocator.te deleted file mode 100644 index 6417b6289..000000000 --- a/prebuilts/api/29.0/public/hal_allocator.te +++ /dev/null @@ -1,6 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_allocator_client, hal_allocator_server) - -hal_attribute_hwservice(hal_allocator, hidl_allocator_hwservice) -allow hal_allocator_client hidl_memory_hwservice:hwservice_manager find; -allow hal_allocator_client same_process_hal_file:file { execute read open getattr map }; diff --git a/prebuilts/api/29.0/public/hal_atrace.te b/prebuilts/api/29.0/public/hal_atrace.te deleted file mode 100644 index 51d9237f9..000000000 --- a/prebuilts/api/29.0/public/hal_atrace.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_atrace_client, hal_atrace_server) - -hal_attribute_hwservice(hal_atrace, hal_atrace_hwservice) diff --git a/prebuilts/api/29.0/public/hal_audio.te b/prebuilts/api/29.0/public/hal_audio.te deleted file mode 100644 index bb9eec42c..000000000 --- a/prebuilts/api/29.0/public/hal_audio.te +++ /dev/null @@ -1,38 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_audio_client, hal_audio_server) -binder_call(hal_audio_server, hal_audio_client) - -hal_attribute_hwservice(hal_audio, hal_audio_hwservice) - -allow hal_audio ion_device:chr_file r_file_perms; - -r_dir_file(hal_audio, proc) -r_dir_file(hal_audio, proc_asound) -allow hal_audio_server audio_device:dir r_dir_perms; -allow hal_audio_server audio_device:chr_file rw_file_perms; - -# Needed to provide debug dump output via dumpsys' pipes. -allow hal_audio shell:fd use; -allow hal_audio shell:fifo_file write; -allow hal_audio dumpstate:fd use; -allow hal_audio dumpstate:fifo_file write; - -# allow hal audio to use vnbinder -vndbinder_use(hal_audio) - -### -### neverallow rules -### - -# Should never execute any executable without a domain transition -neverallow hal_audio_server { file_type fs_type }:file execute_no_trans; - -# Should never need network access. -# Disallow network sockets. -neverallow hal_audio_server domain:{ tcp_socket udp_socket rawip_socket } *; - -# Only audio HAL may directly access the audio hardware -neverallow { halserverdomain -hal_audio_server -hal_omx_server } audio_device:chr_file *; - -get_prop(hal_audio, bluetooth_a2dp_offload_prop) -get_prop(hal_audio, bluetooth_audio_hal_prop) diff --git a/prebuilts/api/29.0/public/hal_audiocontrol.te b/prebuilts/api/29.0/public/hal_audiocontrol.te deleted file mode 100644 index 4a52b8954..000000000 --- a/prebuilts/api/29.0/public/hal_audiocontrol.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_audiocontrol_client, hal_audiocontrol_server) -binder_call(hal_audiocontrol_server, hal_audiocontrol_client) - -hal_attribute_hwservice(hal_audiocontrol, hal_audiocontrol_hwservice) diff --git a/prebuilts/api/29.0/public/hal_authsecret.te b/prebuilts/api/29.0/public/hal_authsecret.te deleted file mode 100644 index daf8d4877..000000000 --- a/prebuilts/api/29.0/public/hal_authsecret.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_authsecret_client, hal_authsecret_server) - -hal_attribute_hwservice(hal_authsecret, hal_authsecret_hwservice) diff --git a/prebuilts/api/29.0/public/hal_bluetooth.te b/prebuilts/api/29.0/public/hal_bluetooth.te deleted file mode 100644 index 97177bad7..000000000 --- a/prebuilts/api/29.0/public/hal_bluetooth.te +++ /dev/null @@ -1,32 +0,0 @@ -# HwBinder IPC from clients into server, and callbacks -binder_call(hal_bluetooth_client, hal_bluetooth_server) -binder_call(hal_bluetooth_server, hal_bluetooth_client) - -hal_attribute_hwservice(hal_bluetooth, hal_bluetooth_hwservice) - -wakelock_use(hal_bluetooth); - -# The HAL toggles rfkill to power the chip off/on. -allow hal_bluetooth self:global_capability_class_set net_admin; - -# bluetooth factory file accesses. -r_dir_file(hal_bluetooth, bluetooth_efs_file) - -allow hal_bluetooth { uhid_device hci_attach_dev }:chr_file rw_file_perms; - -# sysfs access. -r_dir_file(hal_bluetooth, sysfs_type) -allow hal_bluetooth sysfs_bluetooth_writable:file rw_file_perms; -allow hal_bluetooth self:global_capability2_class_set wake_alarm; - -# Allow write access to bluetooth-specific properties -set_prop(hal_bluetooth, bluetooth_a2dp_offload_prop) -set_prop(hal_bluetooth, bluetooth_audio_hal_prop) -set_prop(hal_bluetooth, bluetooth_prop) -set_prop(hal_bluetooth, exported_bluetooth_prop) - -# /proc access (bluesleep etc.). -allow hal_bluetooth proc_bluetooth_writable:file rw_file_perms; - -# allow to run with real-time scheduling policy -allow hal_bluetooth self:global_capability_class_set sys_nice; diff --git a/prebuilts/api/29.0/public/hal_bootctl.te b/prebuilts/api/29.0/public/hal_bootctl.te deleted file mode 100644 index be9975f89..000000000 --- a/prebuilts/api/29.0/public/hal_bootctl.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_bootctl_client, hal_bootctl_server) -binder_call(hal_bootctl_server, hal_bootctl_client) - -hal_attribute_hwservice(hal_bootctl, hal_bootctl_hwservice) diff --git a/prebuilts/api/29.0/public/hal_broadcastradio.te b/prebuilts/api/29.0/public/hal_broadcastradio.te deleted file mode 100644 index 84a25970f..000000000 --- a/prebuilts/api/29.0/public/hal_broadcastradio.te +++ /dev/null @@ -1,4 +0,0 @@ -binder_call(hal_broadcastradio_client, hal_broadcastradio_server) -binder_call(hal_broadcastradio_server, hal_broadcastradio_client) - -hal_attribute_hwservice(hal_broadcastradio, hal_broadcastradio_hwservice) diff --git a/prebuilts/api/29.0/public/hal_camera.te b/prebuilts/api/29.0/public/hal_camera.te deleted file mode 100644 index 77216e4a3..000000000 --- a/prebuilts/api/29.0/public/hal_camera.te +++ /dev/null @@ -1,36 +0,0 @@ -# HwBinder IPC from clients to server and callbacks -binder_call(hal_camera_client, hal_camera_server) -binder_call(hal_camera_server, hal_camera_client) - -hal_attribute_hwservice(hal_camera, hal_camera_hwservice) - -allow hal_camera device:dir r_dir_perms; -allow hal_camera video_device:dir r_dir_perms; -allow hal_camera video_device:chr_file rw_file_perms; -allow hal_camera camera_device:chr_file rw_file_perms; -allow hal_camera ion_device:chr_file rw_file_perms; -# Both the client and the server need to use the graphics allocator -allow { hal_camera_client hal_camera_server } hal_graphics_allocator:fd use; - -# Allow hal_camera to use fd from app,gralloc,and ashmem HAL -allow hal_camera { appdomain -isolated_app }:fd use; -allow hal_camera surfaceflinger:fd use; -allow hal_camera hal_allocator_server:fd use; - -# Needed to provide debug dump output via dumpsys' pipes. -allow hal_camera shell:fd use; -allow hal_camera shell:fifo_file write; - -### -### neverallow rules -### - -# hal_camera should never execute any executable without a -# domain transition -neverallow hal_camera_server { file_type fs_type }:file execute_no_trans; - -# hal_camera should never need network access. Disallow network sockets. -neverallow hal_camera_server domain:{ tcp_socket udp_socket rawip_socket } *; - -# Only camera HAL may directly access the camera hardware -neverallow { halserverdomain -hal_camera_server } camera_device:chr_file *; diff --git a/prebuilts/api/29.0/public/hal_cas.te b/prebuilts/api/29.0/public/hal_cas.te deleted file mode 100644 index 7de6a1353..000000000 --- a/prebuilts/api/29.0/public/hal_cas.te +++ /dev/null @@ -1,34 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_cas_client, hal_cas_server) -binder_call(hal_cas_server, hal_cas_client) - -hal_attribute_hwservice(hal_cas, hal_cas_hwservice) -allow hal_cas_server hidl_memory_hwservice:hwservice_manager find; - -# Permit reading device's serial number from system properties -get_prop(hal_cas_server, serialno_prop) - -# Read files already opened under /data -allow hal_cas system_data_file:file { getattr read }; - -# Read access to pseudo filesystems -r_dir_file(hal_cas, cgroup) -allow hal_cas cgroup:dir { search write }; -allow hal_cas cgroup:file w_file_perms; - -# Allow access to ion memory allocation device -allow hal_cas ion_device:chr_file rw_file_perms; -allow hal_cas hal_graphics_allocator:fd use; - -allow hal_cas tee_device:chr_file rw_file_perms; - -### -### neverallow rules -### - -# hal_cas should never execute any executable without a -# domain transition -neverallow hal_cas_server { file_type fs_type }:file execute_no_trans; - -# do not allow privileged socket ioctl commands -neverallowxperm hal_cas_server domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; diff --git a/prebuilts/api/29.0/public/hal_configstore.te b/prebuilts/api/29.0/public/hal_configstore.te deleted file mode 100644 index 8fe6bbe1a..000000000 --- a/prebuilts/api/29.0/public/hal_configstore.te +++ /dev/null @@ -1,67 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_configstore_client, hal_configstore_server) - -hal_attribute_hwservice(hal_configstore, hal_configstore_ISurfaceFlingerConfigs) - -# hal_configstore runs with a strict seccomp filter. Use crash_dump's -# fallback path to collect crash data. -crash_dump_fallback(hal_configstore_server) - -### -### neverallow rules -### - -# Should never execute an executable without a domain transition -neverallow hal_configstore_server { file_type fs_type }:file execute_no_trans; - -# Should never need network access. Disallow sockets except for -# for unix stream/dgram sockets used for logging/debugging. -neverallow hal_configstore_server domain:{ - rawip_socket tcp_socket udp_socket - netlink_route_socket netlink_selinux_socket - socket netlink_socket packet_socket key_socket appletalk_socket - netlink_tcpdiag_socket netlink_nflog_socket - netlink_xfrm_socket netlink_audit_socket - netlink_dnrt_socket netlink_kobject_uevent_socket tun_socket - netlink_iscsi_socket netlink_fib_lookup_socket netlink_connector_socket - netlink_netfilter_socket netlink_generic_socket netlink_scsitransport_socket - netlink_rdma_socket netlink_crypto_socket -} *; -neverallow hal_configstore_server { - domain - -hal_configstore_server - -logd - userdebug_or_eng(`-su') - -tombstoned - userdebug_or_eng(`-heapprofd') -}:{ unix_dgram_socket unix_stream_socket } *; - -# Should never need access to anything on /data -neverallow hal_configstore_server { - data_file_type - -anr_data_file # for crash dump collection - -tombstone_data_file # for crash dump collection - -zoneinfo_data_file # granted to domain -}:{ file fifo_file sock_file } *; - -# Should never need sdcard access -neverallow hal_configstore_server { - sdcard_type - fuse sdcardfs vfat exfat # manual expansion for completeness -}:dir ~getattr; -neverallow hal_configstore_server { - sdcard_type - fuse sdcardfs vfat exfat # manual expansion for completeness -}:file *; - -# Do not permit access to service_manager and vndservice_manager -neverallow hal_configstore_server *:service_manager *; - -# No privileged capabilities -neverallow hal_configstore_server self:capability_class_set *; - -# No ptracing other processes -neverallow hal_configstore_server *:process ptrace; - -# no relabeling -neverallow hal_configstore_server *:dir_file_class_set { relabelfrom relabelto }; diff --git a/prebuilts/api/29.0/public/hal_confirmationui.te b/prebuilts/api/29.0/public/hal_confirmationui.te deleted file mode 100644 index 5d2e4b7a1..000000000 --- a/prebuilts/api/29.0/public/hal_confirmationui.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_confirmationui_client, hal_confirmationui_server) - -hal_attribute_hwservice(hal_confirmationui, hal_confirmationui_hwservice) diff --git a/prebuilts/api/29.0/public/hal_contexthub.te b/prebuilts/api/29.0/public/hal_contexthub.te deleted file mode 100644 index 34acb38d6..000000000 --- a/prebuilts/api/29.0/public/hal_contexthub.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_contexthub_client, hal_contexthub_server) -binder_call(hal_contexthub_server, hal_contexthub_client) - -hal_attribute_hwservice(hal_contexthub, hal_contexthub_hwservice) diff --git a/prebuilts/api/29.0/public/hal_drm.te b/prebuilts/api/29.0/public/hal_drm.te deleted file mode 100644 index bfee2d344..000000000 --- a/prebuilts/api/29.0/public/hal_drm.te +++ /dev/null @@ -1,47 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_drm_client, hal_drm_server) -binder_call(hal_drm_server, hal_drm_client) - -hal_attribute_hwservice(hal_drm, hal_drm_hwservice) - -allow hal_drm hidl_memory_hwservice:hwservice_manager find; - -# Required by Widevine DRM (b/22990512) -allow hal_drm self:process execmem; - -# Permit reading device's serial number from system properties -get_prop(hal_drm, serialno_prop) - -# Read files already opened under /data -allow hal_drm system_data_file:file { getattr read }; - -# Read access to pseudo filesystems -r_dir_file(hal_drm, cgroup) -allow hal_drm cgroup:dir { search write }; -allow hal_drm cgroup:file w_file_perms; - -# Allow access to ion memory allocation device -allow hal_drm ion_device:chr_file rw_file_perms; -allow hal_drm hal_graphics_allocator:fd use; - -# Allow access to fds allocated by mediaserver -allow hal_drm mediaserver:fd use; - -allow hal_drm sysfs:file r_file_perms; - -allow hal_drm tee_device:chr_file rw_file_perms; - -# only allow unprivileged socket ioctl commands -allowxperm hal_drm self:{ rawip_socket tcp_socket udp_socket } - ioctl { unpriv_sock_ioctls unpriv_tty_ioctls }; - -### -### neverallow rules -### - -# hal_drm should never execute any executable without a -# domain transition -neverallow hal_drm_server { file_type fs_type }:file execute_no_trans; - -# do not allow privileged socket ioctl commands -neverallowxperm hal_drm_server domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; diff --git a/prebuilts/api/29.0/public/hal_dumpstate.te b/prebuilts/api/29.0/public/hal_dumpstate.te deleted file mode 100644 index b7676ed29..000000000 --- a/prebuilts/api/29.0/public/hal_dumpstate.te +++ /dev/null @@ -1,10 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_dumpstate_client, hal_dumpstate_server) -binder_call(hal_dumpstate_server, hal_dumpstate_client) - -hal_attribute_hwservice(hal_dumpstate, hal_dumpstate_hwservice) - -# write bug reports in /data/data/com.android.shell/files/bugreports/bugreport -allow hal_dumpstate shell_data_file:file write; -# allow reading /proc/interrupts for all hal impls -allow hal_dumpstate proc_interrupts:file r_file_perms; diff --git a/prebuilts/api/29.0/public/hal_evs.te b/prebuilts/api/29.0/public/hal_evs.te deleted file mode 100644 index bf2e38b53..000000000 --- a/prebuilts/api/29.0/public/hal_evs.te +++ /dev/null @@ -1,5 +0,0 @@ -hwbinder_use(hal_evs_client) -hwbinder_use(hal_evs_server) -binder_call(hal_evs_client, hal_evs_server) -binder_call(hal_evs_server, hal_evs_client) -allow hal_evs_client hal_evs_hwservice:hwservice_manager find; diff --git a/prebuilts/api/29.0/public/hal_face.te b/prebuilts/api/29.0/public/hal_face.te deleted file mode 100644 index b25058642..000000000 --- a/prebuilts/api/29.0/public/hal_face.te +++ /dev/null @@ -1,12 +0,0 @@ -# Allow HwBinder IPC from client to server, and vice versa for callbacks. -binder_call(hal_face_client, hal_face_server) -binder_call(hal_face_server, hal_face_client) - -hal_attribute_hwservice(hal_face, hal_face_hwservice) - -# Allow access to the ion memory allocation device. -allow hal_face ion_device:chr_file r_file_perms; - -# Allow read/write access to the face template directory. -allow hal_face face_vendor_data_file:file create_file_perms; -allow hal_face face_vendor_data_file:dir rw_dir_perms; diff --git a/prebuilts/api/29.0/public/hal_fingerprint.te b/prebuilts/api/29.0/public/hal_fingerprint.te deleted file mode 100644 index b673e291b..000000000 --- a/prebuilts/api/29.0/public/hal_fingerprint.te +++ /dev/null @@ -1,16 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_fingerprint_client, hal_fingerprint_server) -binder_call(hal_fingerprint_server, hal_fingerprint_client) - -hal_attribute_hwservice(hal_fingerprint, hal_fingerprint_hwservice) - -# For memory allocation -allow hal_fingerprint ion_device:chr_file r_file_perms; - -allow hal_fingerprint fingerprint_vendor_data_file:file { create_file_perms }; -allow hal_fingerprint fingerprint_vendor_data_file:dir rw_dir_perms; - -r_dir_file(hal_fingerprint, cgroup) -r_dir_file(hal_fingerprint, sysfs) - - diff --git a/prebuilts/api/29.0/public/hal_gatekeeper.te b/prebuilts/api/29.0/public/hal_gatekeeper.te deleted file mode 100644 index b918f88a2..000000000 --- a/prebuilts/api/29.0/public/hal_gatekeeper.te +++ /dev/null @@ -1,7 +0,0 @@ -binder_call(hal_gatekeeper_client, hal_gatekeeper_server) - -hal_attribute_hwservice(hal_gatekeeper, hal_gatekeeper_hwservice) - -# TEE access. -allow hal_gatekeeper tee_device:chr_file rw_file_perms; -allow hal_gatekeeper ion_device:chr_file r_file_perms; diff --git a/prebuilts/api/29.0/public/hal_gnss.te b/prebuilts/api/29.0/public/hal_gnss.te deleted file mode 100644 index 9bfc4ec36..000000000 --- a/prebuilts/api/29.0/public/hal_gnss.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_gnss_client, hal_gnss_server) -binder_call(hal_gnss_server, hal_gnss_client) - -hal_attribute_hwservice(hal_gnss, hal_gnss_hwservice) diff --git a/prebuilts/api/29.0/public/hal_graphics_allocator.te b/prebuilts/api/29.0/public/hal_graphics_allocator.te deleted file mode 100644 index 991e147c7..000000000 --- a/prebuilts/api/29.0/public/hal_graphics_allocator.te +++ /dev/null @@ -1,13 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_graphics_allocator_client, hal_graphics_allocator_server) - -hal_attribute_hwservice(hal_graphics_allocator, hal_graphics_allocator_hwservice) -allow hal_graphics_allocator_client hal_graphics_mapper_hwservice:hwservice_manager find; -allow hal_graphics_allocator_client same_process_hal_file:file { execute read open getattr map }; - -# GPU device access -allow hal_graphics_allocator gpu_device:chr_file rw_file_perms; -allow hal_graphics_allocator ion_device:chr_file r_file_perms; - -# allow to run with real-time scheduling policy -allow hal_graphics_allocator self:global_capability_class_set sys_nice; diff --git a/prebuilts/api/29.0/public/hal_graphics_composer.te b/prebuilts/api/29.0/public/hal_graphics_composer.te deleted file mode 100644 index cb4a1307f..000000000 --- a/prebuilts/api/29.0/public/hal_graphics_composer.te +++ /dev/null @@ -1,31 +0,0 @@ -type hal_graphics_composer_server_tmpfs, file_type; -attribute hal_graphics_composer_client_tmpfs; -expandattribute hal_graphics_composer_client_tmpfs true; - -# HwBinder IPC from client to server, and callbacks -binder_call(hal_graphics_composer_client, hal_graphics_composer_server) -binder_call(hal_graphics_composer_server, hal_graphics_composer_client) -allow hal_graphics_composer_client hal_graphics_composer_server_tmpfs:file { getattr map read write }; -allow hal_graphics_composer_server hal_graphics_composer_client_tmpfs:file { getattr map read write }; - -hal_attribute_hwservice(hal_graphics_composer, hal_graphics_composer_hwservice) - -# Coordinate with hal_graphics_mapper -allow hal_graphics_composer_server hal_graphics_mapper_hwservice:hwservice_manager find; - -# GPU device access -allow hal_graphics_composer gpu_device:chr_file rw_file_perms; -allow hal_graphics_composer ion_device:chr_file r_file_perms; -allow hal_graphics_composer hal_graphics_allocator:fd use; - -# Access /dev/graphics/fb0. -allow hal_graphics_composer graphics_device:dir search; -allow hal_graphics_composer graphics_device:chr_file rw_file_perms; - -# Fences -allow hal_graphics_composer system_server:fd use; -allow hal_graphics_composer bootanim:fd use; -allow hal_graphics_composer appdomain:fd use; - -# allow self to set SCHED_FIFO -allow hal_graphics_composer self:global_capability_class_set sys_nice; diff --git a/prebuilts/api/29.0/public/hal_health.te b/prebuilts/api/29.0/public/hal_health.te deleted file mode 100644 index dc7d0836e..000000000 --- a/prebuilts/api/29.0/public/hal_health.te +++ /dev/null @@ -1,27 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_health_client, hal_health_server) -binder_call(hal_health_server, hal_health_client) - -hal_attribute_hwservice(hal_health, hal_health_hwservice) - -# Common rules for a health service. - -# Allow to listen to uevents for updates -allow hal_health_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Allow to read /sys/class/power_supply directory -allow hal_health_server sysfs:dir r_dir_perms; - -# Allow to read files under /sys/class/power_supply. Implementations typically have symlinks -# to vendor specific files. Vendors should mark sysfs_batteryinfo on all files read by health -# HAL service. -r_dir_file(hal_health_server, sysfs_batteryinfo) - -# Allow to wake up to send periodic events -wakelock_use(hal_health_server) - -# Write to /dev/kmsg -allow hal_health_server kmsg_device:chr_file { getattr w_file_perms }; - -# Allow to use timerfd to wake itself up periodically to send health info. -allow hal_health_server self:capability2 wake_alarm; diff --git a/prebuilts/api/29.0/public/hal_health_storage.te b/prebuilts/api/29.0/public/hal_health_storage.te deleted file mode 100644 index 61e609b68..000000000 --- a/prebuilts/api/29.0/public/hal_health_storage.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_health_storage_client, hal_health_storage_server) -binder_call(hal_health_storage_server, hal_health_storage_client) - -hal_attribute_hwservice(hal_health_storage, hal_health_storage_hwservice) diff --git a/prebuilts/api/29.0/public/hal_input_classifier.te b/prebuilts/api/29.0/public/hal_input_classifier.te deleted file mode 100644 index 70a4b7deb..000000000 --- a/prebuilts/api/29.0/public/hal_input_classifier.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_input_classifier_client, hal_input_classifier_server) - -hal_attribute_hwservice(hal_input_classifier, hal_input_classifier_hwservice) diff --git a/prebuilts/api/29.0/public/hal_ir.te b/prebuilts/api/29.0/public/hal_ir.te deleted file mode 100644 index 29555f74c..000000000 --- a/prebuilts/api/29.0/public/hal_ir.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_ir_client, hal_ir_server) -binder_call(hal_ir_server, hal_ir_client) - -hal_attribute_hwservice(hal_ir, hal_ir_hwservice) diff --git a/prebuilts/api/29.0/public/hal_keymaster.te b/prebuilts/api/29.0/public/hal_keymaster.te deleted file mode 100644 index 3e164ade9..000000000 --- a/prebuilts/api/29.0/public/hal_keymaster.te +++ /dev/null @@ -1,7 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_keymaster_client, hal_keymaster_server) - -hal_attribute_hwservice(hal_keymaster, hal_keymaster_hwservice) - -allow hal_keymaster tee_device:chr_file rw_file_perms; -allow hal_keymaster ion_device:chr_file r_file_perms; diff --git a/prebuilts/api/29.0/public/hal_light.te b/prebuilts/api/29.0/public/hal_light.te deleted file mode 100644 index 333fcac60..000000000 --- a/prebuilts/api/29.0/public/hal_light.te +++ /dev/null @@ -1,9 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_light_client, hal_light_server) -binder_call(hal_light_server, hal_light_client) - -hal_attribute_hwservice(hal_light, hal_light_hwservice) - -allow hal_light sysfs_leds:lnk_file read; -allow hal_light sysfs_leds:file rw_file_perms; -allow hal_light sysfs_leds:dir r_dir_perms; diff --git a/prebuilts/api/29.0/public/hal_lowpan.te b/prebuilts/api/29.0/public/hal_lowpan.te deleted file mode 100644 index 6fb95e943..000000000 --- a/prebuilts/api/29.0/public/hal_lowpan.te +++ /dev/null @@ -1,20 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_lowpan_client, hal_lowpan_server) -binder_call(hal_lowpan_server, hal_lowpan_client) - - -# Allow hal_lowpan_client to be able to find the hal_lowpan_server -hal_attribute_hwservice(hal_lowpan, hal_lowpan_hwservice) - -# hal_lowpan domain can write/read to/from lowpan_prop -set_prop(hal_lowpan_server, lowpan_prop) - -# Allow hal_lowpan_server to open lowpan_devices -allow hal_lowpan_server lowpan_device:chr_file rw_file_perms; - -### -### neverallow rules -### - -# Only LoWPAN HAL may directly access LoWPAN hardware -neverallow { domain -hal_lowpan_server -init -ueventd } lowpan_device:chr_file ~getattr; diff --git a/prebuilts/api/29.0/public/hal_memtrack.te b/prebuilts/api/29.0/public/hal_memtrack.te deleted file mode 100644 index ed93a29a4..000000000 --- a/prebuilts/api/29.0/public/hal_memtrack.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_memtrack_client, hal_memtrack_server) - -hal_attribute_hwservice(hal_memtrack, hal_memtrack_hwservice) diff --git a/prebuilts/api/29.0/public/hal_neuralnetworks.te b/prebuilts/api/29.0/public/hal_neuralnetworks.te deleted file mode 100644 index 1ef6cadff..000000000 --- a/prebuilts/api/29.0/public/hal_neuralnetworks.te +++ /dev/null @@ -1,22 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_neuralnetworks_client, hal_neuralnetworks_server) -binder_call(hal_neuralnetworks_server, hal_neuralnetworks_client) - -hal_attribute_hwservice(hal_neuralnetworks, hal_neuralnetworks_hwservice) -allow hal_neuralnetworks hidl_memory_hwservice:hwservice_manager find; -allow hal_neuralnetworks hal_allocator:fd use; - -# Allow NN HAL service to use a client-provided fd residing in /data/data/. -allow hal_neuralnetworks_server app_data_file:file { read write getattr map }; -allow hal_neuralnetworks_server privapp_data_file:file { read write getattr map }; - -# Allow NN HAL service to use a client-provided fd residing in /data/local/tmp/. -allow hal_neuralnetworks_server shell_data_file:file { read write getattr map }; - -# Allow NN HAL client to check the ro.nnapi.extensions.deny_on_product -# property to determine whether to deny NNAPI extensions use for apps -# on product partition (apps in GSI are not allowed to use NNAPI extensions). -get_prop(hal_neuralnetworks_client, nnapi_ext_deny_product_prop); -# This property is only expected to be found in /product/build.prop, -# allow to be set only by init. -neverallow { domain -init } nnapi_ext_deny_product_prop:property_service set; diff --git a/prebuilts/api/29.0/public/hal_neverallows.te b/prebuilts/api/29.0/public/hal_neverallows.te deleted file mode 100644 index 0f05d8ad3..000000000 --- a/prebuilts/api/29.0/public/hal_neverallows.te +++ /dev/null @@ -1,59 +0,0 @@ -# only HALs responsible for network hardware should have privileged -# network capabilities -neverallow { - halserverdomain - -hal_bluetooth_server - -hal_wifi_server - -hal_wifi_hostapd_server - -hal_wifi_supplicant_server - -hal_telephony_server -} self:global_capability_class_set { net_admin net_raw }; - -# Unless a HAL's job is to communicate over the network, or control network -# hardware, it should not be using network sockets. -# NOTE: HALs for automotive devices have an exemption from this rule because in -# a car it is common to have external modules and HALs need to communicate to -# those modules using network. Using this exemption for non-automotive builds -# will result in CTS failure. -neverallow { - halserverdomain - -hal_automotive_socket_exemption - -hal_tetheroffload_server - -hal_wifi_server - -hal_wifi_hostapd_server - -hal_wifi_supplicant_server - -hal_telephony_server -} domain:{ tcp_socket udp_socket rawip_socket } *; - -### -# HALs are defined as an attribute and so a given domain could hypothetically -# have multiple HALs in it (or even all of them) with the subsequent policy of -# the domain comprised of the union of all the HALs. -# -# This is a problem because -# 1) Security sensitive components should only be accessed by specific HALs. -# 2) hwbinder_call and the restrictions it provides cannot be reasoned about in -# the platform. -# 3) The platform cannot reason about defense in depth if there are -# monolithic domains etc. -# -# As an example, hal_keymaster and hal_gatekeeper can access the TEE and while -# its OK for them to share a process its not OK with them to share processes -# with other hals. -# -# The following neverallow rules, in conjuntion with CTS tests, assert that -# these security principles are adhered to. -# -# Do not allow a hal to exec another process without a domain transition. -# TODO remove exemptions. -neverallow { - halserverdomain - -hal_dumpstate_server - -hal_telephony_server -} { file_type fs_type }:file execute_no_trans; -# Do not allow a process other than init to transition into a HAL domain. -neverallow { domain -init } halserverdomain:process transition; -# Only allow transitioning to a domain by running its executable. Do not -# allow transitioning into a HAL domain by use of seclabel in an -# init.*.rc script. -neverallow * halserverdomain:process dyntransition; diff --git a/prebuilts/api/29.0/public/hal_nfc.te b/prebuilts/api/29.0/public/hal_nfc.te deleted file mode 100644 index 7cef4a17d..000000000 --- a/prebuilts/api/29.0/public/hal_nfc.te +++ /dev/null @@ -1,11 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_nfc_client, hal_nfc_server) -binder_call(hal_nfc_server, hal_nfc_client) - -hal_attribute_hwservice(hal_nfc, hal_nfc_hwservice) - -# Set NFC properties (used by bcm2079x HAL). -set_prop(hal_nfc, nfc_prop) - -# NFC device access. -allow hal_nfc nfc_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/public/hal_oemlock.te b/prebuilts/api/29.0/public/hal_oemlock.te deleted file mode 100644 index 26b2b4265..000000000 --- a/prebuilts/api/29.0/public/hal_oemlock.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_oemlock_client, hal_oemlock_server) - -hal_attribute_hwservice(hal_oemlock, hal_oemlock_hwservice) diff --git a/prebuilts/api/29.0/public/hal_omx.te b/prebuilts/api/29.0/public/hal_omx.te deleted file mode 100644 index 656b03ac8..000000000 --- a/prebuilts/api/29.0/public/hal_omx.te +++ /dev/null @@ -1,50 +0,0 @@ -# applies all permissions to hal_omx NOT hal_omx_server -# since OMX must always be in its own process. - - -binder_call(hal_omx_server, binderservicedomain) -binder_call(hal_omx_server, { appdomain -isolated_app }) - -# Allow hal_omx_server access to composer sync fences -allow hal_omx_server hal_graphics_composer:fd use; - -allow hal_omx_server ion_device:chr_file rw_file_perms; -allow hal_omx_server hal_camera:fd use; - -crash_dump_fallback(hal_omx_server) - -# Recieve gralloc buffer FDs from bufferhubd. Note that hal_omx_server never -# directly connects to bufferhubd via PDX. Instead, a VR app acts as a bridge -# between those two: it talks to hal_omx_server via Binder and talks to bufferhubd -# via PDX. Thus, there is no need to use pdx_client macro. -allow hal_omx_server bufferhubd:fd use; - -hal_attribute_hwservice(hal_omx, hal_omx_hwservice) - -allow hal_omx_client hal_codec2_hwservice:hwservice_manager find; -allow hal_omx_server hal_codec2_hwservice:hwservice_manager { add find }; - -allow hal_omx_client hidl_token_hwservice:hwservice_manager find; - -binder_call(hal_omx_client, hal_omx_server) -binder_call(hal_omx_server, hal_omx_client) - -### -### neverallow rules -### - -# hal_omx_server should never execute any executable without a -# domain transition -neverallow hal_omx_server { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow hal_omx_server domain:{ tcp_socket udp_socket rawip_socket } *; diff --git a/prebuilts/api/29.0/public/hal_power.te b/prebuilts/api/29.0/public/hal_power.te deleted file mode 100644 index 028011ab3..000000000 --- a/prebuilts/api/29.0/public/hal_power.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_power_client, hal_power_server) -binder_call(hal_power_server, hal_power_client) - -hal_attribute_hwservice(hal_power, hal_power_hwservice) diff --git a/prebuilts/api/29.0/public/hal_power_stats.te b/prebuilts/api/29.0/public/hal_power_stats.te deleted file mode 100644 index 2c04008bd..000000000 --- a/prebuilts/api/29.0/public/hal_power_stats.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_power_stats_client, hal_power_stats_server) -binder_call(hal_power_stats_server, hal_power_stats_client) - -hal_attribute_hwservice(hal_power_stats, hal_power_stats_hwservice) diff --git a/prebuilts/api/29.0/public/hal_secure_element.te b/prebuilts/api/29.0/public/hal_secure_element.te deleted file mode 100644 index 3724d35b0..000000000 --- a/prebuilts/api/29.0/public/hal_secure_element.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_secure_element_client, hal_secure_element_server) -binder_call(hal_secure_element_server, hal_secure_element_client) - -hal_attribute_hwservice(hal_secure_element, hal_secure_element_hwservice) diff --git a/prebuilts/api/29.0/public/hal_sensors.te b/prebuilts/api/29.0/public/hal_sensors.te deleted file mode 100644 index 06e76f1e1..000000000 --- a/prebuilts/api/29.0/public/hal_sensors.te +++ /dev/null @@ -1,14 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_sensors_client, hal_sensors_server) - -hal_attribute_hwservice(hal_sensors, hal_sensors_hwservice) - -# Allow sensor hals to access ashmem memory allocated by apps -allow hal_sensors { appdomain -isolated_app }:fd use; - -# Allow sensor hals to access ashmem memory allocated by android.hidl.allocator -# fd is passed in from framework sensorservice HAL. -allow hal_sensors hal_allocator:fd use; - -# allow to run with real-time scheduling policy -allow hal_sensors self:global_capability_class_set sys_nice; diff --git a/prebuilts/api/29.0/public/hal_telephony.te b/prebuilts/api/29.0/public/hal_telephony.te deleted file mode 100644 index 3e4b65dfa..000000000 --- a/prebuilts/api/29.0/public/hal_telephony.te +++ /dev/null @@ -1,42 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_telephony_client, hal_telephony_server) -binder_call(hal_telephony_server, hal_telephony_client) - -hal_attribute_hwservice(hal_telephony, hal_telephony_hwservice) - -allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls; - -allow hal_telephony_server self:netlink_route_socket nlmsg_write; -allow hal_telephony_server kernel:system module_request; -allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw }; -allow hal_telephony_server cgroup:dir create_dir_perms; -allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms; -allow hal_telephony_server radio_device:chr_file rw_file_perms; -allow hal_telephony_server radio_device:blk_file r_file_perms; -allow hal_telephony_server efs_file:dir create_dir_perms; -allow hal_telephony_server efs_file:file create_file_perms; -allow hal_telephony_server vendor_shell_exec:file rx_file_perms; -allow hal_telephony_server bluetooth_efs_file:file r_file_perms; -allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms; - -# property service -set_prop(hal_telephony_server, radio_prop) -set_prop(hal_telephony_server, exported_radio_prop) -set_prop(hal_telephony_server, exported2_radio_prop) -set_prop(hal_telephony_server, exported3_radio_prop) - -allow hal_telephony_server tty_device:chr_file rw_file_perms; - -# Allow hal_telephony_server to create and use netlink sockets. -allow hal_telephony_server self:netlink_socket create_socket_perms_no_ioctl; -allow hal_telephony_server self:netlink_generic_socket create_socket_perms_no_ioctl; -allow hal_telephony_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Access to wake locks -wakelock_use(hal_telephony_server) - -r_dir_file(hal_telephony_server, proc_net_type) -r_dir_file(hal_telephony_server, sysfs_type) - -# granting the ioctl permission for hal_telephony_server should be device specific -allow hal_telephony_server self:socket create_socket_perms_no_ioctl; diff --git a/prebuilts/api/29.0/public/hal_tetheroffload.te b/prebuilts/api/29.0/public/hal_tetheroffload.te deleted file mode 100644 index cf5172366..000000000 --- a/prebuilts/api/29.0/public/hal_tetheroffload.te +++ /dev/null @@ -1,8 +0,0 @@ -## HwBinder IPC from client to server, and callbacks -binder_call(hal_tetheroffload_client, hal_tetheroffload_server) -binder_call(hal_tetheroffload_server, hal_tetheroffload_client) - -hal_attribute_hwservice(hal_tetheroffload, hal_tetheroffload_hwservice) - -# allow the client to pass the server already open netlink sockets -allow hal_tetheroffload_server hal_tetheroffload_client:netlink_netfilter_socket { getattr read setopt write }; diff --git a/prebuilts/api/29.0/public/hal_thermal.te b/prebuilts/api/29.0/public/hal_thermal.te deleted file mode 100644 index 2115da1b9..000000000 --- a/prebuilts/api/29.0/public/hal_thermal.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_thermal_client, hal_thermal_server) -binder_call(hal_thermal_server, hal_thermal_client) - -hal_attribute_hwservice(hal_thermal, hal_thermal_hwservice) diff --git a/prebuilts/api/29.0/public/hal_tv_cec.te b/prebuilts/api/29.0/public/hal_tv_cec.te deleted file mode 100644 index 658490474..000000000 --- a/prebuilts/api/29.0/public/hal_tv_cec.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from clients into server, and callbacks -binder_call(hal_tv_cec_client, hal_tv_cec_server) -binder_call(hal_tv_cec_server, hal_tv_cec_client) - -hal_attribute_hwservice(hal_tv_cec, hal_tv_cec_hwservice) diff --git a/prebuilts/api/29.0/public/hal_tv_input.te b/prebuilts/api/29.0/public/hal_tv_input.te deleted file mode 100644 index 5a5bdda16..000000000 --- a/prebuilts/api/29.0/public/hal_tv_input.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from clients into server, and callbacks -binder_call(hal_tv_input_client, hal_tv_input_server) -binder_call(hal_tv_input_server, hal_tv_input_client) - -hal_attribute_hwservice(hal_tv_input, hal_tv_input_hwservice) diff --git a/prebuilts/api/29.0/public/hal_usb.te b/prebuilts/api/29.0/public/hal_usb.te deleted file mode 100644 index 38bc49a21..000000000 --- a/prebuilts/api/29.0/public/hal_usb.te +++ /dev/null @@ -1,18 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_usb_client, hal_usb_server) -binder_call(hal_usb_server, hal_usb_client) - -hal_attribute_hwservice(hal_usb, hal_usb_hwservice) - -allow hal_usb self:netlink_kobject_uevent_socket create; -allow hal_usb self:netlink_kobject_uevent_socket setopt; -allow hal_usb self:netlink_kobject_uevent_socket getopt; -allow hal_usb self:netlink_kobject_uevent_socket bind; -allow hal_usb self:netlink_kobject_uevent_socket read; -allow hal_usb sysfs:dir open; -allow hal_usb sysfs:dir read; -allow hal_usb sysfs:file read; -allow hal_usb sysfs:file open; -allow hal_usb sysfs:file write; -allow hal_usb sysfs:file getattr; - diff --git a/prebuilts/api/29.0/public/hal_usb_gadget.te b/prebuilts/api/29.0/public/hal_usb_gadget.te deleted file mode 100644 index a474652f7..000000000 --- a/prebuilts/api/29.0/public/hal_usb_gadget.te +++ /dev/null @@ -1,13 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_usb_gadget_client, hal_usb_gadget_server) -binder_call(hal_usb_gadget_server, hal_usb_gadget_client) - -hal_attribute_hwservice(hal_usb_gadget, hal_usb_gadget_hwservice) - -# Configuring usb gadget functions -allow hal_usb_gadget_server configfs:lnk_file { read create unlink}; -allow hal_usb_gadget_server configfs:dir rw_dir_perms; -allow hal_usb_gadget_server configfs:file create_file_perms; -allow hal_usb_gadget_server functionfs:dir { read search }; -allow hal_usb_gadget_server functionfs:file read; - diff --git a/prebuilts/api/29.0/public/hal_vehicle.te b/prebuilts/api/29.0/public/hal_vehicle.te deleted file mode 100644 index 6855d1469..000000000 --- a/prebuilts/api/29.0/public/hal_vehicle.te +++ /dev/null @@ -1,6 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_vehicle_client, hal_vehicle_server) -binder_call(hal_vehicle_server, hal_vehicle_client) - - -hal_attribute_hwservice(hal_vehicle, hal_vehicle_hwservice) diff --git a/prebuilts/api/29.0/public/hal_vibrator.te b/prebuilts/api/29.0/public/hal_vibrator.te deleted file mode 100644 index ab6138d3f..000000000 --- a/prebuilts/api/29.0/public/hal_vibrator.te +++ /dev/null @@ -1,8 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_vibrator_client, hal_vibrator_server) - -hal_attribute_hwservice(hal_vibrator, hal_vibrator_hwservice) - -# vibrator sysfs rw access -allow hal_vibrator sysfs_vibrator:file rw_file_perms; -allow hal_vibrator sysfs_vibrator:dir search; diff --git a/prebuilts/api/29.0/public/hal_vr.te b/prebuilts/api/29.0/public/hal_vr.te deleted file mode 100644 index e52c77fba..000000000 --- a/prebuilts/api/29.0/public/hal_vr.te +++ /dev/null @@ -1,5 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_vr_client, hal_vr_server) -binder_call(hal_vr_server, hal_vr_client) - -hal_attribute_hwservice(hal_vr, hal_vr_hwservice) diff --git a/prebuilts/api/29.0/public/hal_weaver.te b/prebuilts/api/29.0/public/hal_weaver.te deleted file mode 100644 index 36d1306e2..000000000 --- a/prebuilts/api/29.0/public/hal_weaver.te +++ /dev/null @@ -1,4 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_weaver_client, hal_weaver_server) - -hal_attribute_hwservice(hal_weaver, hal_weaver_hwservice) diff --git a/prebuilts/api/29.0/public/hal_wifi.te b/prebuilts/api/29.0/public/hal_wifi.te deleted file mode 100644 index ecc13597a..000000000 --- a/prebuilts/api/29.0/public/hal_wifi.te +++ /dev/null @@ -1,31 +0,0 @@ -# HwBinder IPC from client to server, and callbacks -binder_call(hal_wifi_client, hal_wifi_server) -binder_call(hal_wifi_server, hal_wifi_client) - -hal_attribute_hwservice(hal_wifi, hal_wifi_hwservice) - -r_dir_file(hal_wifi, proc_net_type) -r_dir_file(hal_wifi, sysfs_type) - -set_prop(hal_wifi, exported_wifi_prop) -set_prop(hal_wifi, wifi_prop) - -# allow hal wifi set interfaces up and down and get the factory MAC -allow hal_wifi self:udp_socket create_socket_perms; -allowxperm hal_wifi self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL }; - -allow hal_wifi self:global_capability_class_set { net_admin net_raw }; -# allow hal_wifi to speak to nl80211 in the kernel -allow hal_wifi self:netlink_socket create_socket_perms_no_ioctl; -# newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets -allow hal_wifi self:netlink_generic_socket create_socket_perms_no_ioctl; -# hal_wifi writes firmware paths to this file. -allow hal_wifi sysfs_wlan_fwpath:file { w_file_perms }; -# allow hal_wifi to access /proc/modules to check if Wi-Fi driver is loaded -allow hal_wifi proc_modules:file { getattr open read }; -# Allow hal_wifi to send dump info to dumpstate -allow hal_wifi dumpstate:fifo_file write; - -# allow hal_wifi to write into /data/vendor/tombstones/wifi -allow hal_wifi_server tombstone_wifi_data_file:dir rw_dir_perms; -allow hal_wifi_server tombstone_wifi_data_file:file create_file_perms; diff --git a/prebuilts/api/29.0/public/hal_wifi_hostapd.te b/prebuilts/api/29.0/public/hal_wifi_hostapd.te deleted file mode 100644 index 12d72b649..000000000 --- a/prebuilts/api/29.0/public/hal_wifi_hostapd.te +++ /dev/null @@ -1,27 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_wifi_hostapd_client, hal_wifi_hostapd_server) -binder_call(hal_wifi_hostapd_server, hal_wifi_hostapd_client) - -hal_attribute_hwservice(hal_wifi_hostapd, hal_wifi_hostapd_hwservice) - -allow hal_wifi_hostapd_server self:global_capability_class_set { net_admin net_raw }; - -allow hal_wifi_hostapd_server sysfs_net:dir search; - -# Allow hal_wifi_hostapd to access /proc/net/psched -allow hal_wifi_hostapd_server proc_net_type:file { getattr open read }; - -# Various socket permissions. -allowxperm hal_wifi_hostapd_server self:udp_socket ioctl priv_sock_ioctls; -allow hal_wifi_hostapd_server self:netlink_socket create_socket_perms_no_ioctl; -allow hal_wifi_hostapd_server self:netlink_generic_socket create_socket_perms_no_ioctl; -allow hal_wifi_hostapd_server self:packet_socket create_socket_perms_no_ioctl; -allow hal_wifi_hostapd_server self:netlink_route_socket nlmsg_write; - -### -### neverallow rules -### - -# hal_wifi_hostapd should not trust any data from sdcards -neverallow hal_wifi_hostapd_server sdcard_type:dir ~getattr; -neverallow hal_wifi_hostapd_server sdcard_type:file *; diff --git a/prebuilts/api/29.0/public/hal_wifi_offload.te b/prebuilts/api/29.0/public/hal_wifi_offload.te deleted file mode 100644 index 765e72a82..000000000 --- a/prebuilts/api/29.0/public/hal_wifi_offload.te +++ /dev/null @@ -1,8 +0,0 @@ -## HwBinder IPC from client to server, and callbacks -binder_call(hal_wifi_offload_client, hal_wifi_offload_server) -binder_call(hal_wifi_offload_server, hal_wifi_offload_client) - -hal_attribute_hwservice(hal_wifi_offload, hal_wifi_offload_hwservice) - -r_dir_file(hal_wifi_offload, proc_net_type) -r_dir_file(hal_wifi_offload, sysfs_type) diff --git a/prebuilts/api/29.0/public/hal_wifi_supplicant.te b/prebuilts/api/29.0/public/hal_wifi_supplicant.te deleted file mode 100644 index 6004c3327..000000000 --- a/prebuilts/api/29.0/public/hal_wifi_supplicant.te +++ /dev/null @@ -1,28 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_wifi_supplicant_client, hal_wifi_supplicant_server) -binder_call(hal_wifi_supplicant_server, hal_wifi_supplicant_client) - -hal_attribute_hwservice(hal_wifi_supplicant, hal_wifi_supplicant_hwservice) - -# in addition to ioctls whitelisted for all domains, grant hal_wifi_supplicant priv_sock_ioctls. -allowxperm hal_wifi_supplicant self:udp_socket ioctl priv_sock_ioctls; - -r_dir_file(hal_wifi_supplicant, sysfs_type) -r_dir_file(hal_wifi_supplicant, proc_net_type) - -allow hal_wifi_supplicant kernel:system module_request; -allow hal_wifi_supplicant self:global_capability_class_set { setuid net_admin setgid net_raw }; -allow hal_wifi_supplicant cgroup:dir create_dir_perms; -allow hal_wifi_supplicant self:netlink_route_socket nlmsg_write; -allow hal_wifi_supplicant self:netlink_socket create_socket_perms_no_ioctl; -allow hal_wifi_supplicant self:netlink_generic_socket create_socket_perms_no_ioctl; -allow hal_wifi_supplicant self:packet_socket create_socket_perms; -allowxperm hal_wifi_supplicant self:packet_socket ioctl { unpriv_sock_ioctls priv_sock_ioctls unpriv_tty_ioctls }; - -### -### neverallow rules -### - -# wpa_supplicant should not trust any data from sdcards -neverallow hal_wifi_supplicant_server sdcard_type:dir ~getattr; -neverallow hal_wifi_supplicant_server sdcard_type:file *; diff --git a/prebuilts/api/29.0/public/healthd.te b/prebuilts/api/29.0/public/healthd.te deleted file mode 100644 index 7ea23e1c3..000000000 --- a/prebuilts/api/29.0/public/healthd.te +++ /dev/null @@ -1,56 +0,0 @@ -# healthd - battery/charger monitoring service daemon -type healthd, domain; -type healthd_exec, system_file_type, exec_type, file_type; - -# Write to /dev/kmsg -allow healthd kmsg_device:chr_file rw_file_perms; - -# Read access to pseudo filesystems. -allow healthd sysfs_type:dir search; -# Allow to read /sys/class/power_supply directory. -allow healthd sysfs:dir r_dir_perms; -r_dir_file(healthd, rootfs) -r_dir_file(healthd, cgroup) - -allow healthd self:global_capability_class_set { sys_tty_config }; -allow healthd self:global_capability_class_set sys_boot; -dontaudit healthd self:global_capability_class_set sys_resource; - -allow healthd self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -wakelock_use(healthd) - -hal_client_domain(healthd, hal_health) - -# Read/write to /sys/power/state -allow healthd sysfs_power:file rw_file_perms; - -# TODO: added to match above sysfs rule. Remove me? -allow healthd sysfs_usb:file write; - -r_dir_file(healthd, sysfs_batteryinfo) - -### -### healthd: charger mode -### - -# Read /sys/fs/pstore/console-ramoops -# Don't worry about overly broad permissions for now, as there's -# only one file in /sys/fs/pstore -allow healthd pstorefs:dir r_dir_perms; -allow healthd pstorefs:file r_file_perms; - -allow healthd graphics_device:dir r_dir_perms; -allow healthd graphics_device:chr_file rw_file_perms; -allow healthd input_device:dir r_dir_perms; -allow healthd input_device:chr_file r_file_perms; -allow healthd tty_device:chr_file rw_file_perms; -allow healthd ashmem_device:chr_file execute; -allow healthd proc_sysrq:file rw_file_perms; - -# Healthd needs to tell init to continue the boot -# process when running in charger mode. -set_prop(healthd, system_prop) -set_prop(healthd, exported_system_prop) -set_prop(healthd, exported2_system_prop) -set_prop(healthd, exported3_system_prop) diff --git a/prebuilts/api/29.0/public/heapprofd.te b/prebuilts/api/29.0/public/heapprofd.te deleted file mode 100644 index 7ceb23feb..000000000 --- a/prebuilts/api/29.0/public/heapprofd.te +++ /dev/null @@ -1 +0,0 @@ -type heapprofd, domain, coredomain; diff --git a/prebuilts/api/29.0/public/hwservice.te b/prebuilts/api/29.0/public/hwservice.te deleted file mode 100644 index 7425878db..000000000 --- a/prebuilts/api/29.0/public/hwservice.te +++ /dev/null @@ -1,80 +0,0 @@ -type default_android_hwservice, hwservice_manager_type; -type fwk_bufferhub_hwservice, hwservice_manager_type, coredomain_hwservice; -type fwk_camera_hwservice, hwservice_manager_type, coredomain_hwservice; -type fwk_display_hwservice, hwservice_manager_type, coredomain_hwservice; -type fwk_scheduler_hwservice, hwservice_manager_type, coredomain_hwservice; -type fwk_sensor_hwservice, hwservice_manager_type, coredomain_hwservice; -type fwk_stats_hwservice, hwservice_manager_type, coredomain_hwservice; -type hal_atrace_hwservice, hwservice_manager_type; -type hal_audiocontrol_hwservice, hwservice_manager_type; -type hal_audio_hwservice, hwservice_manager_type; -type hal_authsecret_hwservice, hwservice_manager_type; -type hal_bluetooth_hwservice, hwservice_manager_type; -type hal_bootctl_hwservice, hwservice_manager_type; -type hal_broadcastradio_hwservice, hwservice_manager_type; -type hal_camera_hwservice, hwservice_manager_type; -type hal_codec2_hwservice, hwservice_manager_type; -type hal_configstore_ISurfaceFlingerConfigs, hwservice_manager_type; -type hal_confirmationui_hwservice, hwservice_manager_type; -type hal_contexthub_hwservice, hwservice_manager_type; -type hal_drm_hwservice, hwservice_manager_type; -type hal_cas_hwservice, hwservice_manager_type; -type hal_dumpstate_hwservice, hwservice_manager_type; -type hal_evs_hwservice, hwservice_manager_type; -type hal_face_hwservice, hwservice_manager_type; -type hal_fingerprint_hwservice, hwservice_manager_type; -type hal_gatekeeper_hwservice, hwservice_manager_type; -type hal_gnss_hwservice, hwservice_manager_type; -type hal_graphics_allocator_hwservice, hwservice_manager_type; -type hal_graphics_composer_hwservice, hwservice_manager_type; -type hal_graphics_mapper_hwservice, hwservice_manager_type, same_process_hwservice; -type hal_health_hwservice, hwservice_manager_type; -type hal_health_storage_hwservice, hwservice_manager_type; -type hal_input_classifier_hwservice, hwservice_manager_type; -type hal_ir_hwservice, hwservice_manager_type; -type hal_keymaster_hwservice, hwservice_manager_type; -type hal_light_hwservice, hwservice_manager_type; -type hal_lowpan_hwservice, hwservice_manager_type; -type hal_memtrack_hwservice, hwservice_manager_type; -type hal_neuralnetworks_hwservice, hwservice_manager_type; -type hal_nfc_hwservice, hwservice_manager_type; -type hal_oemlock_hwservice, hwservice_manager_type; -type hal_omx_hwservice, hwservice_manager_type; -type hal_power_hwservice, hwservice_manager_type; -type hal_power_stats_hwservice, hwservice_manager_type; -type hal_renderscript_hwservice, hwservice_manager_type, same_process_hwservice; -type hal_secure_element_hwservice, hwservice_manager_type; -type hal_sensors_hwservice, hwservice_manager_type; -type hal_telephony_hwservice, hwservice_manager_type; -type hal_tetheroffload_hwservice, hwservice_manager_type; -type hal_thermal_hwservice, hwservice_manager_type; -type hal_tv_cec_hwservice, hwservice_manager_type; -type hal_tv_input_hwservice, hwservice_manager_type; -type hal_usb_hwservice, hwservice_manager_type; -type hal_usb_gadget_hwservice, hwservice_manager_type; -type hal_vehicle_hwservice, hwservice_manager_type; -type hal_vibrator_hwservice, hwservice_manager_type; -type hal_vr_hwservice, hwservice_manager_type; -type hal_weaver_hwservice, hwservice_manager_type; -type hal_wifi_hwservice, hwservice_manager_type; -type hal_wifi_hostapd_hwservice, hwservice_manager_type; -type hal_wifi_offload_hwservice, hwservice_manager_type; -type hal_wifi_supplicant_hwservice, hwservice_manager_type; -type hidl_allocator_hwservice, hwservice_manager_type, coredomain_hwservice; -type hidl_base_hwservice, hwservice_manager_type; -type hidl_manager_hwservice, hwservice_manager_type, coredomain_hwservice; -type hidl_memory_hwservice, hwservice_manager_type, coredomain_hwservice; -type hidl_token_hwservice, hwservice_manager_type, coredomain_hwservice; -type system_net_netd_hwservice, hwservice_manager_type, coredomain_hwservice; -type system_suspend_hwservice, hwservice_manager_type, coredomain_hwservice; -type system_wifi_keystore_hwservice, hwservice_manager_type, coredomain_hwservice; -type thermalcallback_hwservice, hwservice_manager_type; - -### -### Neverallow rules -### - -# hwservicemanager handles registering or looking up named services. -# It does not make sense to register or lookup something which is not a -# hwservice. Trigger a compile error if this occurs. -neverallow domain ~hwservice_manager_type:hwservice_manager { add find }; diff --git a/prebuilts/api/29.0/public/hwservicemanager.te b/prebuilts/api/29.0/public/hwservicemanager.te deleted file mode 100644 index 7f0381564..000000000 --- a/prebuilts/api/29.0/public/hwservicemanager.te +++ /dev/null @@ -1,22 +0,0 @@ -# hwservicemanager - the Binder context manager for HAL services -type hwservicemanager, domain, mlstrustedsubject; -type hwservicemanager_exec, system_file_type, exec_type, file_type; - -# Note that we do not use the binder_* macros here. -# hwservicemanager provides name service (aka context manager) -# for hwbinder. -# Additionally, it initiates binder IPC calls to -# clients who request service notifications. The permission -# to do this is granted in the hwbinder_use macro. -allow hwservicemanager self:binder set_context_mgr; - -set_prop(hwservicemanager, hwservicemanager_prop) - -# Scan through /system/lib64/hw looking for installed HALs -allow hwservicemanager system_file:dir r_dir_perms; - -# Read hwservice_contexts -allow hwservicemanager hwservice_contexts_file:file r_file_perms; - -# Check SELinux permissions. -selinux_check_access(hwservicemanager) diff --git a/prebuilts/api/29.0/public/idmap.te b/prebuilts/api/29.0/public/idmap.te deleted file mode 100644 index 92c649c36..000000000 --- a/prebuilts/api/29.0/public/idmap.te +++ /dev/null @@ -1,30 +0,0 @@ -# idmap, when executed by installd -type idmap, domain; -type idmap_exec, system_file_type, exec_type, file_type; - -# TODO remove /system/bin/idmap and the link between idmap and installd (b/118711077) -# Use open file to /data/resource-cache file inherited from installd. -allow idmap installd:fd use; -allow idmap resourcecache_data_file:file create_file_perms; -allow idmap resourcecache_data_file:dir rw_dir_perms; - -# Ignore reading /proc//maps after a fork. -dontaudit idmap installd:file read; - -# Open and read from target and overlay apk files passed by argument. -allow idmap apk_data_file:file r_file_perms; -allow idmap apk_data_file:dir search; - -# Allow /data/app/vmdl*.tmp, /data/app-private/vmdl*.tmp files -allow idmap { apk_tmp_file apk_private_tmp_file }:file r_file_perms; -allow idmap { apk_tmp_file apk_private_tmp_file }:dir search; - -# Allow apps access to /vendor/app -r_dir_file(idmap, vendor_app_file) - -# Allow apps access to /vendor/overlay -r_dir_file(idmap, vendor_overlay_file) - -# Allow the idmap2d binary to register as a service and communicate via AIDL -binder_use(idmap) -add_service(idmap, idmap_service) diff --git a/prebuilts/api/29.0/public/incident.te b/prebuilts/api/29.0/public/incident.te deleted file mode 100644 index ce57bf650..000000000 --- a/prebuilts/api/29.0/public/incident.te +++ /dev/null @@ -1,8 +0,0 @@ -# The incident command is used to call into the incidentd service to -# take an incident report (binary, shared bugreport), download incident -# reports that have already been taken, and monitor for new ones. -# It doesn't do anything else. - -# incident -type incident, domain; - diff --git a/prebuilts/api/29.0/public/incident_helper.te b/prebuilts/api/29.0/public/incident_helper.te deleted file mode 100644 index bca101869..000000000 --- a/prebuilts/api/29.0/public/incident_helper.te +++ /dev/null @@ -1,5 +0,0 @@ -# The incident_helper is called by incidentd and -# can only read/write data from/to incidentd - -# incident_helper -type incident_helper, domain; diff --git a/prebuilts/api/29.0/public/incidentd.te b/prebuilts/api/29.0/public/incidentd.te deleted file mode 100644 index b03249c88..000000000 --- a/prebuilts/api/29.0/public/incidentd.te +++ /dev/null @@ -1,3 +0,0 @@ -# incidentd -type incidentd, domain; - diff --git a/prebuilts/api/29.0/public/init.te b/prebuilts/api/29.0/public/init.te deleted file mode 100644 index c5166a182..000000000 --- a/prebuilts/api/29.0/public/init.te +++ /dev/null @@ -1,599 +0,0 @@ -# init is its own domain. -type init, domain, mlstrustedsubject; -type init_exec, system_file_type, exec_type, file_type; -type init_tmpfs, file_type; - -# /dev/__null__ node created by init. -allow init tmpfs:chr_file { create setattr unlink rw_file_perms }; - -# -# init direct restorecon calls. -# -# /dev/kmsg -allow init tmpfs:chr_file relabelfrom; -allow init kmsg_device:chr_file { getattr write relabelto }; -# /dev/kmsg_debug -userdebug_or_eng(` - allow init kmsg_debug_device:chr_file { write relabelto }; -') -# /dev/__properties__ -allow init properties_device:dir relabelto; -allow init properties_serial:file { write relabelto }; -allow init property_type:file { append create getattr map open read relabelto rename setattr unlink write }; -# /dev/__properties__/property_info -allow init properties_device:file create_file_perms; -allow init property_info:file relabelto; -# /dev/event-log-tags -allow init device:file relabelfrom; -allow init runtime_event_log_tags_file:file { open write setattr relabelto create }; -# /dev/socket -allow init { device socket_device }:dir relabelto; -# Relabel /dev nodes created in first stage init, /dev/null, /dev/ptmx, /dev/random, /dev/urandom -allow init { null_device ptmx_device random_device } : chr_file relabelto; -# /dev/device-mapper, /dev/block(/.*)? -allow init tmpfs:{ chr_file blk_file } relabelfrom; -allow init tmpfs:blk_file getattr; -allow init block_device:{ dir blk_file lnk_file } relabelto; -allow init dm_device:{ chr_file blk_file } relabelto; -allow init kernel:fd use; -# restorecon for early mount device symlinks -allow init tmpfs:lnk_file { getattr read relabelfrom }; -allow init { - metadata_block_device - misc_block_device - recovery_block_device - system_block_device - userdata_block_device -}:{ blk_file lnk_file } relabelto; - -allow init super_block_device:lnk_file relabelto; - -# Create /mnt/sdcard -> /storage/self/primary symlink. - -# setrlimit -allow init self:global_capability_class_set sys_resource; - -# Remove /dev/.booting and load /debug_ramdisk/* files -allow init tmpfs:file { getattr unlink }; - -# Access pty created for fsck. -allow init devpts:chr_file { read write open }; - -# Create /dev/fscklogs files. -allow init fscklogs:file create_file_perms; - -# Access /dev/__null__ node created prior to initial policy load. -allow init tmpfs:chr_file write; - -# Access /dev/console. -allow init console_device:chr_file rw_file_perms; - -# Access /dev/tty0. -allow init tty_device:chr_file rw_file_perms; - -# Call mount(2). -allow init self:global_capability_class_set sys_admin; - -# Call setns(2). -allow init self:global_capability_class_set sys_chroot; - -# Create and mount on directories in /. -allow init rootfs:dir create_dir_perms; -allow init { rootfs cache_file cgroup storage_file system_data_file system_file vendor_file postinstall_mnt_dir }:dir mounton; -allow init cgroup_bpf:dir { create mounton }; - -# Mount bpf fs on sys/fs/bpf -allow init fs_bpf:dir mounton; - -# Mount on /dev/usb-ffs/adb. -allow init device:dir mounton; - -# Mount tmpfs on /apex -allow init apex_mnt_dir:dir mounton; - -# Create and remove symlinks in /. -allow init rootfs:lnk_file { create unlink }; - -# Mount debugfs on /sys/kernel/debug. -allow init sysfs:dir mounton; - -# Create cgroups mount points in tmpfs and mount cgroups on them. -allow init tmpfs:dir create_dir_perms; -allow init tmpfs:dir mounton; -allow init cgroup:dir create_dir_perms; -allow init cgroup:file rw_file_perms; -allow init cgroup_rc_file:file rw_file_perms; -allow init cgroup_desc_file:file r_file_perms; -allow init vendor_cgroup_desc_file:file r_file_perms; - -# /config -allow init configfs:dir mounton; -allow init configfs:dir create_dir_perms; -allow init configfs:{ file lnk_file } create_file_perms; - -# /metadata -allow init metadata_file:dir mounton; - -# Use tmpfs as /data, used for booting when /data is encrypted -allow init tmpfs:dir relabelfrom; - -# Create directories under /dev/cpuctl after chowning it to system. -allow init self:global_capability_class_set { dac_override dac_read_search }; - -# Set system clock. -allow init self:global_capability_class_set sys_time; - -allow init self:global_capability_class_set { sys_rawio mknod }; - -# Mounting filesystems from block devices. -allow init dev_type:blk_file r_file_perms; -allowxperm init dev_type:blk_file ioctl BLKROSET; - -# Mounting filesystems. -# Only allow relabelto for types used in context= mount options, -# which should all be assigned the contextmount_type attribute. -# This can be done in device-specific policy via type or typeattribute -# declarations. -allow init fs_type:filesystem ~relabelto; -allow init unlabeled:filesystem ~relabelto; -allow init contextmount_type:filesystem relabelto; - -# Allow read-only access to context= mounted filesystems. -allow init contextmount_type:dir r_dir_perms; -allow init contextmount_type:notdevfile_class_set r_file_perms; - -# restorecon /adb_keys or any other rootfs files and directories to a more -# specific type. -allow init rootfs:{ dir file } relabelfrom; - -# mkdir, symlink, write, rm/rmdir, chown/chmod, restorecon/restorecon_recursive from init.rc files. -# chown/chmod require open+read+setattr required for open()+fchown/fchmod(). -# system/core/init.rc requires at least cache_file and data_file_type. -# init..rc files often include device-specific types, so -# we just allow all file types except /system files here. -allow init self:global_capability_class_set { chown fowner fsetid }; - -allow init { - file_type - -app_data_file - -exec_type - -misc_logd_file - -nativetest_data_file - -privapp_data_file - -system_app_data_file - -system_file_type - -vendor_file_type -}:dir { create search getattr open read setattr ioctl }; - -allow init { - file_type - -app_data_file - -exec_type - -gsi_data_file - -iorapd_data_file - -keystore_data_file - -misc_logd_file - -nativetest_data_file - -privapp_data_file - -shell_data_file - -system_app_data_file - -system_file_type - -vendor_file_type - -vold_data_file -}:dir { write add_name remove_name rmdir relabelfrom }; - -allow init { - file_type - -app_data_file - -exec_type - -gsi_data_file - -iorapd_data_file - -keystore_data_file - -misc_logd_file - -nativetest_data_file - -privapp_data_file - -runtime_event_log_tags_file - -shell_data_file - -system_app_data_file - -system_file_type - -vendor_file_type - -vold_data_file -}:file { create getattr open read write setattr relabelfrom unlink map }; - -allow init { - file_type - -app_data_file - -exec_type - -gsi_data_file - -iorapd_data_file - -keystore_data_file - -misc_logd_file - -nativetest_data_file - -privapp_data_file - -shell_data_file - -system_app_data_file - -system_file_type - -vendor_file_type - -vold_data_file -}:{ sock_file fifo_file } { create getattr open read setattr relabelfrom unlink }; - -allow init { - file_type - -apex_mnt_dir - -app_data_file - -exec_type - -gsi_data_file - -iorapd_data_file - -keystore_data_file - -misc_logd_file - -nativetest_data_file - -privapp_data_file - -shell_data_file - -system_app_data_file - -system_file_type - -vendor_file_type - -vold_data_file -}:lnk_file { create getattr setattr relabelfrom unlink }; - -allow init cache_file:lnk_file r_file_perms; - -allow init { - file_type - -system_file_type - -vendor_file_type - -exec_type - -app_data_file - -privapp_data_file -}:dir_file_class_set relabelto; - -allow init { sysfs debugfs debugfs_tracing debugfs_tracing_debug }:{ dir file lnk_file } { getattr relabelfrom }; -allow init { sysfs_type debugfs_type }:{ dir file lnk_file } { relabelto getattr }; -allow init dev_type:dir create_dir_perms; -allow init dev_type:lnk_file create; - -# Disable tracing by writing to /sys/kernel/debug/tracing/tracing_on -allow init debugfs_tracing:file w_file_perms; - -# Setup and control wifi event tracing (see wifi-events.rc) -allow init debugfs_tracing_instances:dir create_dir_perms; -allow init debugfs_tracing_instances:file w_file_perms; -allow init debugfs_wifi_tracing:file w_file_perms; - -# chown/chmod on pseudo files. -allow init { - fs_type - -contextmount_type - -keychord_device - -proc_type - -sdcard_type - -sysfs_type - -rootfs -}:file { open read setattr }; -allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir { open read setattr search }; - -allow init { - ashmem_device - binder_device - console_device - devpts - dm_device - hwbinder_device - hw_random_device - input_device - kmsg_device - null_device - owntty_device - pmsg_device - ptmx_device - random_device - tty_device - zero_device -}:chr_file { read open }; - -# chown/chmod on devices. -allow init { - dev_type - -keychord_device - -port_device -}:chr_file setattr; - -# Unlabeled file access for upgrades from 4.2. -allow init unlabeled:dir { create_dir_perms relabelfrom }; -allow init unlabeled:notdevfile_class_set { create_file_perms relabelfrom }; - -# Any operation that can modify the kernel ring buffer, e.g. clear -# or a read that consumes the messages that were read. -allow init kernel:system syslog_mod; -allow init self:global_capability2_class_set syslog; - -# init access to /proc. -r_dir_file(init, proc_net_type) -allow init proc_filesystems:file r_file_perms; - -userdebug_or_eng(` - # Overlayfs workdir write access check during mount to permit remount,rw - allow init overlayfs_file:dir { relabelfrom mounton write }; - allow init overlayfs_file:file { append }; - allow init system_block_device:blk_file { write }; -') - -allow init { - proc # b/67049235 processes /proc//* files are mislabeled. - proc_cmdline - proc_diskstats - proc_kmsg # Open /proc/kmsg for logd service. - proc_meminfo - proc_stat # Read /proc/stat for bootchart. - proc_uptime - proc_version -}:file r_file_perms; - -allow init { - proc_abi - proc_dirty - proc_hostname - proc_hung_task - proc_extra_free_kbytes - proc_net_type - proc_max_map_count - proc_min_free_order_shift - proc_overcommit_memory - proc_panic - proc_page_cluster - proc_perf - proc_sched - proc_sysrq -}:file w_file_perms; - -allow init { - proc_security -}:file rw_file_perms; - -# init chmod/chown access to /proc files. -allow init { - proc_cmdline - proc_kmsg - proc_net - proc_qtaguid_stat - proc_slabinfo - proc_sysrq - proc_qtaguid_ctrl - proc_vmallocinfo -}:file setattr; - -# init access to /sys files. -allow init { - sysfs_android_usb - sysfs_leds - sysfs_power - sysfs_fs_f2fs -}:file w_file_perms; - -allow init { - sysfs_dt_firmware_android - sysfs_fs_ext4_features -}:file r_file_perms; - -allow init { - sysfs_zram -}:file rw_file_perms; - -# allow init to create loop devices with /dev/loop-control -allow init loop_control_device:chr_file rw_file_perms; -allow init loop_device:blk_file rw_file_perms; -allowxperm init loop_device:blk_file ioctl { - LOOP_SET_FD - LOOP_CLR_FD - LOOP_CTL_GET_FREE - LOOP_SET_BLOCK_SIZE - LOOP_SET_DIRECT_IO -}; - -# Allow init to write to vibrator/trigger -allow init sysfs_vibrator:file w_file_perms; - -# init chmod/chown access to /sys files. -allow init { - sysfs_android_usb - sysfs_devices_system_cpu - sysfs_ipv4 - sysfs_leds - sysfs_lowmemorykiller - sysfs_power - sysfs_vibrator - sysfs_wake_lock -}:file setattr; - -# Set usermodehelpers. -allow init { usermodehelper sysfs_usermodehelper }:file rw_file_perms; - -allow init self:global_capability_class_set net_admin; - -# Reboot. -allow init self:global_capability_class_set sys_boot; - -# Init will create /data/misc/logd when the property persist.logd.logpersistd is "logcatd". -# Init will also walk through the directory as part of a recursive restorecon. -allow init misc_logd_file:dir { add_name open create read getattr setattr search write }; -allow init misc_logd_file:file { open create getattr setattr write }; - -# Support "adb shell stop" -allow init self:global_capability_class_set kill; -allow init domain:process { getpgid sigkill signal }; - -# Init creates keystore's directory on boot, and walks through -# the directory as part of a recursive restorecon. -allow init keystore_data_file:dir { open create read getattr setattr search }; -allow init keystore_data_file:file { getattr }; - -# Init creates vold's directory on boot, and walks through -# the directory as part of a recursive restorecon. -allow init vold_data_file:dir { open create read getattr setattr search }; -allow init vold_data_file:file { getattr }; - -# Init creates /data/local/tmp at boot -allow init shell_data_file:dir { open create read getattr setattr search }; -allow init shell_data_file:file { getattr }; - -# Set UID, GID, and adjust capability bounding set for services. -allow init self:global_capability_class_set { setuid setgid setpcap }; - -# For bootchart to read the /proc/$pid/cmdline file of each process, -# we need to have following line to allow init to have access -# to different domains. -r_dir_file(init, domain) - -# Use setexeccon(), setfscreatecon(), and setsockcreatecon(). -# setexec is for services with seclabel options. -# setfscreate is for labeling directories and socket files. -# setsockcreate is for labeling local/unix domain sockets. -allow init self:process { setexec setfscreate setsockcreate }; - -# Get file context -allow init file_contexts_file:file r_file_perms; - -# sepolicy access -allow init sepolicy_file:file r_file_perms; - -# Perform SELinux access checks on setting properties. -selinux_check_access(init) - -# Ask the kernel for the new context on services to label their sockets. -allow init kernel:security compute_create; - -# Create sockets for the services. -allow init domain:unix_stream_socket { create bind setopt }; -allow init domain:unix_dgram_socket { create bind setopt }; - -# Create /data/property and files within it. -allow init property_data_file:dir create_dir_perms; -allow init property_data_file:file create_file_perms; - -# Set any property. -allow init property_type:property_service set; - -# Send an SELinux userspace denial to the kernel audit subsystem, -# so it can be picked up and processed by logd. These denials are -# generated when an attempt to set a property is denied by policy. -allow init self:netlink_audit_socket { create_socket_perms_no_ioctl nlmsg_relay }; -allow init self:global_capability_class_set audit_write; - -# Run "ifup lo" to bring up the localhost interface -allow init self:udp_socket { create ioctl }; -# in addition to unpriv ioctls granted to all domains, init also needs: -allowxperm init self:udp_socket ioctl SIOCSIFFLAGS; -allow init self:global_capability_class_set net_raw; - -# Set scheduling info for psi monitor thread. -# TODO: delete or revise this line b/131761776 -allow init kernel:process { getsched setsched }; - -# swapon() needs write access to swap device -# system/core/fs_mgr/fs_mgr.c - fs_mgr_swapon_all -allow init swap_block_device:blk_file rw_file_perms; - -# Read from /dev/hw_random if present. -# system/core/init/init.c - mix_hwrng_into_linux_rng_action -allow init hw_random_device:chr_file r_file_perms; - -# Create and access /dev files without a specific type, -# e.g. /dev/.coldboot_done, /dev/.booting -# TODO: Move these files into their own type unless they are -# only ever accessed by init. -allow init device:file create_file_perms; - -# keychord retrieval from /dev/input/ devices -allow init input_device:dir r_dir_perms; -allow init input_device:chr_file rw_file_perms; - -# Access device mapper for setting up dm-verity -allow init dm_device:chr_file rw_file_perms; -allow init dm_device:blk_file rw_file_perms; - -# Access metadata block device for storing dm-verity state -allow init metadata_block_device:blk_file rw_file_perms; - -# Read /sys/fs/pstore/console-ramoops to detect restarts caused -# by dm-verity detecting corrupted blocks -allow init pstorefs:dir search; -allow init pstorefs:file r_file_perms; -allow init kernel:system syslog_read; - -# linux keyring configuration -allow init init:key { write search setattr }; - -# Allow init to create /data/unencrypted -allow init unencrypted_data_file:dir create_dir_perms; - -# Set encryption policy on dirs in /data -allowxperm init data_file_type:dir ioctl { - FS_IOC_GET_ENCRYPTION_POLICY - FS_IOC_SET_ENCRYPTION_POLICY -}; - -# Allow init to write to /proc/sys/vm/overcommit_memory -allow init proc_overcommit_memory:file { write }; - -# Raw writes to misc block device -allow init misc_block_device:blk_file w_file_perms; - -r_dir_file(init, system_file) -r_dir_file(init, vendor_file_type) - -allow init system_data_file:file { getattr read }; -allow init system_data_file:lnk_file r_file_perms; - -# For init to be able to run shell scripts from vendor -allow init vendor_shell_exec:file execute; - -# Metadata setup -allow init vold_metadata_file:dir create_dir_perms; -allow init vold_metadata_file:file getattr; - -# Allow init to use binder -binder_use(init); -allow init apex_service:service_manager find; -# Allow servicemanager to pass it -allow servicemanager init:binder transfer; -# Allow calls from init to apexd -allow init apexd:binder call; - -# Allow init to touch PSI monitors -allow init proc_pressure_mem:file { rw_file_perms setattr }; - -# init is using bootstrap bionic -allow init system_bootstrap_lib_file:dir r_dir_perms; -allow init system_bootstrap_lib_file:file { execute read open getattr map }; - -### -### neverallow rules -### - -# The init domain is only entered via an exec based transition from the -# kernel domain, never via setcon(). -neverallow domain init:process dyntransition; -neverallow { domain -kernel } init:process transition; -neverallow init { file_type fs_type -init_exec }:file entrypoint; - -# Never read/follow symlinks created by shell or untrusted apps. -neverallow init shell_data_file:lnk_file read; -neverallow init { app_data_file privapp_data_file }:lnk_file read; - -# init should never execute a program without changing to another domain. -neverallow init { file_type fs_type }:file execute_no_trans; - -# init can only find the APEX service -neverallow init { service_manager_type -apex_service }:service_manager { find }; -# init can never add binder services -neverallow init service_manager_type:service_manager { add }; -# init can never list binder services -neverallow init servicemanager:service_manager list; - -# Init should not be creating subdirectories in /data/local/tmp -neverallow init shell_data_file:dir { write add_name remove_name }; - -# Init should not access sysfs node that are not explicitly labeled. -neverallow init sysfs:file { open read write }; - -# No domain should be allowed to ptrace init. -neverallow * init:process ptrace; diff --git a/prebuilts/api/29.0/public/inputflinger.te b/prebuilts/api/29.0/public/inputflinger.te deleted file mode 100644 index c3f4da858..000000000 --- a/prebuilts/api/29.0/public/inputflinger.te +++ /dev/null @@ -1,15 +0,0 @@ -# inputflinger -type inputflinger, domain; -type inputflinger_exec, system_file_type, exec_type, file_type; - -binder_use(inputflinger) -binder_service(inputflinger) - -binder_call(inputflinger, system_server) - -wakelock_use(inputflinger) - -allow inputflinger input_device:dir r_dir_perms; -allow inputflinger input_device:chr_file rw_file_perms; - -r_dir_file(inputflinger, cgroup) diff --git a/prebuilts/api/29.0/public/install_recovery.te b/prebuilts/api/29.0/public/install_recovery.te deleted file mode 100644 index 0aee9ab03..000000000 --- a/prebuilts/api/29.0/public/install_recovery.te +++ /dev/null @@ -1,27 +0,0 @@ -# service flash_recovery in init.rc -type install_recovery, domain; -type install_recovery_exec, system_file_type, exec_type, file_type; - -allow install_recovery self:global_capability_class_set { dac_override dac_read_search }; - -# /system/bin/install-recovery.sh is a shell script. -# Needs to execute /system/bin/sh -allow install_recovery shell_exec:file rx_file_perms; - -# Execute /system/bin/applypatch -allow install_recovery system_file:file rx_file_perms; -not_full_treble(`allow install_recovery vendor_file:file rx_file_perms;') - -allow install_recovery toolbox_exec:file rx_file_perms; - -# Update the recovery block device based off a diff of the boot block device -allow install_recovery block_device:dir search; -allow install_recovery boot_block_device:blk_file r_file_perms; -allow install_recovery recovery_block_device:blk_file rw_file_perms; - -# Create and delete /cache/saved.file -allow install_recovery cache_file:dir rw_dir_perms; -allow install_recovery cache_file:file create_file_perms; - -# Write to /proc/sys/vm/drop_caches -allow install_recovery proc_drop_caches:file w_file_perms; diff --git a/prebuilts/api/29.0/public/installd.te b/prebuilts/api/29.0/public/installd.te deleted file mode 100644 index 04922f5b8..000000000 --- a/prebuilts/api/29.0/public/installd.te +++ /dev/null @@ -1,177 +0,0 @@ -# installer daemon -type installd, domain; -type installd_exec, system_file_type, exec_type, file_type; -typeattribute installd mlstrustedsubject; -allow installd self:global_capability_class_set { chown dac_override dac_read_search fowner fsetid setgid setuid sys_admin }; - -# Allow labeling of files under /data/app/com.example/oat/ -allow installd dalvikcache_data_file:dir relabelto; -allow installd dalvikcache_data_file:file { relabelto link }; - -# Allow movement of APK files between volumes -allow installd apk_data_file:dir { create_dir_perms relabelfrom }; -allow installd apk_data_file:file { create_file_perms relabelfrom link }; -allow installd apk_data_file:lnk_file { create r_file_perms unlink }; - -# FS_IOC_ENABLE_VERITY and FS_IOC_MEASURE_VERITY (or in old implementation used in installd, -# FS_IOC_SET_VERITY_MEASUREMENT) ioctls on APKs in /data/app, to support fsverity. -# TODO(b/120629632): this path is deprecated, remove when possible. -allowxperm installd apk_data_file:file ioctl { - FS_IOC_ENABLE_VERITY FS_IOC_MEASURE_VERITY -}; - -allow installd asec_apk_file:file r_file_perms; -allow installd apk_tmp_file:file { r_file_perms unlink }; -allow installd apk_tmp_file:dir { relabelfrom create_dir_perms }; -allow installd oemfs:dir r_dir_perms; -allow installd oemfs:file r_file_perms; -allow installd cgroup:dir create_dir_perms; -allow installd mnt_expand_file:dir { search getattr }; -# Check validity of SELinux context before use. -selinux_check_context(installd) - -r_dir_file(installd, rootfs) -# Scan through APKs in /system/app and /system/priv-app -r_dir_file(installd, system_file) -# Scan through APKs in /vendor/app -r_dir_file(installd, vendor_app_file) -# Scan through JARs in /vendor/framework -r_dir_file(installd, vendor_framework_file) -# Scan through Runtime Resource Overlay APKs in /vendor/overlay -r_dir_file(installd, vendor_overlay_file) -# Get file context -allow installd file_contexts_file:file r_file_perms; -# Get seapp_context -allow installd seapp_contexts_file:file r_file_perms; - -# Search /data/app-asec and stat files in it. -allow installd asec_image_file:dir search; -allow installd asec_image_file:file getattr; - -# Create /data/user and /data/user/0 if necessary. -# Also required to initially create /data/data subdirectories -# and lib symlinks before the setfilecon call. May want to -# move symlink creation after setfilecon in installd. -allow installd system_data_file:dir create_dir_perms; -# Also, allow read for lnk_file so that we can process /data/user/0 links when -# optimizing application code. -allow installd system_data_file:lnk_file { create getattr read setattr unlink }; - -# Upgrade /data/media for multi-user if necessary. -allow installd media_rw_data_file:dir create_dir_perms; -allow installd media_rw_data_file:file { getattr unlink }; -# restorecon new /data/media directory. -allow installd system_data_file:dir relabelfrom; -allow installd media_rw_data_file:dir relabelto; - -# Delete /data/media files through sdcardfs, instead of going behind its back -allow installd tmpfs:dir r_dir_perms; -allow installd storage_file:dir search; -allow installd sdcardfs:dir { search open read write remove_name getattr rmdir }; -allow installd sdcardfs:file { getattr unlink }; - -# Upgrade /data/misc/keychain for multi-user if necessary. -allow installd misc_user_data_file:dir create_dir_perms; -allow installd misc_user_data_file:file create_file_perms; -allow installd keychain_data_file:dir create_dir_perms; -allow installd keychain_data_file:file {r_file_perms unlink}; - -# Create /data/.layout_version.* file -allow installd install_data_file:file create_file_perms; - -# Create files under /data/dalvik-cache. -allow installd dalvikcache_data_file:dir create_dir_perms; -allow installd dalvikcache_data_file:file create_file_perms; -allow installd dalvikcache_data_file:lnk_file getattr; - -# Create files under /data/resource-cache. -allow installd resourcecache_data_file:dir rw_dir_perms; -allow installd resourcecache_data_file:file create_file_perms; - -# Upgrade from unlabeled userdata. -# Just need enough to remove and/or relabel it. -allow installd unlabeled:dir { getattr search relabelfrom rw_dir_perms rmdir }; -allow installd unlabeled:notdevfile_class_set { getattr relabelfrom rename unlink setattr }; -# Read pkg.apk file for input during dexopt. -allow installd unlabeled:file r_file_perms; - -# Upgrade from before system_app_data_file was used for system UID apps. -# Just need enough to relabel it and to unlink removed package files. -# Directory access covered by earlier rule above. -allow installd system_data_file:notdevfile_class_set { getattr relabelfrom unlink }; - -# Manage /data/data subdirectories, including initially labeling them -# upon creation via setfilecon or running restorecon_recursive, -# setting owner/mode, creating symlinks within them, and deleting them -# upon package uninstall. -# Types extracted from seapp_contexts type= fields. -allow installd { - system_app_data_file - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file - app_data_file - privapp_data_file -}:dir { create_dir_perms relabelfrom relabelto }; - -allow installd { - system_app_data_file - bluetooth_data_file - nfc_data_file - radio_data_file - shell_data_file - app_data_file - privapp_data_file -}:notdevfile_class_set { create_file_perms relabelfrom relabelto }; - -# Similar for the files under /data/misc/profiles/ -allow installd user_profile_data_file:dir create_dir_perms; -allow installd user_profile_data_file:file create_file_perms; -allow installd user_profile_data_file:dir rmdir; -allow installd user_profile_data_file:file unlink; - -# Files created/updated by profman dumps. -allow installd profman_dump_data_file:dir { search add_name write }; -allow installd profman_dump_data_file:file { create setattr open write }; - -# Create and use pty created by android_fork_execvp(). -allow installd devpts:chr_file rw_file_perms; - -# execute toybox for app relocation -allow installd toolbox_exec:file rx_file_perms; - -# Allow installd to publish a binder service and make binder calls. -binder_use(installd) -add_service(installd, installd_service) -allow installd dumpstate:fifo_file { getattr write }; - -# Allow installd to call into the system server so it can check permissions. -binder_call(installd, system_server) -allow installd permission_service:service_manager find; - -# Allow installd to read and write quotas -allow installd block_device:dir { search }; -allow installd labeledfs:filesystem { quotaget quotamod }; - -# Allow installd to delete from /data/preloads when trimming data caches -# TODO b/34690396 Remove when time-based purge policy for preloads is implemented in system_server -allow installd preloads_data_file:file { r_file_perms unlink }; -allow installd preloads_data_file:dir { r_dir_perms write remove_name rmdir }; -allow installd preloads_media_file:file { r_file_perms unlink }; -allow installd preloads_media_file:dir { r_dir_perms write remove_name rmdir }; - -### -### Neverallow rules -### - -# only system_server, installd and dumpstate may interact with installd over binder -neverallow { domain -system_server -dumpstate -installd } installd_service:service_manager find; -neverallow { domain -system_server -dumpstate } installd:binder call; -neverallow installd { - domain - -ashmemd - -system_server - -servicemanager - userdebug_or_eng(`-su') -}:binder call; diff --git a/prebuilts/api/29.0/public/ioctl_defines b/prebuilts/api/29.0/public/ioctl_defines deleted file mode 100644 index c5b412b2c..000000000 --- a/prebuilts/api/29.0/public/ioctl_defines +++ /dev/null @@ -1,2719 +0,0 @@ -define(`ADD_NEW_DISK', `0x40140921') -define(`ADV7842_CMD_RAM_TEST', `0x000056c0') -define(`AGPIOC_ACQUIRE', `0x00004101') -define(`AGPIOC_ALLOCATE', `0xc0084106') -define(`AGPIOC_BIND', `0x40084108') -define(`AGPIOC_CHIPSET_FLUSH', `0x0000410a') -define(`AGPIOC_DEALLOCATE', `0x40044107') -define(`AGPIOC_INFO', `0x80084100') -define(`AGPIOC_PROTECT', `0x40084105') -define(`AGPIOC_RELEASE', `0x00004102') -define(`AGPIOC_RESERVE', `0x40084104') -define(`AGPIOC_SETUP', `0x40084103') -define(`AGPIOC_UNBIND', `0x40084109') -define(`AMDKFD_IOC_CREATE_QUEUE', `0xc0584b02') -define(`AMDKFD_IOC_DESTROY_QUEUE', `0xc0084b03') -define(`AMDKFD_IOC_GET_CLOCK_COUNTERS', `0xc0284b05') -define(`AMDKFD_IOC_GET_PROCESS_APERTURES', `0x81904b06') -define(`AMDKFD_IOC_GET_VERSION', `0x80084b01') -define(`AMDKFD_IOC_SET_MEMORY_POLICY', `0x40204b04') -define(`AMDKFD_IOC_UPDATE_QUEUE', `0x40184b07') -define(`ANDROID_ALARM_SET_RTC', `0x40106105') -define(`ANDROID_ALARM_WAIT', `0x00006101') -define(`APEI_ERST_CLEAR_RECORD', `0x40084501') -define(`APEI_ERST_GET_RECORD_COUNT', `0x80044502') -define(`APM_IOC_STANDBY', `0x00004101') -define(`APM_IOC_SUSPEND', `0x00004102') -define(`ASHMEM_GET_NAME', `0x81007702') -define(`ASHMEM_GET_PIN_STATUS', `0x00007709') -define(`ASHMEM_GET_PROT_MASK', `0x00007706') -define(`ASHMEM_GET_SIZE', `0x00007704') -define(`ASHMEM_PIN', `0x40087707') -define(`ASHMEM_PURGE_ALL_CACHES', `0x0000770a') -define(`ASHMEM_SET_NAME', `0x41007701') -define(`ASHMEM_SET_PROT_MASK', `0x40087705') -define(`ASHMEM_SET_SIZE', `0x40087703') -define(`ASHMEM_UNPIN', `0x40087708') -define(`ATM_ADDADDR', `0x40106188') -define(`ATM_ADDLECSADDR', `0x4010618e') -define(`ATM_ADDPARTY', `0x401061f4') -define(`ATMARPD_CTRL', `0x000061e1') -define(`ATMARP_ENCAP', `0x000061e5') -define(`ATMARP_MKIP', `0x000061e2') -define(`ATMARP_SETENTRY', `0x000061e3') -define(`ATM_DELADDR', `0x40106189') -define(`ATM_DELLECSADDR', `0x4010618f') -define(`ATM_DROPPARTY', `0x400461f5') -define(`ATM_GETADDR', `0x40106186') -define(`ATM_GETCIRANGE', `0x4010618a') -define(`ATM_GETESI', `0x40106185') -define(`ATM_GETLECSADDR', `0x40106190') -define(`ATM_GETLINKRATE', `0x40106181') -define(`ATM_GETLOOP', `0x40106152') -define(`ATM_GETNAMES', `0x40106183') -define(`ATM_GETSTAT', `0x40106150') -define(`ATM_GETSTATZ', `0x40106151') -define(`ATM_GETTYPE', `0x40106184') -define(`ATMLEC_CTRL', `0x000061d0') -define(`ATMLEC_DATA', `0x000061d1') -define(`ATMLEC_MCAST', `0x000061d2') -define(`ATMMPC_CTRL', `0x000061d8') -define(`ATMMPC_DATA', `0x000061d9') -define(`ATM_NEWBACKENDIF', `0x400261f3') -define(`ATM_QUERYLOOP', `0x40106154') -define(`ATM_RSTADDR', `0x40106187') -define(`ATM_SETBACKEND', `0x400261f2') -define(`ATM_SETCIRANGE', `0x4010618b') -define(`ATM_SETESI', `0x4010618c') -define(`ATM_SETESIF', `0x4010618d') -define(`ATM_SETLOOP', `0x40106153') -define(`ATM_SETSC', `0x400461f1') -define(`ATMSIGD_CTRL', `0x000061f0') -define(`ATMTCP_CREATE', `0x0000618e') -define(`ATMTCP_REMOVE', `0x0000618f') -define(`AUDIO_BILINGUAL_CHANNEL_SELECT', `0x00006f14') -define(`AUDIO_CHANNEL_SELECT', `0x00006f09') -define(`AUDIO_CLEAR_BUFFER', `0x00006f0c') -define(`AUDIO_CONTINUE', `0x00006f04') -define(`AUDIO_GET_CAPABILITIES', `0x80046f0b') -define(`AUDIO_GET_PTS', `0x80086f13') -define(`AUDIO_GET_STATUS', `0x80206f0a') -define(`AUDIO_PAUSE', `0x00006f03') -define(`AUDIO_PLAY', `0x00006f02') -define(`AUDIO_SELECT_SOURCE', `0x00006f05') -define(`AUDIO_SET_ATTRIBUTES', `0x40026f11') -define(`AUDIO_SET_AV_SYNC', `0x00006f07') -define(`AUDIO_SET_BYPASS_MODE', `0x00006f08') -define(`AUDIO_SET_EXT_ID', `0x00006f10') -define(`AUDIO_SET_ID', `0x00006f0d') -define(`AUDIO_SET_KARAOKE', `0x400c6f12') -define(`AUDIO_SET_MIXER', `0x40086f0e') -define(`AUDIO_SET_MUTE', `0x00006f06') -define(`AUDIO_SET_STREAMTYPE', `0x00006f0f') -define(`AUDIO_STOP', `0x00006f01') -define(`AUTOFS_DEV_IOCTL_ASKUMOUNT', `0xc018937d') -define(`AUTOFS_DEV_IOCTL_CATATONIC', `0xc0189379') -define(`AUTOFS_DEV_IOCTL_CLOSEMOUNT', `0xc0189375') -define(`AUTOFS_DEV_IOCTL_EXPIRE', `0xc018937c') -define(`AUTOFS_DEV_IOCTL_FAIL', `0xc0189377') -define(`AUTOFS_DEV_IOCTL_ISMOUNTPOINT', `0xc018937e') -define(`AUTOFS_DEV_IOCTL_OPENMOUNT', `0xc0189374') -define(`AUTOFS_DEV_IOCTL_PROTOSUBVER', `0xc0189373') -define(`AUTOFS_DEV_IOCTL_PROTOVER', `0xc0189372') -define(`AUTOFS_DEV_IOCTL_READY', `0xc0189376') -define(`AUTOFS_DEV_IOCTL_REQUESTER', `0xc018937b') -define(`AUTOFS_DEV_IOCTL_SETPIPEFD', `0xc0189378') -define(`AUTOFS_DEV_IOCTL_TIMEOUT', `0xc018937a') -define(`AUTOFS_DEV_IOCTL_VERSION', `0xc0189371') -define(`AUTOFS_IOC_ASKUMOUNT', `0x80049370') -define(`AUTOFS_IOC_CATATONIC', `0x00009362') -define(`AUTOFS_IOC_EXPIRE', `0x810c9365') -define(`AUTOFS_IOC_EXPIRE_MULTI', `0x40049366') -define(`AUTOFS_IOC_FAIL', `0x00009361') -define(`AUTOFS_IOC_PROTOSUBVER', `0x80049367') -define(`AUTOFS_IOC_PROTOVER', `0x80049363') -define(`AUTOFS_IOC_READY', `0x00009360') -define(`AUTOFS_IOC_SETTIMEOUT', `0xc0089364') -define(`AUTOFS_IOC_SETTIMEOUT32', `0xc0049364') -define(`BC_ACQUIRE', `0x40046305') -define(`BC_ACQUIRE_DONE', `0x40106309') -define(`BC_ACQUIRE_RESULT', `0x40046302') -define(`BC_ATTEMPT_ACQUIRE', `0x4008630a') -define(`BC_CLEAR_DEATH_NOTIFICATION', `0x400c630f') -define(`BC_DEAD_BINDER_DONE', `0x40086310') -define(`BC_DECREFS', `0x40046307') -define(`BC_ENTER_LOOPER', `0x0000630c') -define(`BC_EXIT_LOOPER', `0x0000630d') -define(`BC_FREE_BUFFER', `0x40086303') -define(`BC_INCREFS', `0x40046304') -define(`BC_INCREFS_DONE', `0x40106308') -define(`BC_REGISTER_LOOPER', `0x0000630b') -define(`BC_RELEASE', `0x40046306') -define(`BC_REPLY', `0x40406301') -define(`BC_REQUEST_DEATH_NOTIFICATION', `0x400c630e') -define(`BC_TRANSACTION', `0x40406300') -define(`BINDER_SET_CONTEXT_MGR', `0x40046207') -define(`BINDER_SET_IDLE_PRIORITY', `0x40046206') -define(`BINDER_SET_IDLE_TIMEOUT', `0x40086203') -define(`BINDER_SET_MAX_THREADS', `0x40046205') -define(`BINDER_THREAD_EXIT', `0x40046208') -define(`BINDER_VERSION', `0xc0046209') -define(`BINDER_WRITE_READ', `0xc0306201') -define(`BLKALIGNOFF', `0x0000127a') -define(`BLKBSZGET', `0x80081270') -define(`BLKBSZSET', `0x40081271') -define(`BLKDISCARD', `0x00001277') -define(`BLKDISCARDZEROES', `0x0000127c') -define(`BLKFLSBUF', `0x00001261') -define(`BLKFRAGET', `0x00001265') -define(`BLKFRASET', `0x00001264') -define(`BLKGETSIZE', `0x00001260') -define(`BLKGETSIZE64', `0x80081272') -define(`BLKI2OGRSTRAT', `0x80043201') -define(`BLKI2OGWSTRAT', `0x80043202') -define(`BLKI2OSRSTRAT', `0x40043203') -define(`BLKI2OSWSTRAT', `0x40043204') -define(`BLKIOMIN', `0x00001278') -define(`BLKIOOPT', `0x00001279') -define(`BLKPBSZGET', `0x0000127b') -define(`BLKPG', `0x00001269') -define(`BLKRAGET', `0x00001263') -define(`BLKRASET', `0x00001262') -define(`BLKROGET', `0x0000125e') -define(`BLKROSET', `0x0000125d') -define(`BLKROTATIONAL', `0x0000127e') -define(`BLKRRPART', `0x0000125f') -define(`BLKSECDISCARD', `0x0000127d') -define(`BLKSECTGET', `0x00001267') -define(`BLKSECTSET', `0x00001266') -define(`BLKSSZGET', `0x00001268') -define(`BLKTRACESETUP', `0xc0481273') -define(`BLKTRACESTART', `0x00001274') -define(`BLKTRACESTOP', `0x00001275') -define(`BLKTRACETEARDOWN', `0x00001276') -define(`BLKZEROOUT', `0x0000127f') -define(`BR2684_SETFILT', `0x401c6190') -define(`BR_ACQUIRE', `0x80107208') -define(`BR_ACQUIRE_RESULT', `0x80047204') -define(`BR_ATTEMPT_ACQUIRE', `0x8018720b') -define(`BR_CLEAR_DEATH_NOTIFICATION_DONE', `0x80087210') -define(`BR_DEAD_BINDER', `0x8008720f') -define(`BR_DEAD_REPLY', `0x00007205') -define(`BR_DECREFS', `0x8010720a') -define(`BR_ERROR', `0x80047200') -define(`BR_FAILED_REPLY', `0x00007211') -define(`BR_FINISHED', `0x0000720e') -define(`BR_INCREFS', `0x80107207') -define(`BR_NOOP', `0x0000720c') -define(`BR_OK', `0x00007201') -define(`BR_RELEASE', `0x80107209') -define(`BR_REPLY', `0x80407203') -define(`BR_SPAWN_LOOPER', `0x0000720d') -define(`BR_TRANSACTION', `0x80407202') -define(`BR_TRANSACTION_COMPLETE', `0x00007206') -define(`BT819_FIFO_RESET_HIGH', `0x00006201') -define(`BT819_FIFO_RESET_LOW', `0x00006200') -define(`BTRFS_IOC_ADD_DEV', `0x5000940a') -define(`BTRFS_IOC_BALANCE', `0x5000940c') -define(`BTRFS_IOC_BALANCE_CTL', `0x40049421') -define(`BTRFS_IOC_BALANCE_PROGRESS', `0x84009422') -define(`BTRFS_IOC_BALANCE_V2', `0xc4009420') -define(`BTRFS_IOC_CLONE', `0x40049409') -define(`BTRFS_IOC_CLONE_RANGE', `0x4020940d') -define(`BTRFS_IOC_DEFAULT_SUBVOL', `0x40089413') -define(`BTRFS_IOC_DEFRAG', `0x50009402') -define(`BTRFS_IOC_DEFRAG_RANGE', `0x40309410') -define(`BTRFS_IOC_DEVICES_READY', `0x90009427') -define(`BTRFS_IOC_DEV_INFO', `0xd000941e') -define(`BTRFS_IOC_DEV_REPLACE', `0xca289435') -define(`BTRFS_IOC_FILE_EXTENT_SAME', `0xc0189436') -define(`BTRFS_IOC_FS_INFO', `0x8400941f') -define(`BTRFS_IOC_GET_DEV_STATS', `0xc4089434') -define(`BTRFS_IOC_GET_FEATURES', `0x80189439') -define(`BTRFS_IOC_GET_FSLABEL', `0x81009431') -define(`BTRFS_IOC_GET_SUPPORTED_FEATURES', `0x80489439') -define(`BTRFS_IOC_INO_LOOKUP', `0xd0009412') -define(`BTRFS_IOC_INO_PATHS', `0xc0389423') -define(`BTRFS_IOC_LOGICAL_INO', `0xc0389424') -define(`BTRFS_IOC_QGROUP_ASSIGN', `0x40189429') -define(`BTRFS_IOC_QGROUP_CREATE', `0x4010942a') -define(`BTRFS_IOC_QGROUP_LIMIT', `0x8030942b') -define(`BTRFS_IOC_QUOTA_CTL', `0xc0109428') -define(`BTRFS_IOC_QUOTA_RESCAN', `0x4040942c') -define(`BTRFS_IOC_QUOTA_RESCAN_STATUS', `0x8040942d') -define(`BTRFS_IOC_QUOTA_RESCAN_WAIT', `0x0000942e') -define(`BTRFS_IOC_RESIZE', `0x50009403') -define(`BTRFS_IOC_RM_DEV', `0x5000940b') -define(`BTRFS_IOC_SCAN_DEV', `0x50009404') -define(`BTRFS_IOC_SCRUB', `0xc400941b') -define(`BTRFS_IOC_SCRUB_CANCEL', `0x0000941c') -define(`BTRFS_IOC_SCRUB_PROGRESS', `0xc400941d') -define(`BTRFS_IOC_SEND', `0x40489426') -define(`BTRFS_IOC_SET_FEATURES', `0x40309439') -define(`BTRFS_IOC_SET_FSLABEL', `0x41009432') -define(`BTRFS_IOC_SET_RECEIVED_SUBVOL', `0xc0c89425') -define(`BTRFS_IOC_SNAP_CREATE', `0x50009401') -define(`BTRFS_IOC_SNAP_CREATE_V2', `0x50009417') -define(`BTRFS_IOC_SNAP_DESTROY', `0x5000940f') -define(`BTRFS_IOC_SPACE_INFO', `0xc0109414') -define(`BTRFS_IOC_START_SYNC', `0x80089418') -define(`BTRFS_IOC_SUBVOL_CREATE', `0x5000940e') -define(`BTRFS_IOC_SUBVOL_CREATE_V2', `0x50009418') -define(`BTRFS_IOC_SUBVOL_GETFLAGS', `0x80089419') -define(`BTRFS_IOC_SUBVOL_SETFLAGS', `0x4008941a') -define(`BTRFS_IOC_SYNC', `0x00009408') -define(`BTRFS_IOC_TRANS_END', `0x00009407') -define(`BTRFS_IOC_TRANS_START', `0x00009406') -define(`BTRFS_IOC_TREE_SEARCH', `0xd0009411') -define(`BTRFS_IOC_TREE_SEARCH_V2', `0xc0709411') -define(`BTRFS_IOC_WAIT_SYNC', `0x40089416') -define(`CA_GET_CAP', `0x80106f81') -define(`CA_GET_DESCR_INFO', `0x80086f83') -define(`CA_GET_MSG', `0x810c6f84') -define(`CA_GET_SLOT_INFO', `0x800c6f82') -define(`CAPI_CLR_FLAGS', `0x80044325') -define(`CAPI_GET_ERRCODE', `0x80024321') -define(`CAPI_GET_FLAGS', `0x80044323') -define(`CAPI_GET_MANUFACTURER', `0xc0044306') -define(`CAPI_GET_PROFILE', `0xc0404309') -define(`CAPI_GET_SERIAL', `0xc0044308') -define(`CAPI_GET_VERSION', `0xc0104307') -define(`CAPI_INSTALLED', `0x80024322') -define(`CAPI_MANUFACTURER_CMD', `0xc0104320') -define(`CAPI_NCCI_GETUNIT', `0x80044327') -define(`CAPI_NCCI_OPENCOUNT', `0x80044326') -define(`CAPI_REGISTER', `0x400c4301') -define(`CAPI_SET_FLAGS', `0x80044324') -define(`CA_RESET', `0x00006f80') -define(`CA_SEND_MSG', `0x410c6f85') -define(`CA_SET_DESCR', `0x40106f86') -define(`CA_SET_PID', `0x40086f87') -define(`CCISS_BIG_PASSTHRU', `0xc0604212') -define(`CCISS_DEREGDISK', `0x0000420c') -define(`CCISS_GETBUSTYPES', `0x80044207') -define(`CCISS_GETDRIVVER', `0x80044209') -define(`CCISS_GETFIRMVER', `0x80044208') -define(`CCISS_GETHEARTBEAT', `0x80044206') -define(`CCISS_GETINTINFO', `0x80084202') -define(`CCISS_GETLUNINFO', `0x800c4211') -define(`CCISS_GETNODENAME', `0x80104204') -define(`CCISS_GETPCIINFO', `0x80084201') -define(`CCISS_PASSTHRU', `0xc058420b') -define(`CCISS_REGNEWD', `0x0000420e') -define(`CCISS_REGNEWDISK', `0x4004420d') -define(`CCISS_RESCANDISK', `0x00004210') -define(`CCISS_REVALIDVOLS', `0x0000420a') -define(`CCISS_SETINTINFO', `0x40084203') -define(`CCISS_SETNODENAME', `0x40104205') -define(`CDROMAUDIOBUFSIZ', `0x00005382') -define(`CDROM_CHANGER_NSLOTS', `0x00005328') -define(`CDROM_CLEAR_OPTIONS', `0x00005321') -define(`CDROMCLOSETRAY', `0x00005319') -define(`CDROM_DEBUG', `0x00005330') -define(`CDROM_DISC_STATUS', `0x00005327') -define(`CDROM_DRIVE_STATUS', `0x00005326') -define(`CDROMEJECT', `0x00005309') -define(`CDROMEJECT_SW', `0x0000530f') -define(`CDROM_GET_CAPABILITY', `0x00005331') -define(`CDROM_GET_MCN', `0x00005311') -define(`CDROMGETSPINDOWN', `0x0000531d') -define(`CDROM_LAST_WRITTEN', `0x00005395') -define(`CDROM_LOCKDOOR', `0x00005329') -define(`CDROM_MEDIA_CHANGED', `0x00005325') -define(`CDROMMULTISESSION', `0x00005310') -define(`CDROM_NEXT_WRITABLE', `0x00005394') -define(`CDROMPAUSE', `0x00005301') -define(`CDROMPLAYBLK', `0x00005317') -define(`CDROMPLAYMSF', `0x00005303') -define(`CDROMPLAYTRKIND', `0x00005304') -define(`CDROMREADALL', `0x00005318') -define(`CDROMREADAUDIO', `0x0000530e') -define(`CDROMREADCOOKED', `0x00005315') -define(`CDROMREADMODE1', `0x0000530d') -define(`CDROMREADMODE2', `0x0000530c') -define(`CDROMREADRAW', `0x00005314') -define(`CDROMREADTOCENTRY', `0x00005306') -define(`CDROMREADTOCHDR', `0x00005305') -define(`CDROMRESET', `0x00005312') -define(`CDROMRESUME', `0x00005302') -define(`CDROMSEEK', `0x00005316') -define(`CDROM_SELECT_DISC', `0x00005323') -define(`CDROM_SELECT_SPEED', `0x00005322') -define(`CDROM_SEND_PACKET', `0x00005393') -define(`CDROM_SET_OPTIONS', `0x00005320') -define(`CDROMSETSPINDOWN', `0x0000531e') -define(`CDROMSTART', `0x00005308') -define(`CDROMSTOP', `0x00005307') -define(`CDROMSUBCHNL', `0x0000530b') -define(`CDROMVOLCTRL', `0x0000530a') -define(`CDROMVOLREAD', `0x00005313') -define(`CHIOEXCHANGE', `0x401c6302') -define(`CHIOGELEM', `0x406c6310') -define(`CHIOGPARAMS', `0x80146306') -define(`CHIOGPICKER', `0x80046304') -define(`CHIOGSTATUS', `0x40106308') -define(`CHIOGVPARAMS', `0x80706313') -define(`CHIOINITELEM', `0x00006311') -define(`CHIOMOVE', `0x40146301') -define(`CHIOPOSITION', `0x400c6303') -define(`CHIOSPICKER', `0x40046305') -define(`CHIOSVOLTAG', `0x40306312') -define(`CIOC_KERNEL_VERSION', `0xc008630a') -define(`CLEAR_ARRAY', `0x00000920') -define(`CM_IOCARDOFF', `0x00006304') -define(`CM_IOCGATR', `0xc0086301') -define(`CM_IOCGSTATUS', `0x80086300') -define(`CM_IOCSPTS', `0x40086302') -define(`CM_IOCSRDR', `0x00006303') -define(`CM_IOSDBGLVL', `0x400863fa') -define(`CXL_IOCTL_GET_PROCESS_ELEMENT', `0x8004ca01') -define(`CXL_IOCTL_START_WORK', `0x4040ca00') -define(`DM_DEV_CREATE', `0xc138fd03') -define(`DM_DEV_REMOVE', `0xc138fd04') -define(`DM_DEV_RENAME', `0xc138fd05') -define(`DM_DEV_SET_GEOMETRY', `0xc138fd0f') -define(`DM_DEV_STATUS', `0xc138fd07') -define(`DM_DEV_SUSPEND', `0xc138fd06') -define(`DM_DEV_WAIT', `0xc138fd08') -define(`DM_LIST_DEVICES', `0xc138fd02') -define(`DM_LIST_VERSIONS', `0xc138fd0d') -define(`DM_REMOVE_ALL', `0xc138fd01') -define(`DM_TABLE_CLEAR', `0xc138fd0a') -define(`DM_TABLE_DEPS', `0xc138fd0b') -define(`DM_TABLE_LOAD', `0xc138fd09') -define(`DM_TABLE_STATUS', `0xc138fd0c') -define(`DM_TARGET_MSG', `0xc138fd0e') -define(`DM_VERSION', `0xc138fd00') -define(`DMX_ADD_PID', `0x40026f33') -define(`DMX_GET_CAPS', `0x80086f30') -define(`DMX_GET_PES_PIDS', `0x800a6f2f') -define(`DMX_GET_STC', `0xc0106f32') -define(`DMX_REMOVE_PID', `0x40026f34') -define(`DMX_SET_BUFFER_SIZE', `0x00006f2d') -define(`DMX_SET_FILTER', `0x403c6f2b') -define(`DMX_SET_PES_FILTER', `0x40146f2c') -define(`DMX_SET_SOURCE', `0x40046f31') -define(`DMX_START', `0x00006f29') -define(`DMX_STOP', `0x00006f2a') -define(`DRM_IOCTL_ADD_BUFS', `0xc0206416') -define(`DRM_IOCTL_ADD_CTX', `0xc0086420') -define(`DRM_IOCTL_ADD_DRAW', `0xc0046427') -define(`DRM_IOCTL_ADD_MAP', `0xc0286415') -define(`DRM_IOCTL_AGP_ACQUIRE', `0x00006430') -define(`DRM_IOCTL_AGP_ALLOC', `0xc0206434') -define(`DRM_IOCTL_AGP_BIND', `0x40106436') -define(`DRM_IOCTL_AGP_ENABLE', `0x40086432') -define(`DRM_IOCTL_AGP_FREE', `0x40206435') -define(`DRM_IOCTL_AGP_INFO', `0x80386433') -define(`DRM_IOCTL_AGP_RELEASE', `0x00006431') -define(`DRM_IOCTL_AGP_UNBIND', `0x40106437') -define(`DRM_IOCTL_AUTH_MAGIC', `0x40046411') -define(`DRM_IOCTL_BLOCK', `0xc0046412') -define(`DRM_IOCTL_CONTROL', `0x40086414') -define(`DRM_IOCTL_DMA', `0xc0406429') -define(`DRM_IOCTL_DROP_MASTER', `0x0000641f') -define(`DRM_IOCTL_EXYNOS_G2D_EXEC', `0xc0086462') -define(`DRM_IOCTL_EXYNOS_G2D_GET_VER', `0xc0086460') -define(`DRM_IOCTL_EXYNOS_G2D_SET_CMDLIST', `0xc0286461') -define(`DRM_IOCTL_EXYNOS_GEM_CREATE', `0xc0106440') -define(`DRM_IOCTL_EXYNOS_GEM_GET', `0xc0106444') -define(`DRM_IOCTL_EXYNOS_IPP_CMD_CTRL', `0xc0086473') -define(`DRM_IOCTL_EXYNOS_IPP_GET_PROPERTY', `0xc0506470') -define(`DRM_IOCTL_EXYNOS_IPP_QUEUE_BUF', `0xc0286472') -define(`DRM_IOCTL_EXYNOS_IPP_SET_PROPERTY', `0xc0606471') -define(`DRM_IOCTL_EXYNOS_VIDI_CONNECTION', `0xc0106447') -define(`DRM_IOCTL_FINISH', `0x4008642c') -define(`DRM_IOCTL_FREE_BUFS', `0x4010641a') -define(`DRM_IOCTL_GEM_CLOSE', `0x40086409') -define(`DRM_IOCTL_GEM_FLINK', `0xc008640a') -define(`DRM_IOCTL_GEM_OPEN', `0xc010640b') -define(`DRM_IOCTL_GET_CAP', `0xc010640c') -define(`DRM_IOCTL_GET_CLIENT', `0xc0286405') -define(`DRM_IOCTL_GET_CTX', `0xc0086423') -define(`DRM_IOCTL_GET_MAGIC', `0x80046402') -define(`DRM_IOCTL_GET_MAP', `0xc0286404') -define(`DRM_IOCTL_GET_SAREA_CTX', `0xc010641d') -define(`DRM_IOCTL_GET_STATS', `0x80f86406') -define(`DRM_IOCTL_GET_UNIQUE', `0xc0106401') -define(`DRM_IOCTL_I810_CLEAR', `0x400c6442') -define(`DRM_IOCTL_I810_COPY', `0x40106447') -define(`DRM_IOCTL_I810_DOCOPY', `0x00006448') -define(`DRM_IOCTL_I810_FLIP', `0x0000644e') -define(`DRM_IOCTL_I810_FLUSH', `0x00006443') -define(`DRM_IOCTL_I810_FSTATUS', `0x0000644a') -define(`DRM_IOCTL_I810_GETAGE', `0x00006444') -define(`DRM_IOCTL_I810_GETBUF', `0xc0186445') -define(`DRM_IOCTL_I810_INIT', `0x40406440') -define(`DRM_IOCTL_I810_MC', `0x4020644c') -define(`DRM_IOCTL_I810_OV0FLIP', `0x0000644b') -define(`DRM_IOCTL_I810_OV0INFO', `0x80086449') -define(`DRM_IOCTL_I810_RSTATUS', `0x0000644d') -define(`DRM_IOCTL_I810_SWAP', `0x00006446') -define(`DRM_IOCTL_I810_VERTEX', `0x400c6441') -define(`DRM_IOCTL_I915_ALLOC', `0xc0186448') -define(`DRM_IOCTL_I915_BATCHBUFFER', `0x40206443') -define(`DRM_IOCTL_I915_CMDBUFFER', `0x4020644b') -define(`DRM_IOCTL_I915_DESTROY_HEAP', `0x4004644c') -define(`DRM_IOCTL_I915_FLIP', `0x00006442') -define(`DRM_IOCTL_I915_FLUSH', `0x00006441') -define(`DRM_IOCTL_I915_FREE', `0x40086449') -define(`DRM_IOCTL_I915_GEM_BUSY', `0xc0086457') -define(`DRM_IOCTL_I915_GEM_CONTEXT_CREATE', `0xc008646d') -define(`DRM_IOCTL_I915_GEM_CONTEXT_DESTROY', `0x4008646e') -define(`DRM_IOCTL_I915_GEM_CREATE', `0xc010645b') -define(`DRM_IOCTL_I915_GEM_ENTERVT', `0x00006459') -define(`DRM_IOCTL_I915_GEM_EXECBUFFER', `0x40286454') -define(`DRM_IOCTL_I915_GEM_EXECBUFFER2', `0x40406469') -define(`DRM_IOCTL_I915_GEM_GET_APERTURE', `0x80106463') -define(`DRM_IOCTL_I915_GEM_GET_CACHING', `0xc0086470') -define(`DRM_IOCTL_I915_GEM_GET_TILING', `0xc0106462') -define(`DRM_IOCTL_I915_GEM_INIT', `0x40106453') -define(`DRM_IOCTL_I915_GEM_LEAVEVT', `0x0000645a') -define(`DRM_IOCTL_I915_GEM_MADVISE', `0xc00c6466') -define(`DRM_IOCTL_I915_GEM_MMAP', `0xc020645e') -define(`DRM_IOCTL_I915_GEM_MMAP_GTT', `0xc0106464') -define(`DRM_IOCTL_I915_GEM_PIN', `0xc0186455') -define(`DRM_IOCTL_I915_GEM_PREAD', `0x4020645c') -define(`DRM_IOCTL_I915_GEM_PWRITE', `0x4020645d') -define(`DRM_IOCTL_I915_GEM_SET_CACHING', `0x4008646f') -define(`DRM_IOCTL_I915_GEM_SET_DOMAIN', `0x400c645f') -define(`DRM_IOCTL_I915_GEM_SET_TILING', `0xc0106461') -define(`DRM_IOCTL_I915_GEM_SW_FINISH', `0x40046460') -define(`DRM_IOCTL_I915_GEM_THROTTLE', `0x00006458') -define(`DRM_IOCTL_I915_GEM_UNPIN', `0x40086456') -define(`DRM_IOCTL_I915_GEM_USERPTR', `0xc0186473') -define(`DRM_IOCTL_I915_GEM_WAIT', `0xc010646c') -define(`DRM_IOCTL_I915_GETPARAM', `0xc0106446') -define(`DRM_IOCTL_I915_GET_PIPE_FROM_CRTC_ID', `0xc0086465') -define(`DRM_IOCTL_I915_GET_RESET_STATS', `0xc0186472') -define(`DRM_IOCTL_I915_GET_SPRITE_COLORKEY', `0xc014646b') -define(`DRM_IOCTL_I915_GET_VBLANK_PIPE', `0x8004644e') -define(`DRM_IOCTL_I915_HWS_ADDR', `0x40106451') -define(`DRM_IOCTL_I915_INIT', `0x40446440') -define(`DRM_IOCTL_I915_INIT_HEAP', `0x400c644a') -define(`DRM_IOCTL_I915_IRQ_EMIT', `0xc0086444') -define(`DRM_IOCTL_I915_IRQ_WAIT', `0x40046445') -define(`DRM_IOCTL_I915_OVERLAY_ATTRS', `0xc02c6468') -define(`DRM_IOCTL_I915_OVERLAY_PUT_IMAGE', `0x402c6467') -define(`DRM_IOCTL_I915_REG_READ', `0xc0106471') -define(`DRM_IOCTL_I915_SETPARAM', `0x40086447') -define(`DRM_IOCTL_I915_SET_SPRITE_COLORKEY', `0xc014646b') -define(`DRM_IOCTL_I915_SET_VBLANK_PIPE', `0x4004644d') -define(`DRM_IOCTL_I915_VBLANK_SWAP', `0xc00c644f') -define(`DRM_IOCTL_INFO_BUFS', `0xc0106418') -define(`DRM_IOCTL_IRQ_BUSID', `0xc0106403') -define(`DRM_IOCTL_LOCK', `0x4008642a') -define(`DRM_IOCTL_MAP_BUFS', `0xc0186419') -define(`DRM_IOCTL_MARK_BUFS', `0x40206417') -define(`DRM_IOCTL_MGA_BLIT', `0x40346448') -define(`DRM_IOCTL_MGA_CLEAR', `0x40146444') -define(`DRM_IOCTL_MGA_DMA_BOOTSTRAP', `0xc020644c') -define(`DRM_IOCTL_MGA_FLUSH', `0x40086441') -define(`DRM_IOCTL_MGA_GETPARAM', `0xc0106449') -define(`DRM_IOCTL_MGA_ILOAD', `0x400c6447') -define(`DRM_IOCTL_MGA_INDICES', `0x40106446') -define(`DRM_IOCTL_MGA_INIT', `0x40806440') -define(`DRM_IOCTL_MGA_RESET', `0x00006442') -define(`DRM_IOCTL_MGA_SET_FENCE', `0x4004644a') -define(`DRM_IOCTL_MGA_SWAP', `0x00006443') -define(`DRM_IOCTL_MGA_VERTEX', `0x400c6445') -define(`DRM_IOCTL_MGA_WAIT_FENCE', `0xc004644b') -define(`DRM_IOCTL_MOD_CTX', `0x40086422') -define(`DRM_IOCTL_MODE_ADDFB', `0xc01c64ae') -define(`DRM_IOCTL_MODE_ADDFB2', `0xc04464b8') -define(`DRM_IOCTL_MODE_ATTACHMODE', `0xc04864a8') -define(`DRM_IOCTL_MODE_CREATE_DUMB', `0xc02064b2') -define(`DRM_IOCTL_MODE_CURSOR', `0xc01c64a3') -define(`DRM_IOCTL_MODE_CURSOR2', `0xc02464bb') -define(`DRM_IOCTL_MODE_DESTROY_DUMB', `0xc00464b4') -define(`DRM_IOCTL_MODE_DETACHMODE', `0xc04864a9') -define(`DRM_IOCTL_MODE_DIRTYFB', `0xc01864b1') -define(`DRM_IOCTL_MODE_GETCONNECTOR', `0xc05064a7') -define(`DRM_IOCTL_MODE_GETCRTC', `0xc06864a1') -define(`DRM_IOCTL_MODE_GETENCODER', `0xc01464a6') -define(`DRM_IOCTL_MODE_GETFB', `0xc01c64ad') -define(`DRM_IOCTL_MODE_GETGAMMA', `0xc02064a4') -define(`DRM_IOCTL_MODE_GETPLANE', `0xc02064b6') -define(`DRM_IOCTL_MODE_GETPLANERESOURCES', `0xc01064b5') -define(`DRM_IOCTL_MODE_GETPROPBLOB', `0xc01064ac') -define(`DRM_IOCTL_MODE_GETPROPERTY', `0xc04064aa') -define(`DRM_IOCTL_MODE_GETRESOURCES', `0xc04064a0') -define(`DRM_IOCTL_MODE_MAP_DUMB', `0xc01064b3') -define(`DRM_IOCTL_MODE_OBJ_GETPROPERTIES', `0xc02064b9') -define(`DRM_IOCTL_MODE_OBJ_SETPROPERTY', `0xc01864ba') -define(`DRM_IOCTL_MODE_PAGE_FLIP', `0xc01864b0') -define(`DRM_IOCTL_MODE_RMFB', `0xc00464af') -define(`DRM_IOCTL_MODE_SETCRTC', `0xc06864a2') -define(`DRM_IOCTL_MODESET_CTL', `0x40086408') -define(`DRM_IOCTL_MODE_SETGAMMA', `0xc02064a5') -define(`DRM_IOCTL_MODE_SETPLANE', `0xc03064b7') -define(`DRM_IOCTL_MODE_SETPROPERTY', `0xc01064ab') -define(`DRM_IOCTL_MSM_GEM_CPU_FINI', `0x40046445') -define(`DRM_IOCTL_MSM_GEM_CPU_PREP', `0x40186444') -define(`DRM_IOCTL_MSM_GEM_INFO', `0xc0106443') -define(`DRM_IOCTL_MSM_GEM_NEW', `0xc0106442') -define(`DRM_IOCTL_MSM_GEM_SUBMIT', `0xc0206446') -define(`DRM_IOCTL_MSM_GET_PARAM', `0xc0106440') -define(`DRM_IOCTL_MSM_WAIT_FENCE', `0x40186447') -define(`DRM_IOCTL_NEW_CTX', `0x40086425') -define(`DRM_IOCTL_NOUVEAU_GEM_CPU_FINI', `0x40046483') -define(`DRM_IOCTL_NOUVEAU_GEM_CPU_PREP', `0x40086482') -define(`DRM_IOCTL_NOUVEAU_GEM_INFO', `0xc0286484') -define(`DRM_IOCTL_NOUVEAU_GEM_NEW', `0xc0306480') -define(`DRM_IOCTL_NOUVEAU_GEM_PUSHBUF', `0xc0406481') -define(`DRM_IOCTL_OMAP_GEM_CPU_FINI', `0x40106445') -define(`DRM_IOCTL_OMAP_GEM_CPU_PREP', `0x40086444') -define(`DRM_IOCTL_OMAP_GEM_INFO', `0xc0186446') -define(`DRM_IOCTL_OMAP_GEM_NEW', `0xc0106443') -define(`DRM_IOCTL_OMAP_GET_PARAM', `0xc0106440') -define(`DRM_IOCTL_OMAP_SET_PARAM', `0x40106441') -define(`DRM_IOCTL_PRIME_FD_TO_HANDLE', `0xc00c642e') -define(`DRM_IOCTL_PRIME_HANDLE_TO_FD', `0xc00c642d') -define(`DRM_IOCTL_QXL_ALLOC', `0xc0086440') -define(`DRM_IOCTL_QXL_ALLOC_SURF', `0xc0186446') -define(`DRM_IOCTL_QXL_CLIENTCAP', `0x40086445') -define(`DRM_IOCTL_QXL_EXECBUFFER', `0x40106442') -define(`DRM_IOCTL_QXL_GETPARAM', `0xc0106444') -define(`DRM_IOCTL_QXL_MAP', `0xc0106441') -define(`DRM_IOCTL_QXL_UPDATE_AREA', `0x40186443') -define(`DRM_IOCTL_R128_BLIT', `0x4018644b') -define(`DRM_IOCTL_R128_CCE_IDLE', `0x00006444') -define(`DRM_IOCTL_R128_CCE_RESET', `0x00006443') -define(`DRM_IOCTL_R128_CCE_START', `0x00006441') -define(`DRM_IOCTL_R128_CCE_STOP', `0x40086442') -define(`DRM_IOCTL_R128_CLEAR', `0x40146448') -define(`DRM_IOCTL_R128_DEPTH', `0x4028644c') -define(`DRM_IOCTL_R128_FLIP', `0x00006453') -define(`DRM_IOCTL_R128_FULLSCREEN', `0x40046450') -define(`DRM_IOCTL_R128_GETPARAM', `0xc0106452') -define(`DRM_IOCTL_R128_INDICES', `0x4014644a') -define(`DRM_IOCTL_R128_INDIRECT', `0xc010644f') -define(`DRM_IOCTL_R128_INIT', `0x40786440') -define(`DRM_IOCTL_R128_RESET', `0x00006446') -define(`DRM_IOCTL_R128_STIPPLE', `0x4008644d') -define(`DRM_IOCTL_R128_SWAP', `0x00006447') -define(`DRM_IOCTL_R128_VERTEX', `0x40106449') -define(`DRM_IOCTL_RADEON_ALLOC', `0xc0186453') -define(`DRM_IOCTL_RADEON_CLEAR', `0x40206448') -define(`DRM_IOCTL_RADEON_CMDBUF', `0x40206450') -define(`DRM_IOCTL_RADEON_CP_IDLE', `0x00006444') -define(`DRM_IOCTL_RADEON_CP_INIT', `0x40786440') -define(`DRM_IOCTL_RADEON_CP_RESET', `0x00006443') -define(`DRM_IOCTL_RADEON_CP_RESUME', `0x00006458') -define(`DRM_IOCTL_RADEON_CP_START', `0x00006441') -define(`DRM_IOCTL_RADEON_CP_STOP', `0x40086442') -define(`DRM_IOCTL_RADEON_CS', `0xc0206466') -define(`DRM_IOCTL_RADEON_FLIP', `0x00006452') -define(`DRM_IOCTL_RADEON_FREE', `0x40086454') -define(`DRM_IOCTL_RADEON_FULLSCREEN', `0x40046446') -define(`DRM_IOCTL_RADEON_GEM_BUSY', `0xc008646a') -define(`DRM_IOCTL_RADEON_GEM_CREATE', `0xc020645d') -define(`DRM_IOCTL_RADEON_GEM_GET_TILING', `0xc00c6469') -define(`DRM_IOCTL_RADEON_GEM_INFO', `0xc018645c') -define(`DRM_IOCTL_RADEON_GEM_MMAP', `0xc020645e') -define(`DRM_IOCTL_RADEON_GEM_OP', `0xc010646c') -define(`DRM_IOCTL_RADEON_GEM_PREAD', `0xc0206461') -define(`DRM_IOCTL_RADEON_GEM_PWRITE', `0xc0206462') -define(`DRM_IOCTL_RADEON_GEM_SET_DOMAIN', `0xc00c6463') -define(`DRM_IOCTL_RADEON_GEM_SET_TILING', `0xc00c6468') -define(`DRM_IOCTL_RADEON_GEM_USERPTR', `0xc018646d') -define(`DRM_IOCTL_RADEON_GEM_VA', `0xc018646b') -define(`DRM_IOCTL_RADEON_GEM_WAIT_IDLE', `0x40086464') -define(`DRM_IOCTL_RADEON_GETPARAM', `0xc0106451') -define(`DRM_IOCTL_RADEON_INDICES', `0x4014644a') -define(`DRM_IOCTL_RADEON_INDIRECT', `0xc010644d') -define(`DRM_IOCTL_RADEON_INFO', `0xc0106467') -define(`DRM_IOCTL_RADEON_INIT_HEAP', `0x400c6455') -define(`DRM_IOCTL_RADEON_IRQ_EMIT', `0xc0086456') -define(`DRM_IOCTL_RADEON_IRQ_WAIT', `0x40046457') -define(`DRM_IOCTL_RADEON_RESET', `0x00006445') -define(`DRM_IOCTL_RADEON_SETPARAM', `0x40106459') -define(`DRM_IOCTL_RADEON_STIPPLE', `0x4008644c') -define(`DRM_IOCTL_RADEON_SURF_ALLOC', `0x400c645a') -define(`DRM_IOCTL_RADEON_SURF_FREE', `0x4004645b') -define(`DRM_IOCTL_RADEON_SWAP', `0x00006447') -define(`DRM_IOCTL_RADEON_TEXTURE', `0xc020644e') -define(`DRM_IOCTL_RADEON_VERTEX', `0x40106449') -define(`DRM_IOCTL_RADEON_VERTEX2', `0x4028644f') -define(`DRM_IOCTL_RES_CTX', `0xc0106426') -define(`DRM_IOCTL_RM_CTX', `0xc0086421') -define(`DRM_IOCTL_RM_DRAW', `0xc0046428') -define(`DRM_IOCTL_RM_MAP', `0x4028641b') -define(`DRM_IOCTL_SAVAGE_BCI_CMDBUF', `0x40386441') -define(`DRM_IOCTL_SAVAGE_BCI_EVENT_EMIT', `0xc0086442') -define(`DRM_IOCTL_SAVAGE_BCI_EVENT_WAIT', `0x40086443') -define(`DRM_IOCTL_SAVAGE_BCI_INIT', `0x40606440') -define(`DRM_IOCTL_SET_CLIENT_CAP', `0x4010640d') -define(`DRM_IOCTL_SET_MASTER', `0x0000641e') -define(`DRM_IOCTL_SET_SAREA_CTX', `0x4010641c') -define(`DRM_IOCTL_SET_UNIQUE', `0x40106410') -define(`DRM_IOCTL_SET_VERSION', `0xc0106407') -define(`DRM_IOCTL_SG_ALLOC', `0xc0106438') -define(`DRM_IOCTL_SG_FREE', `0x40106439') -define(`DRM_IOCTL_SIS_AGP_ALLOC', `0xc0206454') -define(`DRM_IOCTL_SIS_AGP_FREE', `0x40206455') -define(`DRM_IOCTL_SIS_AGP_INIT', `0xc0106453') -define(`DRM_IOCTL_SIS_FB_ALLOC', `0xc0206444') -define(`DRM_IOCTL_SIS_FB_FREE', `0x40206445') -define(`DRM_IOCTL_SIS_FB_INIT', `0x40106456') -define(`DRM_IOCTL_SWITCH_CTX', `0x40086424') -define(`DRM_IOCTL_TEGRA_CLOSE_CHANNEL', `0xc0106446') -define(`DRM_IOCTL_TEGRA_GEM_CREATE', `0xc0106440') -define(`DRM_IOCTL_TEGRA_GEM_GET_FLAGS', `0xc008644d') -define(`DRM_IOCTL_TEGRA_GEM_GET_TILING', `0xc010644b') -define(`DRM_IOCTL_TEGRA_GEM_MMAP', `0xc0086441') -define(`DRM_IOCTL_TEGRA_GEM_SET_FLAGS', `0xc008644c') -define(`DRM_IOCTL_TEGRA_GEM_SET_TILING', `0xc010644a') -define(`DRM_IOCTL_TEGRA_GET_SYNCPT', `0xc0106447') -define(`DRM_IOCTL_TEGRA_GET_SYNCPT_BASE', `0xc0106449') -define(`DRM_IOCTL_TEGRA_OPEN_CHANNEL', `0xc0106445') -define(`DRM_IOCTL_TEGRA_SUBMIT', `0xc0586448') -define(`DRM_IOCTL_TEGRA_SYNCPT_INCR', `0xc0086443') -define(`DRM_IOCTL_TEGRA_SYNCPT_READ', `0xc0086442') -define(`DRM_IOCTL_TEGRA_SYNCPT_WAIT', `0xc0106444') -define(`DRM_IOCTL_UNBLOCK', `0xc0046413') -define(`DRM_IOCTL_UNLOCK', `0x4008642b') -define(`DRM_IOCTL_UPDATE_DRAW', `0x4018643f') -define(`DRM_IOCTL_VERSION', `0xc0406400') -define(`DRM_IOCTL_VIA_AGP_INIT', `0xc0086442') -define(`DRM_IOCTL_VIA_ALLOCMEM', `0xc0206440') -define(`DRM_IOCTL_VIA_BLIT_SYNC', `0x4008644f') -define(`DRM_IOCTL_VIA_CMDBUFFER', `0x40106448') -define(`DRM_IOCTL_VIA_CMDBUF_SIZE', `0xc00c644b') -define(`DRM_IOCTL_VIA_DEC_FUTEX', `0x40106445') -define(`DRM_IOCTL_VIA_DMA_BLIT', `0x4030644e') -define(`DRM_IOCTL_VIA_DMA_INIT', `0xc0206447') -define(`DRM_IOCTL_VIA_FB_INIT', `0xc0086443') -define(`DRM_IOCTL_VIA_FLUSH', `0x00006449') -define(`DRM_IOCTL_VIA_FREEMEM', `0x40206441') -define(`DRM_IOCTL_VIA_MAP_INIT', `0xc0286444') -define(`DRM_IOCTL_VIA_PCICMD', `0x4010644a') -define(`DRM_IOCTL_VIA_WAIT_IRQ', `0xc018644d') -define(`DRM_IOCTL_WAIT_VBLANK', `0xc018643a') -define(`DVD_AUTH', `0x00005392') -define(`DVD_READ_STRUCT', `0x00005390') -define(`DVD_WRITE_STRUCT', `0x00005391') -define(`ECCGETLAYOUT', `0x81484d11') -define(`ECCGETSTATS', `0x80104d12') -define(`ENI_MEMDUMP', `0x40106160') -define(`ENI_SETMULT', `0x40106167') -define(`EVIOCGEFFECTS', `0x80044584') -define(`EVIOCGID', `0x80084502') -define(`EVIOCGKEYCODE', `0x80084504') -define(`EVIOCGKEYCODE_V2', `0x80284504') -define(`EVIOCGRAB', `0x40044590') -define(`EVIOCGREP', `0x80084503') -define(`EVIOCGVERSION', `0x80044501') -define(`EVIOCREVOKE', `0x40044591') -define(`EVIOCRMFF', `0x40044581') -define(`EVIOCSCLOCKID', `0x400445a0') -define(`EVIOCSFF', `0x40304580') -define(`EVIOCSKEYCODE', `0x40084504') -define(`EVIOCSKEYCODE_V2', `0x40284504') -define(`EVIOCSREP', `0x40084503') -define(`F2FS_IOC_ABORT_VOLATILE_WRITE', `0xf505') -define(`F2FS_IOC_COMMIT_ATOMIC_WRITE', `0xf502') -define(`F2FS_IOC_DEFRAGMENT', `0xf508') -define(`F2FS_IOC_FLUSH_DEVICE', `0xf50a') -define(`F2FS_IOC_GARBAGE_COLLECT', `0xf506') -define(`F2FS_IOC_GARBAGE_COLLECT_RANGE', `0xf50b') -define(`F2FS_IOC_GET_FEATURES', `0xf50c') -define(`F2FS_IOC_GET_PIN_FILE', `0xf50e') -define(`F2FS_IOC_MOVE_RANGE', `0xf509') -define(`F2FS_IOC_PRECACHE_EXTENTS', `0xf50f') -define(`F2FS_IOC_RELEASE_VOLATILE_WRITE', `0xf504') -define(`F2FS_IOC_SET_PIN_FILE', `0xf50d') -define(`F2FS_IOC_START_ATOMIC_WRITE', `0xf501') -define(`F2FS_IOC_START_VOLATILE_WRITE', `0xf503') -define(`F2FS_IOC_WRITE_CHECKPOINT', `0xf507') -define(`FAT_IOCTL_GET_ATTRIBUTES', `0x80047210') -define(`FAT_IOCTL_GET_VOLUME_ID', `0x80047213') -define(`FAT_IOCTL_SET_ATTRIBUTES', `0x40047211') -define(`FBIGET_BRIGHTNESS', `0x80044603') -define(`FBIGET_COLOR', `0x80044605') -define(`FBIO_ALLOC', `0x00004613') -define(`FBIOBLANK', `0x00004611') -define(`FBIO_CURSOR', `0xc0684608') -define(`FBIO_FREE', `0x00004614') -define(`FBIOGETCMAP', `0x00004604') -define(`FBIOGET_CON2FBMAP', `0x0000460f') -define(`FBIOGET_CONTRAST', `0x80044601') -define(`FBIO_GETCONTROL2', `0x80084689') -define(`FBIOGET_DISPINFO', `0x00004618') -define(`FBIOGET_FSCREENINFO', `0x00004602') -define(`FBIOGET_GLYPH', `0x00004615') -define(`FBIOGET_HWCINFO', `0x00004616') -define(`FBIOGET_VBLANK', `0x80204612') -define(`FBIOGET_VSCREENINFO', `0x00004600') -define(`FBIOPAN_DISPLAY', `0x00004606') -define(`FBIOPUTCMAP', `0x00004605') -define(`FBIOPUT_CON2FBMAP', `0x00004610') -define(`FBIOPUT_CONTRAST', `0x40044602') -define(`FBIOPUT_MODEINFO', `0x00004617') -define(`FBIOPUT_VSCREENINFO', `0x00004601') -define(`FBIO_RADEON_GET_MIRROR', `0x80084003') -define(`FBIO_RADEON_SET_MIRROR', `0x40084004') -define(`FBIO_WAITEVENT', `0x00004688') -define(`FBIO_WAITFORVSYNC', `0x40044620') -define(`FBIPUT_BRIGHTNESS', `0x40044603') -define(`FBIPUT_COLOR', `0x40044606') -define(`FBIPUT_HSYNC', `0x40044609') -define(`FBIPUT_VSYNC', `0x4004460a') -define(`FDCLRPRM', `0x00000241') -define(`FDDEFPRM', `0x40200243') -define(`FDEJECT', `0x0000025a') -define(`FDFLUSH', `0x0000024b') -define(`FDFMTBEG', `0x00000247') -define(`FDFMTEND', `0x00000249') -define(`FDFMTTRK', `0x400c0248') -define(`FDGETDRVPRM', `0x80800211') -define(`FDGETDRVSTAT', `0x80500212') -define(`FDGETDRVTYP', `0x8010020f') -define(`FDGETFDCSTAT', `0x80280215') -define(`FDGETMAXERRS', `0x8014020e') -define(`FDGETPRM', `0x80200204') -define(`FDMSGOFF', `0x00000246') -define(`FDMSGON', `0x00000245') -define(`FDPOLLDRVSTAT', `0x80500213') -define(`FDRAWCMD', `0x00000258') -define(`FDRESET', `0x00000254') -define(`FDSETDRVPRM', `0x40800290') -define(`FDSETEMSGTRESH', `0x0000024a') -define(`FDSETMAXERRS', `0x4014024c') -define(`FDSETPRM', `0x40200242') -define(`FDTWADDLE', `0x00000259') -define(`FDWERRORCLR', `0x00000256') -define(`FDWERRORGET', `0x80280217') -define(`FE_DISEQC_RECV_SLAVE_REPLY', `0x800c6f40') -define(`FE_DISEQC_RESET_OVERLOAD', `0x00006f3e') -define(`FE_DISEQC_SEND_BURST', `0x00006f41') -define(`FE_DISEQC_SEND_MASTER_CMD', `0x40076f3f') -define(`FE_DISHNETWORK_SEND_LEGACY_CMD', `0x00006f50') -define(`FE_ENABLE_HIGH_LNB_VOLTAGE', `0x00006f44') -define(`FE_GET_EVENT', `0x80286f4e') -define(`FE_GET_FRONTEND', `0x80246f4d') -define(`FE_GET_INFO', `0x80a86f3d') -define(`FE_GET_PROPERTY', `0x80106f53') -define(`FE_READ_BER', `0x80046f46') -define(`FE_READ_SIGNAL_STRENGTH', `0x80026f47') -define(`FE_READ_SNR', `0x80026f48') -define(`FE_READ_STATUS', `0x80046f45') -define(`FE_READ_UNCORRECTED_BLOCKS', `0x80046f49') -define(`FE_SET_FRONTEND', `0x40246f4c') -define(`FE_SET_FRONTEND_TUNE_MODE', `0x00006f51') -define(`FE_SET_PROPERTY', `0x40106f52') -define(`FE_SET_TONE', `0x00006f42') -define(`FE_SET_VOLTAGE', `0x00006f43') -define(`FIBMAP', `0x00000001') -define(`FIFREEZE', `0xc0045877') -define(`FIGETBSZ', `0x00000002') -define(`FIOASYNC', `0x00005452') -define(`FIOCLEX', ifelse(target_arch, mips, 0x00006601, 0x00005451)) -define(`FIOGETOWN', `0x00008903') -define(`FIONBIO', `0x00005421') -define(`FIONCLEX', ifelse(target_arch, mips, 0x00006602, 0x00005450)) -define(`FIONREAD', ifelse(target_arch, mips, 0x0000467f, 0x0000541b)) -define(`FIOQSIZE', `0x00005460') -define(`FIOSETOWN', `0x00008901') -define(`FITHAW', `0xc0045878') -define(`FITRIM', `0xc0185879') -define(`FS_IOC32_GETFLAGS', `0x80046601') -define(`FS_IOC32_GETVERSION', `0x80047601') -define(`FS_IOC32_SETFLAGS', `0x40046602') -define(`FS_IOC32_SETVERSION', `0x40047602') -define(`FS_IOC_ENABLE_VERITY', `0x6685') -define(`FS_IOC_FIEMAP', `0xc020660b') -define(`FS_IOC_GET_ENCRYPTION_POLICY', `0x400c6615') -define(`FS_IOC_GET_ENCRYPTION_PWSALT', `0x40106614') -define(`FS_IOC_GETFLAGS', `0x80086601') -define(`FS_IOC_GETVERSION', `0x80087601') -define(`FS_IOC_MEASURE_VERITY', `0x6686') -define(`FS_IOC_SET_ENCRYPTION_POLICY', `0x800c6613') -define(`FS_IOC_SETFLAGS', `0x40086602') -define(`FS_IOC_SETVERSION', `0x40087602') -define(`FSL_HV_IOCTL_DOORBELL', `0xc008af06') -define(`FSL_HV_IOCTL_GETPROP', `0xc028af07') -define(`FSL_HV_IOCTL_MEMCPY', `0xc028af05') -define(`FSL_HV_IOCTL_PARTITION_GET_STATUS', `0xc00caf02') -define(`FSL_HV_IOCTL_PARTITION_RESTART', `0xc008af01') -define(`FSL_HV_IOCTL_PARTITION_START', `0xc010af03') -define(`FSL_HV_IOCTL_PARTITION_STOP', `0xc008af04') -define(`FSL_HV_IOCTL_SETPROP', `0xc028af08') -define(`FUNCTIONFS_CLEAR_HALT', `0x00006703') -define(`FUNCTIONFS_ENDPOINT_DESC', `0x80096782') -define(`FUNCTIONFS_ENDPOINT_REVMAP', `0x00006781') -define(`FUNCTIONFS_FIFO_FLUSH', `0x00006702') -define(`FUNCTIONFS_FIFO_STATUS', `0x00006701') -define(`FUNCTIONFS_INTERFACE_REVMAP', `0x00006780') -define(`FW_CDEV_IOC_ADD_DESCRIPTOR', `0xc0182306') -define(`FW_CDEV_IOC_ALLOCATE', `0xc0202302') -define(`FW_CDEV_IOC_ALLOCATE_ISO_RESOURCE', `0xc018230d') -define(`FW_CDEV_IOC_ALLOCATE_ISO_RESOURCE_ONCE', `0x4018230f') -define(`FW_CDEV_IOC_CREATE_ISO_CONTEXT', `0xc0202308') -define(`FW_CDEV_IOC_DEALLOCATE', `0x40042303') -define(`FW_CDEV_IOC_DEALLOCATE_ISO_RESOURCE', `0x4004230e') -define(`FW_CDEV_IOC_DEALLOCATE_ISO_RESOURCE_ONCE', `0x40182310') -define(`FW_CDEV_IOC_FLUSH_ISO', `0x40042318') -define(`FW_CDEV_IOC_GET_CYCLE_TIMER', `0x8010230c') -define(`FW_CDEV_IOC_GET_CYCLE_TIMER2', `0xc0182314') -define(`FW_CDEV_IOC_GET_INFO', `0xc0282300') -define(`FW_CDEV_IOC_GET_SPEED', `0x00002311') -define(`FW_CDEV_IOC_INITIATE_BUS_RESET', `0x40042305') -define(`FW_CDEV_IOC_QUEUE_ISO', `0xc0182309') -define(`FW_CDEV_IOC_RECEIVE_PHY_PACKETS', `0x40082316') -define(`FW_CDEV_IOC_REMOVE_DESCRIPTOR', `0x40042307') -define(`FW_CDEV_IOC_SEND_BROADCAST_REQUEST', `0x40282312') -define(`FW_CDEV_IOC_SEND_PHY_PACKET', `0xc0182315') -define(`FW_CDEV_IOC_SEND_REQUEST', `0x40282301') -define(`FW_CDEV_IOC_SEND_RESPONSE', `0x40182304') -define(`FW_CDEV_IOC_SEND_STREAM_PACKET', `0x40282313') -define(`FW_CDEV_IOC_SET_ISO_CHANNELS', `0x40102317') -define(`FW_CDEV_IOC_START_ISO', `0x4010230a') -define(`FW_CDEV_IOC_STOP_ISO', `0x4004230b') -define(`GADGETFS_CLEAR_HALT', `0x00006703') -define(`GADGETFS_FIFO_FLUSH', `0x00006702') -define(`GADGETFS_FIFO_STATUS', `0x00006701') -define(`GADGET_GET_PRINTER_STATUS', `0x80016721') -define(`GADGET_SET_PRINTER_STATUS', `0xc0016722') -define(`GENWQE_EXECUTE_DDCB', `0xc0e8a532') -define(`GENWQE_EXECUTE_RAW_DDCB', `0xc0e8a533') -define(`GENWQE_GET_CARD_STATE', `0x8004a524') -define(`GENWQE_PIN_MEM', `0xc020a528') -define(`GENWQE_READ_REG16', `0x8010a522') -define(`GENWQE_READ_REG32', `0x8010a520') -define(`GENWQE_READ_REG64', `0x8010a51e') -define(`GENWQE_SLU_READ', `0xc038a551') -define(`GENWQE_SLU_UPDATE', `0xc038a550') -define(`GENWQE_UNPIN_MEM', `0xc020a529') -define(`GENWQE_WRITE_REG16', `0x4010a523') -define(`GENWQE_WRITE_REG32', `0x4010a521') -define(`GENWQE_WRITE_REG64', `0x4010a51f') -define(`GET_ARRAY_INFO', `0x80480911') -define(`GET_BITMAP_FILE', `0x90000915') -define(`GET_DISK_INFO', `0x80140912') -define(`GIGASET_BRKCHARS', `0x40064702') -define(`GIGASET_CONFIG', `0xc0044701') -define(`GIGASET_REDIR', `0xc0044700') -define(`GIGASET_VERSION', `0xc0104703') -define(`GIO_CMAP', `0x00004b70') -define(`GIO_FONT', `0x00004b60') -define(`GIO_FONTX', `0x00004b6b') -define(`GIO_SCRNMAP', `0x00004b40') -define(`GIO_UNIMAP', `0x00004b66') -define(`GIO_UNISCRNMAP', `0x00004b69') -define(`GSMIOC_DISABLE_NET', `0x00004703') -define(`GSMIOC_ENABLE_NET', `0x40344702') -define(`GSMIOC_GETCONF', `0x804c4700') -define(`GSMIOC_SETCONF', `0x404c4701') -define(`HCIBLOCKADDR', `0x400448e6') -define(`HCIDEVDOWN', `0x400448ca') -define(`HCIDEVRESET', `0x400448cb') -define(`HCIDEVRESTAT', `0x400448cc') -define(`HCIDEVUP', `0x400448c9') -define(`HCIGETAUTHINFO', `0x800448d7') -define(`HCIGETCONNINFO', `0x800448d5') -define(`HCIGETCONNLIST', `0x800448d4') -define(`HCIGETDEVINFO', `0x800448d3') -define(`HCIGETDEVLIST', `0x800448d2') -define(`HCIINQUIRY', `0x800448f0') -define(`HCISETACLMTU', `0x400448e3') -define(`HCISETAUTH', `0x400448de') -define(`HCISETENCRYPT', `0x400448df') -define(`HCISETLINKMODE', `0x400448e2') -define(`HCISETLINKPOL', `0x400448e1') -define(`HCISETPTYPE', `0x400448e0') -define(`HCISETRAW', `0x400448dc') -define(`HCISETSCAN', `0x400448dd') -define(`HCISETSCOMTU', `0x400448e4') -define(`HCIUNBLOCKADDR', `0x400448e7') -define(`HDA_IOCTL_GET_WCAP', `0xc0084812') -define(`HDA_IOCTL_PVERSION', `0x80044810') -define(`HDA_IOCTL_VERB_WRITE', `0xc0084811') -define(`HDIO_DRIVE_CMD', `0x0000031f') -define(`HDIO_DRIVE_RESET', `0x0000031c') -define(`HDIO_DRIVE_TASK', `0x0000031e') -define(`HDIO_DRIVE_TASKFILE', `0x0000031d') -define(`HDIO_GET_32BIT', `0x00000309') -define(`HDIO_GET_ACOUSTIC', `0x0000030f') -define(`HDIO_GET_ADDRESS', `0x00000310') -define(`HDIO_GET_BUSSTATE', `0x0000031a') -define(`HDIO_GET_DMA', `0x0000030b') -define(`HDIO_GETGEO', `0x00000301') -define(`HDIO_GET_IDENTITY', `0x0000030d') -define(`HDIO_GET_KEEPSETTINGS', `0x00000308') -define(`HDIO_GET_MULTCOUNT', `0x00000304') -define(`HDIO_GET_NICE', `0x0000030c') -define(`HDIO_GET_NOWERR', `0x0000030a') -define(`HDIO_GET_QDMA', `0x00000305') -define(`HDIO_GET_UNMASKINTR', `0x00000302') -define(`HDIO_GET_WCACHE', `0x0000030e') -define(`HDIO_OBSOLETE_IDENTITY', `0x00000307') -define(`HDIO_SCAN_HWIF', `0x00000328') -define(`HDIO_SET_32BIT', `0x00000324') -define(`HDIO_SET_ACOUSTIC', `0x0000032c') -define(`HDIO_SET_ADDRESS', `0x0000032f') -define(`HDIO_SET_BUSSTATE', `0x0000032d') -define(`HDIO_SET_DMA', `0x00000326') -define(`HDIO_SET_KEEPSETTINGS', `0x00000323') -define(`HDIO_SET_MULTCOUNT', `0x00000321') -define(`HDIO_SET_NICE', `0x00000329') -define(`HDIO_SET_NOWERR', `0x00000325') -define(`HDIO_SET_PIO_MODE', `0x00000327') -define(`HDIO_SET_QDMA', `0x0000032e') -define(`HDIO_SET_UNMASKINTR', `0x00000322') -define(`HDIO_SET_WCACHE', `0x0000032b') -define(`HDIO_SET_XFER', `0x00000306') -define(`HDIO_TRISTATE_HWIF', `0x0000031b') -define(`HDIO_UNREGISTER_HWIF', `0x0000032a') -define(`HE_GET_REG', `0x40106160') -define(`HIDIOCAPPLICATION', `0x00004802') -define(`HIDIOCGCOLLECTIONINDEX', `0x40184810') -define(`HIDIOCGCOLLECTIONINFO', `0xc0104811') -define(`HIDIOCGDEVINFO', `0x801c4803') -define(`HIDIOCGFIELDINFO', `0xc038480a') -define(`HIDIOCGFLAG', `0x8004480e') -define(`HIDIOCGRAWINFO', `0x80084803') -define(`HIDIOCGRDESC', `0x90044802') -define(`HIDIOCGRDESCSIZE', `0x80044801') -define(`HIDIOCGREPORT', `0x400c4807') -define(`HIDIOCGREPORTINFO', `0xc00c4809') -define(`HIDIOCGSTRING', `0x81044804') -define(`HIDIOCGUCODE', `0xc018480d') -define(`HIDIOCGUSAGE', `0xc018480b') -define(`HIDIOCGUSAGES', `0xd01c4813') -define(`HIDIOCGVERSION', `0x80044801') -define(`HIDIOCINITREPORT', `0x00004805') -define(`HIDIOCSFLAG', `0x4004480f') -define(`HIDIOCSREPORT', `0x400c4808') -define(`HIDIOCSUSAGE', `0x4018480c') -define(`HIDIOCSUSAGES', `0x501c4814') -define(`HOT_ADD_DISK', `0x00000928') -define(`HOT_GENERATE_ERROR', `0x0000092a') -define(`HOT_REMOVE_DISK', `0x00000922') -define(`HPET_DPI', `0x00006805') -define(`HPET_EPI', `0x00006804') -define(`HPET_IE_OFF', `0x00006802') -define(`HPET_IE_ON', `0x00006801') -define(`HPET_INFO', `0x80186803') -define(`HPET_IRQFREQ', `0x40086806') -define(`HSC_GET_RX', `0x400c6b14') -define(`HSC_GET_TX', `0x40106b16') -define(`HSC_RESET', `0x00006b10') -define(`HSC_SEND_BREAK', `0x00006b12') -define(`HSC_SET_PM', `0x00006b11') -define(`HSC_SET_RX', `0x400c6b13') -define(`HSC_SET_TX', `0x40106b15') -define(`I2OEVTGET', `0x8068690b') -define(`I2OEVTREG', `0x400c690a') -define(`I2OGETIOPS', `0x80206900') -define(`I2OHRTGET', `0xc0186901') -define(`I2OHTML', `0xc0306909') -define(`I2OLCTGET', `0xc0186902') -define(`I2OPARMGET', `0xc0286904') -define(`I2OPARMSET', `0xc0286903') -define(`I2OPASSTHRU', `0x8010690c') -define(`I2OPASSTHRU32', `0x8008690c') -define(`I2OSWDEL', `0xc0306907') -define(`I2OSWDL', `0xc0306905') -define(`I2OSWUL', `0xc0306906') -define(`I2OVALIDATE', `0x80046908') -define(`I8K_BIOS_VERSION', `0x80046980') -define(`I8K_FN_STATUS', `0x80086983') -define(`I8K_GET_FAN', `0xc0086986') -define(`I8K_GET_SPEED', `0xc0086985') -define(`I8K_GET_TEMP', `0x80086984') -define(`I8K_MACHINE_ID', `0x80046981') -define(`I8K_POWER_STATUS', `0x80086982') -define(`I8K_SET_FAN', `0xc0086987') -define(`IB_USER_MAD_ENABLE_PKEY', `0x00001b03') -define(`IB_USER_MAD_REGISTER_AGENT', `0xc01c1b01') -define(`IB_USER_MAD_REGISTER_AGENT2', `0xc0281b04') -define(`IB_USER_MAD_UNREGISTER_AGENT', `0x40041b02') -define(`IDT77105_GETSTAT', `0x40106132') -define(`IDT77105_GETSTATZ', `0x40106133') -define(`IIOCDBGVAR', `0x0000497f') -define(`IIOCDRVCTL', `0x00004980') -define(`IIOCGETCPS', `0x00004915') -define(`IIOCGETDVR', `0x00004916') -define(`IIOCGETMAP', `0x00004911') -define(`IIOCGETPRF', `0x0000490f') -define(`IIOCGETSET', `0x00004908') -define(`IIOCNETAIF', `0x00004901') -define(`IIOCNETALN', `0x00004920') -define(`IIOCNETANM', `0x00004905') -define(`IIOCNETASL', `0x00004913') -define(`IIOCNETDIF', `0x00004902') -define(`IIOCNETDIL', `0x00004914') -define(`IIOCNETDLN', `0x00004921') -define(`IIOCNETDNM', `0x00004906') -define(`IIOCNETDWRSET', `0x00004918') -define(`IIOCNETGCF', `0x00004904') -define(`IIOCNETGNM', `0x00004907') -define(`IIOCNETGPN', `0x00004922') -define(`IIOCNETHUP', `0x0000490b') -define(`IIOCNETLCR', `0x00004917') -define(`IIOCNETSCF', `0x00004903') -define(`IIOCSETBRJ', `0x0000490d') -define(`IIOCSETGST', `0x0000490c') -define(`IIOCSETMAP', `0x00004912') -define(`IIOCSETPRF', `0x00004910') -define(`IIOCSETSET', `0x00004909') -define(`IIOCSETVER', `0x0000490a') -define(`IIOCSIGPRF', `0x0000490e') -define(`IIO_GET_EVENT_FD_IOCTL', `0x80046990') -define(`IMADDTIMER', `0x80044940') -define(`IMCLEAR_L2', `0x80044946') -define(`IMCTRLREQ', `0x80044945') -define(`IMDELTIMER', `0x80044941') -define(`IMGETCOUNT', `0x80044943') -define(`IMGETDEVINFO', `0x80044944') -define(`IMGETVERSION', `0x80044942') -define(`IMHOLD_L1', `0x80044948') -define(`IMSETDEVNAME', `0x80184947') -define(`IOCTL_EVTCHN_BIND_INTERDOMAIN', `0x00084501') -define(`IOCTL_EVTCHN_BIND_UNBOUND_PORT', `0x00044502') -define(`IOCTL_EVTCHN_BIND_VIRQ', `0x00044500') -define(`IOCTL_EVTCHN_NOTIFY', `0x00044504') -define(`IOCTL_EVTCHN_RESET', `0x00004505') -define(`IOCTL_EVTCHN_UNBIND', `0x00044503') -define(`IOCTL_MEI_CONNECT_CLIENT', `0xc0104801') -define(`IOCTL_VMCI_CTX_ADD_NOTIFICATION', `0x000007af') -define(`IOCTL_VMCI_CTX_GET_CPT_STATE', `0x000007b1') -define(`IOCTL_VMCI_CTX_REMOVE_NOTIFICATION', `0x000007b0') -define(`IOCTL_VMCI_CTX_SET_CPT_STATE', `0x000007b2') -define(`IOCTL_VMCI_DATAGRAM_RECEIVE', `0x000007ac') -define(`IOCTL_VMCI_DATAGRAM_SEND', `0x000007ab') -define(`IOCTL_VMCI_GET_CONTEXT_ID', `0x000007b3') -define(`IOCTL_VMCI_INIT_CONTEXT', `0x000007a0') -define(`IOCTL_VMCI_NOTIFICATIONS_RECEIVE', `0x000007a6') -define(`IOCTL_VMCI_NOTIFY_RESOURCE', `0x000007a5') -define(`IOCTL_VMCI_QUEUEPAIR_ALLOC', `0x000007a8') -define(`IOCTL_VMCI_QUEUEPAIR_DETACH', `0x000007aa') -define(`IOCTL_VMCI_QUEUEPAIR_SETPAGEFILE', `0x000007a9') -define(`IOCTL_VMCI_QUEUEPAIR_SETVA', `0x000007a4') -define(`IOCTL_VMCI_SET_NOTIFY', `0x000007cb') -define(`IOCTL_VMCI_SOCKETS_GET_AF_VALUE', `0x000007b8') -define(`IOCTL_VMCI_SOCKETS_GET_LOCAL_CID', `0x000007b9') -define(`IOCTL_VMCI_SOCKETS_VERSION', `0x000007b4') -define(`IOCTL_VMCI_VERSION', `0x0000079f') -define(`IOCTL_VMCI_VERSION2', `0x000007a7') -define(`IOCTL_VM_SOCKETS_GET_LOCAL_CID', `0x000007b9') -define(`IOCTL_WDM_MAX_COMMAND', `0x800248a0') -define(`IOCTL_XENBUS_BACKEND_EVTCHN', `0x00004200') -define(`IOCTL_XENBUS_BACKEND_SETUP', `0x00004201') -define(`ION_IOC_ALLOC', `0xc0204900') -define(`ION_IOC_CUSTOM', `0xc0104906') -define(`ION_IOC_FREE', `0xc0044901') -define(`ION_IOC_IMPORT', `0xc0084905') -define(`ION_IOC_MAP', `0xc0084902') -define(`ION_IOC_SHARE', `0xc0084904') -define(`ION_IOC_SYNC', `0xc0084907') -define(`ION_IOC_TEST_DMA_MAPPING', `0x402049f1') -define(`ION_IOC_TEST_KERNEL_MAPPING', `0x402049f2') -define(`ION_IOC_TEST_SET_FD', `0x000049f0') -define(`IOW_GETINFO', `0x8028c003') -define(`IOW_READ', `0x4008c002') -define(`IOW_WRITE', `0x4008c001') -define(`IPMICTL_GET_MAINTENANCE_MODE_CMD', `0x8004691e') -define(`IPMICTL_GET_MY_ADDRESS_CMD', `0x80046912') -define(`IPMICTL_GET_MY_CHANNEL_ADDRESS_CMD', `0x80046919') -define(`IPMICTL_GET_MY_CHANNEL_LUN_CMD', `0x8004691b') -define(`IPMICTL_GET_MY_LUN_CMD', `0x80046914') -define(`IPMICTL_GET_TIMING_PARMS_CMD', `0x80086917') -define(`IPMICTL_RECEIVE_MSG', `0xc030690c') -define(`IPMICTL_RECEIVE_MSG_TRUNC', `0xc030690b') -define(`IPMICTL_REGISTER_FOR_CMD', `0x8002690e') -define(`IPMICTL_REGISTER_FOR_CMD_CHANS', `0x800c691c') -define(`IPMICTL_SEND_COMMAND', `0x8028690d') -define(`IPMICTL_SEND_COMMAND_SETTIME', `0x80306915') -define(`IPMICTL_SET_GETS_EVENTS_CMD', `0x80046910') -define(`IPMICTL_SET_MAINTENANCE_MODE_CMD', `0x4004691f') -define(`IPMICTL_SET_MY_ADDRESS_CMD', `0x80046911') -define(`IPMICTL_SET_MY_CHANNEL_ADDRESS_CMD', `0x80046918') -define(`IPMICTL_SET_MY_CHANNEL_LUN_CMD', `0x8004691a') -define(`IPMICTL_SET_MY_LUN_CMD', `0x80046913') -define(`IPMICTL_SET_TIMING_PARMS_CMD', `0x80086916') -define(`IPMICTL_UNREGISTER_FOR_CMD', `0x8002690f') -define(`IPMICTL_UNREGISTER_FOR_CMD_CHANS', `0x800c691d') -define(`IVTVFB_IOC_DMA_FRAME', `0x401856c0') -define(`IVTV_IOC_DMA_FRAME', `0x404056c0') -define(`IVTV_IOC_PASSTHROUGH_MODE', `0x400456c1') -define(`IXJCTL_AEC_GET_LEVEL', `0x000071cd') -define(`IXJCTL_AEC_START', `0x400471cb') -define(`IXJCTL_AEC_STOP', `0x000071cc') -define(`IXJCTL_CARDTYPE', `0x800471c1') -define(`IXJCTL_CID', `0x800871d4') -define(`IXJCTL_CIDCW', `0x400871d9') -define(`IXJCTL_DAA_AGAIN', `0x400471d2') -define(`IXJCTL_DAA_COEFF_SET', `0x400471d0') -define(`IXJCTL_DRYBUFFER_CLEAR', `0x000071e7') -define(`IXJCTL_DRYBUFFER_READ', `0x800871e6') -define(`IXJCTL_DSP_IDLE', `0x000071c5') -define(`IXJCTL_DSP_RESET', `0x000071c0') -define(`IXJCTL_DSP_TYPE', `0x800471c3') -define(`IXJCTL_DSP_VERSION', `0x800471c4') -define(`IXJCTL_DTMF_PRESCALE', `0x400471e8') -define(`IXJCTL_FILTER_CADENCE', `0x400871d6') -define(`IXJCTL_FRAMES_READ', `0x800871e2') -define(`IXJCTL_FRAMES_WRITTEN', `0x800871e3') -define(`IXJCTL_GET_FILTER_HIST', `0x400471c8') -define(`IXJCTL_HZ', `0x400471e0') -define(`IXJCTL_INIT_TONE', `0x400871c9') -define(`IXJCTL_INTERCOM_START', `0x400471fd') -define(`IXJCTL_INTERCOM_STOP', `0x400471fe') -define(`IXJCTL_MIXER', `0x400471cf') -define(`IXJCTL_PLAY_CID', `0x000071d7') -define(`IXJCTL_PORT', `0x400471d1') -define(`IXJCTL_POTS_PSTN', `0x400471d5') -define(`IXJCTL_PSTN_LINETEST', `0x000071d3') -define(`IXJCTL_RATE', `0x400471e1') -define(`IXJCTL_READ_WAIT', `0x800871e4') -define(`IXJCTL_SC_RXG', `0x400471ea') -define(`IXJCTL_SC_TXG', `0x400471eb') -define(`IXJCTL_SERIAL', `0x800471c2') -define(`IXJCTL_SET_FILTER', `0x400871c7') -define(`IXJCTL_SET_FILTER_RAW', `0x400871dd') -define(`IXJCTL_SET_LED', `0x400471ce') -define(`IXJCTL_SIGCTL', `0x400871e9') -define(`IXJCTL_TESTRAM', `0x000071c6') -define(`IXJCTL_TONE_CADENCE', `0x400871ca') -define(`IXJCTL_VERSION', `0x800871da') -define(`IXJCTL_VMWI', `0x800471d8') -define(`IXJCTL_WRITE_WAIT', `0x800871e5') -define(`JSIOCGAXES', `0x80016a11') -define(`JSIOCGAXMAP', `0x80406a32') -define(`JSIOCGBTNMAP', `0x84006a34') -define(`JSIOCGBUTTONS', `0x80016a12') -define(`JSIOCGCORR', `0x80246a22') -define(`JSIOCGVERSION', `0x80046a01') -define(`JSIOCSAXMAP', `0x40406a31') -define(`JSIOCSBTNMAP', `0x44006a33') -define(`JSIOCSCORR', `0x40246a21') -define(`KCOV_DISABLE', `0x00006365') -define(`KCOV_ENABLE', `0x00006364') -define(`KCOV_INIT_TRACE', `0x80086301') -define(`KDADDIO', `0x00004b34') -define(`KDDELIO', `0x00004b35') -define(`KDDISABIO', `0x00004b37') -define(`KDENABIO', `0x00004b36') -define(`KDFONTOP', `0x00004b72') -define(`KDGETKEYCODE', `0x00004b4c') -define(`KDGETLED', `0x00004b31') -define(`KDGETMODE', `0x00004b3b') -define(`KDGKBDIACR', `0x00004b4a') -define(`KDGKBDIACRUC', `0x00004bfa') -define(`KDGKBENT', `0x00004b46') -define(`KDGKBLED', `0x00004b64') -define(`KDGKBMETA', `0x00004b62') -define(`KDGKBMODE', `0x00004b44') -define(`KDGKBSENT', `0x00004b48') -define(`KDGKBTYPE', `0x00004b33') -define(`KDKBDREP', `0x00004b52') -define(`KDMAPDISP', `0x00004b3c') -define(`KDMKTONE', `0x00004b30') -define(`KDSETKEYCODE', `0x00004b4d') -define(`KDSETLED', `0x00004b32') -define(`KDSETMODE', `0x00004b3a') -define(`KDSIGACCEPT', `0x00004b4e') -define(`KDSKBDIACR', `0x00004b4b') -define(`KDSKBDIACRUC', `0x00004bfb') -define(`KDSKBENT', `0x00004b47') -define(`KDSKBLED', `0x00004b65') -define(`KDSKBMETA', `0x00004b63') -define(`KDSKBMODE', `0x00004b45') -define(`KDSKBSENT', `0x00004b49') -define(`KDUNMAPDISP', `0x00004b3d') -define(`KIOCSOUND', `0x00004b2f') -define(`KVM_ALLOCATE_RMA', `0x8008aea9') -define(`KVM_ARM_PREFERRED_TARGET', `0x8020aeaf') -define(`KVM_ARM_SET_DEVICE_ADDR', `0x4010aeab') -define(`KVM_ARM_VCPU_INIT', `0x4020aeae') -define(`KVM_ASSIGN_DEV_IRQ', `0x4040ae70') -define(`KVM_ASSIGN_PCI_DEVICE', `0x8040ae69') -define(`KVM_ASSIGN_SET_INTX_MASK', `0x4040aea4') -define(`KVM_ASSIGN_SET_MSIX_ENTRY', `0x4010ae74') -define(`KVM_ASSIGN_SET_MSIX_NR', `0x4008ae73') -define(`KVM_CHECK_EXTENSION', `0x0000ae03') -define(`KVM_CREATE_DEVICE', `0xc00caee0') -define(`KVM_CREATE_IRQCHIP', `0x0000ae60') -define(`KVM_CREATE_PIT', `0x0000ae64') -define(`KVM_CREATE_PIT2', `0x4040ae77') -define(`KVM_CREATE_SPAPR_TCE', `0x400caea8') -define(`KVM_CREATE_VCPU', `0x0000ae41') -define(`KVM_CREATE_VM', `0x0000ae01') -define(`KVM_DEASSIGN_DEV_IRQ', `0x4040ae75') -define(`KVM_DEASSIGN_PCI_DEVICE', `0x4040ae72') -define(`KVM_DIRTY_TLB', `0x4010aeaa') -define(`KVM_ENABLE_CAP', `0x4068aea3') -define(`KVM_GET_API_VERSION', `0x0000ae00') -define(`KVM_GET_CLOCK', `0x8030ae7c') -define(`KVM_GET_CPUID2', `0xc008ae91') -define(`KVM_GET_DEBUGREGS', `0x8080aea1') -define(`KVM_GET_DEVICE_ATTR', `0x4018aee2') -define(`KVM_GET_DIRTY_LOG', `0x4010ae42') -define(`KVM_GET_EMULATED_CPUID', `0xc008ae09') -define(`KVM_GET_FPU', `0x81a0ae8c') -define(`KVM_GET_IRQCHIP', `0xc208ae62') -define(`KVM_GET_LAPIC', `0x8400ae8e') -define(`KVM_GET_MP_STATE', `0x8004ae98') -define(`KVM_GET_MSR_INDEX_LIST', `0xc004ae02') -define(`KVM_GET_MSRS', `0xc008ae88') -define(`KVM_GET_NR_MMU_PAGES', `0x0000ae45') -define(`KVM_GET_ONE_REG', `0x4010aeab') -define(`KVM_GET_PIT', `0xc048ae65') -define(`KVM_GET_PIT2', `0x8070ae9f') -define(`KVM_GET_REG_LIST', `0xc008aeb0') -define(`KVM_GET_REGS', `0x8090ae81') -define(`KVM_GET_SREGS', `0x8138ae83') -define(`KVM_GET_SUPPORTED_CPUID', `0xc008ae05') -define(`KVM_GET_TSC_KHZ', `0x0000aea3') -define(`KVM_GET_VCPU_EVENTS', `0x8040ae9f') -define(`KVM_GET_VCPU_MMAP_SIZE', `0x0000ae04') -define(`KVM_GET_XCRS', `0x8188aea6') -define(`KVM_GET_XSAVE', `0x9000aea4') -define(`KVM_HAS_DEVICE_ATTR', `0x4018aee3') -define(`KVM_INTERRUPT', `0x4004ae86') -define(`KVM_IOEVENTFD', `0x4040ae79') -define(`KVM_IRQFD', `0x4020ae76') -define(`KVM_IRQ_LINE', `0x4008ae61') -define(`KVM_IRQ_LINE_STATUS', `0xc008ae67') -define(`KVM_KVMCLOCK_CTRL', `0x0000aead') -define(`KVM_NMI', `0x0000ae9a') -define(`KVM_PPC_ALLOCATE_HTAB', `0xc004aea7') -define(`KVM_PPC_GET_HTAB_FD', `0x4020aeaa') -define(`KVM_PPC_GET_PVINFO', `0x4080aea1') -define(`KVM_PPC_GET_SMMU_INFO', `0x8250aea6') -define(`KVM_PPC_RTAS_DEFINE_TOKEN', `0x4080aeac') -define(`KVM_REGISTER_COALESCED_MMIO', `0x4010ae67') -define(`KVM_REINJECT_CONTROL', `0x0000ae71') -define(`KVM_RUN', `0x0000ae80') -define(`KVM_S390_ENABLE_SIE', `0x0000ae06') -define(`KVM_S390_INITIAL_RESET', `0x0000ae97') -define(`KVM_S390_INTERRUPT', `0x4010ae94') -define(`KVM_S390_SET_INITIAL_PSW', `0x4010ae96') -define(`KVM_S390_STORE_STATUS', `0x4008ae95') -define(`KVM_S390_UCAS_MAP', `0x4018ae50') -define(`KVM_S390_UCAS_UNMAP', `0x4018ae51') -define(`KVM_S390_VCPU_FAULT', `0x4008ae52') -define(`KVM_SET_BOOT_CPU_ID', `0x0000ae78') -define(`KVM_SET_CLOCK', `0x4030ae7b') -define(`KVM_SET_CPUID', `0x4008ae8a') -define(`KVM_SET_CPUID2', `0x4008ae90') -define(`KVM_SET_DEBUGREGS', `0x4080aea2') -define(`KVM_SET_DEVICE_ATTR', `0x4018aee1') -define(`KVM_SET_FPU', `0x41a0ae8d') -define(`KVM_SET_GSI_ROUTING', `0x4008ae6a') -define(`KVM_SET_GUEST_DEBUG', `0x4048ae9b') -define(`KVM_SET_IDENTITY_MAP_ADDR', `0x4008ae48') -define(`KVM_SET_IRQCHIP', `0x8208ae63') -define(`KVM_SET_LAPIC', `0x4400ae8f') -define(`KVM_SET_MEMORY_ALIAS', `0x4020ae43') -define(`KVM_SET_MEMORY_REGION', `0x4018ae40') -define(`KVM_SET_MP_STATE', `0x4004ae99') -define(`KVM_SET_MSRS', `0x4008ae89') -define(`KVM_SET_NR_MMU_PAGES', `0x0000ae44') -define(`KVM_SET_ONE_REG', `0x4010aeac') -define(`KVM_SET_PIT', `0x8048ae66') -define(`KVM_SET_PIT2', `0x4070aea0') -define(`KVM_SET_REGS', `0x4090ae82') -define(`KVM_SET_SIGNAL_MASK', `0x4004ae8b') -define(`KVM_SET_SREGS', `0x4138ae84') -define(`KVM_SET_TSC_KHZ', `0x0000aea2') -define(`KVM_SET_TSS_ADDR', `0x0000ae47') -define(`KVM_SET_USER_MEMORY_REGION', `0x4020ae46') -define(`KVM_SET_VAPIC_ADDR', `0x4008ae93') -define(`KVM_SET_VCPU_EVENTS', `0x4040aea0') -define(`KVM_SET_XCRS', `0x4188aea7') -define(`KVM_SET_XSAVE', `0x5000aea5') -define(`KVM_SIGNAL_MSI', `0x4020aea5') -define(`KVM_TPR_ACCESS_REPORTING', `0xc028ae92') -define(`KVM_TRANSLATE', `0xc018ae85') -define(`KVM_UNREGISTER_COALESCED_MMIO', `0x4010ae68') -define(`KVM_X86_GET_MCE_CAP_SUPPORTED', `0x8008ae9d') -define(`KVM_X86_SET_MCE', `0x4040ae9e') -define(`KVM_X86_SETUP_MCE', `0x4008ae9c') -define(`KVM_XEN_HVM_CONFIG', `0x4038ae7a') -define(`KYRO_IOCTL_OVERLAY_CREATE', `0x00006b00') -define(`KYRO_IOCTL_OVERLAY_OFFSET', `0x00006b04') -define(`KYRO_IOCTL_OVERLAY_VIEWPORT_SET', `0x00006b01') -define(`KYRO_IOCTL_SET_VIDEO_MODE', `0x00006b02') -define(`KYRO_IOCTL_STRIDE', `0x00006b05') -define(`KYRO_IOCTL_UVSTRIDE', `0x00006b03') -define(`LIRC_GET_FEATURES', `0x80046900') -define(`LIRC_GET_LENGTH', `0x8004690f') -define(`LIRC_GET_MAX_FILTER_PULSE', `0x8004690b') -define(`LIRC_GET_MAX_FILTER_SPACE', `0x8004690d') -define(`LIRC_GET_MAX_TIMEOUT', `0x80046909') -define(`LIRC_GET_MIN_FILTER_PULSE', `0x8004690a') -define(`LIRC_GET_MIN_FILTER_SPACE', `0x8004690c') -define(`LIRC_GET_MIN_TIMEOUT', `0x80046908') -define(`LIRC_GET_REC_CARRIER', `0x80046904') -define(`LIRC_GET_REC_DUTY_CYCLE', `0x80046906') -define(`LIRC_GET_REC_MODE', `0x80046902') -define(`LIRC_GET_REC_RESOLUTION', `0x80046907') -define(`LIRC_GET_SEND_CARRIER', `0x80046903') -define(`LIRC_GET_SEND_DUTY_CYCLE', `0x80046905') -define(`LIRC_GET_SEND_MODE', `0x80046901') -define(`LIRC_NOTIFY_DECODE', `0x00006920') -define(`LIRC_SET_MEASURE_CARRIER_MODE', `0x4004691d') -define(`LIRC_SET_REC_CARRIER', `0x40046914') -define(`LIRC_SET_REC_CARRIER_RANGE', `0x4004691f') -define(`LIRC_SET_REC_DUTY_CYCLE', `0x40046916') -define(`LIRC_SET_REC_DUTY_CYCLE_RANGE', `0x4004691e') -define(`LIRC_SET_REC_FILTER', `0x4004691c') -define(`LIRC_SET_REC_FILTER_PULSE', `0x4004691a') -define(`LIRC_SET_REC_FILTER_SPACE', `0x4004691b') -define(`LIRC_SET_REC_MODE', `0x40046912') -define(`LIRC_SET_REC_TIMEOUT', `0x40046918') -define(`LIRC_SET_REC_TIMEOUT_REPORTS', `0x40046919') -define(`LIRC_SET_SEND_CARRIER', `0x40046913') -define(`LIRC_SET_SEND_DUTY_CYCLE', `0x40046915') -define(`LIRC_SET_SEND_MODE', `0x40046911') -define(`LIRC_SET_TRANSMITTER_MASK', `0x40046917') -define(`LIRC_SETUP_END', `0x00006922') -define(`LIRC_SETUP_START', `0x00006921') -define(`LIRC_SET_WIDEBAND_RECEIVER', `0x40046923') -define(`LOGGER_FLUSH_LOG', `0x0000ae04') -define(`LOGGER_GET_LOG_BUF_SIZE', `0x0000ae01') -define(`LOGGER_GET_LOG_LEN', `0x0000ae02') -define(`LOGGER_GET_NEXT_ENTRY_LEN', `0x0000ae03') -define(`LOGGER_GET_VERSION', `0x0000ae05') -define(`LOGGER_SET_VERSION', `0x0000ae06') -define(`LOOP_CHANGE_FD', `0x00004c06') -define(`LOOP_CLR_FD', `0x00004c01') -define(`LOOP_CTL_ADD', `0x00004c80') -define(`LOOP_CTL_GET_FREE', `0x00004c82') -define(`LOOP_CTL_REMOVE', `0x00004c81') -define(`LOOP_GET_STATUS', `0x00004c03') -define(`LOOP_GET_STATUS64', `0x00004c05') -define(`LOOP_SET_BLOCK_SIZE', `0x00004c09') -define(`LOOP_SET_CAPACITY', `0x00004c07') -define(`LOOP_SET_DIRECT_IO', `0x00004c08') -define(`LOOP_SET_FD', `0x00004c00') -define(`LOOP_SET_STATUS', `0x00004c02') -define(`LOOP_SET_STATUS64', `0x00004c04') -define(`MATROXFB_GET_ALL_OUTPUTS', `0x80086efb') -define(`MATROXFB_GET_AVAILABLE_OUTPUTS', `0x80086ef9') -define(`MATROXFB_GET_OUTPUT_CONNECTION', `0x80086ef8') -define(`MATROXFB_GET_OUTPUT_MODE', `0xc0086efa') -define(`MATROXFB_SET_OUTPUT_CONNECTION', `0x40086ef8') -define(`MATROXFB_SET_OUTPUT_MODE', `0x40086efa') -define(`MBXFB_IOCG_ALPHA', `0x8018f401') -define(`MBXFB_IOCS_ALPHA', `0x4018f402') -define(`MBXFB_IOCS_PLANEORDER', `0x8002f403') -define(`MBXFB_IOCS_REG', `0x400cf404') -define(`MBXFB_IOCX_OVERLAY', `0xc030f400') -define(`MBXFB_IOCX_REG', `0xc00cf405') -define(`MCE_GETCLEAR_FLAGS', `0x80044d03') -define(`MCE_GET_LOG_LEN', `0x80044d02') -define(`MCE_GET_RECORD_LEN', `0x80044d01') -define(`MEDIA_IOC_DEVICE_INFO', `0xc1007c00') -define(`MEDIA_IOC_ENUM_ENTITIES', `0xc1007c01') -define(`MEDIA_IOC_ENUM_LINKS', `0xc0287c02') -define(`MEDIA_IOC_SETUP_LINK', `0xc0347c03') -define(`MEMERASE', `0x40084d02') -define(`MEMERASE64', `0x40104d14') -define(`MEMGETBADBLOCK', `0x40084d0b') -define(`MEMGETINFO', `0x80204d01') -define(`MEMGETOOBSEL', `0x80c84d0a') -define(`MEMGETREGIONCOUNT', `0x80044d07') -define(`MEMGETREGIONINFO', `0xc0104d08') -define(`MEMISLOCKED', `0x80084d17') -define(`MEMLOCK', `0x40084d05') -define(`MEMREADOOB', `0xc0104d04') -define(`MEMREADOOB64', `0xc0184d16') -define(`MEMSETBADBLOCK', `0x40084d0c') -define(`MEMUNLOCK', `0x40084d06') -define(`MEMWRITE', `0xc0304d18') -define(`MEMWRITEOOB', `0xc0104d03') -define(`MEMWRITEOOB64', `0xc0184d15') -define(`MEYEIOC_G_PARAMS', `0x800676c0') -define(`MEYEIOC_QBUF_CAPT', `0x400476c2') -define(`MEYEIOC_S_PARAMS', `0x400676c1') -define(`MEYEIOC_STILLCAPT', `0x000076c4') -define(`MEYEIOC_STILLJCAPT', `0x800476c5') -define(`MEYEIOC_SYNC', `0xc00476c3') -define(`MFB_GET_ALPHA', `0x80014d00') -define(`MFB_GET_AOID', `0x80084d04') -define(`MFB_GET_GAMMA', `0x80014d01') -define(`MFB_GET_PIXFMT', `0x80044d08') -define(`MFB_SET_ALPHA', `0x40014d00') -define(`MFB_SET_AOID', `0x40084d04') -define(`MFB_SET_BRIGHTNESS', `0x40014d03') -define(`MFB_SET_CHROMA_KEY', `0x400c4d01') -define(`MFB_SET_GAMMA', `0x40014d01') -define(`MFB_SET_PIXFMT', `0x40044d08') -define(`MGSL_IOCCLRMODCOUNT', `0x00006d0f') -define(`MGSL_IOCGGPIO', `0x80106d11') -define(`MGSL_IOCGIF', `0x00006d0b') -define(`MGSL_IOCGPARAMS', `0x80306d01') -define(`MGSL_IOCGSTATS', `0x00006d07') -define(`MGSL_IOCGTXIDLE', `0x00006d03') -define(`MGSL_IOCGXCTRL', `0x00006d16') -define(`MGSL_IOCGXSYNC', `0x00006d14') -define(`MGSL_IOCLOOPTXDONE', `0x00006d09') -define(`MGSL_IOCRXENABLE', `0x00006d05') -define(`MGSL_IOCSGPIO', `0x40106d10') -define(`MGSL_IOCSIF', `0x00006d0a') -define(`MGSL_IOCSPARAMS', `0x40306d00') -define(`MGSL_IOCSTXIDLE', `0x00006d02') -define(`MGSL_IOCSXCTRL', `0x00006d15') -define(`MGSL_IOCSXSYNC', `0x00006d13') -define(`MGSL_IOCTXABORT', `0x00006d06') -define(`MGSL_IOCTXENABLE', `0x00006d04') -define(`MGSL_IOCWAITEVENT', `0xc0046d08') -define(`MGSL_IOCWAITGPIO', `0xc0106d12') -define(`MIC_VIRTIO_ADD_DEVICE', `0xc0087301') -define(`MIC_VIRTIO_CONFIG_CHANGE', `0xc0087305') -define(`MIC_VIRTIO_COPY_DESC', `0xc0087302') -define(`MMC_IOC_CMD', `0xc048b300') -define(`MMTIMER_GETBITS', `0x00006d04') -define(`MMTIMER_GETCOUNTER', `0x80086d09') -define(`MMTIMER_GETFREQ', `0x80086d02') -define(`MMTIMER_GETOFFSET', `0x00006d00') -define(`MMTIMER_GETRES', `0x80086d01') -define(`MMTIMER_MMAPAVAIL', `0x00006d06') -define(`MSMFB_BLIT', `0x40046d02') -define(`MSMFB_GRP_DISP', `0x40046d01') -define(`MTDFILEMODE', `0x00004d13') -define(`MTIOCGET', `0x80306d02') -define(`MTIOCPOS', `0x80086d03') -define(`MTIOCTOP', `0x40086d01') -define(`MTRRIOC_ADD_ENTRY', `0x40104d00') -define(`MTRRIOC_ADD_PAGE_ENTRY', `0x40104d05') -define(`MTRRIOC_DEL_ENTRY', `0x40104d02') -define(`MTRRIOC_DEL_PAGE_ENTRY', `0x40104d07') -define(`MTRRIOC_GET_ENTRY', `0xc0184d03') -define(`MTRRIOC_GET_PAGE_ENTRY', `0xc0184d08') -define(`MTRRIOC_KILL_ENTRY', `0x40104d04') -define(`MTRRIOC_KILL_PAGE_ENTRY', `0x40104d09') -define(`MTRRIOC_SET_ENTRY', `0x40104d01') -define(`MTRRIOC_SET_PAGE_ENTRY', `0x40104d06') -define(`NBD_CLEAR_QUE', `0x0000ab05') -define(`NBD_CLEAR_SOCK', `0x0000ab04') -define(`NBD_DISCONNECT', `0x0000ab08') -define(`NBD_DO_IT', `0x0000ab03') -define(`NBD_PRINT_DEBUG', `0x0000ab06') -define(`NBD_SET_BLKSIZE', `0x0000ab01') -define(`NBD_SET_FLAGS', `0x0000ab0a') -define(`NBD_SET_SIZE', `0x0000ab02') -define(`NBD_SET_SIZE_BLOCKS', `0x0000ab07') -define(`NBD_SET_SOCK', `0x0000ab00') -define(`NBD_SET_TIMEOUT', `0x0000ab09') -define(`NCP_IOC_CONN_LOGGED_IN', `0x00006e03') -define(`NCP_IOC_GETCHARSETS', `0xc02a6e0b') -define(`NCP_IOC_GETDENTRYTTL', `0x40046e0c') -define(`NCP_IOC_GET_FS_INFO', `0xc0286e04') -define(`NCP_IOC_GET_FS_INFO_V2', `0xc0306e04') -define(`NCP_IOC_GETMOUNTUID', `0x40026e02') -define(`NCP_IOC_GETMOUNTUID2', `0x40086e02') -define(`NCP_IOC_GETOBJECTNAME', `0xc0186e09') -define(`NCP_IOC_GETPRIVATEDATA', `0xc0106e0a') -define(`NCP_IOC_GETROOT', `0x400c6e08') -define(`NCP_IOC_LOCKUNLOCK', `0x80146e07') -define(`NCP_IOC_NCPREQUEST', `0x80106e01') -define(`NCP_IOC_SETCHARSETS', `0x802a6e0b') -define(`NCP_IOC_SETDENTRYTTL', `0x80046e0c') -define(`NCP_IOC_SETOBJECTNAME', `0x80186e09') -define(`NCP_IOC_SETPRIVATEDATA', `0x80106e0a') -define(`NCP_IOC_SETROOT', `0x800c6e08') -define(`NCP_IOC_SET_SIGN_WANTED', `0x40046e06') -define(`NCP_IOC_SIGN_INIT', `0x80186e05') -define(`NCP_IOC_SIGN_WANTED', `0x80046e06') -define(`NET_ADD_IF', `0xc0066f34') -define(`NET_GET_IF', `0xc0066f36') -define(`NET_REMOVE_IF', `0x00006f35') -define(`NILFS_IOCTL_CHANGE_CPMODE', `0x40106e80') -define(`NILFS_IOCTL_CLEAN_SEGMENTS', `0x40786e88') -define(`NILFS_IOCTL_DELETE_CHECKPOINT', `0x40086e81') -define(`NILFS_IOCTL_GET_BDESCS', `0xc0186e87') -define(`NILFS_IOCTL_GET_CPINFO', `0x80186e82') -define(`NILFS_IOCTL_GET_CPSTAT', `0x80186e83') -define(`NILFS_IOCTL_GET_SUINFO', `0x80186e84') -define(`NILFS_IOCTL_GET_SUSTAT', `0x80306e85') -define(`NILFS_IOCTL_GET_VINFO', `0xc0186e86') -define(`NILFS_IOCTL_RESIZE', `0x40086e8b') -define(`NILFS_IOCTL_SET_ALLOC_RANGE', `0x40106e8c') -define(`NILFS_IOCTL_SET_SUINFO', `0x40186e8d') -define(`NILFS_IOCTL_SYNC', `0x80086e8a') -define(`NS_ADJBUFLEV', `0x00006163') -define(`NS_GETPSTAT', `0xc0106161') -define(`NS_SETBUFLEV', `0x40106162') -define(`NVME_IOCTL_ADMIN_CMD', `0xc0484e41') -define(`NVME_IOCTL_ID', `0x00004e40') -define(`NVME_IOCTL_IO_CMD', `0xc0484e43') -define(`NVME_IOCTL_SUBMIT_IO', `0x40304e42') -define(`NVRAM_INIT', `0x00007040') -define(`NVRAM_SETCKS', `0x00007041') -define(`OLD_PHONE_RING_START', `0x00007187') -define(`OMAPFB_CTRL_TEST', `0x40044f2e') -define(`OMAPFB_GET_CAPS', `0x800c4f2a') -define(`OMAPFB_GET_COLOR_KEY', `0x40104f33') -define(`OMAPFB_GET_DISPLAY_INFO', `0x80204f3f') -define(`OMAPFB_GET_OVERLAY_COLORMODE', `0x803c4f3b') -define(`OMAPFB_GET_UPDATE_MODE', `0x40044f2b') -define(`OMAPFB_GET_VRAM_INFO', `0x80204f3d') -define(`OMAPFB_LCD_TEST', `0x40044f2d') -define(`OMAPFB_MEMORY_READ', `0x80184f3a') -define(`OMAPFB_MIRROR', `0x40044f1f') -define(`OMAPFB_QUERY_MEM', `0x40084f38') -define(`OMAPFB_QUERY_PLANE', `0x40444f35') -define(`OMAPFB_SET_COLOR_KEY', `0x40104f32') -define(`OMAPFB_SET_TEARSYNC', `0x40084f3e') -define(`OMAPFB_SET_UPDATE_MODE', `0x40044f28') -define(`OMAPFB_SETUP_MEM', `0x40084f37') -define(`OMAPFB_SETUP_PLANE', `0x40444f34') -define(`OMAPFB_SYNC_GFX', `0x00004f25') -define(`OMAPFB_UPDATE_WINDOW', `0x40444f36') -define(`OMAPFB_UPDATE_WINDOW_OLD', `0x40144f2f') -define(`OMAPFB_VSYNC', `0x00004f26') -define(`OMAPFB_WAITFORGO', `0x00004f3c') -define(`OMAPFB_WAITFORVSYNC', `0x00004f39') -define(`OSD_GET_CAPABILITY', `0x80106fa1') -define(`OSD_SEND_CMD', `0x40206fa0') -define(`OSIOCGNETADDR', `0x800489e1') -define(`OSIOCSNETADDR', `0x400489e0') -define(`OSS_GETVERSION', `0x80044d76') -define(`OTPGETREGIONCOUNT', `0x40044d0e') -define(`OTPGETREGIONINFO', `0x400c4d0f') -define(`OTPLOCK', `0x800c4d10') -define(`OTPSELECT', `0x80044d0d') -define(`PACKET_CTRL_CMD', `0xc0185801') -define(`PERF_EVENT_IOC_DISABLE', `0x00002401') -define(`PERF_EVENT_IOC_ENABLE', `0x00002400') -define(`PERF_EVENT_IOC_ID', `0x80082407') -define(`PERF_EVENT_IOC_PERIOD', `0x40082404') -define(`PERF_EVENT_IOC_REFRESH', `0x00002402') -define(`PERF_EVENT_IOC_RESET', `0x00002403') -define(`PERF_EVENT_IOC_SET_FILTER', `0x40082406') -define(`PERF_EVENT_IOC_SET_OUTPUT', `0x00002405') -define(`PHN_GET_REG', `0xc0087000') -define(`PHN_GETREG', `0xc0087005') -define(`PHN_GET_REGS', `0xc0087002') -define(`PHN_GETREGS', `0xc0287007') -define(`PHN_NOT_OH', `0x00007004') -define(`PHN_SET_REG', `0x40087001') -define(`PHN_SETREG', `0x40087006') -define(`PHN_SET_REGS', `0x40087003') -define(`PHN_SETREGS', `0x40287008') -define(`PHONE_BUSY', `0x000071a1') -define(`PHONE_CAPABILITIES', `0x00007180') -define(`PHONE_CAPABILITIES_CHECK', `0x40087182') -define(`PHONE_CAPABILITIES_LIST', `0x80087181') -define(`PHONE_CPT_STOP', `0x000071a4') -define(`PHONE_DIALTONE', `0x000071a3') -define(`PHONE_DTMF_OOB', `0x40047199') -define(`PHONE_DTMF_READY', `0x80047196') -define(`PHONE_EXCEPTION', `0x8004719a') -define(`PHONE_FRAME', `0x4004718d') -define(`PHONE_GET_DTMF', `0x80047197') -define(`PHONE_GET_DTMF_ASCII', `0x80047198') -define(`PHONE_GET_TONE_OFF_TIME', `0x0000719f') -define(`PHONE_GET_TONE_ON_TIME', `0x0000719e') -define(`PHONE_GET_TONE_STATE', `0x000071a0') -define(`PHONE_HOOKSTATE', `0x00007184') -define(`PHONE_MAXRINGS', `0x40017185') -define(`PHONE_PLAY_CODEC', `0x40047190') -define(`PHONE_PLAY_DEPTH', `0x40047193') -define(`PHONE_PLAY_LEVEL', `0x00007195') -define(`PHONE_PLAY_START', `0x00007191') -define(`PHONE_PLAY_STOP', `0x00007192') -define(`PHONE_PLAY_TONE', `0x4001719b') -define(`PHONE_PLAY_VOLUME', `0x40047194') -define(`PHONE_PLAY_VOLUME_LINEAR', `0x400471dc') -define(`PHONE_PSTN_GET_STATE', `0x000071a5') -define(`PHONE_PSTN_LINETEST', `0x000071a8') -define(`PHONE_PSTN_SET_STATE', `0x400471a4') -define(`PHONE_QUERY_CODEC', `0xc00871a7') -define(`PHONE_REC_CODEC', `0x40047189') -define(`PHONE_REC_DEPTH', `0x4004718c') -define(`PHONE_REC_LEVEL', `0x0000718f') -define(`PHONE_REC_START', `0x0000718a') -define(`PHONE_REC_STOP', `0x0000718b') -define(`PHONE_REC_VOLUME', `0x4004718e') -define(`PHONE_REC_VOLUME_LINEAR', `0x400471db') -define(`PHONE_RING', `0x00007183') -define(`PHONE_RINGBACK', `0x000071a2') -define(`PHONE_RING_CADENCE', `0x40027186') -define(`PHONE_RING_START', `0x40087187') -define(`PHONE_RING_STOP', `0x00007188') -define(`PHONE_SET_TONE_OFF_TIME', `0x4004719d') -define(`PHONE_SET_TONE_ON_TIME', `0x4004719c') -define(`PHONE_VAD', `0x400471a9') -define(`PHONE_WINK', `0x400471aa') -define(`PHONE_WINK_DURATION', `0x400471a6') -define(`PIO_CMAP', `0x00004b71') -define(`PIO_FONT', `0x00004b61') -define(`PIO_FONTRESET', `0x00004b6d') -define(`PIO_FONTX', `0x00004b6c') -define(`PIO_SCRNMAP', `0x00004b41') -define(`PIO_UNIMAP', `0x00004b67') -define(`PIO_UNIMAPCLR', `0x00004b68') -define(`PIO_UNISCRNMAP', `0x00004b6a') -define(`PMU_IOC_CAN_SLEEP', `0x80084205') -define(`PMU_IOC_GET_BACKLIGHT', `0x80084201') -define(`PMU_IOC_GET_MODEL', `0x80084203') -define(`PMU_IOC_GRAB_BACKLIGHT', `0x80084206') -define(`PMU_IOC_HAS_ADB', `0x80084204') -define(`PMU_IOC_SET_BACKLIGHT', `0x40084202') -define(`PMU_IOC_SLEEP', `0x00004200') -define(`PPCLAIM', `0x0000708b') -define(`PPCLRIRQ', `0x80047093') -define(`PPDATADIR', `0x40047090') -define(`PPEXCL', `0x0000708f') -define(`PPFCONTROL', `0x4002708e') -define(`PPGETFLAGS', `0x8004709a') -define(`PPGETMODE', `0x80047098') -define(`PPGETMODES', `0x80047097') -define(`PPGETPHASE', `0x80047099') -define(`PPGETTIME', `0x80107095') -define(`PPNEGOT', `0x40047091') -define(`PPPIOCATTACH', `0x743d') -define(`PPPIOCATTCHAN', `0x7438') -define(`PPPIOCBUNDLE', `0x7481') -define(`PPPIOCCONNECT', `0x743a') -define(`PPPIOCDETACH', `0x743c') -define(`PPPIOCDISCONN', `0x7439') -define(`PPPIOCGASYNCMAP', `0x7458') -define(`PPPIOCGCALLINFO', `0x7480') -define(`PPPIOCGCHAN', `0x7437') -define(`PPPIOCGCOMPRESSORS', `0x7486') -define(`PPPIOCGDEBUG', `0x7441') -define(`PPPIOCGFLAGS', `0x745a') -define(`PPPIOCGIDLE', `0x743f') -define(`PPPIOCGIFNAME', `0x7488') -define(`PPPIOCGL2TPSTATS', `0x7436') -define(`PPPIOCGMPFLAGS', `0x7482') -define(`PPPIOCGMRU', `0x7453') -define(`PPPIOCGNPMODE', `0x744c') -define(`PPPIOCGRASYNCMAP', `0x7455') -define(`PPPIOCGUNIT', `0x7456') -define(`PPPIOCGXASYNCMAP', `0x7450') -define(`PPPIOCNEWUNIT', `0x743e') -define(`PPPIOCSACTIVE', `0x7446') -define(`PPPIOCSASYNCMAP', `0x7457') -define(`PPPIOCSCOMPRESS', `0x744d') -define(`PPPIOCSCOMPRESSOR', `0x7487') -define(`PPPIOCSDEBUG', `0x7440') -define(`PPPIOCSFLAGS', `0x7459') -define(`PPPIOCSMAXCID', `0x7451') -define(`PPPIOCSMPFLAGS', `0x7483') -define(`PPPIOCSMPMRU', `0x7485') -define(`PPPIOCSMPMTU', `0x7484') -define(`PPPIOCSMRRU', `0x743b') -define(`PPPIOCSMRU', `0x7452') -define(`PPPIOCSNPMODE', `0x744b') -define(`PPPIOCSPASS', `0x7447') -define(`PPPIOCSRASYNCMAP', `0x7454') -define(`PPPIOCSXASYNCMAP', `0x744f') -define(`PPPIOCXFERUNIT', `0x744e') -define(`PPPOEIOCDFWD', `0x0000b101') -define(`PPPOEIOCSFWD', `0x4008b100') -define(`PPRCONTROL', `0x80017083') -define(`PPRDATA', `0x80017085') -define(`PPRELEASE', `0x0000708c') -define(`PPRSTATUS', `0x80017081') -define(`PPSETFLAGS', `0x4004709b') -define(`PPSETMODE', `0x40047080') -define(`PPSETPHASE', `0x40047094') -define(`PPSETTIME', `0x40107096') -define(`PPS_FETCH', `0xc00870a4') -define(`PPS_GETCAP', `0x800870a3') -define(`PPS_GETPARAMS', `0x800870a1') -define(`PPS_KC_BIND', `0x400870a5') -define(`PPS_SETPARAMS', `0x400870a2') -define(`PPWCONTROL', `0x40017084') -define(`PPWCTLONIRQ', `0x40017092') -define(`PPWDATA', `0x40017086') -define(`PPYIELD', `0x0000708d') -define(`PROTECT_ARRAY', `0x00000927') -define(`PTP_CLOCK_GETCAPS', `0x80503d01') -define(`PTP_ENABLE_PPS', `0x40043d04') -define(`PTP_EXTTS_REQUEST', `0x40103d02') -define(`PTP_PEROUT_REQUEST', `0x40383d03') -define(`PTP_PIN_GETFUNC', `0xc0603d06') -define(`PTP_PIN_SETFUNC', `0x40603d07') -define(`PTP_SYS_OFFSET', `0x43403d05') -define(`RAID_AUTORUN', `0x00000914') -define(`RAID_VERSION', `0x800c0910') -define(`RAW_GETBIND', `0x0000ac01') -define(`RAW_SETBIND', `0x0000ac00') -define(`REISERFS_IOC_UNPACK', `0x4008cd01') -define(`RESTART_ARRAY_RW', `0x00000934') -define(`RFCOMMCREATEDEV', `0x400452c8') -define(`RFCOMMGETDEVINFO', `0x800452d3') -define(`RFCOMMGETDEVLIST', `0x800452d2') -define(`RFCOMMRELEASEDEV', `0x400452c9') -define(`RFCOMMSTEALDLC', `0x400452dc') -define(`RFKILL_IOCTL_NOINPUT', `0x00005201') -define(`RNDADDENTROPY', `0x40085203') -define(`RNDADDTOENTCNT', `0x40045201') -define(`RNDCLEARPOOL', `0x00005206') -define(`RNDGETENTCNT', `0x80045200') -define(`RNDGETPOOL', `0x80085202') -define(`RNDZAPENTCNT', `0x00005204') -define(`ROCCATIOCGREPSIZE', `0x800448f1') -define(`RTC_AIE_OFF', `0x00007002') -define(`RTC_AIE_ON', `0x00007001') -define(`RTC_ALM_READ', `0x80247008') -define(`RTC_ALM_SET', `0x40247007') -define(`RTC_EPOCH_READ', `0x8008700d') -define(`RTC_EPOCH_SET', `0x4008700e') -define(`RTC_IRQP_READ', `0x8008700b') -define(`RTC_IRQP_SET', `0x4008700c') -define(`RTC_PIE_OFF', `0x00007006') -define(`RTC_PIE_ON', `0x00007005') -define(`RTC_PLL_GET', `0x80207011') -define(`RTC_PLL_SET', `0x40207012') -define(`RTC_RD_TIME', `0x80247009') -define(`RTC_SET_TIME', `0x4024700a') -define(`RTC_UIE_OFF', `0x00007004') -define(`RTC_UIE_ON', `0x00007003') -define(`RTC_VL_CLR', `0x00007014') -define(`RTC_VL_READ', `0x80047013') -define(`RTC_WIE_OFF', `0x00007010') -define(`RTC_WIE_ON', `0x0000700f') -define(`RTC_WKALM_RD', `0x80287010') -define(`RTC_WKALM_SET', `0x4028700f') -define(`RUN_ARRAY', `0x400c0930') -define(`S5P_FIMC_TX_END_NOTIFY', `0x00006500') -define(`SAA6588_CMD_CLOSE', `0x40045202') -define(`SAA6588_CMD_POLL', `0x80045204') -define(`SAA6588_CMD_READ', `0x80045203') -define(`SCSI_IOCTL_DOORLOCK', `0x00005380') -define(`SCSI_IOCTL_DOORUNLOCK', `0x00005381') -define(`SCSI_IOCTL_GET_BUS_NUMBER', `0x00005386') -define(`SCSI_IOCTL_GET_IDLUN', `0x00005382') -define(`SCSI_IOCTL_GET_PCI', `0x00005387') -define(`SCSI_IOCTL_PROBE_HOST', `0x00005385') -define(`SET_ARRAY_INFO', `0x40480923') -define(`SET_BITMAP_FILE', `0x4004092b') -define(`SET_DISK_FAULTY', `0x00000929') -define(`SET_DISK_INFO', `0x00000924') -define(`SG_EMULATED_HOST', `0x00002203') -define(`SG_GET_ACCESS_COUNT', `0x00002289') -define(`SG_GET_COMMAND_Q', `0x00002270') -define(`SG_GET_KEEP_ORPHAN', `0x00002288') -define(`SG_GET_LOW_DMA', `0x0000227a') -define(`SG_GET_NUM_WAITING', `0x0000227d') -define(`SG_GET_PACK_ID', `0x0000227c') -define(`SG_GET_REQUEST_TABLE', `0x00002286') -define(`SG_GET_RESERVED_SIZE', `0x00002272') -define(`SG_GET_SCSI_ID', `0x00002276') -define(`SG_GET_SG_TABLESIZE', `0x0000227f') -define(`SG_GET_TIMEOUT', `0x00002202') -define(`SG_GET_TRANSFORM', `0x00002205') -define(`SG_GET_VERSION_NUM', `0x00002282') -define(`SG_IO', `0x00002285') -define(`SG_NEXT_CMD_LEN', `0x00002283') -define(`SG_SCSI_RESET', `0x00002284') -define(`SG_SET_COMMAND_Q', `0x00002271') -define(`SG_SET_DEBUG', `0x0000227e') -define(`SG_SET_FORCE_LOW_DMA', `0x00002279') -define(`SG_SET_FORCE_PACK_ID', `0x0000227b') -define(`SG_SET_KEEP_ORPHAN', `0x00002287') -define(`SG_SET_RESERVED_SIZE', `0x00002275') -define(`SG_SET_TIMEOUT', `0x00002201') -define(`SG_SET_TRANSFORM', `0x00002204') -define(`SI4713_IOC_MEASURE_RNL', `0xc01c56c0') -define(`SIOCADDDLCI', `0x00008980') -define(`SIOCADDMULTI', `0x00008931') -define(`SIOCADDRT', `0x0000890b') -define(`SIOCATMARK', `0x00008905') -define(`SIOCBONDCHANGEACTIVE', `0x00008995') -define(`SIOCBONDENSLAVE', `0x00008990') -define(`SIOCBONDINFOQUERY', `0x00008994') -define(`SIOCBONDRELEASE', `0x00008991') -define(`SIOCBONDSETHWADDR', `0x00008992') -define(`SIOCBONDSLAVEINFOQUERY', `0x00008993') -define(`SIOCBRADDBR', `0x000089a0') -define(`SIOCBRADDIF', `0x000089a2') -define(`SIOCBRDELBR', `0x000089a1') -define(`SIOCBRDELIF', `0x000089a3') -define(`SIOCDARP', `0x00008953') -define(`SIOCDELDLCI', `0x00008981') -define(`SIOCDELMULTI', `0x00008932') -define(`SIOCDELRT', `0x0000890c') -define(`SIOCDEVPRIVATE', `0x000089f0') -define(`SIOCDEVPRIVATE_1', `0x000089f1') -define(`SIOCDEVPRIVATE_2', `0x000089f2') -define(`SIOCDEVPRIVATE_3', `0x000089f3') -define(`SIOCDEVPRIVATE_4', `0x000089f4') -define(`SIOCDEVPRIVATE_5', `0x000089f5') -define(`SIOCDEVPRIVATE_6', `0x000089f6') -define(`SIOCDEVPRIVATE_7', `0x000089f7') -define(`SIOCDEVPRIVATE_8', `0x000089f8') -define(`SIOCDEVPRIVATE_9', `0x000089f9') -define(`SIOCDEVPRIVATE_A', `0x000089fa') -define(`SIOCDEVPRIVATE_B', `0x000089fb') -define(`SIOCDEVPRIVATE_C', `0x000089fc') -define(`SIOCDEVPRIVATE_D', `0x000089fd') -define(`SIOCDEVPRIVATE_E', `0x000089fe') -define(`SIOCDEVPRIVLAST', `0x000089ff') -define(`SIOCDIFADDR', `0x00008936') -define(`SIOCDRARP', `0x00008960') -define(`SIOCETHTOOL', `0x00008946') -define(`SIOCGARP', `0x00008954') -define(`SIOCGHWTSTAMP', `0x000089b1') -define(`SIOCGIFADDR', `0x00008915') -define(`SIOCGIFBR', `0x00008940') -define(`SIOCGIFBRDADDR', `0x00008919') -define(`SIOCGIFCONF', `0x00008912') -define(`SIOCGIFCOUNT', `0x00008938') -define(`SIOCGIFDSTADDR', `0x00008917') -define(`SIOCGIFENCAP', `0x00008925') -define(`SIOCGIFFLAGS', `0x00008913') -define(`SIOCGIFHWADDR', `0x00008927') -define(`SIOCGIFINDEX', `0x00008933') -define(`SIOCGIFMAP', `0x00008970') -define(`SIOCGIFMEM', `0x0000891f') -define(`SIOCGIFMETRIC', `0x0000891d') -define(`SIOCGIFMTU', `0x00008921') -define(`SIOCGIFNAME', `0x00008910') -define(`SIOCGIFNETMASK', `0x0000891b') -define(`SIOCGIFPFLAGS', `0x00008935') -define(`SIOCGIFSLAVE', `0x00008929') -define(`SIOCGIFTXQLEN', `0x00008942') -define(`SIOCGIFVLAN', `0x00008982') -define(`SIOCGIWAP', `0x00008b15') -define(`SIOCGIWAPLIST', `0x00008b17') -define(`SIOCGIWAUTH', `0x00008b33') -define(`SIOCGIWENCODE', `0x00008b2b') -define(`SIOCGIWENCODEEXT', `0x00008b35') -define(`SIOCGIWESSID', `0x00008b1b') -define(`SIOCGIWFRAG', `0x00008b25') -define(`SIOCGIWFREQ', `0x00008b05') -define(`SIOCGIWGENIE', `0x00008b31') -define(`SIOCGIWMODE', `0x00008b07') -define(`SIOCGIWNAME', `0x00008b01') -define(`SIOCGIWNICKN', `0x00008b1d') -define(`SIOCGIWNWID', `0x00008b03') -define(`SIOCGIWPOWER', `0x00008b2d') -define(`SIOCGIWPRIV', `0x00008b0d') -define(`SIOCGIWRANGE', `0x00008b0b') -define(`SIOCGIWRATE', `0x00008b21') -define(`SIOCGIWRETRY', `0x00008b29') -define(`SIOCGIWRTS', `0x00008b23') -define(`SIOCGIWSCAN', `0x00008b19') -define(`SIOCGIWSENS', `0x00008b09') -define(`SIOCGIWSPY', `0x00008b11') -define(`SIOCGIWSTATS', `0x00008b0f') -define(`SIOCGIWTHRSPY', `0x00008b13') -define(`SIOCGIWTXPOW', `0x00008b27') -define(`SIOCGMIIPHY', `0x00008947') -define(`SIOCGMIIREG', `0x00008948') -define(`SIOCGNETADDR', `0x800489e1') -define(`SIOCGPGRP', `0x00008904') -define(`SIOCGRARP', `0x00008961') -define(`SIOCGSTAMP', `0x00008906') -define(`SIOCGSTAMPNS', `0x00008907') -define(`SIOCIWFIRST', `0x00008b00') -define(`SIOCIWFIRSTPRIV_01', `0x00008be1') -define(`SIOCIWFIRSTPRIV_02', `0x00008be2') -define(`SIOCIWFIRSTPRIV_03', `0x00008be3') -define(`SIOCIWFIRSTPRIV_04', `0x00008be4') -define(`SIOCIWFIRSTPRIV_05', `0x00008be5') -define(`SIOCIWFIRSTPRIV_06', `0x00008be6') -define(`SIOCIWFIRSTPRIV_07', `0x00008be7') -define(`SIOCIWFIRSTPRIV_08', `0x00008be8') -define(`SIOCIWFIRSTPRIV_09', `0x00008be9') -define(`SIOCIWFIRSTPRIV_0A', `0x00008bea') -define(`SIOCIWFIRSTPRIV_0B', `0x00008beb') -define(`SIOCIWFIRSTPRIV_0C', `0x00008bec') -define(`SIOCIWFIRSTPRIV_0D', `0x00008bed') -define(`SIOCIWFIRSTPRIV_0E', `0x00008bee') -define(`SIOCIWFIRSTPRIV_0F', `0x00008bef') -define(`SIOCIWFIRSTPRIV', `0x00008be0') -define(`SIOCIWFIRSTPRIV_10', `0x00008bf0') -define(`SIOCIWFIRSTPRIV_11', `0x00008bf1') -define(`SIOCIWFIRSTPRIV_12', `0x00008bf2') -define(`SIOCIWFIRSTPRIV_13', `0x00008bf3') -define(`SIOCIWFIRSTPRIV_14', `0x00008bf4') -define(`SIOCIWFIRSTPRIV_15', `0x00008bf5') -define(`SIOCIWFIRSTPRIV_16', `0x00008bf6') -define(`SIOCIWFIRSTPRIV_17', `0x00008bf7') -define(`SIOCIWFIRSTPRIV_18', `0x00008bf8') -define(`SIOCIWFIRSTPRIV_19', `0x00008bf9') -define(`SIOCIWFIRSTPRIV_1A', `0x00008bfa') -define(`SIOCIWFIRSTPRIV_1B', `0x00008bfb') -define(`SIOCIWFIRSTPRIV_1C', `0x00008bfc') -define(`SIOCIWFIRSTPRIV_1D', `0x00008bfd') -define(`SIOCIWFIRSTPRIV_1E', `0x00008bfe') -define(`SIOCIWLASTPRIV', `0x00008bff') -define(`SIOCKILLADDR', `0x00008939') -define(`SIOCMKCLIP', `0x000061e0') -define(`SIOCOUTQNSD', `0x0000894b') -define(`SIOCPROTOPRIVATE', `0x000089e0') -define(`SIOCPROTOPRIVATE_1', `0x000089e1') -define(`SIOCPROTOPRIVATE_2', `0x000089e2') -define(`SIOCPROTOPRIVATE_3', `0x000089e3') -define(`SIOCPROTOPRIVATE_4', `0x000089e4') -define(`SIOCPROTOPRIVATE_5', `0x000089e5') -define(`SIOCPROTOPRIVATE_6', `0x000089e6') -define(`SIOCPROTOPRIVATE_7', `0x000089e7') -define(`SIOCPROTOPRIVATE_8', `0x000089e8') -define(`SIOCPROTOPRIVATE_9', `0x000089e9') -define(`SIOCPROTOPRIVATE_A', `0x000089ea') -define(`SIOCPROTOPRIVATE_B', `0x000089eb') -define(`SIOCPROTOPRIVATE_C', `0x000089ec') -define(`SIOCPROTOPRIVATE_D', `0x000089ed') -define(`SIOCPROTOPRIVATE_E', `0x000089ee') -define(`SIOCPROTOPRIVLAST', `0x000089ef') -define(`SIOCRTMSG', `0x0000890d') -define(`SIOCSARP', `0x00008955') -define(`SIOCSHWTSTAMP', `0x000089b0') -define(`SIOCSIFADDR', `0x00008916') -define(`SIOCSIFATMTCP', `0x00006180') -define(`SIOCSIFBR', `0x00008941') -define(`SIOCSIFBRDADDR', `0x0000891a') -define(`SIOCSIFDSTADDR', `0x00008918') -define(`SIOCSIFENCAP', `0x00008926') -define(`SIOCSIFFLAGS', `0x00008914') -define(`SIOCSIFHWADDR', `0x00008924') -define(`SIOCSIFHWBROADCAST', `0x00008937') -define(`SIOCSIFLINK', `0x00008911') -define(`SIOCSIFMAP', `0x00008971') -define(`SIOCSIFMEM', `0x00008920') -define(`SIOCSIFMETRIC', `0x0000891e') -define(`SIOCSIFMTU', `0x00008922') -define(`SIOCSIFNAME', `0x00008923') -define(`SIOCSIFNETMASK', `0x0000891c') -define(`SIOCSIFPFLAGS', `0x00008934') -define(`SIOCSIFSLAVE', `0x00008930') -define(`SIOCSIFTXQLEN', `0x00008943') -define(`SIOCSIFVLAN', `0x00008983') -define(`SIOCSIWAP', `0x00008b14') -define(`SIOCSIWAUTH', `0x00008b32') -define(`SIOCSIWCOMMIT', `0x00008b00') -define(`SIOCSIWENCODE', `0x00008b2a') -define(`SIOCSIWENCODEEXT', `0x00008b34') -define(`SIOCSIWESSID', `0x00008b1a') -define(`SIOCSIWFRAG', `0x00008b24') -define(`SIOCSIWFREQ', `0x00008b04') -define(`SIOCSIWGENIE', `0x00008b30') -define(`SIOCSIWMLME', `0x00008b16') -define(`SIOCSIWMODE', `0x00008b06') -define(`SIOCSIWNICKN', `0x00008b1c') -define(`SIOCSIWNWID', `0x00008b02') -define(`SIOCSIWPMKSA', `0x00008b36') -define(`SIOCSIWPOWER', `0x00008b2c') -define(`SIOCSIWPRIV', `0x00008b0c') -define(`SIOCSIWRANGE', `0x00008b0a') -define(`SIOCSIWRATE', `0x00008b20') -define(`SIOCSIWRETRY', `0x00008b28') -define(`SIOCSIWRTS', `0x00008b22') -define(`SIOCSIWSCAN', `0x00008b18') -define(`SIOCSIWSENS', `0x00008b08') -define(`SIOCSIWSPY', `0x00008b10') -define(`SIOCSIWSTATS', `0x00008b0e') -define(`SIOCSIWTHRSPY', `0x00008b12') -define(`SIOCSIWTXPOW', `0x00008b26') -define(`SIOCSMIIREG', `0x00008949') -define(`SIOCSNETADDR', `0x400489e0') -define(`SIOCSPGRP', `0x00008902') -define(`SIOCSRARP', `0x00008962') -define(`SIOCWANDEV', `0x0000894a') -define(`SISFB_COMMAND', `0xc054f305') -define(`SISFB_GET_AUTOMAXIMIZE', `0x8004f303') -define(`SISFB_GET_AUTOMAXIMIZE_OLD', `0x80046efa') -define(`SISFB_GET_INFO', `0x811cf301') -define(`SISFB_GET_INFO_OLD', `0x80046ef8') -define(`SISFB_GET_INFO_SIZE', `0x8004f300') -define(`SISFB_GET_TVPOSOFFSET', `0x8004f304') -define(`SISFB_GET_VBRSTATUS', `0x8004f302') -define(`SISFB_GET_VBRSTATUS_OLD', `0x80046ef9') -define(`SISFB_SET_AUTOMAXIMIZE', `0x4004f303') -define(`SISFB_SET_AUTOMAXIMIZE_OLD', `0x40046efa') -define(`SISFB_SET_LOCK', `0x4004f306') -define(`SISFB_SET_TVPOSOFFSET', `0x4004f304') -define(`SNAPSHOT_ALLOC_SWAP_PAGE', `0x80083314') -define(`SNAPSHOT_ATOMIC_RESTORE', `0x00003304') -define(`SNAPSHOT_AVAIL_SWAP_SIZE', `0x80083313') -define(`SNAPSHOT_CREATE_IMAGE', `0x40043311') -define(`SNAPSHOT_FREE', `0x00003305') -define(`SNAPSHOT_FREE_SWAP_PAGES', `0x00003309') -define(`SNAPSHOT_FREEZE', `0x00003301') -define(`SNAPSHOT_GET_IMAGE_SIZE', `0x8008330e') -define(`SNAPSHOT_PLATFORM_SUPPORT', `0x0000330f') -define(`SNAPSHOT_POWER_OFF', `0x00003310') -define(`SNAPSHOT_PREF_IMAGE_SIZE', `0x00003312') -define(`SNAPSHOT_S2RAM', `0x0000330b') -define(`SNAPSHOT_SET_SWAP_AREA', `0x400c330d') -define(`SNAPSHOT_UNFREEZE', `0x00003302') -define(`SNDCTL_COPR_HALT', `0xc0144307') -define(`SNDCTL_COPR_LOAD', `0xcfb04301') -define(`SNDCTL_COPR_RCODE', `0xc0144303') -define(`SNDCTL_COPR_RCVMSG', `0x8fa44309') -define(`SNDCTL_COPR_RDATA', `0xc0144302') -define(`SNDCTL_COPR_RESET', `0x00004300') -define(`SNDCTL_COPR_RUN', `0xc0144306') -define(`SNDCTL_COPR_SENDMSG', `0xcfa44308') -define(`SNDCTL_COPR_WCODE', `0x40144305') -define(`SNDCTL_COPR_WDATA', `0x40144304') -define(`SNDCTL_DSP_BIND_CHANNEL', `0xc0045041') -define(`SNDCTL_DSP_CHANNELS', `0xc0045006') -define(`SNDCTL_DSP_GETBLKSIZE', `0xc0045004') -define(`SNDCTL_DSP_GETCAPS', `0x8004500f') -define(`SNDCTL_DSP_GETCHANNELMASK', `0xc0045040') -define(`SNDCTL_DSP_GETFMTS', `0x8004500b') -define(`SNDCTL_DSP_GETIPTR', `0x800c5011') -define(`SNDCTL_DSP_GETISPACE', `0x8010500d') -define(`SNDCTL_DSP_GETODELAY', `0x80045017') -define(`SNDCTL_DSP_GETOPTR', `0x800c5012') -define(`SNDCTL_DSP_GETOSPACE', `0x8010500c') -define(`SNDCTL_DSP_GETSPDIF', `0x80045043') -define(`SNDCTL_DSP_GETTRIGGER', `0x80045010') -define(`SNDCTL_DSP_MAPINBUF', `0x80105013') -define(`SNDCTL_DSP_MAPOUTBUF', `0x80105014') -define(`SNDCTL_DSP_NONBLOCK', `0x0000500e') -define(`SNDCTL_DSP_POST', `0x00005008') -define(`SNDCTL_DSP_PROFILE', `0x40045017') -define(`SNDCTL_DSP_RESET', `0x00005000') -define(`SNDCTL_DSP_SETDUPLEX', `0x00005016') -define(`SNDCTL_DSP_SETFMT', `0xc0045005') -define(`SNDCTL_DSP_SETFRAGMENT', `0xc004500a') -define(`SNDCTL_DSP_SETSPDIF', `0x40045042') -define(`SNDCTL_DSP_SETSYNCRO', `0x00005015') -define(`SNDCTL_DSP_SETTRIGGER', `0x40045010') -define(`SNDCTL_DSP_SPEED', `0xc0045002') -define(`SNDCTL_DSP_STEREO', `0xc0045003') -define(`SNDCTL_DSP_SUBDIVIDE', `0xc0045009') -define(`SNDCTL_DSP_SYNC', `0x00005001') -define(`SNDCTL_FM_4OP_ENABLE', `0x4004510f') -define(`SNDCTL_FM_LOAD_INSTR', `0x40285107') -define(`SNDCTL_MIDI_INFO', `0xc074510c') -define(`SNDCTL_MIDI_MPUCMD', `0xc0216d02') -define(`SNDCTL_MIDI_MPUMODE', `0xc0046d01') -define(`SNDCTL_MIDI_PRETIME', `0xc0046d00') -define(`SNDCTL_SEQ_CTRLRATE', `0xc0045103') -define(`SNDCTL_SEQ_GETINCOUNT', `0x80045105') -define(`SNDCTL_SEQ_GETOUTCOUNT', `0x80045104') -define(`SNDCTL_SEQ_GETTIME', `0x80045113') -define(`SNDCTL_SEQ_NRMIDIS', `0x8004510b') -define(`SNDCTL_SEQ_NRSYNTHS', `0x8004510a') -define(`SNDCTL_SEQ_OUTOFBAND', `0x40085112') -define(`SNDCTL_SEQ_PANIC', `0x00005111') -define(`SNDCTL_SEQ_PERCMODE', `0x40045106') -define(`SNDCTL_SEQ_RESET', `0x00005100') -define(`SNDCTL_SEQ_RESETSAMPLES', `0x40045109') -define(`SNDCTL_SEQ_SYNC', `0x00005101') -define(`SNDCTL_SEQ_TESTMIDI', `0x40045108') -define(`SNDCTL_SEQ_THRESHOLD', `0x4004510d') -define(`SNDCTL_SYNTH_CONTROL', `0xcfa45115') -define(`SNDCTL_SYNTH_ID', `0xc08c5114') -define(`SNDCTL_SYNTH_INFO', `0xc08c5102') -define(`SNDCTL_SYNTH_MEMAVL', `0xc004510e') -define(`SNDCTL_SYNTH_REMOVESAMPLE', `0xc00c5116') -define(`SNDCTL_TMR_CONTINUE', `0x00005404') -define(`SNDCTL_TMR_METRONOME', `0x40045407') -define(`SNDCTL_TMR_SELECT', `0x40045408') -define(`SNDCTL_TMR_SOURCE', `0xc0045406') -define(`SNDCTL_TMR_START', `0x00005402') -define(`SNDCTL_TMR_STOP', `0x00005403') -define(`SNDCTL_TMR_TEMPO', `0xc0045405') -define(`SNDCTL_TMR_TIMEBASE', `0xc0045401') -define(`SNDRV_COMPRESS_AVAIL', `0x801c4321') -define(`SNDRV_COMPRESS_DRAIN', `0x00004334') -define(`SNDRV_COMPRESS_GET_CAPS', `0xc0c44310') -define(`SNDRV_COMPRESS_GET_CODEC_CAPS', `0xeb884311') -define(`SNDRV_COMPRESS_GET_METADATA', `0xc0244315') -define(`SNDRV_COMPRESS_GET_PARAMS', `0x80784313') -define(`SNDRV_COMPRESS_IOCTL_VERSION', `0x80044300') -define(`SNDRV_COMPRESS_NEXT_TRACK', `0x00004335') -define(`SNDRV_COMPRESS_PARTIAL_DRAIN', `0x00004336') -define(`SNDRV_COMPRESS_PAUSE', `0x00004330') -define(`SNDRV_COMPRESS_RESUME', `0x00004331') -define(`SNDRV_COMPRESS_SET_METADATA', `0x40244314') -define(`SNDRV_COMPRESS_SET_PARAMS', `0x40844312') -define(`SNDRV_COMPRESS_START', `0x00004332') -define(`SNDRV_COMPRESS_STOP', `0x00004333') -define(`SNDRV_COMPRESS_TSTAMP', `0x80144320') -define(`SNDRV_CTL_IOCTL_CARD_INFO', `0x81785501') -define(`SNDRV_CTL_IOCTL_ELEM_ADD', `0xc1105517') -define(`SNDRV_CTL_IOCTL_ELEM_INFO', `0xc1105511') -define(`SNDRV_CTL_IOCTL_ELEM_LIST', `0xc0505510') -define(`SNDRV_CTL_IOCTL_ELEM_LOCK', `0x40405514') -define(`SNDRV_CTL_IOCTL_ELEM_READ', `0xc4c85512') -define(`SNDRV_CTL_IOCTL_ELEM_REMOVE', `0xc0405519') -define(`SNDRV_CTL_IOCTL_ELEM_REPLACE', `0xc1105518') -define(`SNDRV_CTL_IOCTL_ELEM_UNLOCK', `0x40405515') -define(`SNDRV_CTL_IOCTL_ELEM_WRITE', `0xc4c85513') -define(`SNDRV_CTL_IOCTL_HWDEP_INFO', `0x80dc5521') -define(`SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE', `0xc0045520') -define(`SNDRV_CTL_IOCTL_PCM_INFO', `0xc1205531') -define(`SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE', `0x80045530') -define(`SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE', `0x40045532') -define(`SNDRV_CTL_IOCTL_POWER', `0xc00455d0') -define(`SNDRV_CTL_IOCTL_POWER_STATE', `0x800455d1') -define(`SNDRV_CTL_IOCTL_PVERSION', `0x80045500') -define(`SNDRV_CTL_IOCTL_RAWMIDI_INFO', `0xc10c5541') -define(`SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE', `0xc0045540') -define(`SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE', `0x40045542') -define(`SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS', `0xc0045516') -define(`SNDRV_CTL_IOCTL_TLV_COMMAND', `0xc008551c') -define(`SNDRV_CTL_IOCTL_TLV_READ', `0xc008551a') -define(`SNDRV_CTL_IOCTL_TLV_WRITE', `0xc008551b') -define(`SNDRV_DM_FM_IOCTL_CLEAR_PATCHES', `0x00004840') -define(`SNDRV_DM_FM_IOCTL_INFO', `0x80024820') -define(`SNDRV_DM_FM_IOCTL_PLAY_NOTE', `0x400c4822') -define(`SNDRV_DM_FM_IOCTL_RESET', `0x00004821') -define(`SNDRV_DM_FM_IOCTL_SET_CONNECTION', `0x40044826') -define(`SNDRV_DM_FM_IOCTL_SET_MODE', `0x40044825') -define(`SNDRV_DM_FM_IOCTL_SET_PARAMS', `0x40094824') -define(`SNDRV_DM_FM_IOCTL_SET_VOICE', `0x40124823') -define(`SNDRV_EMU10K1_IOCTL_CODE_PEEK', `0xc1b04812') -define(`SNDRV_EMU10K1_IOCTL_CODE_POKE', `0x41b04811') -define(`SNDRV_EMU10K1_IOCTL_CONTINUE', `0x00004881') -define(`SNDRV_EMU10K1_IOCTL_DBG_READ', `0x80044884') -define(`SNDRV_EMU10K1_IOCTL_INFO', `0x880c4810') -define(`SNDRV_EMU10K1_IOCTL_PCM_PEEK', `0xc0484831') -define(`SNDRV_EMU10K1_IOCTL_PCM_POKE', `0x40484830') -define(`SNDRV_EMU10K1_IOCTL_PVERSION', `0x80044840') -define(`SNDRV_EMU10K1_IOCTL_SINGLE_STEP', `0x40044883') -define(`SNDRV_EMU10K1_IOCTL_STOP', `0x00004880') -define(`SNDRV_EMU10K1_IOCTL_TRAM_PEEK', `0xc0104822') -define(`SNDRV_EMU10K1_IOCTL_TRAM_POKE', `0x40104821') -define(`SNDRV_EMU10K1_IOCTL_TRAM_SETUP', `0x40044820') -define(`SNDRV_EMU10K1_IOCTL_ZERO_TRAM_COUNTER', `0x00004882') -define(`SNDRV_EMUX_IOCTL_LOAD_PATCH', `0xc0104881') -define(`SNDRV_EMUX_IOCTL_MEM_AVAIL', `0x40044884') -define(`SNDRV_EMUX_IOCTL_MISC_MODE', `0xc0104884') -define(`SNDRV_EMUX_IOCTL_REMOVE_LAST_SAMPLES', `0x00004883') -define(`SNDRV_EMUX_IOCTL_RESET_SAMPLES', `0x00004882') -define(`SNDRV_EMUX_IOCTL_VERSION', `0x80044880') -define(`SNDRV_FIREWIRE_IOCTL_GET_INFO', `0x802048f8') -define(`SNDRV_FIREWIRE_IOCTL_LOCK', `0x000048f9') -define(`SNDRV_FIREWIRE_IOCTL_UNLOCK', `0x000048fa') -define(`SNDRV_HDSP_IOCTL_GET_9632_AEB', `0x80084845') -define(`SNDRV_HDSP_IOCTL_GET_CONFIG_INFO', `0x80244841') -define(`SNDRV_HDSP_IOCTL_GET_MIXER', `0x90004844') -define(`SNDRV_HDSP_IOCTL_GET_PEAK_RMS', `0x83b04840') -define(`SNDRV_HDSP_IOCTL_GET_VERSION', `0x80084843') -define(`SNDRV_HDSP_IOCTL_UPLOAD_FIRMWARE', `0x40084842') -define(`SNDRV_HDSPM_IOCTL_GET_CONFIG', `0x80184841') -define(`SNDRV_HDSPM_IOCTL_GET_LTC', `0x80104846') -define(`SNDRV_HDSPM_IOCTL_GET_MIXER', `0x80084844') -define(`SNDRV_HDSPM_IOCTL_GET_PEAK_RMS', `0x89084842') -define(`SNDRV_HDSPM_IOCTL_GET_STATUS', `0x80204847') -define(`SNDRV_HDSPM_IOCTL_GET_VERSION', `0x80244848') -define(`SNDRV_HWDEP_IOCTL_DSP_LOAD', `0x40604803') -define(`SNDRV_HWDEP_IOCTL_DSP_STATUS', `0x80404802') -define(`SNDRV_HWDEP_IOCTL_INFO', `0x80dc4801') -define(`SNDRV_HWDEP_IOCTL_PVERSION', `0x80044800') -define(`SNDRV_PCM_IOCTL_CHANNEL_INFO', `0x80184132') -define(`SNDRV_PCM_IOCTL_DELAY', `0x80084121') -define(`SNDRV_PCM_IOCTL_DRAIN', `0x00004144') -define(`SNDRV_PCM_IOCTL_DROP', `0x00004143') -define(`SNDRV_PCM_IOCTL_FORWARD', `0x40084149') -define(`SNDRV_PCM_IOCTL_HW_FREE', `0x00004112') -define(`SNDRV_PCM_IOCTL_HW_PARAMS', `0xc2604111') -define(`SNDRV_PCM_IOCTL_HW_REFINE', `0xc2604110') -define(`SNDRV_PCM_IOCTL_HWSYNC', `0x00004122') -define(`SNDRV_PCM_IOCTL_INFO', `0x81204101') -define(`SNDRV_PCM_IOCTL_LINK', `0x40044160') -define(`SNDRV_PCM_IOCTL_PAUSE', `0x40044145') -define(`SNDRV_PCM_IOCTL_PREPARE', `0x00004140') -define(`SNDRV_PCM_IOCTL_PVERSION', `0x80044100') -define(`SNDRV_PCM_IOCTL_READI_FRAMES', `0x80184151') -define(`SNDRV_PCM_IOCTL_READN_FRAMES', `0x80184153') -define(`SNDRV_PCM_IOCTL_RESET', `0x00004141') -define(`SNDRV_PCM_IOCTL_RESUME', `0x00004147') -define(`SNDRV_PCM_IOCTL_REWIND', `0x40084146') -define(`SNDRV_PCM_IOCTL_START', `0x00004142') -define(`SNDRV_PCM_IOCTL_STATUS', `0x80984120') -define(`SNDRV_PCM_IOCTL_SW_PARAMS', `0xc0884113') -define(`SNDRV_PCM_IOCTL_SYNC_PTR', `0xc0884123') -define(`SNDRV_PCM_IOCTL_TSTAMP', `0x40044102') -define(`SNDRV_PCM_IOCTL_TTSTAMP', `0x40044103') -define(`SNDRV_PCM_IOCTL_UNLINK', `0x00004161') -define(`SNDRV_PCM_IOCTL_WRITEI_FRAMES', `0x40184150') -define(`SNDRV_PCM_IOCTL_WRITEN_FRAMES', `0x40184152') -define(`SNDRV_PCM_IOCTL_XRUN', `0x00004148') -define(`SNDRV_RAWMIDI_IOCTL_DRAIN', `0x40045731') -define(`SNDRV_RAWMIDI_IOCTL_DROP', `0x40045730') -define(`SNDRV_RAWMIDI_IOCTL_INFO', `0x810c5701') -define(`SNDRV_RAWMIDI_IOCTL_PARAMS', `0xc0305710') -define(`SNDRV_RAWMIDI_IOCTL_PVERSION', `0x80045700') -define(`SNDRV_RAWMIDI_IOCTL_STATUS', `0xc0385720') -define(`SNDRV_SB_CSP_IOCTL_INFO', `0x80284810') -define(`SNDRV_SB_CSP_IOCTL_LOAD_CODE', `0x70124811') -define(`SNDRV_SB_CSP_IOCTL_PAUSE', `0x00004815') -define(`SNDRV_SB_CSP_IOCTL_RESTART', `0x00004816') -define(`SNDRV_SB_CSP_IOCTL_START', `0x40084813') -define(`SNDRV_SB_CSP_IOCTL_STOP', `0x00004814') -define(`SNDRV_SB_CSP_IOCTL_UNLOAD_CODE', `0x00004812') -define(`SNDRV_SEQ_IOCTL_CLIENT_ID', `0x80045301') -define(`SNDRV_SEQ_IOCTL_CREATE_PORT', `0xc0a85320') -define(`SNDRV_SEQ_IOCTL_CREATE_QUEUE', `0xc08c5332') -define(`SNDRV_SEQ_IOCTL_DELETE_PORT', `0x40a85321') -define(`SNDRV_SEQ_IOCTL_DELETE_QUEUE', `0x408c5333') -define(`SNDRV_SEQ_IOCTL_GET_CLIENT_INFO', `0xc0bc5310') -define(`SNDRV_SEQ_IOCTL_GET_CLIENT_POOL', `0xc058534b') -define(`SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE', `0xc08c5336') -define(`SNDRV_SEQ_IOCTL_GET_PORT_INFO', `0xc0a85322') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT', `0xc04c5349') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_INFO', `0xc08c5334') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_OWNER', `0xc0005343') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS', `0xc05c5340') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO', `0xc02c5341') -define(`SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER', `0xc0605345') -define(`SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION', `0xc0505350') -define(`SNDRV_SEQ_IOCTL_PVERSION', `0x80045300') -define(`SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT', `0xc0bc5351') -define(`SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT', `0xc0a85352') -define(`SNDRV_SEQ_IOCTL_QUERY_SUBS', `0xc058534f') -define(`SNDRV_SEQ_IOCTL_REMOVE_EVENTS', `0x4040534e') -define(`SNDRV_SEQ_IOCTL_RUNNING_MODE', `0xc0105303') -define(`SNDRV_SEQ_IOCTL_SET_CLIENT_INFO', `0x40bc5311') -define(`SNDRV_SEQ_IOCTL_SET_CLIENT_POOL', `0x4058534c') -define(`SNDRV_SEQ_IOCTL_SET_PORT_INFO', `0x40a85323') -define(`SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT', `0x404c534a') -define(`SNDRV_SEQ_IOCTL_SET_QUEUE_INFO', `0xc08c5335') -define(`SNDRV_SEQ_IOCTL_SET_QUEUE_OWNER', `0x40005344') -define(`SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO', `0x402c5342') -define(`SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER', `0x40605346') -define(`SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT', `0x40505330') -define(`SNDRV_SEQ_IOCTL_SYSTEM_INFO', `0xc0305302') -define(`SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT', `0x40505331') -define(`SNDRV_TIMER_IOCTL_CONTINUE', `0x000054a2') -define(`SNDRV_TIMER_IOCTL_GINFO', `0xc0f85403') -define(`SNDRV_TIMER_IOCTL_GPARAMS', `0x40485404') -define(`SNDRV_TIMER_IOCTL_GSTATUS', `0xc0505405') -define(`SNDRV_TIMER_IOCTL_INFO', `0x80e85411') -define(`SNDRV_TIMER_IOCTL_NEXT_DEVICE', `0xc0145401') -define(`SNDRV_TIMER_IOCTL_PARAMS', `0x40505412') -define(`SNDRV_TIMER_IOCTL_PAUSE', `0x000054a3') -define(`SNDRV_TIMER_IOCTL_PVERSION', `0x80045400') -define(`SNDRV_TIMER_IOCTL_SELECT', `0x40345410') -define(`SNDRV_TIMER_IOCTL_START', `0x000054a0') -define(`SNDRV_TIMER_IOCTL_STATUS', `0x80605414') -define(`SNDRV_TIMER_IOCTL_STOP', `0x000054a1') -define(`SNDRV_TIMER_IOCTL_TREAD', `0x40045402') -define(`SONET_CLRDIAG', `0xc0046113') -define(`SONET_GETDIAG', `0x80046114') -define(`SONET_GETFRAMING', `0x80046116') -define(`SONET_GETFRSENSE', `0x80066117') -define(`SONET_GETSTAT', `0x80246110') -define(`SONET_GETSTATZ', `0x80246111') -define(`SONET_SETDIAG', `0xc0046112') -define(`SONET_SETFRAMING', `0x40046115') -define(`SONYPI_IOCGBAT1CAP', `0x80027602') -define(`SONYPI_IOCGBAT1REM', `0x80027603') -define(`SONYPI_IOCGBAT2CAP', `0x80027604') -define(`SONYPI_IOCGBAT2REM', `0x80027605') -define(`SONYPI_IOCGBATFLAGS', `0x80017607') -define(`SONYPI_IOCGBLUE', `0x80017608') -define(`SONYPI_IOCGBRT', `0x80017600') -define(`SONYPI_IOCGFAN', `0x8001760a') -define(`SONYPI_IOCGTEMP', `0x8001760c') -define(`SONYPI_IOCSBLUE', `0x40017609') -define(`SONYPI_IOCSBRT', `0x40017600') -define(`SONYPI_IOCSFAN', `0x4001760b') -define(`SOUND_MIXER_3DSE', `0xc0044d68') -define(`SOUND_MIXER_ACCESS', `0xc0804d66') -define(`SOUND_MIXER_AGC', `0xc0044d67') -define(`SOUND_MIXER_GETLEVELS', `0xc0a44d74') -define(`SOUND_MIXER_INFO', `0x805c4d65') -define(`SOUND_MIXER_PRIVATE1', `0xc0044d6f') -define(`SOUND_MIXER_PRIVATE2', `0xc0044d70') -define(`SOUND_MIXER_PRIVATE3', `0xc0044d71') -define(`SOUND_MIXER_PRIVATE4', `0xc0044d72') -define(`SOUND_MIXER_PRIVATE5', `0xc0044d73') -define(`SOUND_MIXER_SETLEVELS', `0xc0a44d75') -define(`SOUND_OLD_MIXER_INFO', `0x80304d65') -define(`SOUND_PCM_READ_BITS', `0x80045005') -define(`SOUND_PCM_READ_CHANNELS', `0x80045006') -define(`SOUND_PCM_READ_FILTER', `0x80045007') -define(`SOUND_PCM_READ_RATE', `0x80045002') -define(`SOUND_PCM_WRITE_FILTER', `0xc0045007') -define(`SPI_IOC_RD_BITS_PER_WORD', `0x80016b03') -define(`SPI_IOC_RD_LSB_FIRST', `0x80016b02') -define(`SPI_IOC_RD_MAX_SPEED_HZ', `0x80046b04') -define(`SPI_IOC_RD_MODE', `0x80016b01') -define(`SPI_IOC_RD_MODE32', `0x80046b05') -define(`SPI_IOC_WR_BITS_PER_WORD', `0x40016b03') -define(`SPI_IOC_WR_LSB_FIRST', `0x40016b02') -define(`SPI_IOC_WR_MAX_SPEED_HZ', `0x40046b04') -define(`SPI_IOC_WR_MODE', `0x40016b01') -define(`SPI_IOC_WR_MODE32', `0x40046b05') -define(`SPIOCSTYPE', `0x40087101') -define(`SSTFB_GET_VGAPASS', `0x800446dd') -define(`SSTFB_SET_VGAPASS', `0x400446dd') -define(`STOP_ARRAY', `0x00000932') -define(`STOP_ARRAY_RO', `0x00000933') -define(`SW_SYNC_IOC_CREATE_FENCE', `0xc0285700') -define(`SW_SYNC_IOC_INC', `0x40045701') -define(`SYNC_IOC_FENCE_INFO', `0xc0283e02') -define(`SYNC_IOC_MERGE', `0xc0283e01') -define(`SYNC_IOC_WAIT', `0x40043e00') -define(`TCFLSH', `0x0000540b') -define(`TCGETA', `0x00005405') -define(`TCGETS2', `0x802c542a') -define(`TCGETS', ifelse(target_arch, mips, 0x0000540d, 0x00005401)) -define(`TCGETX', `0x00005432') -define(`TCSBRK', `0x00005409') -define(`TCSBRKP', `0x00005425') -define(`TCSETA', `0x00005406') -define(`TCSETAF', `0x00005408') -define(`TCSETAW', `0x00005407') -define(`TCSETS', `0x00005402') -define(`TCSETS2', `0x402c542b') -define(`TCSETSF', `0x00005404') -define(`TCSETSF2', `0x402c542d') -define(`TCSETSW', `0x00005403') -define(`TCSETSW2', `0x402c542c') -define(`TCSETX', `0x00005433') -define(`TCSETXF', `0x00005434') -define(`TCSETXW', `0x00005435') -define(`TCXONC', `0x0000540a') -define(`TFD_IOC_SET_TICKS', `0x40085400') -define(`TIOCCBRK', `0x00005428') -define(`TIOCCONS', `0x0000541d') -define(`TIOCEXCL', `0x0000540c') -define(`TIOCGDEV', `0x80045432') -define(`TIOCGETD', `0x00005424') -define(`TIOCGEXCL', `0x80045440') -define(`TIOCGICOUNT', `0x0000545d') -define(`TIOCGLCKTRMIOS', `0x00005456') -define(`TIOCGPGRP', `0x0000540f') -define(`TIOCGPKT', `0x80045438') -define(`TIOCGPTLCK', `0x80045439') -define(`TIOCGPTN', `0x80045430') -define(`TIOCGRS485', `0x0000542e') -define(`TIOCGSERIAL', `0x0000541e') -define(`TIOCGSID', `0x00005429') -define(`TIOCGSOFTCAR', `0x00005419') -define(`TIOCGWINSZ', ifelse(target_arch, mips, 0x80087468, 0x00005413)) -define(`TIOCLINUX', `0x0000541c') -define(`TIOCMBIC', `0x00005417') -define(`TIOCMBIS', `0x00005416') -define(`TIOCMGET', `0x00005415') -define(`TIOCMIWAIT', `0x0000545c') -define(`TIOCMSET', `0x00005418') -define(`TIOCNOTTY', `0x00005422') -define(`TIOCNXCL', `0x0000540d') -define(`TIOCOUTQ', ifelse(target_arch, mips, 0x00007472, 0x00005411)) -define(`TIOCPKT', `0x00005420') -define(`TIOCSBRK', `0x00005427') -define(`TIOCSCTTY', ifelse(target_arch, mips, 0x00005480, 0x0000540e)) -define(`TIOCSERCONFIG', `0x00005453') -define(`TIOCSERGETLSR', `0x00005459') -define(`TIOCSERGETMULTI', `0x0000545a') -define(`TIOCSERGSTRUCT', `0x00005458') -define(`TIOCSERGWILD', `0x00005454') -define(`TIOCSERSETMULTI', `0x0000545b') -define(`TIOCSERSWILD', `0x00005455') -define(`TIOCSETD', `0x00005423') -define(`TIOCSIG', `0x40045436') -define(`TIOCSLCKTRMIOS', `0x00005457') -define(`TIOCSPGRP', `0x00005410') -define(`TIOCSPTLCK', `0x40045431') -define(`TIOCSRS485', `0x0000542f') -define(`TIOCSSERIAL', `0x0000541f') -define(`TIOCSSOFTCAR', `0x0000541a') -define(`TIOCSTI', `0x00005412') -define(`TIOCSWINSZ', ifelse(target_arch, mips, 0x40087467, 0x00005414)) -define(`TIOCVHANGUP', `0x00005437') -define(`TOSH_SMM', `0xc0047490') -define(`TUNATTACHFILTER', `0x401054d5') -define(`TUNDETACHFILTER', `0x401054d6') -define(`TUNER_SET_CONFIG', `0x4010645c') -define(`TUNGETFEATURES', `0x800454cf') -define(`TUNGETFILTER', `0x801054db') -define(`TUNGETIFF', `0x800454d2') -define(`TUNGETSNDBUF', `0x800454d3') -define(`TUNGETVNETHDRSZ', `0x800454d7') -define(`TUNGETVNETLE', `0x800454dd') -define(`TUNSETDEBUG', `0x400454c9') -define(`TUNSETGROUP', `0x400454ce') -define(`TUNSETIFF', `0x400454ca') -define(`TUNSETIFINDEX', `0x400454da') -define(`TUNSETLINK', `0x400454cd') -define(`TUNSETNOCSUM', `0x400454c8') -define(`TUNSETOFFLOAD', `0x400454d0') -define(`TUNSETOWNER', `0x400454cc') -define(`TUNSETPERSIST', `0x400454cb') -define(`TUNSETQUEUE', `0x400454d9') -define(`TUNSETSNDBUF', `0x400454d4') -define(`TUNSETTXFILTER', `0x400454d1') -define(`TUNSETVNETHDRSZ', `0x400454d8') -define(`TUNSETVNETLE', `0x400454dc') -define(`UBI_IOCATT', `0x40186f40') -define(`UBI_IOCDET', `0x40046f41') -define(`UBI_IOCEBCH', `0x40044f02') -define(`UBI_IOCEBER', `0x40044f01') -define(`UBI_IOCEBISMAP', `0x80044f05') -define(`UBI_IOCEBMAP', `0x40084f03') -define(`UBI_IOCEBUNMAP', `0x40044f04') -define(`UBI_IOCMKVOL', `0x40986f00') -define(`UBI_IOCRMVOL', `0x40046f01') -define(`UBI_IOCRNVOL', `0x51106f03') -define(`UBI_IOCRSVOL', `0x400c6f02') -define(`UBI_IOCSETVOLPROP', `0x40104f06') -define(`UBI_IOCVOLCRBLK', `0x40804f07') -define(`UBI_IOCVOLRMBLK', `0x00004f08') -define(`UBI_IOCVOLUP', `0x40084f00') -define(`UDF_GETEABLOCK', `0x80086c41') -define(`UDF_GETEASIZE', `0x80046c40') -define(`UDF_GETVOLIDENT', `0x80086c42') -define(`UDF_RELOCATE_BLOCKS', `0xc0086c43') -define(`UI_BEGIN_FF_ERASE', `0xc00c55ca') -define(`UI_BEGIN_FF_UPLOAD', `0xc06855c8') -define(`UI_DEV_CREATE', `0x00005501') -define(`UI_DEV_DESTROY', `0x00005502') -define(`UI_END_FF_ERASE', `0x400c55cb') -define(`UI_END_FF_UPLOAD', `0x406855c9') -define(`UI_GET_VERSION', `0x8004552d') -define(`UI_SET_ABSBIT', `0x40045567') -define(`UI_SET_EVBIT', `0x40045564') -define(`UI_SET_FFBIT', `0x4004556b') -define(`UI_SET_KEYBIT', `0x40045565') -define(`UI_SET_LEDBIT', `0x40045569') -define(`UI_SET_MSCBIT', `0x40045568') -define(`UI_SET_PHYS', `0x4008556c') -define(`UI_SET_PROPBIT', `0x4004556e') -define(`UI_SET_RELBIT', `0x40045566') -define(`UI_SET_SNDBIT', `0x4004556a') -define(`UI_SET_SWBIT', `0x4004556d') -define(`UNPROTECT_ARRAY', `0x00000926') -define(`USBDEVFS_ALLOC_STREAMS', `0x8008551c') -define(`USBDEVFS_BULK', `0xc0185502') -define(`USBDEVFS_BULK32', `0xc0105502') -define(`USBDEVFS_CLAIMINTERFACE', `0x8004550f') -define(`USBDEVFS_CLAIM_PORT', `0x80045518') -define(`USBDEVFS_CLEAR_HALT', `0x80045515') -define(`USBDEVFS_CONNECT', `0x00005517') -define(`USBDEVFS_CONNECTINFO', `0x40085511') -define(`USBDEVFS_CONTROL', `0xc0185500') -define(`USBDEVFS_CONTROL32', `0xc0105500') -define(`USBDEVFS_DISCARDURB', `0x0000550b') -define(`USBDEVFS_DISCONNECT', `0x00005516') -define(`USBDEVFS_DISCONNECT_CLAIM', `0x8108551b') -define(`USBDEVFS_DISCSIGNAL', `0x8010550e') -define(`USBDEVFS_DISCSIGNAL32', `0x8008550e') -define(`USBDEVFS_FREE_STREAMS', `0x8008551d') -define(`USBDEVFS_GET_CAPABILITIES', `0x8004551a') -define(`USBDEVFS_GETDRIVER', `0x41045508') -define(`USBDEVFS_HUB_PORTINFO', `0x80805513') -define(`USBDEVFS_IOCTL', `0xc0105512') -define(`USBDEVFS_IOCTL32', `0xc00c5512') -define(`USBDEVFS_REAPURB', `0x4008550c') -define(`USBDEVFS_REAPURB32', `0x4004550c') -define(`USBDEVFS_REAPURBNDELAY', `0x4008550d') -define(`USBDEVFS_REAPURBNDELAY32', `0x4004550d') -define(`USBDEVFS_RELEASEINTERFACE', `0x80045510') -define(`USBDEVFS_RELEASE_PORT', `0x80045519') -define(`USBDEVFS_RESET', `0x00005514') -define(`USBDEVFS_RESETEP', `0x80045503') -define(`USBDEVFS_SETCONFIGURATION', `0x80045505') -define(`USBDEVFS_SETINTERFACE', `0x80085504') -define(`USBDEVFS_SUBMITURB', `0x8038550a') -define(`USBDEVFS_SUBMITURB32', `0x802a550a') -define(`USBTMC_IOCTL_ABORT_BULK_IN', `0x00005b04') -define(`USBTMC_IOCTL_ABORT_BULK_OUT', `0x00005b03') -define(`USBTMC_IOCTL_CLEAR', `0x00005b02') -define(`USBTMC_IOCTL_CLEAR_IN_HALT', `0x00005b07') -define(`USBTMC_IOCTL_CLEAR_OUT_HALT', `0x00005b06') -define(`USBTMC_IOCTL_INDICATOR_PULSE', `0x00005b01') -define(`UVCIOC_CTRL_MAP', `0xc0607520') -define(`UVCIOC_CTRL_QUERY', `0xc0107521') -define(`V4L2_SUBDEV_IR_RX_NOTIFY', `0x40047600') -define(`V4L2_SUBDEV_IR_TX_NOTIFY', `0x40047601') -define(`VFAT_IOCTL_READDIR_BOTH', `0x82307201') -define(`VFAT_IOCTL_READDIR_SHORT', `0x82307202') -define(`VFIO_CHECK_EXTENSION', `0x00003b65') -define(`VFIO_DEVICE_GET_INFO', `0x00003b6b') -define(`VFIO_DEVICE_GET_IRQ_INFO', `0x00003b6d') -define(`VFIO_DEVICE_GET_PCI_HOT_RESET_INFO', `0x00003b70') -define(`VFIO_DEVICE_GET_REGION_INFO', `0x00003b6c') -define(`VFIO_DEVICE_PCI_HOT_RESET', `0x00003b71') -define(`VFIO_DEVICE_RESET', `0x00003b6f') -define(`VFIO_DEVICE_SET_IRQS', `0x00003b6e') -define(`VFIO_EEH_PE_OP', `0x00003b79') -define(`VFIO_GET_API_VERSION', `0x00003b64') -define(`VFIO_GROUP_GET_DEVICE_FD', `0x00003b6a') -define(`VFIO_GROUP_GET_STATUS', `0x00003b67') -define(`VFIO_GROUP_SET_CONTAINER', `0x00003b68') -define(`VFIO_GROUP_UNSET_CONTAINER', `0x00003b69') -define(`VFIO_IOMMU_DISABLE', `0x00003b74') -define(`VFIO_IOMMU_ENABLE', `0x00003b73') -define(`VFIO_IOMMU_GET_INFO', `0x00003b70') -define(`VFIO_IOMMU_MAP_DMA', `0x00003b71') -define(`VFIO_IOMMU_SPAPR_TCE_GET_INFO', `0x00003b70') -define(`VFIO_IOMMU_UNMAP_DMA', `0x00003b72') -define(`VFIO_SET_IOMMU', `0x00003b66') -define(`VHOST_GET_FEATURES', `0x8008af00') -define(`VHOST_GET_VRING_BASE', `0xc008af12') -define(`VHOST_NET_SET_BACKEND', `0x4008af30') -define(`VHOST_RESET_OWNER', `0x0000af02') -define(`VHOST_SCSI_CLEAR_ENDPOINT', `0x40e8af41') -define(`VHOST_SCSI_GET_ABI_VERSION', `0x4004af42') -define(`VHOST_SCSI_GET_EVENTS_MISSED', `0x4004af44') -define(`VHOST_SCSI_SET_ENDPOINT', `0x40e8af40') -define(`VHOST_SCSI_SET_EVENTS_MISSED', `0x4004af43') -define(`VHOST_SET_FEATURES', `0x4008af00') -define(`VHOST_SET_LOG_BASE', `0x4008af04') -define(`VHOST_SET_LOG_FD', `0x4004af07') -define(`VHOST_SET_MEM_TABLE', `0x4008af03') -define(`VHOST_SET_OWNER', `0x0000af01') -define(`VHOST_SET_VRING_ADDR', `0x4028af11') -define(`VHOST_SET_VRING_BASE', `0x4008af12') -define(`VHOST_SET_VRING_CALL', `0x4008af21') -define(`VHOST_SET_VRING_ERR', `0x4008af22') -define(`VHOST_SET_VRING_KICK', `0x4008af20') -define(`VHOST_SET_VRING_NUM', `0x4008af10') -define(`VIDEO_CLEAR_BUFFER', `0x00006f22') -define(`VIDEO_COMMAND', `0xc0486f3b') -define(`VIDEO_CONTINUE', `0x00006f18') -define(`VIDEO_FAST_FORWARD', `0x00006f1f') -define(`VIDEO_FREEZE', `0x00006f17') -define(`VIDEO_GET_CAPABILITIES', `0x80046f21') -define(`VIDEO_GET_EVENT', `0x80206f1c') -define(`VIDEO_GET_FRAME_COUNT', `0x80086f3a') -define(`VIDEO_GET_FRAME_RATE', `0x80046f38') -define(`VIDEO_GET_NAVI', `0x84046f34') -define(`VIDEO_GET_PTS', `0x80086f39') -define(`VIDEO_GET_SIZE', `0x800c6f37') -define(`VIDEO_GET_STATUS', `0x80146f1b') -define(`VIDEO_PLAY', `0x00006f16') -define(`VIDEO_SELECT_SOURCE', `0x00006f19') -define(`VIDEO_SET_ATTRIBUTES', `0x00006f35') -define(`VIDEO_SET_BLANK', `0x00006f1a') -define(`VIDEO_SET_DISPLAY_FORMAT', `0x00006f1d') -define(`VIDEO_SET_FORMAT', `0x00006f25') -define(`VIDEO_SET_HIGHLIGHT', `0x40106f27') -define(`VIDEO_SET_ID', `0x00006f23') -define(`VIDEO_SET_SPU', `0x40086f32') -define(`VIDEO_SET_SPU_PALETTE', `0x40106f33') -define(`VIDEO_SET_STREAMTYPE', `0x00006f24') -define(`VIDEO_SET_SYSTEM', `0x00006f26') -define(`VIDEO_SLOWMOTION', `0x00006f20') -define(`VIDEO_STILLPICTURE', `0x40106f1e') -define(`VIDEO_STOP', `0x00006f15') -define(`VIDEO_TRY_COMMAND', `0xc0486f3c') -define(`VIDIOC_CREATE_BUFS', `0xc100565c') -define(`VIDIOC_CROPCAP', `0xc02c563a') -define(`VIDIOC_DBG_G_CHIP_INFO', `0xc0c85666') -define(`VIDIOC_DBG_G_REGISTER', `0xc0385650') -define(`VIDIOC_DBG_S_REGISTER', `0x4038564f') -define(`VIDIOC_DECODER_CMD', `0xc0485660') -define(`VIDIOC_DQBUF', `0xc0585611') -define(`VIDIOC_DQEVENT', `0x80885659') -define(`VIDIOC_DV_TIMINGS_CAP', `0xc0905664') -define(`VIDIOC_ENCODER_CMD', `0xc028564d') -define(`VIDIOC_ENUMAUDIO', `0xc0345641') -define(`VIDIOC_ENUMAUDOUT', `0xc0345642') -define(`VIDIOC_ENUM_DV_TIMINGS', `0xc0945662') -define(`VIDIOC_ENUM_FMT', `0xc0405602') -define(`VIDIOC_ENUM_FRAMEINTERVALS', `0xc034564b') -define(`VIDIOC_ENUM_FRAMESIZES', `0xc02c564a') -define(`VIDIOC_ENUM_FREQ_BANDS', `0xc0405665') -define(`VIDIOC_ENUMINPUT', `0xc050561a') -define(`VIDIOC_ENUMOUTPUT', `0xc0485630') -define(`VIDIOC_ENUMSTD', `0xc0485619') -define(`VIDIOC_EXPBUF', `0xc0405610') -define(`VIDIOC_G_AUDIO', `0x80345621') -define(`VIDIOC_G_AUDOUT', `0x80345631') -define(`VIDIOC_G_CROP', `0xc014563b') -define(`VIDIOC_G_CTRL', `0xc008561b') -define(`VIDIOC_G_DV_TIMINGS', `0xc0845658') -define(`VIDIOC_G_EDID', `0xc0285628') -define(`VIDIOC_G_ENC_INDEX', `0x8818564c') -define(`VIDIOC_G_EXT_CTRLS', `0xc0205647') -define(`VIDIOC_G_FBUF', `0x8030560a') -define(`VIDIOC_G_FMT', `0xc0d05604') -define(`VIDIOC_G_FREQUENCY', `0xc02c5638') -define(`VIDIOC_G_INPUT', `0x80045626') -define(`VIDIOC_G_JPEGCOMP', `0x808c563d') -define(`VIDIOC_G_MODULATOR', `0xc0445636') -define(`VIDIOC_G_OUTPUT', `0x8004562e') -define(`VIDIOC_G_PARM', `0xc0cc5615') -define(`VIDIOC_G_PRIORITY', `0x80045643') -define(`VIDIOC_G_SELECTION', `0xc040565e') -define(`VIDIOC_G_SLICED_VBI_CAP', `0xc0745645') -define(`VIDIOC_G_STD', `0x80085617') -define(`VIDIOC_G_TUNER', `0xc054561d') -define(`VIDIOC_INT_RESET', `0x40046466') -define(`VIDIOC_LOG_STATUS', `0x00005646') -define(`VIDIOC_OMAP3ISP_AEWB_CFG', `0xc02056c3') -define(`VIDIOC_OMAP3ISP_AF_CFG', `0xc04c56c5') -define(`VIDIOC_OMAP3ISP_CCDC_CFG', `0xc03856c1') -define(`VIDIOC_OMAP3ISP_HIST_CFG', `0xc03056c4') -define(`VIDIOC_OMAP3ISP_PRV_CFG', `0xc07056c2') -define(`VIDIOC_OMAP3ISP_STAT_EN', `0xc00856c7') -define(`VIDIOC_OMAP3ISP_STAT_REQ', `0xc02856c6') -define(`VIDIOC_OVERLAY', `0x4004560e') -define(`VIDIOC_PREPARE_BUF', `0xc058565d') -define(`VIDIOC_QBUF', `0xc058560f') -define(`VIDIOC_QUERYBUF', `0xc0585609') -define(`VIDIOC_QUERYCAP', `0x80685600') -define(`VIDIOC_QUERYCTRL', `0xc0445624') -define(`VIDIOC_QUERY_DV_TIMINGS', `0x80845663') -define(`VIDIOC_QUERY_EXT_CTRL', `0xc0e85667') -define(`VIDIOC_QUERYMENU', `0xc02c5625') -define(`VIDIOC_QUERYSTD', `0x8008563f') -define(`VIDIOC_REQBUFS', `0xc0145608') -define(`VIDIOC_RESERVED', `0x00005601') -define(`VIDIOC_S_AUDIO', `0x40345622') -define(`VIDIOC_S_AUDOUT', `0x40345632') -define(`VIDIOC_S_CROP', `0x4014563c') -define(`VIDIOC_S_CTRL', `0xc008561c') -define(`VIDIOC_S_DV_TIMINGS', `0xc0845657') -define(`VIDIOC_S_EDID', `0xc0285629') -define(`VIDIOC_S_EXT_CTRLS', `0xc0205648') -define(`VIDIOC_S_FBUF', `0x4030560b') -define(`VIDIOC_S_FMT', `0xc0d05605') -define(`VIDIOC_S_FREQUENCY', `0x402c5639') -define(`VIDIOC_S_HW_FREQ_SEEK', `0x40305652') -define(`VIDIOC_S_INPUT', `0xc0045627') -define(`VIDIOC_S_JPEGCOMP', `0x408c563e') -define(`VIDIOC_S_MODULATOR', `0x40445637') -define(`VIDIOC_S_OUTPUT', `0xc004562f') -define(`VIDIOC_S_PARM', `0xc0cc5616') -define(`VIDIOC_S_PRIORITY', `0x40045644') -define(`VIDIOC_S_SELECTION', `0xc040565f') -define(`VIDIOC_S_STD', `0x40085618') -define(`VIDIOC_STREAMOFF', `0x40045613') -define(`VIDIOC_STREAMON', `0x40045612') -define(`VIDIOC_S_TUNER', `0x4054561e') -define(`VIDIOC_SUBDEV_DV_TIMINGS_CAP', `0xc0905664') -define(`VIDIOC_SUBDEV_ENUM_DV_TIMINGS', `0xc0945662') -define(`VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL', `0xc040564b') -define(`VIDIOC_SUBDEV_ENUM_FRAME_SIZE', `0xc040564a') -define(`VIDIOC_SUBDEV_ENUM_MBUS_CODE', `0xc0305602') -define(`VIDIOC_SUBDEV_G_CROP', `0xc038563b') -define(`VIDIOC_SUBDEV_G_DV_TIMINGS', `0xc0845658') -define(`VIDIOC_SUBDEV_G_EDID', `0xc0285628') -define(`VIDIOC_SUBDEV_G_FMT', `0xc0585604') -define(`VIDIOC_SUBDEV_G_FRAME_INTERVAL', `0xc0305615') -define(`VIDIOC_SUBDEV_G_SELECTION', `0xc040563d') -define(`VIDIOC_SUBDEV_QUERY_DV_TIMINGS', `0x80845663') -define(`VIDIOC_SUBDEV_S_CROP', `0xc038563c') -define(`VIDIOC_SUBDEV_S_DV_TIMINGS', `0xc0845657') -define(`VIDIOC_SUBDEV_S_EDID', `0xc0285629') -define(`VIDIOC_SUBDEV_S_FMT', `0xc0585605') -define(`VIDIOC_SUBDEV_S_FRAME_INTERVAL', `0xc0305616') -define(`VIDIOC_SUBDEV_S_SELECTION', `0xc040563e') -define(`VIDIOC_SUBSCRIBE_EVENT', `0x4020565a') -define(`VIDIOC_TRY_DECODER_CMD', `0xc0485661') -define(`VIDIOC_TRY_ENCODER_CMD', `0xc028564e') -define(`VIDIOC_TRY_EXT_CTRLS', `0xc0205649') -define(`VIDIOC_TRY_FMT', `0xc0d05640') -define(`VIDIOC_UNSUBSCRIBE_EVENT', `0x4020565b') -define(`VIDIOC_VSP1_LUT_CONFIG', `0xc40056c1') -define(`VPFE_CMD_S_CCDC_RAW_PARAMS', `0x400856c1') -define(`VT_ACTIVATE', `0x00005606') -define(`VT_DISALLOCATE', `0x00005608') -define(`VT_GETHIFONTMASK', `0x0000560d') -define(`VT_GETMODE', `0x00005601') -define(`VT_GETSTATE', `0x00005603') -define(`VT_LOCKSWITCH', `0x0000560b') -define(`VT_OPENQRY', `0x00005600') -define(`VT_RELDISP', `0x00005605') -define(`VT_RESIZE', `0x00005609') -define(`VT_RESIZEX', `0x0000560a') -define(`VT_SENDSIG', `0x00005604') -define(`VT_SETACTIVATE', `0x0000560f') -define(`VT_SETMODE', `0x00005602') -define(`VT_UNLOCKSWITCH', `0x0000560c') -define(`VT_WAITACTIVE', `0x00005607') -define(`VT_WAITEVENT', `0x0000560e') -define(`WAN_IOC_ADD_FLT_INDEX', `0x00006902') -define(`WAN_IOC_ADD_FLT_RULE', `0x00006900') -define(`WDIOC_GETBOOTSTATUS', `0x80045702') -define(`WDIOC_GETPRETIMEOUT', `0x80045709') -define(`WDIOC_GETSTATUS', `0x80045701') -define(`WDIOC_GETSUPPORT', `0x80285700') -define(`WDIOC_GETTEMP', `0x80045703') -define(`WDIOC_GETTIMELEFT', `0x8004570a') -define(`WDIOC_GETTIMEOUT', `0x80045707') -define(`WDIOC_KEEPALIVE', `0x80045705') -define(`WDIOC_SETOPTIONS', `0x80045704') -define(`WDIOC_SETPRETIMEOUT', `0xc0045708') -define(`WDIOC_SETTIMEOUT', `0xc0045706') -define(`WRITE_RAID_INFO', `0x00000925') -define(`X86_IOC_RDMSR_REGS', `0xc02063a0') -define(`X86_IOC_WRMSR_REGS', `0xc02063a1') -define(`ZATM_GETPOOL', `0x40106161') -define(`ZATM_GETPOOLZ', `0x40106162') -define(`ZATM_SETPOOL', `0x40106163') diff --git a/prebuilts/api/29.0/public/ioctl_macros b/prebuilts/api/29.0/public/ioctl_macros deleted file mode 100644 index 5cbfae53f..000000000 --- a/prebuilts/api/29.0/public/ioctl_macros +++ /dev/null @@ -1,68 +0,0 @@ -# socket ioctls allowed to unprivileged apps -define(`unpriv_sock_ioctls', ` -{ -# Socket ioctls for gathering information about the interface -SIOCGSTAMP SIOCGSTAMPNS -SIOCGIFNAME SIOCGIFCONF SIOCGIFFLAGS SIOCGIFADDR SIOCGIFDSTADDR SIOCGIFBRDADDR -SIOCGIFNETMASK SIOCGIFMTU SIOCGIFINDEX SIOCGIFCOUNT SIOCGIFTXQLEN -# Wireless extension ioctls. Primarily get functions. -SIOCGIWNAME SIOCGIWFREQ SIOCGIWMODE SIOCGIWSENS SIOCGIWRANGE SIOCGIWPRIV -SIOCGIWSTATS SIOCGIWSPY SIOCSIWTHRSPY SIOCGIWTHRSPY SIOCGIWRATE SIOCGIWRTS -SIOCGIWFRAG SIOCGIWTXPOW SIOCGIWRETRY SIOCGIWPOWER -}') - -# socket ioctls never allowed to unprivileged apps -define(`priv_sock_ioctls', ` -{ -# qualcomm rmnet ioctls -WAN_IOC_ADD_FLT_RULE WAN_IOC_ADD_FLT_INDEX -# socket ioctls -SIOCADDRT SIOCDELRT SIOCRTMSG SIOCSIFLINK SIOCSIFFLAGS SIOCSIFADDR -SIOCSIFDSTADDR SIOCSIFBRDADDR SIOCSIFNETMASK SIOCGIFMETRIC SIOCSIFMETRIC SIOCGIFMEM -SIOCSIFMEM SIOCSIFMTU SIOCSIFNAME SIOCSIFHWADDR SIOCGIFENCAP SIOCSIFENCAP -SIOCGIFHWADDR SIOCGIFSLAVE SIOCSIFSLAVE SIOCADDMULTI SIOCDELMULTI -SIOCSIFPFLAGS SIOCGIFPFLAGS SIOCDIFADDR SIOCSIFHWBROADCAST SIOCKILLADDR SIOCGIFBR SIOCSIFBR -SIOCSIFTXQLEN SIOCETHTOOL SIOCGMIIPHY SIOCGMIIREG SIOCSMIIREG SIOCWANDEV -SIOCOUTQNSD SIOCDARP SIOCGARP SIOCSARP SIOCDRARP SIOCGRARP SIOCSRARP SIOCGIFMAP -SIOCSIFMAP SIOCADDDLCI SIOCDELDLCI SIOCGIFVLAN SIOCSIFVLAN SIOCBONDENSLAVE -SIOCBONDRELEASE SIOCBONDSETHWADDR SIOCBONDSLAVEINFOQUERY SIOCBONDINFOQUERY -SIOCBONDCHANGEACTIVE SIOCBRADDBR SIOCBRDELBR SIOCBRADDIF SIOCBRDELIF SIOCSHWTSTAMP -# device and protocol specific ioctls -SIOCDEVPRIVATE-SIOCDEVPRIVLAST -SIOCPROTOPRIVATE-SIOCPROTOPRIVLAST -# Wireless extension ioctls -SIOCSIWCOMMIT SIOCSIWNWID SIOCSIWFREQ SIOCSIWMODE SIOCSIWSENS SIOCSIWRANGE -SIOCSIWPRIV SIOCSIWSTATS SIOCSIWSPY SIOCSIWAP SIOCGIWAP SIOCSIWMLME SIOCGIWAPLIST -SIOCSIWSCAN SIOCGIWSCAN SIOCSIWESSID SIOCGIWESSID SIOCSIWNICKN SIOCGIWNICKN -SIOCSIWRATE SIOCSIWRTS SIOCSIWFRAG SIOCSIWTXPOW SIOCSIWRETRY SIOCSIWENCODE -SIOCGIWENCODE SIOCSIWPOWER SIOCSIWGENIE SIOCGIWGENIE SIOCSIWAUTH SIOCGIWAUTH -SIOCSIWENCODEEXT SIOCGIWENCODEEXT SIOCSIWPMKSA -# Dev private ioctl i.e. hardware specific ioctls -SIOCIWFIRSTPRIV-SIOCIWLASTPRIV -}') - -# commonly used ioctls on unix sockets -define(`unpriv_unix_sock_ioctls', `{ - TIOCOUTQ FIOCLEX FIONCLEX TCGETS TIOCGWINSZ TIOCSWINSZ FIONREAD -}') - -# commonly used TTY ioctls -# merge with unpriv_unix_sock_ioctls? -define(`unpriv_tty_ioctls', `{ - TIOCOUTQ FIOCLEX FIONCLEX TCGETS TCSETS TIOCGWINSZ TIOCSWINSZ TIOCSCTTY - TCSETSW TCFLSH TIOCSPGRP TIOCGPGRP -}') - -# point to point ioctls -define(`ppp_ioctls', `{ -PPPIOCGL2TPSTATS PPPIOCGCHAN PPPIOCATTCHAN PPPIOCDISCONN -PPPIOCCONNECT PPPIOCSMRRU PPPIOCDETACH PPPIOCATTACH -PPPIOCNEWUNIT PPPIOCGIDLE PPPIOCSDEBUG PPPIOCGDEBUG -PPPIOCSACTIVE PPPIOCSPASS PPPIOCSNPMODE PPPIOCGNPMODE -PPPIOCSCOMPRESS PPPIOCXFERUNIT PPPIOCSXASYNCMAP -PPPIOCGXASYNCMAP PPPIOCSMAXCID PPPIOCSMRU PPPIOCGMRU -PPPIOCSRASYNCMAP PPPIOCGRASYNCMAP PPPIOCGUNIT PPPIOCSASYNCMAP -PPPIOCGASYNCMAP PPPIOCSFLAGS PPPIOCGFLAGS PPPIOCGCALLINFO -PPPIOCBUNDLE PPPIOCGMPFLAGS PPPIOCSMPFLAGS PPPIOCSMPMTU -PPPIOCSMPMRU PPPIOCGCOMPRESSORS PPPIOCSCOMPRESSOR PPPIOCGIFNAME -}') diff --git a/prebuilts/api/29.0/public/iorapd.te b/prebuilts/api/29.0/public/iorapd.te deleted file mode 100644 index abf7adbac..000000000 --- a/prebuilts/api/29.0/public/iorapd.te +++ /dev/null @@ -1,79 +0,0 @@ -# volume manager -type iorapd, domain; -type iorapd_exec, exec_type, file_type, system_file_type; -type iorapd_tmpfs, file_type; - -r_dir_file(iorapd, rootfs) - -# Allow read/write /proc/sys/vm/drop/caches -allow iorapd proc_drop_caches:file rw_file_perms; - -# Give iorapd a place where only iorapd can store files; everyone else is off limits -allow iorapd iorapd_data_file:dir create_dir_perms; -allow iorapd iorapd_data_file:file create_file_perms; - -# Allow iorapd to publish a binder service and make binder calls. -binder_use(iorapd) -add_service(iorapd, iorapd_service) - -# Allow iorapd to call into the system server so it can check permissions. -binder_call(iorapd, system_server) -allow iorapd permission_service:service_manager find; -# IUserManager -allow iorapd user_service:service_manager find; -# IPackageManagerNative -allow iorapd package_native_service:service_manager find; - -# talk to batteryservice -binder_call(iorapd, healthd) - -# TODO: does each of the service_manager allow finds above need the binder_call? - -# iorapd temporarily changes its priority when running benchmarks -allow iorapd self:global_capability_class_set sys_nice; - -# Allow to access Perfetto traced's privileged consumer socket to start/stop -# tracing sessions and read trace data. -unix_socket_connect(iorapd, traced_consumer, traced) - -### -### neverallow rules -### - -neverallow { - domain - -iorapd -} iorapd_data_file:dir ~{ open create read getattr setattr search relabelto ioctl }; - -neverallow { - domain - -init - -iorapd -} iorapd_data_file:dir *; - -neverallow { - domain - -kernel - -iorapd -} iorapd_data_file:notdevfile_class_set ~{ relabelto getattr }; - -neverallow { - domain - -init - -kernel - -vendor_init - -iorapd -} { iorapd_data_file }:notdevfile_class_set *; - -# Only system_server can interact with iorapd over binder -neverallow { domain -system_server -iorapd } iorapd_service:service_manager find; -neverallow iorapd { - domain - -healthd - -servicemanager - -system_server - userdebug_or_eng(`-su') -}:binder call; - -neverallow { domain -init } iorapd:process { transition dyntransition }; -neverallow iorapd domain:{ tcp_socket udp_socket rawip_socket } *; diff --git a/prebuilts/api/29.0/public/isolated_app.te b/prebuilts/api/29.0/public/isolated_app.te deleted file mode 100644 index a907dacc2..000000000 --- a/prebuilts/api/29.0/public/isolated_app.te +++ /dev/null @@ -1,9 +0,0 @@ -### -### Services with isolatedProcess=true in their manifest. -### -### This file defines the rules for isolated apps. An "isolated -### app" is an APP with UID between AID_ISOLATED_START (99000) -### and AID_ISOLATED_END (99999). -### - -type isolated_app, domain; diff --git a/prebuilts/api/29.0/public/kernel.te b/prebuilts/api/29.0/public/kernel.te deleted file mode 100644 index 2567493ad..000000000 --- a/prebuilts/api/29.0/public/kernel.te +++ /dev/null @@ -1,132 +0,0 @@ -# Life begins with the kernel. -type kernel, domain, mlstrustedsubject; - -allow kernel self:global_capability_class_set sys_nice; - -# Root fs. -r_dir_file(kernel, rootfs) -allow kernel proc_cmdline:file r_file_perms; - -# Get SELinux enforcing status. -allow kernel selinuxfs:dir r_dir_perms; -allow kernel selinuxfs:file r_file_perms; - -# Get file contexts during first stage -allow kernel file_contexts_file:file r_file_perms; - -# Allow init relabel itself. -allow kernel rootfs:file relabelfrom; -allow kernel init_exec:file relabelto; -# TODO: investigate why we need this. -allow kernel init:process share; - -# cgroup filesystem initialization prior to setting the cgroup root directory label. -allow kernel unlabeled:dir search; - -# Mount usbfs. -allow kernel usbfs:filesystem mount; -allow kernel usbfs:dir search; - -# Initial setenforce by init prior to switching to init domain. -# We use dontaudit instead of allow to prevent a kernel spawned userspace -# process from turning off SELinux once enabled. -dontaudit kernel self:security setenforce; - -# Write to /proc/1/oom_adj prior to switching to init domain. -allow kernel self:global_capability_class_set sys_resource; - -# Init reboot before switching selinux domains under certain error -# conditions. Allow it. -# As part of rebooting, init writes "u" to /proc/sysrq-trigger to -# remount filesystems read-only. /data is not mounted at this point, -# so we could ignore this. For now, we allow it. -allow kernel self:global_capability_class_set sys_boot; -allow kernel proc_sysrq:file w_file_perms; - -# Allow writing to /dev/kmsg which was created prior to loading policy. -allow kernel tmpfs:chr_file write; - -# Set checkreqprot by init.rc prior to switching to init domain. -allow kernel selinuxfs:file write; -allow kernel self:security setcheckreqprot; - -# kernel thread "loop0", used by the loop block device, for ASECs (b/17158723) -allow kernel sdcard_type:file { read write }; - -# f_mtp driver accesses files from kernel context. -allow kernel mediaprovider:fd use; - -# Allow the kernel to read OBB files from app directories. (b/17428116) -# Kernel thread "loop0" reads a vold supplied file descriptor. -# Fixes CTS tests: -# * android.os.storage.cts.StorageManagerTest#testMountAndUnmountObbNormal -# * android.os.storage.cts.StorageManagerTest#testMountAndUnmountTwoObbs -allow kernel vold:fd use; -allow kernel { app_data_file privapp_data_file }:file read; -allow kernel asec_image_file:file read; - -# Allow reading loop device in update_engine_unittests. (b/28319454) -# and for LTP kernel tests (b/73220071) -userdebug_or_eng(` - allow kernel update_engine_data_file:file read; - allow kernel nativetest_data_file:file { read write }; -') - -# Access to /data/media. -# This should be removed if sdcardfs is modified to alter the secontext for its -# accesses to the underlying FS. -allow kernel media_rw_data_file:dir create_dir_perms; -allow kernel media_rw_data_file:file create_file_perms; - -# Access to /data/misc/vold/virtual_disk. -allow kernel vold_data_file:file { read write }; - -# Allow the kernel to read APEX file descriptors and (staged) data files; -# Needed because APEX uses the loopback driver, which issues requests from -# a kernel thread in earlier kernel version. -allow kernel apexd:fd use; -allow kernel { - apex_data_file - staging_data_file -}:file read; - -# Allow the first-stage init (which is running in the kernel domain) to execute the -# dynamic linker when it re-executes /init to switch into the second stage. -# Until Linux 4.8, the program interpreter (dynamic linker in this case) is executed -# before the domain is switched to the target domain. So, we need to allow the kernel -# domain (the source domain) to execute the dynamic linker (system_file type). -# TODO(b/110147943) remove these allow rules when we no longer need to support Linux -# kernel older than 4.8. -allow kernel system_file:file execute; -# The label for the dynamic linker is rootfs in the recovery partition. This is because -# the recovery partition which is rootfs does not support xattr and thus labeling can't be -# done at build-time. All files are by default labeled as rootfs upon booting. -recovery_only(` - allow kernel rootfs:file execute; -') - -### -### neverallow rules -### - -# The initial task starts in the kernel domain (assigned via -# initial_sid_contexts), but nothing ever transitions to it. -neverallow * kernel:process { transition dyntransition }; - -# The kernel domain is never entered via an exec, nor should it -# ever execute a program outside the rootfs without changing to another domain. -# If you encounter an execute_no_trans denial on the kernel domain, then -# possible causes include: -# - The program is a kernel usermodehelper. In this case, define a domain -# for the program and domain_auto_trans() to it. -# - You are running an exploit which switched to the init task credentials -# and is then trying to exec a shell or other program. You lose! -neverallow kernel *:file { entrypoint execute_no_trans }; - -# the kernel should not be accessing files owned by other users. -# Instead of adding dac_{read_search,override}, fix the unix permissions -# on files being accessed. -neverallow kernel self:global_capability_class_set { dac_override dac_read_search }; - -# Nobody should be ptracing kernel threads -neverallow * kernel:process ptrace; diff --git a/prebuilts/api/29.0/public/keystore.te b/prebuilts/api/29.0/public/keystore.te deleted file mode 100644 index e869f32d2..000000000 --- a/prebuilts/api/29.0/public/keystore.te +++ /dev/null @@ -1,35 +0,0 @@ -type keystore, domain; -type keystore_exec, system_file_type, exec_type, file_type; - -# keystore daemon -typeattribute keystore mlstrustedsubject; -binder_use(keystore) -binder_service(keystore) -binder_call(keystore, system_server) - -allow keystore keystore_data_file:dir create_dir_perms; -allow keystore keystore_data_file:notdevfile_class_set create_file_perms; -allow keystore keystore_exec:file { getattr }; - -add_service(keystore, keystore_service) -allow keystore sec_key_att_app_id_provider_service:service_manager find; -allow keystore dropbox_service:service_manager find; - -# Check SELinux permissions. -selinux_check_access(keystore) - -r_dir_file(keystore, cgroup) - -### -### Neverallow rules -### -### Protect ourself from others -### - -neverallow { domain -keystore } keystore_data_file:dir ~{ open create read getattr setattr search relabelto ioctl }; -neverallow { domain -keystore } keystore_data_file:notdevfile_class_set ~{ relabelto getattr }; - -neverallow { domain -keystore -init } keystore_data_file:dir *; -neverallow { domain -keystore -init } keystore_data_file:notdevfile_class_set *; - -neverallow * keystore:process ptrace; diff --git a/prebuilts/api/29.0/public/llkd.te b/prebuilts/api/29.0/public/llkd.te deleted file mode 100644 index 1faa42995..000000000 --- a/prebuilts/api/29.0/public/llkd.te +++ /dev/null @@ -1,3 +0,0 @@ -# llkd Live LocK Daemon -type llkd, domain, mlstrustedsubject; -type llkd_exec, system_file_type, exec_type, file_type; diff --git a/prebuilts/api/29.0/public/lmkd.te b/prebuilts/api/29.0/public/lmkd.te deleted file mode 100644 index 8952db8c1..000000000 --- a/prebuilts/api/29.0/public/lmkd.te +++ /dev/null @@ -1,69 +0,0 @@ -# lmkd low memory killer daemon -type lmkd, domain, mlstrustedsubject; -type lmkd_exec, system_file_type, exec_type, file_type; - -allow lmkd self:global_capability_class_set { dac_override dac_read_search sys_resource kill }; - -# lmkd locks itself in memory, to prevent it from being -# swapped out and unable to kill other memory hogs. -# system/core commit b28ff9131363f7b4a698990da5748b2a88c3ed35 -# b/16236289 -allow lmkd self:global_capability_class_set ipc_lock; - -## Open and write to /proc/PID/oom_score_adj -## TODO: maybe scope this down? -r_dir_file(lmkd, appdomain) -allow lmkd appdomain:file write; -r_dir_file(lmkd, system_server) -allow lmkd system_server:file write; - -## Writes to /sys/module/lowmemorykiller/parameters/minfree -r_dir_file(lmkd, sysfs_lowmemorykiller) -allow lmkd sysfs_lowmemorykiller:file w_file_perms; - -# setsched and send kill signals -allow lmkd appdomain:process { setsched sigkill }; -# TODO: delete this line b/131761776 -allow lmkd kernel:process { setsched }; - -# Clean up old cgroups -allow lmkd cgroup:dir { remove_name rmdir }; - -# Allow to read memcg stats -allow lmkd cgroup:file r_file_perms; - -# Set self to SCHED_FIFO -allow lmkd self:global_capability_class_set sys_nice; - -allow lmkd proc_zoneinfo:file r_file_perms; - -# Set sys.lmk.* properties. -set_prop(lmkd, system_lmk_prop) - -# live lock watchdog process allowed to look through /proc/ -allow lmkd domain:dir { search open read }; -allow lmkd domain:file { open read }; - -# live lock watchdog process allowed to dump process trace and -# reboot because orderly shutdown may not be possible. -allow lmkd proc_sysrq:file rw_file_perms; - -# Read /proc/lowmemorykiller - -# Read /proc/meminfo -allow lmkd proc_meminfo:file r_file_perms; - -# Read /proc/pressure/cpu and /proc/pressure/io -allow lmkd proc_pressure_cpu:file r_file_perms; -allow lmkd proc_pressure_io:file r_file_perms; - -# Read/Write /proc/pressure/memory -allow lmkd proc_pressure_mem:file rw_file_perms; - -# Allow lmkd to write to statsd. -unix_socket_send(lmkd, statsdw, statsd) - -### neverallow rules - -# never honor LD_PRELOAD -neverallow * lmkd:process noatsecure; diff --git a/prebuilts/api/29.0/public/logd.te b/prebuilts/api/29.0/public/logd.te deleted file mode 100644 index 57e29d940..000000000 --- a/prebuilts/api/29.0/public/logd.te +++ /dev/null @@ -1,73 +0,0 @@ -# android user-space log manager -type logd, domain, mlstrustedsubject; -type logd_exec, system_file_type, exec_type, file_type; - -# Read access to pseudo filesystems. -r_dir_file(logd, cgroup) -r_dir_file(logd, proc_kmsg) -r_dir_file(logd, proc_meminfo) - -allow logd self:global_capability_class_set { setuid setgid setpcap sys_nice audit_control }; -allow logd self:global_capability2_class_set syslog; -allow logd self:netlink_audit_socket { create_socket_perms_no_ioctl nlmsg_write }; -allow logd kernel:system syslog_read; -allow logd kmsg_device:chr_file { getattr w_file_perms }; -allow logd system_data_file:{ file lnk_file } r_file_perms; -allow logd packages_list_file:file r_file_perms; -allow logd pstorefs:dir search; -allow logd pstorefs:file r_file_perms; -userdebug_or_eng(` - # Access to /data/misc/logd/event-log-tags - allow logd misc_logd_file:dir r_dir_perms; - allow logd misc_logd_file:file rw_file_perms; -') -allow logd runtime_event_log_tags_file:file rw_file_perms; - -# Access device logging gating property -get_prop(logd, device_logging_prop) - -r_dir_file(logd, domain) - -allow logd kernel:system syslog_mod; - -control_logd(logd) -read_runtime_log_tags(logd) - -allow runtime_event_log_tags_file tmpfs:filesystem associate; -# Typically harmlessly blindly trying to access via liblog -# event tag mapping while in the untrusted_app domain. -# Access for that domain is controlled and gated via the -# event log tag service (albeit at a performance penalty, -# expected to be locally cached). -dontaudit domain runtime_event_log_tags_file:file { map open read }; - -### -### Neverallow rules -### -### logd should NEVER do any of this - -# Block device access. -neverallow logd dev_type:blk_file { read write }; - -# ptrace any other app -neverallow logd domain:process ptrace; - -# ... and nobody may ptrace me (except on userdebug or eng builds) -neverallow { domain userdebug_or_eng(`-crash_dump -llkd') } logd:process ptrace; - -# Write to /system. -neverallow logd system_file:dir_file_class_set write; - -# Write to files in /data/data or system files on /data -neverallow logd { app_data_file privapp_data_file system_data_file packages_list_file }:dir_file_class_set write; - -# Only init is allowed to enter the logd domain via exec() -neverallow { domain -init } logd:process transition; -neverallow * logd:process dyntransition; - -# protect the event-log-tags file -neverallow { - domain - -init - -logd -} runtime_event_log_tags_file:file no_w_file_perms; diff --git a/prebuilts/api/29.0/public/logpersist.te b/prebuilts/api/29.0/public/logpersist.te deleted file mode 100644 index c7cab80c8..000000000 --- a/prebuilts/api/29.0/public/logpersist.te +++ /dev/null @@ -1,26 +0,0 @@ -# android debug logging, logpersist domains -type logpersist, domain; - -### -### Neverallow rules -### -### logpersist should NEVER do any of this - -# Block device access. -neverallow logpersist dev_type:blk_file { read write }; - -# ptrace any other app -neverallow logpersist domain:process ptrace; - -# Write to files in /data/data or system files on /data except misc_logd_file -neverallow logpersist { privapp_data_file app_data_file system_data_file }:dir_file_class_set write; - -# Only init should be allowed to enter the logpersist domain via exec() -# Following is a list of debug domains we know that transition to logpersist -# neverallow_with_undefined_domains { -# domain -# -init # goldfish, logcatd, raft -# -mmi # bat, mtp8996, msmcobalt -# -system_app # Smith.apk -# } logpersist:process transition; -neverallow * logpersist:process dyntransition; diff --git a/prebuilts/api/29.0/public/mdnsd.te b/prebuilts/api/29.0/public/mdnsd.te deleted file mode 100644 index ef7b065d8..000000000 --- a/prebuilts/api/29.0/public/mdnsd.te +++ /dev/null @@ -1,2 +0,0 @@ -# mdns daemon -type mdnsd, domain; diff --git a/prebuilts/api/29.0/public/mediadrmserver.te b/prebuilts/api/29.0/public/mediadrmserver.te deleted file mode 100644 index a52295e2c..000000000 --- a/prebuilts/api/29.0/public/mediadrmserver.te +++ /dev/null @@ -1,33 +0,0 @@ -# mediadrmserver - mediadrm daemon -type mediadrmserver, domain; -type mediadrmserver_exec, system_file_type, exec_type, file_type; - -typeattribute mediadrmserver mlstrustedsubject; - -net_domain(mediadrmserver) -binder_use(mediadrmserver) -binder_call(mediadrmserver, binderservicedomain) -binder_call(mediadrmserver, appdomain) -binder_service(mediadrmserver) -hal_client_domain(mediadrmserver, hal_drm) - -add_service(mediadrmserver, mediadrmserver_service) -allow mediadrmserver mediaserver_service:service_manager find; -allow mediadrmserver mediametrics_service:service_manager find; -allow mediadrmserver processinfo_service:service_manager find; -allow mediadrmserver surfaceflinger_service:service_manager find; -allow mediadrmserver system_file:dir r_dir_perms; - -# TODO(b/80317992): remove -binder_call(mediadrmserver, hal_omx_server) - -### -### neverallow rules -### - -# mediadrmserver should never execute any executable without a -# domain transition -neverallow mediadrmserver { file_type fs_type }:file execute_no_trans; - -# do not allow privileged socket ioctl commands -neverallowxperm mediadrmserver domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; diff --git a/prebuilts/api/29.0/public/mediaextractor.te b/prebuilts/api/29.0/public/mediaextractor.te deleted file mode 100644 index 24e949300..000000000 --- a/prebuilts/api/29.0/public/mediaextractor.te +++ /dev/null @@ -1,77 +0,0 @@ -# mediaextractor - multimedia daemon -type mediaextractor, domain; -type mediaextractor_exec, system_file_type, exec_type, file_type; -type mediaextractor_tmpfs, file_type; - -typeattribute mediaextractor mlstrustedsubject; - -binder_use(mediaextractor) -binder_call(mediaextractor, binderservicedomain) -binder_call(mediaextractor, appdomain) -binder_service(mediaextractor) - -add_service(mediaextractor, mediaextractor_service) -allow mediaextractor mediametrics_service:service_manager find; -allow mediaextractor hidl_token_hwservice:hwservice_manager find; - -allow mediaextractor system_server:fd use; - -hal_client_domain(mediaextractor, hal_cas) -hal_client_domain(mediaextractor, hal_allocator) - -r_dir_file(mediaextractor, cgroup) -allow mediaextractor proc_meminfo:file r_file_perms; - -crash_dump_fallback(mediaextractor) - -# allow mediaextractor read permissions for file sources -allow mediaextractor sdcard_type:file { getattr read }; -allow mediaextractor media_rw_data_file:file { getattr read }; -allow mediaextractor { app_data_file privapp_data_file }:file { getattr read }; - -# Read resources from open apk files passed over Binder -allow mediaextractor apk_data_file:file { read getattr }; -allow mediaextractor asec_apk_file:file { read getattr }; -allow mediaextractor ringtone_file:file { read getattr }; - -# scan extractor library directory to dynamically load extractors -allow mediaextractor system_file:dir { read open }; - -get_prop(mediaextractor, device_config_media_native_prop) - -userdebug_or_eng(` - # Allow extractor to add update service. - - # Allow extractor to load media extractor plugins from update apk. - allow mediaextractor apk_data_file:dir search; - allow mediaextractor apk_data_file:file { execute open }; -') - -### -### neverallow rules -### - -# mediaextractor should never execute any executable without a -# domain transition -neverallow mediaextractor { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow mediaextractor domain:{ tcp_socket udp_socket rawip_socket } *; - -# mediaextractor should not be opening /data files directly. Any files -# it touches (with a few exceptions) need to be passed to it via a file -# descriptor opened outside the process. -neverallow mediaextractor { - data_file_type - -zoneinfo_data_file # time zone data from /data/misc/zoneinfo - userdebug_or_eng(`-apk_data_file') # for loading media extractor plugins -}:file open; diff --git a/prebuilts/api/29.0/public/mediametrics.te b/prebuilts/api/29.0/public/mediametrics.te deleted file mode 100644 index 0e56b07ec..000000000 --- a/prebuilts/api/29.0/public/mediametrics.te +++ /dev/null @@ -1,44 +0,0 @@ -# mediametrics - daemon for collecting media.metrics data -type mediametrics, domain; -type mediametrics_exec, system_file_type, exec_type, file_type; - - -binder_use(mediametrics) -binder_call(mediametrics, binderservicedomain) -binder_service(mediametrics) - -add_service(mediametrics, mediametrics_service) - -allow mediametrics system_server:fd use; - -r_dir_file(mediametrics, cgroup) -allow mediametrics proc_meminfo:file r_file_perms; - -# allows interactions with dumpsys to GMScore -allow mediametrics { app_data_file privapp_data_file }:file write; - -# allow access to package manager for uid->apk mapping -allow mediametrics package_native_service:service_manager find; - -# Allow metrics service to send information to statsd socket. -unix_socket_send(mediametrics, statsdw, statsd) - -### -### neverallow rules -### - -# mediametrics should never execute any executable without a -# domain transition -neverallow mediametrics { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow mediametrics domain:{ tcp_socket udp_socket rawip_socket } *; diff --git a/prebuilts/api/29.0/public/mediaprovider.te b/prebuilts/api/29.0/public/mediaprovider.te deleted file mode 100644 index 24170a5cf..000000000 --- a/prebuilts/api/29.0/public/mediaprovider.te +++ /dev/null @@ -1,6 +0,0 @@ -### -### A domain for android.process.media, which contains both -### MediaProvider and DownloadProvider and associated services. -### - -type mediaprovider, domain; diff --git a/prebuilts/api/29.0/public/mediaserver.te b/prebuilts/api/29.0/public/mediaserver.te deleted file mode 100644 index dbdb05197..000000000 --- a/prebuilts/api/29.0/public/mediaserver.te +++ /dev/null @@ -1,145 +0,0 @@ -# mediaserver - multimedia daemon -type mediaserver, domain; -type mediaserver_exec, system_file_type, exec_type, file_type; -type mediaserver_tmpfs, file_type; - -typeattribute mediaserver mlstrustedsubject; - -net_domain(mediaserver) - -r_dir_file(mediaserver, sdcard_type) -r_dir_file(mediaserver, cgroup) - -# stat /proc/self -allow mediaserver proc:lnk_file getattr; - -# open /vendor/lib/mediadrm -allow mediaserver system_file:dir r_dir_perms; - -userdebug_or_eng(` - # ptrace to processes in the same domain for memory leak detection - allow mediaserver self:process ptrace; -') - -binder_use(mediaserver) -binder_call(mediaserver, binderservicedomain) -binder_call(mediaserver, appdomain) -binder_service(mediaserver) - -allow mediaserver media_data_file:dir create_dir_perms; -allow mediaserver media_data_file:file create_file_perms; -allow mediaserver { app_data_file privapp_data_file }:file { append getattr ioctl lock map read write }; -allow mediaserver sdcard_type:file write; -allow mediaserver gpu_device:chr_file rw_file_perms; -allow mediaserver video_device:dir r_dir_perms; -allow mediaserver video_device:chr_file rw_file_perms; - -set_prop(mediaserver, audio_prop) - -# Read resources from open apk files passed over Binder. -allow mediaserver apk_data_file:file { read getattr }; -allow mediaserver asec_apk_file:file { read getattr }; -allow mediaserver ringtone_file:file { read getattr }; - -# Read /data/data/com.android.providers.telephony files passed over Binder. -allow mediaserver radio_data_file:file { read getattr }; - -# Use pipes passed over Binder from app domains. -allow mediaserver appdomain:fifo_file { getattr read write }; - -allow mediaserver rpmsg_device:chr_file rw_file_perms; - -# Inter System processes communicate over named pipe (FIFO) -allow mediaserver system_server:fifo_file r_file_perms; - -r_dir_file(mediaserver, media_rw_data_file) - -# Grant access to read files on appfuse. -allow mediaserver app_fuse_file:file { read getattr }; - -# Needed on some devices for playing DRM protected content, -# but seems expected and appropriate for all devices. -unix_socket_connect(mediaserver, drmserver, drmserver) - -# Needed on some devices for playing audio on paired BT device, -# but seems appropriate for all devices. -unix_socket_connect(mediaserver, bluetooth, bluetooth) - -add_service(mediaserver, mediaserver_service) -allow mediaserver activity_service:service_manager find; -allow mediaserver appops_service:service_manager find; -allow mediaserver audio_service:service_manager find; -allow mediaserver audioserver_service:service_manager find; -allow mediaserver cameraserver_service:service_manager find; -allow mediaserver batterystats_service:service_manager find; -allow mediaserver drmserver_service:service_manager find; -allow mediaserver mediaextractor_service:service_manager find; -allow mediaserver mediacodec_service:service_manager find; -allow mediaserver mediametrics_service:service_manager find; -allow mediaserver media_session_service:service_manager find; -allow mediaserver permission_service:service_manager find; -allow mediaserver power_service:service_manager find; -allow mediaserver processinfo_service:service_manager find; -allow mediaserver scheduling_policy_service:service_manager find; -allow mediaserver surfaceflinger_service:service_manager find; - -# for ModDrm/MediaPlayer -allow mediaserver mediadrmserver_service:service_manager find; - -# For interfacing with OMX HAL -allow mediaserver hidl_token_hwservice:hwservice_manager find; - -# /oem access -allow mediaserver oemfs:dir search; -allow mediaserver oemfs:file r_file_perms; - -# /vendor apk access -allow mediaserver vendor_app_file:file { read map getattr }; - -use_drmservice(mediaserver) -allow mediaserver drmserver:drmservice { - consumeRights - setPlaybackStatus - openDecryptSession - closeDecryptSession - initializeDecryptUnit - decrypt - finalizeDecryptUnit - pread -}; - -# only allow unprivileged socket ioctl commands -allowxperm mediaserver self:{ rawip_socket tcp_socket udp_socket } - ioctl { unpriv_sock_ioctls unpriv_tty_ioctls }; - -# Access to /data/media. -# This should be removed if sdcardfs is modified to alter the secontext for its -# accesses to the underlying FS. -allow mediaserver media_rw_data_file:dir create_dir_perms; -allow mediaserver media_rw_data_file:file create_file_perms; - -# Access to media in /data/preloads -allow mediaserver preloads_media_file:file { getattr read ioctl }; - -allow mediaserver ion_device:chr_file r_file_perms; -allow mediaserver hal_graphics_allocator:fd use; -allow mediaserver hal_graphics_composer:fd use; -allow mediaserver hal_camera:fd use; - -allow mediaserver system_server:fd use; - -# b/120491318 allow mediaserver to access void:fd -allow mediaserver vold:fd use; - -hal_client_domain(mediaserver, hal_allocator) - -### -### neverallow rules -### - -# mediaserver should never execute any executable without a -# domain transition -neverallow mediaserver { file_type fs_type }:file execute_no_trans; - -# do not allow privileged socket ioctl commands -neverallowxperm mediaserver domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; diff --git a/prebuilts/api/29.0/public/mediaswcodec.te b/prebuilts/api/29.0/public/mediaswcodec.te deleted file mode 100644 index f2f1abd26..000000000 --- a/prebuilts/api/29.0/public/mediaswcodec.te +++ /dev/null @@ -1,18 +0,0 @@ -type mediaswcodec, domain; -type mediaswcodec_exec, system_file_type, exec_type, file_type; - -typeattribute mediaswcodec halserverdomain; -typeattribute mediaswcodec mediaswcodec_server; - -hal_client_domain(mediaswcodec, hal_allocator) -hal_client_domain(mediaswcodec, hal_graphics_allocator) - -get_prop(mediaswcodec, device_config_media_native_prop) - -userdebug_or_eng(` - binder_use(mediaswcodec) - - # Allow mediaswcodec to load libs from update apk. - allow mediaswcodec apk_data_file:file { open read execute getattr map }; - allow mediaswcodec apk_data_file:dir { search getattr }; -') diff --git a/prebuilts/api/29.0/public/modprobe.te b/prebuilts/api/29.0/public/modprobe.te deleted file mode 100644 index 119040921..000000000 --- a/prebuilts/api/29.0/public/modprobe.te +++ /dev/null @@ -1,9 +0,0 @@ -type modprobe, domain; - -allow modprobe proc_modules:file r_file_perms; -allow modprobe self:global_capability_class_set sys_module; -allow modprobe kernel:key search; -recovery_only(` - allow modprobe rootfs:system module_load; - allow modprobe rootfs:file r_file_perms; -') diff --git a/prebuilts/api/29.0/public/mtp.te b/prebuilts/api/29.0/public/mtp.te deleted file mode 100644 index add63c0f5..000000000 --- a/prebuilts/api/29.0/public/mtp.te +++ /dev/null @@ -1,11 +0,0 @@ -# vpn tunneling protocol manager -type mtp, domain; -type mtp_exec, system_file_type, exec_type, file_type; - -net_domain(mtp) - -# pptp policy -allow mtp self:{ socket pppox_socket } create_socket_perms_no_ioctl; -allow mtp self:global_capability_class_set net_raw; -allow mtp ppp:process signal; -allow mtp vpn_data_file:dir search; diff --git a/prebuilts/api/29.0/public/net.te b/prebuilts/api/29.0/public/net.te deleted file mode 100644 index afa2a9c8c..000000000 --- a/prebuilts/api/29.0/public/net.te +++ /dev/null @@ -1,30 +0,0 @@ -## Network types -type node, node_type; -type netif, netif_type; -type port, port_type; - -### -### Domain with network access -### - -# Use network sockets. -allow netdomain self:tcp_socket create_stream_socket_perms; -allow netdomain self:{ icmp_socket udp_socket rawip_socket } create_socket_perms; - -# Connect to ports. -allow netdomain port_type:tcp_socket name_connect; -# Bind to ports. -allow {netdomain -ephemeral_app} node_type:{ icmp_socket rawip_socket tcp_socket udp_socket } node_bind; -allow {netdomain -ephemeral_app} port_type:udp_socket name_bind; -allow {netdomain -ephemeral_app} port_type:tcp_socket name_bind; -# See changes to the routing table. -allow netdomain self:netlink_route_socket { create read getattr write setattr lock append bind connect getopt setopt shutdown nlmsg_read }; - -# Talks to netd via dnsproxyd socket. -unix_socket_connect(netdomain, dnsproxyd, netd) - -# Talks to netd via fwmarkd socket. -unix_socket_connect(netdomain, fwmarkd, netd) - -# Connect to mdnsd via mdnsd socket. -unix_socket_connect(netdomain, mdnsd, mdnsd) diff --git a/prebuilts/api/29.0/public/netd.te b/prebuilts/api/29.0/public/netd.te deleted file mode 100644 index c15a03baf..000000000 --- a/prebuilts/api/29.0/public/netd.te +++ /dev/null @@ -1,175 +0,0 @@ -# network manager -type netd, domain, mlstrustedsubject; -type netd_exec, system_file_type, exec_type, file_type; - -net_domain(netd) -# in addition to ioctls whitelisted for all domains, grant netd priv_sock_ioctls. -allowxperm netd self:udp_socket ioctl priv_sock_ioctls; - -r_dir_file(netd, cgroup) - -allow netd system_server:fd use; - -allow netd self:global_capability_class_set { net_admin net_raw kill }; -# Note: fsetid is deliberately not included above. fsetid checks are -# triggered by chmod on a directory or file owned by a group other -# than one of the groups assigned to the current process to see if -# the setgid bit should be cleared, regardless of whether the setgid -# bit was even set. We do not appear to truly need this capability -# for netd to operate. -dontaudit netd self:global_capability_class_set fsetid; - -# Allow netd to open /dev/tun, set it up and pass it to clatd -allow netd tun_device:chr_file rw_file_perms; -allowxperm netd tun_device:chr_file ioctl { TUNGETIFF TUNSETIFF }; -allow netd self:tun_socket create; - -allow netd self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; -allow netd self:netlink_route_socket nlmsg_write; -allow netd self:netlink_nflog_socket create_socket_perms_no_ioctl; -allow netd self:netlink_socket create_socket_perms_no_ioctl; -allow netd self:netlink_tcpdiag_socket { create_socket_perms_no_ioctl nlmsg_read nlmsg_write }; -allow netd self:netlink_generic_socket create_socket_perms_no_ioctl; -allow netd self:netlink_netfilter_socket create_socket_perms_no_ioctl; -allow netd shell_exec:file rx_file_perms; -allow netd system_file:file x_file_perms; -not_full_treble(`allow netd vendor_file:file x_file_perms;') -allow netd devpts:chr_file rw_file_perms; - -# Acquire advisory lock on /system/etc/xtables.lock -allow netd system_file:file lock; - -# Allow netd to write to qtaguid ctrl file. -# TODO: Add proper rules to prevent other process to access qtaguid_proc file -# after migration complete -allow netd proc_qtaguid_ctrl:file rw_file_perms; -# Allow netd to read /dev/qtaguid. This is the same privilege level that normal apps have. -allow netd qtaguid_device:chr_file r_file_perms; - -r_dir_file(netd, proc_net_type) -# For /proc/sys/net/ipv[46]/route/flush. -allow netd proc_net_type:file rw_file_perms; - -# Enables PppController and interface enumeration (among others) -allow netd sysfs:dir r_dir_perms; -r_dir_file(netd, sysfs_net) - -# Allows setting interface MTU -allow netd sysfs_net:file w_file_perms; - -# TODO: added to match above sysfs rule. Remove me? -allow netd sysfs_usb:file write; - -r_dir_file(netd, cgroup_bpf) - -allow netd fs_bpf:dir search; -allow netd fs_bpf:file { read write setattr }; - -# TODO: netd previously thought it needed these permissions to do WiFi related -# work. However, after all the WiFi stuff is gone, we still need them. -# Why? -allow netd self:global_capability_class_set { dac_override dac_read_search chown }; - -# Needed to update /data/misc/net/rt_tables -allow netd net_data_file:file create_file_perms; -allow netd net_data_file:dir rw_dir_perms; -allow netd self:global_capability_class_set fowner; - -# Needed to lock the iptables lock. -allow netd system_file:file lock; - -# Allow netd to spawn dnsmasq in it's own domain -allow netd dnsmasq:process signal; - -set_prop(netd, ctl_mdnsd_prop) -set_prop(netd, netd_stable_secret_prop) - -# Allow netd to publish a binder service and make binder calls. -binder_use(netd) -add_service(netd, netd_service) -add_service(netd, dnsresolver_service) -allow netd dumpstate:fifo_file { getattr write }; - -# Allow netd to call into the system server so it can check permissions. -allow netd system_server:binder call; -allow netd permission_service:service_manager find; - -# Allow netd to talk to the framework service which collects netd events. -allow netd netd_listener_service:service_manager find; - -# Allow netd to operate on sockets that are passed to it. -allow netd netdomain:{ - icmp_socket - tcp_socket - udp_socket - rawip_socket - tun_socket -} { read write getattr setattr getopt setopt }; -allow netd netdomain:fd use; - -# give netd permission to read and write netlink xfrm -allow netd self:netlink_xfrm_socket { create_socket_perms_no_ioctl nlmsg_write nlmsg_read }; - -# Allow netd to register as hal server. -add_hwservice(netd, system_net_netd_hwservice) -hwbinder_use(netd) -get_prop(netd, hwservicemanager_prop) -get_prop(netd, device_config_netd_native_prop) - -### -### Neverallow rules -### -### netd should NEVER do any of this - -# Block device access. -neverallow netd dev_type:blk_file { read write }; - -# ptrace any other app -neverallow netd { domain }:process ptrace; - -# Write to /system. -neverallow netd system_file:dir_file_class_set write; - -# Write to files in /data/data or system files on /data -neverallow netd { app_data_file privapp_data_file system_data_file }:dir_file_class_set write; - -# only system_server, dumpstate and network stack app may find netd service -neverallow { - domain - -system_server - -dumpstate - -network_stack - -netd - -netutils_wrapper -} netd_service:service_manager find; - -# only system_server, dumpstate and network stack app may find dnsresolver service -neverallow { - domain - -system_server - -dumpstate - -network_stack - -netd - -netutils_wrapper -} dnsresolver_service:service_manager find; - -# apps may not interact with netd over binder. -neverallow { appdomain -network_stack } netd:binder call; -neverallow netd { appdomain -network_stack userdebug_or_eng(`-su') }:binder call; - -# persist.netd.stable_secret contains RFC 7217 secret key which should never be -# leaked to other processes. Make sure it never leaks. -neverallow { domain -netd -init -dumpstate } netd_stable_secret_prop:file r_file_perms; - -# We want to ensure that no other process ever tries tampering with persist.netd.stable_secret, -# the RFC 7217 secret key managed by netd. Doing so could compromise user privacy. -neverallow { domain -netd -init } netd_stable_secret_prop:property_service set; - -# If an already existing file is opened with O_CREATE, the kernel might generate -# a false report of a create denial. Silence these denials and make sure that -# inappropriate permissions are not granted. -neverallow netd proc_net:dir no_w_dir_perms; -dontaudit netd proc_net:dir write; - -neverallow netd sysfs_net:dir no_w_dir_perms; -dontaudit netd sysfs_net:dir write; diff --git a/prebuilts/api/29.0/public/netutils_wrapper.te b/prebuilts/api/29.0/public/netutils_wrapper.te deleted file mode 100644 index 27aa7496c..000000000 --- a/prebuilts/api/29.0/public/netutils_wrapper.te +++ /dev/null @@ -1,4 +0,0 @@ -type netutils_wrapper, domain; -type netutils_wrapper_exec, system_file_type, exec_type, file_type; - -neverallow domain netutils_wrapper_exec:file execute_no_trans; diff --git a/prebuilts/api/29.0/public/network_stack.te b/prebuilts/api/29.0/public/network_stack.te deleted file mode 100644 index feff66460..000000000 --- a/prebuilts/api/29.0/public/network_stack.te +++ /dev/null @@ -1,2 +0,0 @@ -# Network stack service app -type network_stack, domain; diff --git a/prebuilts/api/29.0/public/neverallow_macros b/prebuilts/api/29.0/public/neverallow_macros deleted file mode 100644 index e2b6ed1af..000000000 --- a/prebuilts/api/29.0/public/neverallow_macros +++ /dev/null @@ -1,15 +0,0 @@ -# -# Common neverallow permissions -define(`no_w_file_perms', `{ append create link unlink relabelfrom rename setattr write }') -define(`no_rw_file_perms', `{ no_w_file_perms open read ioctl lock }') -define(`no_x_file_perms', `{ execute execute_no_trans }') -define(`no_w_dir_perms', `{ add_name create link relabelfrom remove_name rename reparent rmdir setattr write }') - -##################################### -# neverallow_establish_socket_comms(src, dst) -# neverallow src domain establishing socket connections to dst domain. -# -define(`neverallow_establish_socket_comms', ` - neverallow $1 $2:socket_class_set { connect sendto }; - neverallow $1 $2:unix_stream_socket connectto; -') diff --git a/prebuilts/api/29.0/public/nfc.te b/prebuilts/api/29.0/public/nfc.te deleted file mode 100644 index e3a03e796..000000000 --- a/prebuilts/api/29.0/public/nfc.te +++ /dev/null @@ -1,2 +0,0 @@ -# nfc subsystem -type nfc, domain; diff --git a/prebuilts/api/29.0/public/perfetto.te b/prebuilts/api/29.0/public/perfetto.te deleted file mode 100644 index cec0e6f09..000000000 --- a/prebuilts/api/29.0/public/perfetto.te +++ /dev/null @@ -1 +0,0 @@ -type perfetto, domain, coredomain; diff --git a/prebuilts/api/29.0/public/performanced.te b/prebuilts/api/29.0/public/performanced.te deleted file mode 100644 index 7dcb5ea1e..000000000 --- a/prebuilts/api/29.0/public/performanced.te +++ /dev/null @@ -1,30 +0,0 @@ -# performanced -type performanced, domain, mlstrustedsubject; -type performanced_exec, system_file_type, exec_type, file_type; - -# Needed to check for app permissions. -binder_use(performanced) -binder_call(performanced, system_server) -allow performanced permission_service:service_manager find; - -pdx_server(performanced, performance_client) - -# TODO: use file caps to obtain sys_nice instead of setuid / setgid. -allow performanced self:global_capability_class_set { setuid setgid sys_nice }; - -# Access /proc to validate we're only affecting threads in the same thread group. -# Performanced also shields unbound kernel threads. It scans every task in the -# root cpu set, but only affects the kernel threads. -r_dir_file(performanced, { appdomain bufferhubd kernel surfaceflinger }) -dontaudit performanced domain:dir read; -allow performanced { appdomain bufferhubd kernel surfaceflinger }:process setsched; - -# These /proc accesses only show up in permissive mode but they -# generate a lot of noise in the log. -userdebug_or_eng(` - dontaudit performanced domain:dir open; - dontaudit performanced domain:file { open read getattr }; -') - -# Access /dev/cpuset/cpuset.cpus -r_dir_file(performanced, cgroup) diff --git a/prebuilts/api/29.0/public/perfprofd.te b/prebuilts/api/29.0/public/perfprofd.te deleted file mode 100644 index 47dfbf210..000000000 --- a/prebuilts/api/29.0/public/perfprofd.te +++ /dev/null @@ -1,121 +0,0 @@ -# perfprofd - perf profile collection daemon -type perfprofd, domain; -type perfprofd_exec, system_file_type, exec_type, file_type; - -userdebug_or_eng(` - - typeattribute perfprofd coredomain; - typeattribute perfprofd mlstrustedsubject; - - # perfprofd access to sysfs directory structure. - allow perfprofd sysfs_type:dir search; - - # perfprofd needs to control CPU hot-plug in order to avoid kernel - # perfevents problems in cases where CPU goes on/off during measurement; - # this means read access to /sys/devices/system/cpu/possible - # and read/write access to /sys/devices/system/cpu/cpu*/online - allow perfprofd sysfs_devices_system_cpu:file rw_file_perms; - - # perfprofd checks for the existence of and then invokes simpleperf; - # simpleperf retains perfprofd domain after exec - allow perfprofd system_file:file rx_file_perms; - - # perfprofd reads a config file from /data/data/com.google.android.gms/files - allow perfprofd { privapp_data_file app_data_file }:file r_file_perms; - allow perfprofd { privapp_data_file app_data_file }:dir search; - allow perfprofd self:global_capability_class_set { dac_override dac_read_search }; - - # perfprofd opens a file for writing in /data/misc/perfprofd - allow perfprofd perfprofd_data_file:file create_file_perms; - allow perfprofd perfprofd_data_file:dir rw_dir_perms; - - # perfprofd uses the system log - read_logd(perfprofd); - write_logd(perfprofd); - - # perfprofd inspects /sys/power/wake_unlock - wakelock_use(perfprofd); - - # perfprofd looks at thermals. - allow perfprofd sysfs_thermal:dir r_dir_perms; - - # perfprofd gets charging status. - hal_client_domain(perfprofd, hal_health) - - # simpleperf reads kernel notes. - allow perfprofd sysfs_kernel_notes:file r_file_perms; - - # Simpleperf & perfprofd query a range of proc stats. - allow perfprofd proc_loadavg:file r_file_perms; - allow perfprofd proc_stat:file r_file_perms; - allow perfprofd proc_modules:file r_file_perms; - - # simpleperf writes to perf_event_paranoid under /proc. - allow perfprofd proc_perf:file write; - - # Simpleperf: kptr_restrict. This would be required to dump kernel symbols. - dontaudit perfprofd proc_security:file *; - - # simpleperf uses ioctl() to turn on kernel perf events measurements - allow perfprofd self:global_capability_class_set sys_admin; - - # simpleperf needs to examine /proc to collect task/thread info - r_dir_file(perfprofd, domain) - - # simpleperf needs to access /proc//exec - allow perfprofd self:global_capability_class_set { sys_resource sys_ptrace }; - neverallow perfprofd domain:process ptrace; - - # simpleperf needs open/read any file that turns up in a profile - # to see whether it has a build ID - allow perfprofd exec_type:file r_file_perms; - # App & ART artifacts. - r_dir_file(perfprofd, apk_data_file) - r_dir_file(perfprofd, dalvikcache_data_file) - # Vendor libraries. - r_dir_file(perfprofd, vendor_file) - # Vendor apps. - r_dir_file(perfprofd, vendor_app_file) - # SP HAL files. - r_dir_file(perfprofd, same_process_hal_file) - - # simpleperf will set security.perf_harden to enable access to perf_event_open() - set_prop(perfprofd, shell_prop) - - # simpleperf examines debugfs on startup to collect tracepoint event types - r_dir_file(perfprofd, debugfs_tracing) - r_dir_file(perfprofd, debugfs_tracing_debug) - - # simpleperf is going to execute "sleep" - allow perfprofd toolbox_exec:file rx_file_perms; - # simpleperf is going to execute "mv" on a temp file - allow perfprofd shell_exec:file rx_file_perms; - - # needed for simpleperf on some kernels - allow perfprofd self:global_capability_class_set ipc_lock; - - # simpleperf attempts to put a temp file into /data/local/tmp. Do not allow, - # use the fallback cwd code, do not spam the log. But ensure this is correctly - # removed at some point. b/70232908. - dontaudit perfprofd shell_data_file:dir *; - dontaudit perfprofd shell_data_file:file *; - - # Allow perfprofd to publish a binder service and make binder calls. - binder_use(perfprofd) - add_service(perfprofd, perfprofd_service) - - # Use devpts for streams from cmd. - # - # This is normally granted to binderservicedomain, but this service - # has tighter restrictions on the callers (see below), so must enable - # this manually. - allow perfprofd devpts:chr_file rw_file_perms; - - # Use socket & pipe supplied by su, for cmd perfprofd dump. - allow perfprofd su:unix_stream_socket { read write getattr sendto }; - allow perfprofd su:fifo_file r_file_perms; - - # Allow perfprofd to submit to dropbox. - allow perfprofd dropbox_service:service_manager find; - binder_call(perfprofd, system_server) -') diff --git a/prebuilts/api/29.0/public/platform_app.te b/prebuilts/api/29.0/public/platform_app.te deleted file mode 100644 index 9b1faf0f6..000000000 --- a/prebuilts/api/29.0/public/platform_app.te +++ /dev/null @@ -1,5 +0,0 @@ -### -### Apps signed with the platform key. -### - -type platform_app, domain; diff --git a/prebuilts/api/29.0/public/postinstall.te b/prebuilts/api/29.0/public/postinstall.te deleted file mode 100644 index bcea2dcbf..000000000 --- a/prebuilts/api/29.0/public/postinstall.te +++ /dev/null @@ -1,45 +0,0 @@ -# Domain where the postinstall program runs during the update. -# Extend the permissions in this domain to allow this program to access other -# files needed by the specific device on your device's sepolicy directory. -type postinstall, domain; - -# Allow postinstall to write to its stdout/stderr when redirected via pipes to -# update_engine. -allow postinstall update_engine_common:fd use; -allow postinstall update_engine_common:fifo_file rw_file_perms; - -# Allow postinstall to read and execute directories and files in the same -# mounted location. -allow postinstall postinstall_file:file rx_file_perms; -allow postinstall postinstall_file:lnk_file r_file_perms; -allow postinstall postinstall_file:dir r_dir_perms; - -# Allow postinstall to execute the shell or other system executables. -allow postinstall shell_exec:file rx_file_perms; -allow postinstall system_file:file rx_file_perms; -allow postinstall toolbox_exec:file rx_file_perms; - -# Allow postinstall to execute shell in recovery. -recovery_only(` - allow postinstall rootfs:file rx_file_perms; -') - -# -# For OTA dexopt. -# - -# Allow postinstall scripts to talk to the system server. -binder_use(postinstall) -binder_call(postinstall, system_server) - -# Need to talk to the otadexopt service. -allow postinstall otadexopt_service:service_manager find; - -# Allow postinstall scripts to trigger f2fs garbage collection -allow postinstall sysfs_fs_f2fs:file rw_file_perms; -allow postinstall sysfs_fs_f2fs:dir r_dir_perms; - -# No domain other than update_engine and recovery (via update_engine_sideload) -# should transition to postinstall, as it is only meant to run during the -# update. -neverallow { domain -update_engine -recovery } postinstall:process { transition dyntransition }; diff --git a/prebuilts/api/29.0/public/ppp.te b/prebuilts/api/29.0/public/ppp.te deleted file mode 100644 index b736deff5..000000000 --- a/prebuilts/api/29.0/public/ppp.te +++ /dev/null @@ -1,23 +0,0 @@ -# Point to Point Protocol daemon -type ppp, domain; -type ppp_device, dev_type; -type ppp_exec, system_file_type, exec_type, file_type; - -net_domain(ppp) - -r_dir_file(ppp, proc_net_type) - -allow ppp mtp:{ socket pppox_socket } rw_socket_perms; - -# ioctls needed for VPN. -allowxperm ppp self:udp_socket ioctl priv_sock_ioctls; -allowxperm ppp mtp:{ socket pppox_socket } ioctl ppp_ioctls; - -allow ppp mtp:unix_dgram_socket rw_socket_perms; -allow ppp ppp_device:chr_file rw_file_perms; -allow ppp self:global_capability_class_set net_admin; -allow ppp system_file:file rx_file_perms; -not_full_treble(`allow ppp vendor_file:file rx_file_perms;') -allow ppp vpn_data_file:dir w_dir_perms; -allow ppp vpn_data_file:file create_file_perms; -allow ppp mtp:fd use; diff --git a/prebuilts/api/29.0/public/priv_app.te b/prebuilts/api/29.0/public/priv_app.te deleted file mode 100644 index 0761fc30f..000000000 --- a/prebuilts/api/29.0/public/priv_app.te +++ /dev/null @@ -1,5 +0,0 @@ -### -### A domain for further sandboxing privileged apps. -### - -type priv_app, domain; diff --git a/prebuilts/api/29.0/public/profman.te b/prebuilts/api/29.0/public/profman.te deleted file mode 100644 index 8ff62710e..000000000 --- a/prebuilts/api/29.0/public/profman.te +++ /dev/null @@ -1,29 +0,0 @@ -# profman -type profman, domain; -type profman_exec, system_file_type, exec_type, file_type; - -allow profman user_profile_data_file:file { getattr read write lock map }; - -# Dumping profile info opens the application APK file for pretty printing. -allow profman asec_apk_file:file { read map }; -allow profman apk_data_file:file { getattr read map }; -allow profman apk_data_file:dir { getattr read search }; - -allow profman oemfs:file { read map }; -# Reading an APK opens a ZipArchive, which unpack to tmpfs. -allow profman tmpfs:file { read map }; -allow profman profman_dump_data_file:file { write map }; - -allow profman installd:fd use; - -# Allow profman to analyze profiles for the secondary dex files. These -# are application dex files reported back to the framework when using -# BaseDexClassLoader. -allow profman { privapp_data_file app_data_file }:file { getattr read write lock map }; -allow profman { privapp_data_file app_data_file }:dir { getattr read search }; - -### -### neverallow rules -### - -neverallow profman { privapp_data_file app_data_file }:notdevfile_class_set open; diff --git a/prebuilts/api/29.0/public/property.te b/prebuilts/api/29.0/public/property.te deleted file mode 100644 index 3ccaad722..000000000 --- a/prebuilts/api/29.0/public/property.te +++ /dev/null @@ -1,469 +0,0 @@ -type apexd_prop, property_type; -type audio_prop, property_type, core_property_type; -type boottime_prop, property_type; -type bluetooth_a2dp_offload_prop, property_type; -type bluetooth_audio_hal_prop, property_type; -type bluetooth_prop, property_type; -type bpf_progs_loaded_prop, property_type; -type bootloader_boot_reason_prop, property_type; -type config_prop, property_type, core_property_type; -type cppreopt_prop, property_type, core_property_type; -type cpu_variant_prop, property_type; -type ctl_adbd_prop, property_type; -type ctl_bootanim_prop, property_type; -type ctl_bugreport_prop, property_type; -type ctl_console_prop, property_type; -type ctl_default_prop, property_type; -type ctl_dumpstate_prop, property_type; -type ctl_fuse_prop, property_type; -type ctl_gsid_prop, property_type; -type ctl_interface_restart_prop, property_type; -type ctl_interface_start_prop, property_type; -type ctl_interface_stop_prop, property_type; -type ctl_mdnsd_prop, property_type; -type ctl_restart_prop, property_type; -type ctl_rildaemon_prop, property_type; -type ctl_sigstop_prop, property_type; -type ctl_start_prop, property_type; -type ctl_stop_prop, property_type; -type dalvik_prop, property_type, core_property_type; -type debuggerd_prop, property_type, core_property_type; -type debug_prop, property_type, core_property_type; -type default_prop, property_type, core_property_type; -type device_config_activity_manager_native_boot_prop, property_type; -type device_config_boot_count_prop, property_type; -type device_config_reset_performed_prop, property_type; -type device_config_input_native_boot_prop, property_type; -type device_config_netd_native_prop, property_type; -type device_config_runtime_native_boot_prop, property_type; -type device_config_runtime_native_prop, property_type; -type device_config_media_native_prop, property_type; -type device_logging_prop, property_type; -type dhcp_prop, property_type, core_property_type; -type dumpstate_options_prop, property_type; -type dumpstate_prop, property_type, core_property_type; -type dynamic_system_prop, property_type; -type exported_secure_prop, property_type; -type ffs_prop, property_type, core_property_type; -type fingerprint_prop, property_type, core_property_type; -type firstboot_prop, property_type; -type gsid_prop, property_type; -type heapprofd_enabled_prop, property_type; -type heapprofd_prop, property_type; -type hwservicemanager_prop, property_type; -type last_boot_reason_prop, property_type; -type system_lmk_prop, property_type; -type llkd_prop, property_type; -type logd_prop, property_type, core_property_type; -type logpersistd_logging_prop, property_type; -type log_prop, property_type, log_property_type; -type log_tag_prop, property_type, log_property_type; -type lowpan_prop, property_type; -type lpdumpd_prop, property_type; -type mmc_prop, property_type; -type net_dns_prop, property_type; -type net_radio_prop, property_type, core_property_type; -type netd_stable_secret_prop, property_type; -type nfc_prop, property_type, core_property_type; -type nnapi_ext_deny_product_prop, property_type; -type overlay_prop, property_type; -type pan_result_prop, property_type, core_property_type; -type persist_debug_prop, property_type, core_property_type; -type persistent_properties_ready_prop, property_type; -type pm_prop, property_type; -type powerctl_prop, property_type, core_property_type; -type radio_prop, property_type, core_property_type; -type restorecon_prop, property_type, core_property_type; -type safemode_prop, property_type; -type serialno_prop, property_type; -type shell_prop, property_type, core_property_type; -type system_boot_reason_prop, property_type; -type system_prop, property_type, core_property_type; -type system_radio_prop, property_type, core_property_type; -type system_trace_prop, property_type; -type test_boot_reason_prop, property_type; -type test_harness_prop, property_type; -type time_prop, property_type; -type traced_enabled_prop, property_type; -type traced_lazy_prop, property_type; -type use_memfd_prop, property_type; -type vold_prop, property_type, core_property_type; -type wifi_log_prop, property_type, log_property_type; -type wifi_prop, property_type; -type vendor_security_patch_level_prop, property_type; - -# Properties for whitelisting -type exported_audio_prop, property_type; -type exported_bluetooth_prop, property_type; -type exported_config_prop, property_type; -type exported_dalvik_prop, property_type; -type exported_default_prop, property_type; -type exported_dumpstate_prop, property_type; -type exported_ffs_prop, property_type; -type exported_fingerprint_prop, property_type; -type exported_overlay_prop, property_type; -type exported_pm_prop, property_type; -type exported_radio_prop, property_type; -type exported_system_prop, property_type; -type exported_system_radio_prop, property_type; -type exported_vold_prop, property_type; -type exported_wifi_prop, property_type; -type exported2_config_prop, property_type; -type exported2_default_prop, property_type; -type exported2_radio_prop, property_type; -type exported2_system_prop, property_type; -type exported2_vold_prop, property_type; -type exported3_default_prop, property_type; -type exported3_radio_prop, property_type; -type exported3_system_prop, property_type; -type vendor_default_prop, property_type; - -allow property_type tmpfs:filesystem associate; - -### -### Neverallow rules -### - -# There is no need to perform ioctl or advisory locking operations on -# property files. If this neverallow is being triggered, it is -# likely that the policy is using r_file_perms directly instead of -# the get_prop() macro. -neverallow domain property_type:file { ioctl lock }; - -# core_property_type should not be used for new properties or -# device specific properties. Properties with this attribute -# are readable to everyone, which is overly broad and should -# be avoided. -# New properties should have appropriate read / write access -# control rules written. - -neverallow * { - core_property_type - -audio_prop - -config_prop - -cppreopt_prop - -dalvik_prop - -debuggerd_prop - -debug_prop - -default_prop - -dhcp_prop - -dumpstate_prop - -ffs_prop - -fingerprint_prop - -logd_prop - -net_radio_prop - -nfc_prop - -pan_result_prop - -persist_debug_prop - -powerctl_prop - -radio_prop - -restorecon_prop - -shell_prop - -system_prop - -system_radio_prop - -vold_prop -}:file no_rw_file_perms; - -# sigstop property is only used for debugging; should only be set by su which is permissive -# for userdebug/eng -neverallow { - domain - -init - -vendor_init -} ctl_sigstop_prop:property_service set; - -# Don't audit legacy ctl. property handling. We only want the newer permission check to appear -# in the audit log -dontaudit domain { - ctl_bootanim_prop - ctl_bugreport_prop - ctl_console_prop - ctl_default_prop - ctl_dumpstate_prop - ctl_fuse_prop - ctl_mdnsd_prop - ctl_rildaemon_prop -}:property_service set; - -compatible_property_only(` -# Prevent properties from being set - neverallow { - domain - -coredomain - -appdomain - -vendor_init - } { - core_property_type - extended_core_property_type - exported_config_prop - exported_dalvik_prop - exported_default_prop - exported_dumpstate_prop - exported_ffs_prop - exported_fingerprint_prop - exported_system_prop - exported_system_radio_prop - exported_vold_prop - exported2_config_prop - exported2_default_prop - exported2_system_prop - exported2_vold_prop - exported3_default_prop - exported3_system_prop - -nfc_prop - -powerctl_prop - -radio_prop - }:property_service set; - - neverallow { - domain - -coredomain - -appdomain - -hal_nfc_server - } { - nfc_prop - }:property_service set; - - neverallow { - domain - -coredomain - -appdomain - -hal_telephony_server - -vendor_init - } { - exported_radio_prop - exported3_radio_prop - }:property_service set; - - neverallow { - domain - -coredomain - -appdomain - -hal_telephony_server - } { - exported2_radio_prop - radio_prop - }:property_service set; - - neverallow { - domain - -coredomain - -bluetooth - -hal_bluetooth_server - } { - bluetooth_prop - }:property_service set; - - neverallow { - domain - -coredomain - -bluetooth - -hal_bluetooth_server - -vendor_init - } { - exported_bluetooth_prop - }:property_service set; - - neverallow { - domain - -coredomain - -hal_wifi_server - -wificond - } { - wifi_prop - }:property_service set; - - neverallow { - domain - -coredomain - -hal_wifi_server - -wificond - -vendor_init - } { - exported_wifi_prop - }:property_service set; - -# Prevent properties from being read - neverallow { - domain - -coredomain - -appdomain - -vendor_init - } { - core_property_type - extended_core_property_type - exported_dalvik_prop - exported_ffs_prop - exported_system_radio_prop - exported2_config_prop - exported2_system_prop - exported2_vold_prop - exported3_default_prop - exported3_system_prop - -debug_prop - -logd_prop - -nfc_prop - -powerctl_prop - -radio_prop - }:file no_rw_file_perms; - - neverallow { - domain - -coredomain - -appdomain - -hal_nfc_server - } { - nfc_prop - }:file no_rw_file_perms; - - neverallow { - domain - -coredomain - -appdomain - -hal_telephony_server - } { - radio_prop - }:file no_rw_file_perms; - - neverallow { - domain - -coredomain - -bluetooth - -hal_bluetooth_server - } { - bluetooth_prop - }:file no_rw_file_perms; - - neverallow { - domain - -coredomain - -hal_wifi_server - -wificond - } { - wifi_prop - }:file no_rw_file_perms; -') - -compatible_property_only(` - # Neverallow coredomain to set vendor properties - neverallow { - coredomain - -init - -system_writes_vendor_properties_violators - } { - property_type - -apexd_prop - -audio_prop - -bluetooth_a2dp_offload_prop - -bluetooth_audio_hal_prop - -bluetooth_prop - -bootloader_boot_reason_prop - -boottime_prop - -bpf_progs_loaded_prop - -config_prop - -cppreopt_prop - -ctl_adbd_prop - -ctl_bootanim_prop - -ctl_bugreport_prop - -ctl_console_prop - -ctl_default_prop - -ctl_dumpstate_prop - -ctl_fuse_prop - -ctl_gsid_prop - -ctl_interface_restart_prop - -ctl_interface_start_prop - -ctl_interface_stop_prop - -ctl_mdnsd_prop - -ctl_restart_prop - -ctl_rildaemon_prop - -ctl_sigstop_prop - -ctl_start_prop - -ctl_stop_prop - -dalvik_prop - -debug_prop - -debuggerd_prop - -default_prop - -device_logging_prop - -dhcp_prop - -dumpstate_options_prop - -dumpstate_prop - -exported2_config_prop - -exported2_default_prop - -exported2_radio_prop - -exported2_system_prop - -exported2_vold_prop - -exported3_default_prop - -exported3_radio_prop - -exported3_system_prop - -exported_bluetooth_prop - -exported_config_prop - -exported_dalvik_prop - -exported_default_prop - -exported_dumpstate_prop - -exported_ffs_prop - -exported_fingerprint_prop - -exported_overlay_prop - -exported_pm_prop - -exported_radio_prop - -exported_secure_prop - -exported_system_prop - -exported_system_radio_prop - -exported_vold_prop - -exported_wifi_prop - -extended_core_property_type - -ffs_prop - -fingerprint_prop - -firstboot_prop - -device_config_activity_manager_native_boot_prop - -device_config_reset_performed_prop - -device_config_boot_count_prop - -device_config_input_native_boot_prop - -device_config_netd_native_prop - -device_config_runtime_native_boot_prop - -device_config_runtime_native_prop - -device_config_media_native_prop - -dynamic_system_prop - -gsid_prop - -heapprofd_enabled_prop - -heapprofd_prop - -hwservicemanager_prop - -last_boot_reason_prop - -system_lmk_prop - -log_prop - -log_tag_prop - -logd_prop - -logpersistd_logging_prop - -lowpan_prop - -lpdumpd_prop - -mmc_prop - -net_dns_prop - -net_radio_prop - -netd_stable_secret_prop - -nfc_prop - -overlay_prop - -pan_result_prop - -persist_debug_prop - -persistent_properties_ready_prop - -pm_prop - -powerctl_prop - -radio_prop - -restorecon_prop - -safemode_prop - -serialno_prop - -shell_prop - -system_boot_reason_prop - -system_prop - -system_radio_prop - -system_trace_prop - -test_boot_reason_prop - -test_harness_prop - -time_prop - -traced_enabled_prop - -traced_lazy_prop - -vendor_default_prop - -vendor_security_patch_level_prop - -vold_prop - -wifi_log_prop - -wifi_prop - }:property_service set; -') diff --git a/prebuilts/api/29.0/public/property_contexts b/prebuilts/api/29.0/public/property_contexts deleted file mode 100644 index 59301917b..000000000 --- a/prebuilts/api/29.0/public/property_contexts +++ /dev/null @@ -1,387 +0,0 @@ -# vendor-init-readable -persist.radio.airplane_mode_on u:object_r:exported2_radio_prop:s0 exact int - -# vendor-init-settable -af.fast_track_multiplier u:object_r:exported3_default_prop:s0 exact int -audio.camerasound.force u:object_r:exported_audio_prop:s0 exact bool -audio.deep_buffer.media u:object_r:exported3_default_prop:s0 exact bool -audio.offload.video u:object_r:exported3_default_prop:s0 exact bool -audio.offload.min.duration.secs u:object_r:exported3_default_prop:s0 exact int -camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool -camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int -dalvik.vm.appimageformat u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.backgroundgctype u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.boot-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.boot-image u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.checkjni u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.dexopt.secondary u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.execution-mode u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.extra-opts u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.foreground-heap-growth-multiplier u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.gctype u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heapgrowthlimit u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heapmaxfree u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heapminfree u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heapsize u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heapstartsize u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.heaptargetutilization u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.hot-startup-method-samples u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.image-dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.image-dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.image-dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.image-dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.image-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.isa.arm.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.arm.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.arm64.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.arm64.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.mips.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.mips.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.mips64.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.mips64.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.unknown.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.unknown.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.x86.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.x86.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.x86_64.features u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.isa.x86_64.variant u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.jitinitialsize u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.jitmaxsize u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.jitprithreadweight u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.jitthreshold u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.jittransitionweight u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.jniopts u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.lockprof.threshold u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.method-trace u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.method-trace-file u:object_r:exported_dalvik_prop:s0 exact string -dalvik.vm.method-trace-file-siz u:object_r:exported_dalvik_prop:s0 exact int -dalvik.vm.method-trace-stream u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.profilesystemserver u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.usejit u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.usejitprofiles u:object_r:exported_dalvik_prop:s0 exact bool -dalvik.vm.zygote.max-boot-retry u:object_r:exported_dalvik_prop:s0 exact int -drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool -keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool -media.recorder.show_manufacturer_and_model u:object_r:exported3_default_prop:s0 exact bool -media.stagefright.cache-params u:object_r:exported3_default_prop:s0 exact string -media.stagefright.thumbnail.prefer_hw_codecs u:object_r:exported3_default_prop:s0 exact bool -persist.bluetooth.a2dp_offload.cap u:object_r:bluetooth_a2dp_offload_prop:s0 exact string -persist.bluetooth.a2dp_offload.disabled u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool -persist.bluetooth.bluetooth_audio_hal.disabled u:object_r:bluetooth_audio_hal_prop:s0 exact bool -persist.bluetooth.btsnoopenable u:object_r:exported_bluetooth_prop:s0 exact bool -persist.config.calibration_fac u:object_r:exported3_default_prop:s0 exact string -persist.dbg.volte_avail_ovr u:object_r:exported3_default_prop:s0 exact int -persist.dbg.vt_avail_ovr u:object_r:exported3_default_prop:s0 exact int -persist.dbg.wfc_avail_ovr u:object_r:exported3_default_prop:s0 exact int -persist.radio.multisim.config u:object_r:exported3_radio_prop:s0 exact string -persist.sys.dalvik.vm.lib.2 u:object_r:exported2_system_prop:s0 exact string -persist.sys.media.avsync u:object_r:exported2_system_prop:s0 exact bool -persist.sys.hdmi.keep_awake u:object_r:exported2_system_prop:s0 exact bool -persist.sys.sf.color_mode u:object_r:exported2_system_prop:s0 exact int -persist.sys.sf.color_saturation u:object_r:exported2_system_prop:s0 exact string -persist.sys.sf.native_mode u:object_r:exported2_system_prop:s0 exact int -pm.dexopt.ab-ota u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.bg-dexopt u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.boot u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.downgrade_after_inactive_days u:object_r:exported_pm_prop:s0 exact int -pm.dexopt.first-boot u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.inactive u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.install u:object_r:exported_pm_prop:s0 exact string -pm.dexopt.shared u:object_r:exported_pm_prop:s0 exact string -ro.af.client_heap_size_kbyte u:object_r:exported3_default_prop:s0 exact int -ro.audio.monitorRotation u:object_r:exported3_default_prop:s0 exact bool -ro.bluetooth.a2dp_offload.supported u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool -ro.boot.vendor.overlay.theme u:object_r:exported_overlay_prop:s0 exact string -ro.boot.wificountrycode u:object_r:exported3_default_prop:s0 exact string -ro.bt.bdaddr_path u:object_r:exported_bluetooth_prop:s0 exact string -ro.camera.notify_nfc u:object_r:exported3_default_prop:s0 exact int -ro.com.android.dataroaming u:object_r:exported3_default_prop:s0 exact bool -ro.com.android.prov_mobiledata u:object_r:exported3_default_prop:s0 exact bool -ro.config.alarm_alert u:object_r:exported2_config_prop:s0 exact string -ro.config.media_vol_steps u:object_r:exported2_config_prop:s0 exact int -ro.config.notification_sound u:object_r:exported2_config_prop:s0 exact string -ro.config.ringtone u:object_r:exported2_config_prop:s0 exact string -ro.control_privapp_permissions u:object_r:exported3_default_prop:s0 exact string -ro.cp_system_other_odex u:object_r:exported3_default_prop:s0 exact int -ro.crypto.allow_encrypt_override u:object_r:exported2_vold_prop:s0 exact bool -ro.crypto.scrypt_params u:object_r:exported2_vold_prop:s0 exact string -ro.crypto.volume.filenames_mode u:object_r:exported2_vold_prop:s0 exact string -ro.dalvik.vm.native.bridge u:object_r:exported_dalvik_prop:s0 exact string -ro.enable_boot_charger_mode u:object_r:exported3_default_prop:s0 exact bool -ro.gfx.driver.0 u:object_r:exported3_default_prop:s0 exact string -ro.gfx.angle.supported u:object_r:exported3_default_prop:s0 exact bool -ro.hdmi.device_type u:object_r:exported3_default_prop:s0 exact string -ro.hdmi.wake_on_hotplug u:object_r:exported3_default_prop:s0 exact bool -ro.lmk.critical_upgrade u:object_r:exported3_default_prop:s0 exact bool -ro.lmk.downgrade_pressure u:object_r:exported3_default_prop:s0 exact int -ro.lmk.kill_heaviest_task u:object_r:exported3_default_prop:s0 exact bool -ro.lmk.upgrade_pressure u:object_r:exported3_default_prop:s0 exact int -ro.minui.default_rotation u:object_r:exported3_default_prop:s0 exact string -ro.minui.overscan_percent u:object_r:exported3_default_prop:s0 exact int -ro.minui.pixel_format u:object_r:exported3_default_prop:s0 exact string -ro.oem_unlock_supported u:object_r:exported3_default_prop:s0 exact int -ro.opengles.version u:object_r:exported3_default_prop:s0 exact int -ro.radio.noril u:object_r:exported3_default_prop:s0 exact string -ro.retaildemo.video_path u:object_r:exported3_default_prop:s0 exact string -ro.statsd.enable u:object_r:exported3_default_prop:s0 exact bool -ro.sf.disable_triple_buffer u:object_r:exported3_default_prop:s0 exact bool -ro.sf.lcd_density u:object_r:exported3_default_prop:s0 exact int -ro.storage_manager.enabled u:object_r:exported3_default_prop:s0 exact bool -ro.telephony.call_ring.multiple u:object_r:exported3_default_prop:s0 exact bool -ro.telephony.default_cdma_sub u:object_r:exported3_default_prop:s0 exact int -ro.telephony.default_network u:object_r:exported3_default_prop:s0 exact string -ro.url.legal u:object_r:exported3_default_prop:s0 exact string -ro.url.legal.android_privacy u:object_r:exported3_default_prop:s0 exact string -ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string -ro.zygote u:object_r:exported3_default_prop:s0 exact string -sendbug.preferred.domain u:object_r:exported3_default_prop:s0 exact string -sys.usb.controller u:object_r:exported2_system_prop:s0 exact string -sys.usb.ffs.max_read u:object_r:exported_ffs_prop:s0 exact int -sys.usb.ffs.max_write u:object_r:exported_ffs_prop:s0 exact int -sys.usb.ffs.ready u:object_r:exported_ffs_prop:s0 exact bool -sys.usb.mtp.device_type u:object_r:exported2_system_prop:s0 exact int -sys.usb.ffs.mtp.ready u:object_r:exported_ffs_prop:s0 exact bool -sys.usb.state u:object_r:exported2_system_prop:s0 exact string -telephony.lteOnCdmaDevice u:object_r:exported3_default_prop:s0 exact int -tombstoned.max_tombstone_count u:object_r:exported3_default_prop:s0 exact int -vold.post_fs_data_done u:object_r:exported2_vold_prop:s0 exact int -vts.native_server.on u:object_r:exported3_default_prop:s0 exact bool -wlan.driver.status u:object_r:exported_wifi_prop:s0 exact enum ok unloaded - -# vendor-init-readable -apexd.status u:object_r:apexd_prop:s0 exact enum starting ready -dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool -persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string -persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string -sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool -sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int -sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool -sys.vdso u:object_r:exported3_system_prop:s0 exact string - -# vendor-init-settable -persist.sys.zram_enabled u:object_r:exported2_system_prop:s0 exact bool -sys.usb.config u:object_r:exported_system_radio_prop:s0 exact string -sys.usb.configfs u:object_r:exported_system_radio_prop:s0 exact int - -# public-readable -aac_drc_boost u:object_r:exported2_default_prop:s0 exact int -aac_drc_cut u:object_r:exported2_default_prop:s0 exact int -aac_drc_enc_target_level u:object_r:exported2_default_prop:s0 exact int -aac_drc_heavy u:object_r:exported2_default_prop:s0 exact int -aac_drc_reference_level u:object_r:exported2_default_prop:s0 exact int -ro.aac_drc_effect_type u:object_r:exported2_default_prop:s0 exact int -drm.64bit.enabled u:object_r:exported2_default_prop:s0 exact bool -dumpstate.dry_run u:object_r:exported_dumpstate_prop:s0 exact bool -dumpstate.unroot u:object_r:exported_dumpstate_prop:s0 exact bool -hal.instrumentation.enable u:object_r:exported2_default_prop:s0 exact bool -init.svc.bugreport u:object_r:exported2_default_prop:s0 exact string -init.svc.console u:object_r:exported2_default_prop:s0 exact string -init.svc.dumpstatez u:object_r:exported2_default_prop:s0 exact string -init.svc.mediadrm u:object_r:exported2_default_prop:s0 exact string -init.svc.surfaceflinger u:object_r:exported2_default_prop:s0 exact string -init.svc.tombstoned u:object_r:exported2_default_prop:s0 exact string -init.svc.zygote u:object_r:exported2_default_prop:s0 exact string -libc.debug.malloc.options u:object_r:exported2_default_prop:s0 exact string -libc.debug.malloc.program u:object_r:exported2_default_prop:s0 exact string -libc.debug.hooks.enable u:object_r:exported2_default_prop:s0 exact string -persist.sys.locale u:object_r:exported_system_prop:s0 exact string -persist.sys.timezone u:object_r:exported_system_prop:s0 exact string -persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool -ro.adb.secure u:object_r:exported_secure_prop:s0 exact int -ro.arch u:object_r:exported2_default_prop:s0 exact string -ro.audio.ignore_effects u:object_r:exported2_default_prop:s0 exact bool -ro.baseband u:object_r:exported2_default_prop:s0 exact string -ro.boot.avb_version u:object_r:exported2_default_prop:s0 exact string -ro.boot.baseband u:object_r:exported2_default_prop:s0 exact string -ro.boot.bootdevice u:object_r:exported2_default_prop:s0 exact string -ro.boot.bootloader u:object_r:exported2_default_prop:s0 exact string -ro.boot.boottime u:object_r:exported2_default_prop:s0 exact string -ro.boot.console u:object_r:exported2_default_prop:s0 exact string -ro.boot.hardware u:object_r:exported2_default_prop:s0 exact string -ro.boot.hardware.color u:object_r:exported2_default_prop:s0 exact string -ro.boot.hardware.sku u:object_r:exported2_default_prop:s0 exact string -ro.boot.keymaster u:object_r:exported2_default_prop:s0 exact string -ro.boot.mode u:object_r:exported2_default_prop:s0 exact string -ro.boot.vbmeta.avb_version u:object_r:exported2_default_prop:s0 exact string -ro.boot.verifiedbootstate u:object_r:exported2_default_prop:s0 exact string -ro.boot.veritymode u:object_r:exported2_default_prop:s0 exact string -ro.boot.dynamic_partitions u:object_r:exported_default_prop:s0 exact string -ro.boot.dynamic_partitions_retrofit u:object_r:exported_default_prop:s0 exact string -ro.bootloader u:object_r:exported2_default_prop:s0 exact string -ro.build.date u:object_r:exported2_default_prop:s0 exact string -ro.build.date.utc u:object_r:exported2_default_prop:s0 exact int -ro.build.description u:object_r:exported2_default_prop:s0 exact string -ro.build.display.id u:object_r:exported2_default_prop:s0 exact string -ro.build.fingerprint u:object_r:exported_fingerprint_prop:s0 exact string -ro.build.host u:object_r:exported2_default_prop:s0 exact string -ro.build.id u:object_r:exported2_default_prop:s0 exact string -ro.build.product u:object_r:exported2_default_prop:s0 exact string -ro.build.system_root_image u:object_r:exported2_default_prop:s0 exact bool -ro.build.tags u:object_r:exported2_default_prop:s0 exact string -ro.build.user u:object_r:exported2_default_prop:s0 exact string -ro.build.version.base_os u:object_r:exported2_default_prop:s0 exact string -ro.build.version.codename u:object_r:exported2_default_prop:s0 exact string -ro.build.version.incremental u:object_r:exported2_default_prop:s0 exact string -ro.build.version.preview_sdk u:object_r:exported2_default_prop:s0 exact int -ro.build.version.release u:object_r:exported2_default_prop:s0 exact string -ro.build.version.sdk u:object_r:exported2_default_prop:s0 exact int -ro.build.version.security_patch u:object_r:exported2_default_prop:s0 exact string -ro.crypto.state u:object_r:exported_vold_prop:s0 exact string -ro.crypto.type u:object_r:exported_vold_prop:s0 exact string -ro.debuggable u:object_r:exported2_default_prop:s0 exact int -ro.hardware u:object_r:exported2_default_prop:s0 exact string -ro.product.brand u:object_r:exported2_default_prop:s0 exact string -ro.product.cpu.abi u:object_r:exported2_default_prop:s0 exact string -ro.product.cpu.abilist u:object_r:exported2_default_prop:s0 exact string -ro.product.device u:object_r:exported2_default_prop:s0 exact string -ro.product.manufacturer u:object_r:exported2_default_prop:s0 exact string -ro.product.model u:object_r:exported2_default_prop:s0 exact string -ro.product.name u:object_r:exported2_default_prop:s0 exact string -ro.property_service.version u:object_r:exported2_default_prop:s0 exact int -ro.revision u:object_r:exported2_default_prop:s0 exact string -ro.secure u:object_r:exported_secure_prop:s0 exact int -service.bootanim.exit u:object_r:exported_system_prop:s0 exact int -sys.boot_from_charger_mode u:object_r:exported_system_prop:s0 exact int -sys.use_memfd u:object_r:use_memfd_prop:s0 exact bool -vold.decrypt u:object_r:exported_vold_prop:s0 exact string - -# vendor-init-settable|public-readable -aaudio.hw_burst_min_usec u:object_r:exported_default_prop:s0 exact int -aaudio.minimum_sleep_usec u:object_r:exported_default_prop:s0 exact int -aaudio.mixer_bursts u:object_r:exported_default_prop:s0 exact int -aaudio.mmap_exclusive_policy u:object_r:exported_default_prop:s0 exact int -aaudio.mmap_policy u:object_r:exported_default_prop:s0 exact int -aaudio.wakeup_delay_usec u:object_r:exported_default_prop:s0 exact int -gsm.sim.operator.numeric u:object_r:exported_radio_prop:s0 exact string -media.mediadrmservice.enable u:object_r:exported_default_prop:s0 exact bool -persist.rcs.supported u:object_r:exported_default_prop:s0 exact int -rcs.publish.status u:object_r:exported_radio_prop:s0 exact string -ro.bionic.2nd_arch u:object_r:cpu_variant_prop:s0 exact string -ro.bionic.2nd_cpu_variant u:object_r:cpu_variant_prop:s0 exact string -ro.bionic.arch u:object_r:cpu_variant_prop:s0 exact string -ro.bionic.cpu_variant u:object_r:cpu_variant_prop:s0 exact string -ro.board.platform u:object_r:exported_default_prop:s0 exact string -ro.boot.fake_battery u:object_r:exported_default_prop:s0 exact int -ro.boot.hardware.revision u:object_r:exported_default_prop:s0 exact string -ro.boot.product.hardware.sku u:object_r:exported_default_prop:s0 exact string -ro.boot.slot_suffix u:object_r:exported_default_prop:s0 exact string -ro.bootimage.build.date u:object_r:exported_default_prop:s0 exact string -ro.bootimage.build.date.utc u:object_r:exported_default_prop:s0 exact int -ro.bootimage.build.fingerprint u:object_r:exported_default_prop:s0 exact string -ro.build.ab_update u:object_r:exported_default_prop:s0 exact string -ro.build.expect.baseband u:object_r:exported_default_prop:s0 exact string -ro.build.expect.bootloader u:object_r:exported_default_prop:s0 exact string -ro.carrier u:object_r:exported_default_prop:s0 exact string -ro.config.low_ram u:object_r:exported_config_prop:s0 exact bool -ro.config.vc_call_vol_steps u:object_r:exported_config_prop:s0 exact int -ro.frp.pst u:object_r:exported_default_prop:s0 exact string -ro.hardware.activity_recognition u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio.a2dp u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio.hearing_aid u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio.primary u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio.usb u:object_r:exported_default_prop:s0 exact string -ro.hardware.audio_policy u:object_r:exported_default_prop:s0 exact string -ro.hardware.bootctrl u:object_r:exported_default_prop:s0 exact string -ro.hardware.camera u:object_r:exported_default_prop:s0 exact string -ro.hardware.consumerir u:object_r:exported_default_prop:s0 exact string -ro.hardware.context_hub u:object_r:exported_default_prop:s0 exact string -ro.hardware.egl u:object_r:exported_default_prop:s0 exact string -ro.hardware.fingerprint u:object_r:exported_default_prop:s0 exact string -ro.hardware.flp u:object_r:exported_default_prop:s0 exact string -ro.hardware.gatekeeper u:object_r:exported_default_prop:s0 exact string -ro.hardware.gps u:object_r:exported_default_prop:s0 exact string -ro.hardware.gralloc u:object_r:exported_default_prop:s0 exact string -ro.hardware.hdmi_cec u:object_r:exported_default_prop:s0 exact string -ro.hardware.hwcomposer u:object_r:exported_default_prop:s0 exact string -ro.hardware.input u:object_r:exported_default_prop:s0 exact string -ro.hardware.keystore u:object_r:exported_default_prop:s0 exact string -ro.hardware.keystore_desede u:object_r:exported_default_prop:s0 exact string -ro.hardware.lights u:object_r:exported_default_prop:s0 exact string -ro.hardware.local_time u:object_r:exported_default_prop:s0 exact string -ro.hardware.memtrack u:object_r:exported_default_prop:s0 exact string -ro.hardware.nfc u:object_r:exported_default_prop:s0 exact string -ro.hardware.nfc_nci u:object_r:exported_default_prop:s0 exact string -ro.hardware.nfc_tag u:object_r:exported_default_prop:s0 exact string -ro.hardware.nvram u:object_r:exported_default_prop:s0 exact string -ro.hardware.power u:object_r:exported_default_prop:s0 exact string -ro.hardware.radio u:object_r:exported_default_prop:s0 exact string -ro.hardware.sensors u:object_r:exported_default_prop:s0 exact string -ro.hardware.sound_trigger u:object_r:exported_default_prop:s0 exact string -ro.hardware.thermal u:object_r:exported_default_prop:s0 exact string -ro.hardware.tv_input u:object_r:exported_default_prop:s0 exact string -ro.hardware.type u:object_r:exported_default_prop:s0 exact string -ro.hardware.vehicle u:object_r:exported_default_prop:s0 exact string -ro.hardware.vibrator u:object_r:exported_default_prop:s0 exact string -ro.hardware.virtual_device u:object_r:exported_default_prop:s0 exact string -ro.hardware.vulkan u:object_r:exported_default_prop:s0 exact string -ro.hwui.use_vulkan u:object_r:exported_default_prop:s0 exact bool -ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool -ro.kernel.qemu. u:object_r:exported_default_prop:s0 -ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int -ro.odm.build.date u:object_r:exported_default_prop:s0 exact string -ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int -ro.odm.build.fingerprint u:object_r:exported_default_prop:s0 exact string -ro.oem.key1 u:object_r:exported_default_prop:s0 exact string -ro.product.board u:object_r:exported_default_prop:s0 exact string -ro.product.cpu.abilist32 u:object_r:exported_default_prop:s0 exact string -ro.product.cpu.abilist64 u:object_r:exported_default_prop:s0 exact string -ro.product.first_api_level u:object_r:exported_default_prop:s0 exact int -ro.product.odm.brand u:object_r:exported_default_prop:s0 exact string -ro.product.odm.device u:object_r:exported_default_prop:s0 exact string -ro.product.odm.manufacturer u:object_r:exported_default_prop:s0 exact string -ro.product.odm.model u:object_r:exported_default_prop:s0 exact string -ro.product.odm.name u:object_r:exported_default_prop:s0 exact string -ro.product.vendor.brand u:object_r:exported_default_prop:s0 exact string -ro.product.vendor.device u:object_r:exported_default_prop:s0 exact string -ro.product.vendor.manufacturer u:object_r:exported_default_prop:s0 exact string -ro.product.vendor.model u:object_r:exported_default_prop:s0 exact string -ro.product.vendor.name u:object_r:exported_default_prop:s0 exact string -ro.telephony.iwlan_operation_mode u:object_r:exported_radio_prop:s0 exact enum default legacy AP-assisted -ro.vendor.build.date u:object_r:exported_default_prop:s0 exact string -ro.vendor.build.date.utc u:object_r:exported_default_prop:s0 exact int -ro.vendor.build.fingerprint u:object_r:exported_default_prop:s0 exact string -ro.vndk.lite u:object_r:exported_default_prop:s0 exact bool -ro.vndk.version u:object_r:exported_default_prop:s0 exact string -ro.vts.coverage u:object_r:exported_default_prop:s0 exact int -wifi.active.interface u:object_r:exported_wifi_prop:s0 exact string -wifi.concurrent.interface u:object_r:exported_default_prop:s0 exact string -wifi.direct.interface u:object_r:exported_default_prop:s0 exact string -wifi.interface u:object_r:exported_default_prop:s0 exact string -ro.apex.updatable u:object_r:exported_default_prop:s0 exact bool - -# public-readable -ro.boot.revision u:object_r:exported2_default_prop:s0 exact string -ro.bootmode u:object_r:exported2_default_prop:s0 exact string -ro.build.type u:object_r:exported2_default_prop:s0 exact string -sys.shutdown.requested u:object_r:exported_system_prop:s0 exact string - -# Using Sysprop as API. So the ro.surface_flinger.* are guaranteed to be API-stable -ro.surface_flinger.default_composition_dataspace u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.default_composition_pixel_format u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.force_hwc_copy_for_virtual_displays u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.has_HDR_display u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.has_wide_color_display u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.max_frame_buffer_acquired_buffers u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.max_virtual_display_dimension u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.primary_display_orientation u:object_r:exported_default_prop:s0 exact string -ro.surface_flinger.present_time_offset_from_vsync_ns u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.running_without_sync_framework u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.start_graphics_allocator_service u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.use_color_management u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.use_context_priority u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.use_vr_flinger u:object_r:exported_default_prop:s0 exact bool -ro.surface_flinger.vsync_event_phase_offset_ns u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.vsync_sf_event_phase_offset_ns u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.wcg_composition_dataspace u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.wcg_composition_pixel_format u:object_r:exported_default_prop:s0 exact int -ro.surface_flinger.display_primary_red u:object_r:exported_default_prop:s0 exact string -ro.surface_flinger.display_primary_green u:object_r:exported_default_prop:s0 exact string -ro.surface_flinger.display_primary_blue u:object_r:exported_default_prop:s0 exact string -ro.surface_flinger.display_primary_white u:object_r:exported_default_prop:s0 exact string -ro.surface_flinger.protected_contents u:object_r:exported_default_prop:s0 exact bool diff --git a/prebuilts/api/29.0/public/racoon.te b/prebuilts/api/29.0/public/racoon.te deleted file mode 100644 index 688874024..000000000 --- a/prebuilts/api/29.0/public/racoon.te +++ /dev/null @@ -1,34 +0,0 @@ -# IKE key management daemon -type racoon, domain; -type racoon_exec, system_file_type, exec_type, file_type; - -typeattribute racoon mlstrustedsubject; - -net_domain(racoon) -allowxperm racoon self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFADDR SIOCSIFNETMASK }; - -binder_use(racoon) - -allow racoon tun_device:chr_file r_file_perms; -allowxperm racoon tun_device:chr_file ioctl TUNSETIFF; -allow racoon cgroup:dir { add_name create }; -allow racoon kernel:system module_request; - -allow racoon self:key_socket create_socket_perms_no_ioctl; -allow racoon self:tun_socket create_socket_perms_no_ioctl; -allow racoon self:global_capability_class_set { net_admin net_bind_service net_raw }; - -# XXX: should we give ip-up-vpn its own label (currently racoon domain) -allow racoon system_file:file rx_file_perms; -not_full_treble(`allow racoon vendor_file:file rx_file_perms;') -allow racoon vpn_data_file:file create_file_perms; -allow racoon vpn_data_file:dir w_dir_perms; - -use_keystore(racoon) - -# Racoon (VPN) has a restricted set of permissions from the default. -allow racoon keystore:keystore_key { - get - sign - verify -}; diff --git a/prebuilts/api/29.0/public/radio.te b/prebuilts/api/29.0/public/radio.te deleted file mode 100644 index 452770736..000000000 --- a/prebuilts/api/29.0/public/radio.te +++ /dev/null @@ -1,44 +0,0 @@ -# phone subsystem -type radio, domain, mlstrustedsubject; - -net_domain(radio) -bluetooth_domain(radio) -binder_service(radio) - -# Talks to hal_telephony_server via the rild socket only for devices without full treble -not_full_treble(`unix_socket_connect(radio, rild, hal_telephony_server)') - -# Data file accesses. -allow radio radio_data_file:dir create_dir_perms; -allow radio radio_data_file:notdevfile_class_set create_file_perms; - - -allow radio net_data_file:dir search; -allow radio net_data_file:file r_file_perms; - -# Property service -set_prop(radio, radio_prop) -set_prop(radio, exported_radio_prop) -set_prop(radio, exported2_radio_prop) -set_prop(radio, exported3_radio_prop) -set_prop(radio, net_radio_prop) - -# ctl interface -set_prop(radio, ctl_rildaemon_prop) - -add_service(radio, radio_service) -allow radio audioserver_service:service_manager find; -allow radio cameraserver_service:service_manager find; -allow radio drmserver_service:service_manager find; -allow radio mediaserver_service:service_manager find; -allow radio nfc_service:service_manager find; -allow radio app_api_service:service_manager find; -allow radio system_api_service:service_manager find; -allow radio timedetector_service:service_manager find; - -# Perform HwBinder IPC. -hwbinder_use(radio) -hal_client_domain(radio, hal_telephony) - -# Used by TelephonyManager -allow radio proc_cmdline:file r_file_perms; diff --git a/prebuilts/api/29.0/public/recovery.te b/prebuilts/api/29.0/public/recovery.te deleted file mode 100644 index d5d16a29a..000000000 --- a/prebuilts/api/29.0/public/recovery.te +++ /dev/null @@ -1,170 +0,0 @@ -# recovery console (used in recovery init.rc for /sbin/recovery) - -# Declare the domain unconditionally so we can always reference it -# in neverallow rules. -type recovery, domain; - -# But the allow rules are only included in the recovery policy. -# Otherwise recovery is only allowed the domain rules. -recovery_only(` - # Allow recovery to perform an update as update_engine would do. - typeattribute recovery update_engine_common; - # Recovery can only use HALs in passthrough mode - passthrough_hal_client_domain(recovery, hal_bootctl) - - allow recovery self:global_capability_class_set { - chown - dac_override - dac_read_search - fowner - setuid - setgid - sys_admin - sys_tty_config - }; - - # Run helpers from / or /system without changing domain. - r_dir_file(recovery, rootfs) - allow recovery rootfs:file execute_no_trans; - allow recovery system_file:file execute_no_trans; - allow recovery toolbox_exec:file rx_file_perms; - - # Mount filesystems. - allow recovery rootfs:dir mounton; - allow recovery tmpfs:dir mounton; - allow recovery fs_type:filesystem ~relabelto; - allow recovery unlabeled:filesystem ~relabelto; - allow recovery contextmount_type:filesystem relabelto; - - # We may be asked to set an SELinux label for a type not known to the - # currently loaded policy. Allow it. - allow recovery unlabeled:{ file lnk_file } { create_file_perms relabelfrom relabelto }; - allow recovery unlabeled:dir { create_dir_perms relabelfrom relabelto }; - - # Get file contexts - allow recovery file_contexts_file:file r_file_perms; - - # Write to /proc/sys/vm/drop_caches - allow recovery proc_drop_caches:file w_file_perms; - - # Read /proc/swaps - allow recovery proc_swaps:file r_file_perms; - - # Read kernel config through libvintf for OTA matching - allow recovery config_gz:file { open read getattr }; - - # Write to /sys/class/android_usb/android0/enable. - r_dir_file(recovery, sysfs_android_usb) - allow recovery sysfs_android_usb:file w_file_perms; - - # Write to /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq. - allow recovery sysfs_devices_system_cpu:file w_file_perms; - - allow recovery sysfs_batteryinfo:file r_file_perms; - - # Read /sysfs/fs/ext4/features - r_dir_file(recovery, sysfs_fs_ext4_features) - - # Read from /sys/class/leds/lcd-backlight/max_brightness and write to /s/c/l/l/brightness to - # control backlight brightness. - allow recovery sysfs_leds:dir r_dir_perms; - allow recovery sysfs_leds:file rw_file_perms; - allow recovery sysfs_leds:lnk_file read; - - allow recovery kernel:system syslog_read; - - # Access /dev/usb-ffs/adb/ep0 - allow recovery functionfs:dir search; - allow recovery functionfs:file rw_file_perms; - allowxperm recovery functionfs:file ioctl FUNCTIONFS_ENDPOINT_DESC; - - # Access to /sys/fs/selinux/policyvers for compatibility check - allow recovery selinuxfs:file r_file_perms; - - # Required to e.g. wipe userdata/cache. - allow recovery device:dir r_dir_perms; - allow recovery block_device:dir r_dir_perms; - allow recovery dev_type:blk_file rw_file_perms; - allowxperm recovery { userdata_block_device metadata_block_device }:blk_file ioctl BLKPBSZGET; - - # GUI - allow recovery graphics_device:chr_file rw_file_perms; - allow recovery graphics_device:dir r_dir_perms; - allow recovery input_device:dir r_dir_perms; - allow recovery input_device:chr_file r_file_perms; - allow recovery tty_device:chr_file rw_file_perms; - - # Create /tmp/recovery.log and execute /tmp/update_binary. - allow recovery tmpfs:file { create_file_perms x_file_perms }; - allow recovery tmpfs:dir create_dir_perms; - - # Manage files on /cache and /cache/recovery - allow recovery { cache_file cache_recovery_file }:dir create_dir_perms; - allow recovery { cache_file cache_recovery_file }:file create_file_perms; - - # Read /sys/class/thermal/*/temp for thermal info. - r_dir_file(recovery, sysfs_thermal) - - # Read files on /oem. - r_dir_file(recovery, oemfs); - - # Reboot the device - set_prop(recovery, powerctl_prop) - - # Read serial number of the device from system properties - get_prop(recovery, serialno_prop) - - # Set sys.usb.ffs.ready when starting minadbd for sideload. - set_prop(recovery, ffs_prop) - set_prop(recovery, exported_ffs_prop) - - # Set sys.usb.config when switching into fastboot. - set_prop(recovery, system_radio_prop) - set_prop(recovery, exported_system_radio_prop) - - # Read ro.boot.bootreason - get_prop(recovery, bootloader_boot_reason_prop) - - # Use setfscreatecon() to label files for OTA updates. - allow recovery self:process setfscreate; - - # Allow recovery to create a fuse filesystem, and read files from it. - allow recovery fuse_device:chr_file rw_file_perms; - allow recovery fuse:dir r_dir_perms; - allow recovery fuse:file r_file_perms; - - wakelock_use(recovery) - - # This line seems suspect, as it should not really need to - # set scheduling parameters for a kernel domain task. - allow recovery kernel:process setsched; - - # These are needed to update dynamic partitions in recovery. - r_dir_file(recovery, sysfs_dm) - allowxperm recovery super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; -') - -### -### neverallow rules -### - -# Recovery should never touch /data. -# -# In particular, if /data is encrypted, it is not accessible -# to recovery anyway. -# -# For now, we only enforce write/execute restrictions, as domain.te -# contains a number of read-only rules that apply to all -# domains, including recovery. -# -# TODO: tighten this up further. -neverallow recovery { - data_file_type - -cache_file - -cache_recovery_file -}:file { no_w_file_perms no_x_file_perms }; -neverallow recovery { - data_file_type - -cache_file - -cache_recovery_file -}:dir no_w_dir_perms; diff --git a/prebuilts/api/29.0/public/recovery_persist.te b/prebuilts/api/29.0/public/recovery_persist.te deleted file mode 100644 index d4b456201..000000000 --- a/prebuilts/api/29.0/public/recovery_persist.te +++ /dev/null @@ -1,32 +0,0 @@ -# android recovery persistent log manager -type recovery_persist, domain; -type recovery_persist_exec, system_file_type, exec_type, file_type; - -allow recovery_persist pstorefs:dir search; -allow recovery_persist pstorefs:file r_file_perms; - -allow recovery_persist recovery_data_file:file create_file_perms; -allow recovery_persist recovery_data_file:dir create_dir_perms; - -allow recovery_persist cache_file:dir search; -allow recovery_persist cache_file:lnk_file read; -allow recovery_persist cache_recovery_file:dir rw_dir_perms; -allow recovery_persist cache_recovery_file:file { r_file_perms unlink }; - -### -### Neverallow rules -### -### recovery_persist should NEVER do any of this - -# Block device access. -neverallow recovery_persist dev_type:blk_file { read write }; - -# ptrace any other app -neverallow recovery_persist domain:process ptrace; - -# Write to /system. -neverallow recovery_persist system_file:dir_file_class_set write; - -# Write to files in /data/data -neverallow recovery_persist { privapp_data_file app_data_file system_data_file }:dir_file_class_set write; - diff --git a/prebuilts/api/29.0/public/recovery_refresh.te b/prebuilts/api/29.0/public/recovery_refresh.te deleted file mode 100644 index d6870dcb2..000000000 --- a/prebuilts/api/29.0/public/recovery_refresh.te +++ /dev/null @@ -1,24 +0,0 @@ -# android recovery refresh log manager -type recovery_refresh, domain; -type recovery_refresh_exec, system_file_type, exec_type, file_type; - -allow recovery_refresh pstorefs:dir search; -allow recovery_refresh pstorefs:file r_file_perms; -# NB: domain inherits write_logd which hands us write to pmsg_device - -### -### Neverallow rules -### -### recovery_refresh should NEVER do any of this - -# Block device access. -neverallow recovery_refresh dev_type:blk_file { read write }; - -# ptrace any other app -neverallow recovery_refresh domain:process ptrace; - -# Write to /system. -neverallow recovery_refresh system_file:dir_file_class_set write; - -# Write to files in /data/data or system files on /data -neverallow recovery_refresh { app_data_file privapp_data_file system_data_file }:dir_file_class_set write; diff --git a/prebuilts/api/29.0/public/roles b/prebuilts/api/29.0/public/roles deleted file mode 100644 index ca9293439..000000000 --- a/prebuilts/api/29.0/public/roles +++ /dev/null @@ -1 +0,0 @@ -role r types domain; diff --git a/prebuilts/api/29.0/public/rs.te b/prebuilts/api/29.0/public/rs.te deleted file mode 100644 index 16b6e9630..000000000 --- a/prebuilts/api/29.0/public/rs.te +++ /dev/null @@ -1,2 +0,0 @@ -type rs, domain, coredomain; -type rs_exec, system_file_type, exec_type, file_type; diff --git a/prebuilts/api/29.0/public/rss_hwm_reset.te b/prebuilts/api/29.0/public/rss_hwm_reset.te deleted file mode 100644 index 163e1acde..000000000 --- a/prebuilts/api/29.0/public/rss_hwm_reset.te +++ /dev/null @@ -1,2 +0,0 @@ -# rss_hwm_reset resets RSS high-water mark counters for all procesess. -type rss_hwm_reset, domain, coredomain, mlstrustedsubject; diff --git a/prebuilts/api/29.0/public/runas.te b/prebuilts/api/29.0/public/runas.te deleted file mode 100644 index 356a0190c..000000000 --- a/prebuilts/api/29.0/public/runas.te +++ /dev/null @@ -1,43 +0,0 @@ -type runas, domain, mlstrustedsubject; -type runas_exec, system_file_type, exec_type, file_type; - -allow runas adbd:fd use; -allow runas adbd:process sigchld; -allow runas adbd:unix_stream_socket { read write }; -allow runas shell:fd use; -allow runas shell:fifo_file { read write }; -allow runas shell:unix_stream_socket { read write }; -allow runas devpts:chr_file { read write ioctl }; -allow runas shell_data_file:file { read write }; - -# run-as reads package information. -allow runas system_data_file:file r_file_perms; -allow runas system_data_file:lnk_file getattr; -allow runas packages_list_file:file r_file_perms; - -# The app's data dir may be accessed through a symlink. -allow runas system_data_file:lnk_file read; - -# run-as checks and changes to the app data dir. -dontaudit runas self:global_capability_class_set { dac_override dac_read_search }; -allow runas app_data_file:dir { getattr search }; - -# run-as switches to the app UID/GID. -allow runas self:global_capability_class_set { setuid setgid }; - -# run-as switches to the app security context. -selinux_check_context(runas) # validate context -allow runas self:process setcurrent; -allow runas non_system_app_set:process dyntransition; # setcon - -# runas/libselinux needs access to seapp_contexts_file to -# determine which domain to transition to. -allow runas seapp_contexts_file:file r_file_perms; - -### -### neverallow rules -### - -# run-as cannot have capabilities other than CAP_SETUID and CAP_SETGID -neverallow runas self:global_capability_class_set ~{ setuid setgid }; -neverallow runas self:global_capability2_class_set *; diff --git a/prebuilts/api/29.0/public/runas_app.te b/prebuilts/api/29.0/public/runas_app.te deleted file mode 100644 index cdaa799c9..000000000 --- a/prebuilts/api/29.0/public/runas_app.te +++ /dev/null @@ -1 +0,0 @@ -type runas_app, domain; diff --git a/prebuilts/api/29.0/public/scheduler_service_server.te b/prebuilts/api/29.0/public/scheduler_service_server.te deleted file mode 100644 index b3cede168..000000000 --- a/prebuilts/api/29.0/public/scheduler_service_server.te +++ /dev/null @@ -1 +0,0 @@ -add_hwservice(scheduler_service_server, fwk_scheduler_hwservice) diff --git a/prebuilts/api/29.0/public/sdcardd.te b/prebuilts/api/29.0/public/sdcardd.te deleted file mode 100644 index 83c184018..000000000 --- a/prebuilts/api/29.0/public/sdcardd.te +++ /dev/null @@ -1,44 +0,0 @@ -type sdcardd, domain; -type sdcardd_exec, system_file_type, exec_type, file_type; - -allow sdcardd cgroup:dir create_dir_perms; -allow sdcardd fuse_device:chr_file rw_file_perms; -allow sdcardd rootfs:dir mounton; # TODO: deprecated in M -allow sdcardd sdcardfs:filesystem remount; -allow sdcardd tmpfs:dir r_dir_perms; -allow sdcardd mnt_media_rw_file:dir r_dir_perms; -allow sdcardd storage_file:dir search; -allow sdcardd storage_stub_file:dir { search mounton }; -allow sdcardd sdcard_type:filesystem { mount unmount }; -allow sdcardd self:global_capability_class_set { setuid setgid dac_override dac_read_search sys_admin sys_resource }; - -allow sdcardd sdcard_type:dir create_dir_perms; -allow sdcardd sdcard_type:file create_file_perms; - -allow sdcardd media_rw_data_file:dir create_dir_perms; -allow sdcardd media_rw_data_file:file create_file_perms; - -# Read /data/system/packages.list. -allow sdcardd system_data_file:file r_file_perms; -allow sdcardd packages_list_file:file r_file_perms; - -# Read /data/.layout_version -allow sdcardd install_data_file:file r_file_perms; - -# Allow stdin/out back to vold -allow sdcardd vold:fd use; -allow sdcardd vold:fifo_file { read write getattr }; - -# Allow running on top of expanded storage -allow sdcardd mnt_expand_file:dir search; - -# access /proc/filesystems -allow sdcardd proc_filesystems:file r_file_perms; - -### -### neverallow rules -### - -# The sdcard daemon should no longer be started from init -neverallow init sdcardd_exec:file execute; -neverallow init sdcardd:process { transition dyntransition }; diff --git a/prebuilts/api/29.0/public/secure_element.te b/prebuilts/api/29.0/public/secure_element.te deleted file mode 100644 index 4ce6714f6..000000000 --- a/prebuilts/api/29.0/public/secure_element.te +++ /dev/null @@ -1,2 +0,0 @@ -# secure_element subsystem -type secure_element, domain; diff --git a/prebuilts/api/29.0/public/sensor_service_server.te b/prebuilts/api/29.0/public/sensor_service_server.te deleted file mode 100644 index 7c526a5f3..000000000 --- a/prebuilts/api/29.0/public/sensor_service_server.te +++ /dev/null @@ -1 +0,0 @@ -add_hwservice(sensor_service_server, fwk_sensor_hwservice) diff --git a/prebuilts/api/29.0/public/service.te b/prebuilts/api/29.0/public/service.te deleted file mode 100644 index 649dfa7f2..000000000 --- a/prebuilts/api/29.0/public/service.te +++ /dev/null @@ -1,198 +0,0 @@ -type apex_service, service_manager_type; -type audioserver_service, service_manager_type; -type batteryproperties_service, app_api_service, ephemeral_app_api_service, service_manager_type; -type bluetooth_service, service_manager_type; -type cameraserver_service, service_manager_type; -type default_android_service, service_manager_type; -type dnsresolver_service, service_manager_type; -type drmserver_service, service_manager_type; -type dumpstate_service, service_manager_type; -type fingerprintd_service, service_manager_type; -type hal_fingerprint_service, service_manager_type; -type gatekeeper_service, app_api_service, service_manager_type; -type gpu_service, service_manager_type; -type idmap_service, service_manager_type; -type iorapd_service, service_manager_type; -type incident_service, service_manager_type; -type installd_service, service_manager_type; -type keystore_service, service_manager_type; -type lpdump_service, service_manager_type; -type mediaserver_service, service_manager_type; -type mediametrics_service, service_manager_type; -type mediaextractor_service, service_manager_type; -type mediaextractor_update_service, service_manager_type; -type mediacodec_service, service_manager_type; -type mediadrmserver_service, service_manager_type; -type netd_service, service_manager_type; -type nfc_service, service_manager_type; -type perfprofd_service, service_manager_type; -type radio_service, service_manager_type; -type secure_element_service, service_manager_type; -type storaged_service, service_manager_type; -type surfaceflinger_service, app_api_service, ephemeral_app_api_service, service_manager_type; -type system_app_service, service_manager_type; -type system_suspend_control_service, service_manager_type; -type thermal_service, service_manager_type; -type update_engine_service, service_manager_type; -type virtual_touchpad_service, service_manager_type; -type vold_service, service_manager_type; -type vr_hwc_service, service_manager_type; -type vrflinger_vsync_service, service_manager_type; - -# system_server_services broken down -type accessibility_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type account_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type activity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type activity_task_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type adb_service, system_api_service, system_server_service, service_manager_type; -type alarm_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type app_binding_service, system_server_service, service_manager_type; -type app_prediction_service, app_api_service, system_server_service, service_manager_type; -type appops_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type appwidget_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type assetatlas_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type audio_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type autofill_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type backup_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type batterystats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type battery_service, system_server_service, service_manager_type; -type binder_calls_stats_service, system_server_service, service_manager_type; -type bluetooth_manager_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type broadcastradio_service, system_server_service, service_manager_type; -type cameraproxy_service, system_server_service, service_manager_type; -type clipboard_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type contexthub_service, app_api_service, system_server_service, service_manager_type; -type crossprofileapps_service, app_api_service, system_server_service, service_manager_type; -type IProxyService_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type companion_device_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type connectivity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type connmetrics_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type consumer_ir_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type content_suggestions_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type content_capture_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type content_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type country_detector_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -# Note: The coverage_service should only be enabled for userdebug / eng builds that were compiled -# with EMMA_INSTRUMENT=true. We should consider locking this down in the future. -type coverage_service, system_server_service, service_manager_type; -type cpuinfo_service, system_api_service, system_server_service, service_manager_type; -type dbinfo_service, system_api_service, system_server_service, service_manager_type; -type device_config_service, system_server_service, service_manager_type; -type device_policy_service, app_api_service, system_server_service, service_manager_type; -type deviceidle_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type device_identifiers_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type devicestoragemonitor_service, system_server_service, service_manager_type; -type diskstats_service, system_api_service, system_server_service, service_manager_type; -type display_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type color_display_service, system_api_service, system_server_service, service_manager_type; -type external_vibrator_service, system_server_service, service_manager_type; -type font_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type netd_listener_service, system_server_service, service_manager_type; -type network_watchlist_service, system_server_service, service_manager_type; -type DockObserver_service, system_server_service, service_manager_type; -type dreams_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type dropbox_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type lowpan_service, system_api_service, system_server_service, service_manager_type; -type ethernet_service, app_api_service, system_server_service, service_manager_type; -type biometric_service, app_api_service, system_server_service, service_manager_type; -type bugreport_service, system_api_service, system_server_service, service_manager_type; -type face_service, app_api_service, system_server_service, service_manager_type; -type fingerprint_service, app_api_service, system_server_service, service_manager_type; -type gfxinfo_service, system_api_service, system_server_service, service_manager_type; -type graphicsstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type hardware_service, system_server_service, service_manager_type; -type hardware_properties_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type hdmi_control_service, system_api_service, system_server_service, service_manager_type; -type imms_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type input_method_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type input_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type ipsec_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type iris_service, app_api_service, system_server_service, service_manager_type; -type jobscheduler_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type launcherapps_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type location_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type lock_settings_service, system_api_service, system_server_service, service_manager_type; -type looper_stats_service, system_server_service, service_manager_type; -type media_projection_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type media_router_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type media_session_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type meminfo_service, system_api_service, system_server_service, service_manager_type; -type midi_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type mount_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type netpolicy_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type netstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type network_management_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type network_score_service, system_api_service, system_server_service, service_manager_type; -type network_stack_service, system_server_service, service_manager_type; -type network_time_update_service, system_server_service, service_manager_type; -type notification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type oem_lock_service, system_api_service, system_server_service, service_manager_type; -type otadexopt_service, system_server_service, service_manager_type; -type overlay_service, system_api_service, system_server_service, service_manager_type; -type package_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type package_native_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type permission_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type permissionmgr_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type persistent_data_block_service, system_api_service, system_server_service, service_manager_type; -type pinner_service, system_server_service, service_manager_type; -type power_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type print_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type processinfo_service, system_server_service, service_manager_type; -type procstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type recovery_service, system_server_service, service_manager_type; -type registry_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type restrictions_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type role_service, app_api_service, system_server_service, service_manager_type; -type runtime_service, system_server_service, service_manager_type; -type rttmanager_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type samplingprofiler_service, system_server_service, service_manager_type; -type scheduling_policy_service, system_server_service, service_manager_type; -type search_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type sec_key_att_app_id_provider_service, app_api_service, system_server_service, service_manager_type; -type sensorservice_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type sensor_privacy_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type serial_service, system_api_service, system_server_service, service_manager_type; -type servicediscovery_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type settings_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type shortcut_service, app_api_service, system_server_service, service_manager_type; -type slice_service, app_api_service, system_server_service, service_manager_type; -type statusbar_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type storagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type system_update_service, system_server_service, service_manager_type; -type task_service, system_server_service, service_manager_type; -type testharness_service, system_server_service, service_manager_type; -type textclassification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type textservices_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type telecom_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type timedetector_service, system_server_service, service_manager_type; -type timezone_service, system_server_service, service_manager_type; -type trust_service, app_api_service, system_server_service, service_manager_type; -type tv_input_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type uimode_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type updatelock_service, system_api_service, system_server_service, service_manager_type; -type uri_grants_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type usagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type usb_service, app_api_service, system_server_service, service_manager_type; -type user_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type vibrator_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type voiceinteraction_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type vr_manager_service, system_server_service, service_manager_type; -type wallpaper_service, app_api_service, system_server_service, service_manager_type; -type webviewupdate_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type wifip2p_service, app_api_service, system_server_service, service_manager_type; -type wifiscanner_service, system_api_service, system_server_service, service_manager_type; -type wifi_service, app_api_service, system_server_service, service_manager_type; -type wificond_service, service_manager_type; -type wifiaware_service, app_api_service, system_server_service, service_manager_type; -type window_service, system_api_service, system_server_service, service_manager_type; -type inputflinger_service, system_api_service, system_server_service, service_manager_type; -type wpantund_service, system_api_service, service_manager_type; - -### -### Neverallow rules -### - -# servicemanager handles registering or looking up named services. -# It does not make sense to register or lookup something which is not a service. -# Trigger a compile error if this occurs. -neverallow domain ~{ service_manager_type vndservice_manager_type }:service_manager { add find }; diff --git a/prebuilts/api/29.0/public/servicemanager.te b/prebuilts/api/29.0/public/servicemanager.te deleted file mode 100644 index df209413f..000000000 --- a/prebuilts/api/29.0/public/servicemanager.te +++ /dev/null @@ -1,25 +0,0 @@ -# servicemanager - the Binder context manager -type servicemanager, domain, mlstrustedsubject; -type servicemanager_exec, system_file_type, exec_type, file_type; - -# Note that we do not use the binder_* macros here. -# servicemanager is unique in that it only provides -# name service (aka context manager) for Binder. -# As such, it only ever receives and transfers other references -# created by other domains. It never passes its own references -# or initiates a Binder IPC. -allow servicemanager self:binder set_context_mgr; -allow servicemanager { - domain - -init - -vendor_init - -hwservicemanager - -vndservicemanager -}:binder transfer; - -allow servicemanager service_contexts_file:file r_file_perms; -# nonplat_service_contexts only accessible on non full-treble devices -not_full_treble(`allow servicemanager nonplat_service_contexts_file:file r_file_perms;') - -# Check SELinux permissions. -selinux_check_access(servicemanager) diff --git a/prebuilts/api/29.0/public/sgdisk.te b/prebuilts/api/29.0/public/sgdisk.te deleted file mode 100644 index 9d7124983..000000000 --- a/prebuilts/api/29.0/public/sgdisk.te +++ /dev/null @@ -1,34 +0,0 @@ -# sgdisk called from vold -type sgdisk, domain; -type sgdisk_exec, system_file_type, exec_type, file_type; - -# Allowed to read/write low-level partition tables -allow sgdisk block_device:dir search; -allow sgdisk vold_device:blk_file rw_file_perms; -# HDIO_GETGEO needed to get the number of disk heads -# on vold_device. How quaint. -allowxperm sgdisk vold_device:blk_file ioctl { HDIO_GETGEO }; -# sgdisk also uses BLKGETSIZE and BLKGETSIZE64. BLKGETSIZE64 -# is granted to all block device users in domain.te, so -# no need to mention it here. sgdisk should not be -# using the BLKGETSIZE ioctl as it is useless for devices over -# 2T in size, but we allow it for now and hope that sgdisk -# will fix their bug. -allowxperm sgdisk vold_device:blk_file ioctl { BLKGETSIZE }; -# Force a re-read of the partition table. -allowxperm sgdisk vold_device:blk_file ioctl { BLKRRPART }; - -# Inherit and use pty created by android_fork_execvp() -allow sgdisk devpts:chr_file { read write ioctl getattr }; - -# Allow stdin/out back to vold -allow sgdisk vold:fd use; -allow sgdisk vold:fifo_file { read write getattr }; - -# Used to probe kernel to reload partition tables -allow sgdisk self:global_capability_class_set sys_admin; - -# Only allow entry from vold -neverallow { domain -vold } sgdisk:process transition; -neverallow * sgdisk:process dyntransition; -neverallow sgdisk { file_type fs_type -sgdisk_exec }:file entrypoint; diff --git a/prebuilts/api/29.0/public/shared_relro.te b/prebuilts/api/29.0/public/shared_relro.te deleted file mode 100644 index 8e58e421a..000000000 --- a/prebuilts/api/29.0/public/shared_relro.te +++ /dev/null @@ -1,11 +0,0 @@ -# Process which creates/updates shared RELRO files to be used by other apps. -type shared_relro, domain; - -# Grant write access to the shared relro files/directory. -allow shared_relro shared_relro_file:dir rw_dir_perms; -allow shared_relro shared_relro_file:file create_file_perms; - -# Needs to contact the "webviewupdate" and "activity" services -allow shared_relro activity_service:service_manager find; -allow shared_relro webviewupdate_service:service_manager find; -allow shared_relro package_service:service_manager find; diff --git a/prebuilts/api/29.0/public/shell.te b/prebuilts/api/29.0/public/shell.te deleted file mode 100644 index 56196c3d2..000000000 --- a/prebuilts/api/29.0/public/shell.te +++ /dev/null @@ -1,255 +0,0 @@ -# Domain for shell processes spawned by ADB or console service. -type shell, domain, mlstrustedsubject; -type shell_exec, system_file_type, exec_type, file_type; - -# Create and use network sockets. -net_domain(shell) - -# logcat -read_logd(shell) -control_logd(shell) -# logcat -L (directly, or via dumpstate) -allow shell pstorefs:dir search; -allow shell pstorefs:file r_file_perms; - -# Root fs. -allow shell rootfs:dir r_dir_perms; - -# read files in /data/anr -allow shell anr_data_file:dir r_dir_perms; -allow shell anr_data_file:file r_file_perms; - -# Access /data/local/tmp. -allow shell shell_data_file:dir create_dir_perms; -allow shell shell_data_file:file create_file_perms; -allow shell shell_data_file:file rx_file_perms; -allow shell shell_data_file:lnk_file create_file_perms; - -# Read and delete from /data/local/traces. -allow shell trace_data_file:file { r_file_perms unlink }; -allow shell trace_data_file:dir { r_dir_perms remove_name write }; - -# Access /data/misc/profman. -allow shell profman_dump_data_file:dir { write remove_name r_dir_perms }; -allow shell profman_dump_data_file:file { unlink r_file_perms }; - -# Read/execute files in /data/nativetest -userdebug_or_eng(` - allow shell nativetest_data_file:dir r_dir_perms; - allow shell nativetest_data_file:file rx_file_perms; -') - -# adb bugreport -unix_socket_connect(shell, dumpstate, dumpstate) - -allow shell devpts:chr_file rw_file_perms; -allow shell tty_device:chr_file rw_file_perms; -allow shell console_device:chr_file rw_file_perms; - -allow shell input_device:dir r_dir_perms; -allow shell input_device:chr_file r_file_perms; - -r_dir_file(shell, system_file) -allow shell system_file:file x_file_perms; -allow shell toolbox_exec:file rx_file_perms; -allow shell tzdatacheck_exec:file rx_file_perms; -allow shell shell_exec:file rx_file_perms; -allow shell zygote_exec:file rx_file_perms; - -r_dir_file(shell, apk_data_file) - -# Set properties. -set_prop(shell, shell_prop) -set_prop(shell, ctl_bugreport_prop) -set_prop(shell, ctl_dumpstate_prop) -set_prop(shell, dumpstate_prop) -set_prop(shell, exported_dumpstate_prop) -set_prop(shell, debug_prop) -set_prop(shell, powerctl_prop) -set_prop(shell, log_tag_prop) -set_prop(shell, wifi_log_prop) -# Allow shell to start/stop traced via the persist.traced.enable -# property (which also takes care of /data/misc initialization). -set_prop(shell, traced_enabled_prop) -# adjust is_loggable properties -userdebug_or_eng(`set_prop(shell, log_prop)') -# logpersist script -userdebug_or_eng(`set_prop(shell, logpersistd_logging_prop)') -# Allow shell to start/stop heapprofd via the persist.heapprofd.enable -# property. -set_prop(shell, heapprofd_enabled_prop) -# Allow shell to start/stop gsid via ctl.start|stop|restart gsid. -set_prop(shell, ctl_gsid_prop) -# Allow shell to enable Dynamic System Update -set_prop(shell, dynamic_system_prop) - -userdebug_or_eng(` - # "systrace --boot" support - allow boottrace service to run - allow shell boottrace_data_file:dir rw_dir_perms; - allow shell boottrace_data_file:file create_file_perms; - set_prop(shell, persist_debug_prop) -') - -# Read device's serial number from system properties -get_prop(shell, serialno_prop) - -# Allow shell to read the vendor security patch level for CTS -get_prop(shell, vendor_security_patch_level_prop) - -# Read state of logging-related properties -get_prop(shell, device_logging_prop) - -# Read state of boot reason properties -get_prop(shell, bootloader_boot_reason_prop) -get_prop(shell, last_boot_reason_prop) -get_prop(shell, system_boot_reason_prop) - -# allow shell access to services -allow shell servicemanager:service_manager list; -# don't allow shell to access GateKeeper service -# TODO: why is this so broad? Tightening candidate? It needs at list: -# - dumpstate_service (so it can receive dumpstate progress updates) -allow shell { - service_manager_type - -apex_service - -dnsresolver_service - -gatekeeper_service - -incident_service - -installd_service - -iorapd_service - -netd_service - -system_suspend_control_service - -virtual_touchpad_service - -vold_service - -vr_hwc_service -}:service_manager find; -allow shell dumpstate:binder call; - -# allow shell to get information from hwservicemanager -# for instance, listing hardware services with lshal -hwbinder_use(shell) -allow shell hwservicemanager:hwservice_manager list; - -# allow shell to look through /proc/ for lsmod, ps, top, netstat. -r_dir_file(shell, proc_net_type) - -allow shell { - proc_asound - proc_filesystems - proc_interrupts - proc_loadavg # b/124024827 - proc_meminfo - proc_modules - proc_pid_max - proc_slabinfo - proc_stat - proc_timer - proc_uptime - proc_version - proc_zoneinfo -}:file r_file_perms; - -# allow listing network interfaces under /sys/class/net. -allow shell sysfs_net:dir r_dir_perms; - -r_dir_file(shell, cgroup) -allow shell domain:dir { search open read getattr }; -allow shell domain:{ file lnk_file } { open read getattr }; - -# statvfs() of /proc and other labeled filesystems -# (yaffs2, jffs2, ext2, ext3, ext4, xfs, btrfs, f2fs, squashfs, overlay) -allow shell { proc labeledfs }:filesystem getattr; - -# stat() of /dev -allow shell device:dir getattr; - -# allow shell to read /proc/pid/attr/current for ps -Z -allow shell domain:process getattr; - -# Allow pulling the SELinux policy for CTS purposes -allow shell selinuxfs:dir r_dir_perms; -allow shell selinuxfs:file r_file_perms; - -# enable shell domain to read/write files/dirs for bootchart data -# User will creates the start and stop file via adb shell -# and read other files created by init process under /data/bootchart -allow shell bootchart_data_file:dir rw_dir_perms; -allow shell bootchart_data_file:file create_file_perms; - -# Make sure strace works for the non-privileged shell user -allow shell self:process ptrace; - -# allow shell to get battery info -allow shell sysfs:dir r_dir_perms; -allow shell sysfs_batteryinfo:dir r_dir_perms; -allow shell sysfs_batteryinfo:file r_file_perms; - -# Allow access to ion memory allocation device. -allow shell ion_device:chr_file rw_file_perms; - -# -# filesystem test for insecure chr_file's is done -# via a host side test -# -allow shell dev_type:dir r_dir_perms; -allow shell dev_type:chr_file getattr; - -# /dev/fd is a symlink -allow shell proc:lnk_file getattr; - -# -# filesystem test for insucre blk_file's is done -# via hostside test -# -allow shell dev_type:blk_file getattr; - -# read selinux policy files -allow shell file_contexts_file:file r_file_perms; -allow shell property_contexts_file:file r_file_perms; -allow shell seapp_contexts_file:file r_file_perms; -allow shell service_contexts_file:file r_file_perms; -allow shell sepolicy_file:file r_file_perms; - -# Allow shell to start up vendor shell -allow shell vendor_shell_exec:file rx_file_perms; - -# Everything is labeled as rootfs in recovery mode. Allow shell to -# execute them. -recovery_only(` - allow shell rootfs:file rx_file_perms; -') - -### -### Neverallow rules -### - -# Do not allow shell to hard link to any files. -# In particular, if shell hard links to app data -# files, installd will not be able to guarantee the deletion -# of the linked to file. Hard links also contribute to security -# bugs, so we want to ensure the shell user never has this -# capability. -neverallow shell file_type:file link; - -# Do not allow privileged socket ioctl commands -neverallowxperm shell domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls; - -# limit shell access to sensitive char drivers to -# only getattr required for host side test. -neverallow shell { - fuse_device - hw_random_device - port_device -}:chr_file ~getattr; - -# Limit shell to only getattr on blk devices for host side tests. -neverallow shell dev_type:blk_file ~getattr; - -# b/30861057: Shell access to existing input devices is an abuse -# vector. The shell user can inject events that look like they -# originate from the touchscreen etc. -# Everyone should have already moved to UiAutomation#injectInputEvent -# if they are running instrumentation tests (i.e. CTS), Monkey for -# their stress tests, and the input command (adb shell input ...) for -# injecting swipes and things. -neverallow shell input_device:chr_file no_w_file_perms; diff --git a/prebuilts/api/29.0/public/simpleperf_app_runner.te b/prebuilts/api/29.0/public/simpleperf_app_runner.te deleted file mode 100644 index b7ff7a032..000000000 --- a/prebuilts/api/29.0/public/simpleperf_app_runner.te +++ /dev/null @@ -1,43 +0,0 @@ -type simpleperf_app_runner, domain, mlstrustedsubject; -type simpleperf_app_runner_exec, system_file_type, exec_type, file_type; - -# run simpleperf_app_runner in adb shell. -allow simpleperf_app_runner adbd:fd use; -allow simpleperf_app_runner shell:fd use; -allow simpleperf_app_runner devpts:chr_file { read write ioctl }; - -# simpleperf_app_runner reads package information. -allow simpleperf_app_runner system_data_file:file r_file_perms; -allow simpleperf_app_runner system_data_file:lnk_file getattr; -allow simpleperf_app_runner packages_list_file:file r_file_perms; - -# The app's data dir may be accessed through a symlink. -allow simpleperf_app_runner system_data_file:lnk_file read; - -# simpleperf_app_runner switches to the app UID/GID. -allow simpleperf_app_runner self:global_capability_class_set { setuid setgid }; - -# simpleperf_app_runner switches to the app security context. -selinux_check_context(simpleperf_app_runner) # validate context -allow simpleperf_app_runner self:process setcurrent; -allow simpleperf_app_runner untrusted_app_all:process dyntransition; # setcon - -# simpleperf_app_runner/libselinux needs access to seapp_contexts_file to -# determine which domain to transition to. -allow simpleperf_app_runner seapp_contexts_file:file r_file_perms; - -# simpleperf_app_runner passes pipe fds. -allow simpleperf_app_runner shell:fifo_file read; - -# simpleperf_app_runner checks shell data paths. -# simpleperf_app_runner passes shell data fds. -allow simpleperf_app_runner shell_data_file:dir { getattr search }; -allow simpleperf_app_runner shell_data_file:file { getattr write }; - -### -### neverallow rules -### - -# simpleperf_app_runner cannot have capabilities other than CAP_SETUID and CAP_SETGID -neverallow simpleperf_app_runner self:global_capability_class_set ~{ setuid setgid }; -neverallow simpleperf_app_runner self:global_capability2_class_set *; diff --git a/prebuilts/api/29.0/public/slideshow.te b/prebuilts/api/29.0/public/slideshow.te deleted file mode 100644 index 10fbbb852..000000000 --- a/prebuilts/api/29.0/public/slideshow.te +++ /dev/null @@ -1,14 +0,0 @@ -# slideshow seclabel is specified in init.rc since -# it lives in the rootfs and has no unique file type. -type slideshow, domain; - -allow slideshow kmsg_device:chr_file rw_file_perms; -wakelock_use(slideshow) -allow slideshow device:dir r_dir_perms; -allow slideshow self:global_capability_class_set sys_tty_config; -allow slideshow graphics_device:dir r_dir_perms; -allow slideshow graphics_device:chr_file rw_file_perms; -allow slideshow input_device:dir r_dir_perms; -allow slideshow input_device:chr_file r_file_perms; -allow slideshow tty_device:chr_file rw_file_perms; - diff --git a/prebuilts/api/29.0/public/stats_service_server.te b/prebuilts/api/29.0/public/stats_service_server.te deleted file mode 100644 index 564ae234e..000000000 --- a/prebuilts/api/29.0/public/stats_service_server.te +++ /dev/null @@ -1 +0,0 @@ -add_hwservice(stats_service_server, fwk_stats_hwservice) diff --git a/prebuilts/api/29.0/public/statsd.te b/prebuilts/api/29.0/public/statsd.te deleted file mode 100644 index 089cae936..000000000 --- a/prebuilts/api/29.0/public/statsd.te +++ /dev/null @@ -1,84 +0,0 @@ -type statsd, domain, mlstrustedsubject; - -type statsd_exec, system_file_type, exec_type, file_type; -binder_use(statsd) - -# Allow statsd to scan through /proc/pid for all processes. -r_dir_file(statsd, domain) - -# Allow executing files on system, such as running a shell or running: -# /system/bin/toolbox -# /system/bin/logcat -# /system/bin/dumpsys -allow statsd devpts:chr_file { getattr ioctl read write }; -allow statsd shell_exec:file rx_file_perms; -allow statsd system_file:file execute_no_trans; -allow statsd toolbox_exec:file rx_file_perms; - -userdebug_or_eng(` - allow statsd su:fifo_file read; -') - -# Create, read, and write into /data/misc/stats-data, /data/misc/stats-system. -allow statsd stats_data_file:dir create_dir_perms; -allow statsd stats_data_file:file create_file_perms; - -# Allow statsd to make binder calls to any binder service. -binder_call(statsd, appdomain) -binder_call(statsd, healthd) -binder_call(statsd, incidentd) -userdebug_or_eng(` - binder_call(statsd, perfprofd) -') -binder_call(statsd, system_server) - -# Allow statsd to interact with gpuservice -allow statsd gpu_service:service_manager find; -binder_call(statsd, gpuservice) - -# Allow logd access. -read_logd(statsd) -control_logd(statsd) - -# Grant statsd with permissions to register the services. -allow statsd { - app_api_service - incident_service - userdebug_or_eng(` - perfprofd_service - ') - system_api_service -}:service_manager find; - -# Grant statsd to access health hal to access battery metrics. -allow statsd hal_health_hwservice:hwservice_manager find; - -# Allow statsd to send dump info to dumpstate -allow statsd dumpstate:fd use; -allow statsd dumpstate:fifo_file { getattr write }; - -# Allow access to with hardware layer and process stats. -allow statsd proc_uid_cputime_showstat:file { getattr open read }; -hal_client_domain(statsd, hal_health) -hal_client_domain(statsd, hal_power) -hal_client_domain(statsd, hal_power_stats) -hal_client_domain(statsd, hal_thermal) - -# Allow 'adb shell cmd' to upload configs and download output. -allow statsd adbd:fd use; -allow statsd adbd:unix_stream_socket { getattr read write }; -allow statsd shell:fifo_file { getattr read write }; - -unix_socket_send(statsd, statsdw, statsd) - -### -### neverallow rules -### - -# Only statsd and the other root services in limited circumstances. -# can get to the files in /data/misc/stats-data, /data/misc/stats-service. -# Other services are prohibitted from accessing the file. -neverallow { domain -statsd -system_server -init -vold } stats_data_file:file *; - -# Limited access to the directory itself. -neverallow { domain -statsd -system_server -init -vold } stats_data_file:dir *; diff --git a/prebuilts/api/29.0/public/su.te b/prebuilts/api/29.0/public/su.te deleted file mode 100644 index a2f435e17..000000000 --- a/prebuilts/api/29.0/public/su.te +++ /dev/null @@ -1,104 +0,0 @@ -# All types must be defined regardless of build variant to ensure -# policy compilation succeeds with userdebug/user combination at boot -type su, domain; - -# File types must be defined for file_contexts. -type su_exec, system_file_type, exec_type, file_type; - -userdebug_or_eng(` - # Domain used for su processes, as well as for adbd and adb shell - # after performing an adb root command. The domain definition is - # wrapped to ensure that it does not exist at all on -user builds. - typeattribute su mlstrustedsubject; - - # Add su to various domains - net_domain(su) - - # grant su access to vndbinder - vndbinder_use(su) - - dontaudit su self:capability_class_set *; - dontaudit su kernel:security *; - dontaudit su { kernel file_type }:system *; - dontaudit su self:memprotect *; - dontaudit su domain:{ process process2 } *; - dontaudit su domain:fd *; - dontaudit su domain:dir *; - dontaudit su domain:lnk_file *; - dontaudit su domain:{ fifo_file file } *; - dontaudit su domain:socket_class_set *; - dontaudit su domain:ipc_class_set *; - dontaudit su domain:key *; - dontaudit su fs_type:filesystem *; - dontaudit su {fs_type dev_type file_type}:dir_file_class_set *; - dontaudit su node_type:node *; - dontaudit su node_type:{ tcp_socket udp_socket rawip_socket } *; - dontaudit su netif_type:netif *; - dontaudit su port_type:socket_class_set *; - dontaudit su port_type:{ tcp_socket dccp_socket } *; - dontaudit su domain:peer *; - dontaudit su domain:binder *; - dontaudit su property_type:property_service *; - dontaudit su property_type:file *; - dontaudit su service_manager_type:service_manager *; - dontaudit su hwservice_manager_type:hwservice_manager *; - dontaudit su vndservice_manager_type:service_manager *; - dontaudit su servicemanager:service_manager list; - dontaudit su hwservicemanager:hwservice_manager list; - dontaudit su vndservicemanager:service_manager list; - dontaudit su keystore:keystore_key *; - dontaudit su domain:drmservice *; - dontaudit su unlabeled:filesystem *; - dontaudit su postinstall_file:filesystem *; - dontaudit su domain:bpf *; - dontaudit su unlabeled:vsock_socket *; - - # VTS tests run in the permissive su domain on debug builds, but the HALs - # being tested run in enforcing mode. Because hal_foo_server is enforcing - # su needs to be declared as hal_foo_client to grant hal_foo_server - # permission to interact with it. - typeattribute su halclientdomain; - typeattribute su hal_allocator_client; - typeattribute su hal_atrace_client; - typeattribute su hal_audio_client; - typeattribute su hal_authsecret_client; - typeattribute su hal_bluetooth_client; - typeattribute su hal_bootctl_client; - typeattribute su hal_camera_client; - typeattribute su hal_configstore_client; - typeattribute su hal_confirmationui_client; - typeattribute su hal_contexthub_client; - typeattribute su hal_drm_client; - typeattribute su hal_cas_client; - typeattribute su hal_dumpstate_client; - typeattribute su hal_fingerprint_client; - typeattribute su hal_gatekeeper_client; - typeattribute su hal_gnss_client; - typeattribute su hal_graphics_allocator_client; - typeattribute su hal_graphics_composer_client; - typeattribute su hal_health_client; - typeattribute su hal_input_classifier_client; - typeattribute su hal_ir_client; - typeattribute su hal_keymaster_client; - typeattribute su hal_light_client; - typeattribute su hal_memtrack_client; - typeattribute su hal_neuralnetworks_client; - typeattribute su hal_nfc_client; - typeattribute su hal_oemlock_client; - typeattribute su hal_power_client; - typeattribute su hal_secure_element_client; - typeattribute su hal_sensors_client; - typeattribute su hal_telephony_client; - typeattribute su hal_tetheroffload_client; - typeattribute su hal_thermal_client; - typeattribute su hal_tv_cec_client; - typeattribute su hal_tv_input_client; - typeattribute su hal_usb_client; - typeattribute su hal_vibrator_client; - typeattribute su hal_vr_client; - typeattribute su hal_weaver_client; - typeattribute su hal_wifi_client; - typeattribute su hal_wifi_hostapd_client; - typeattribute su hal_wifi_offload_client; - typeattribute su hal_wifi_supplicant_client; -') diff --git a/prebuilts/api/29.0/public/surfaceflinger.te b/prebuilts/api/29.0/public/surfaceflinger.te deleted file mode 100644 index c1e4844a0..000000000 --- a/prebuilts/api/29.0/public/surfaceflinger.te +++ /dev/null @@ -1,3 +0,0 @@ -# surfaceflinger - display compositor service -type surfaceflinger, domain; -type surfaceflinger_tmpfs, file_type; diff --git a/prebuilts/api/29.0/public/swcodec_service_server.te b/prebuilts/api/29.0/public/swcodec_service_server.te deleted file mode 100644 index f20d9904c..000000000 --- a/prebuilts/api/29.0/public/swcodec_service_server.te +++ /dev/null @@ -1,40 +0,0 @@ -# Add hal_codec2_hwservice to mediaswcodec_server -allow mediaswcodec_server hal_codec2_hwservice:hwservice_manager { add find }; -allow mediaswcodec_server hidl_base_hwservice:hwservice_manager add; - -# Allow mediaswcodec_server access to composer sync fences -allow mediaswcodec_server hal_graphics_composer:fd use; - -allow mediaswcodec_server ion_device:chr_file r_file_perms; -allow mediaswcodec_server hal_camera:fd use; - -crash_dump_fallback(mediaswcodec_server) - -# Recieve gralloc buffer FDs from bufferhubd. Note that mediaswcodec_server never -# directly connects to bufferhubd via PDX. Instead, a VR app acts as a bridge -# between those two: it talks to hal_omx_server via Binder and talks to bufferhubd -# via PDX. Thus, there is no need to use pdx_client macro. -allow mediaswcodec_server bufferhubd:fd use; - -binder_call(mediaswcodec_server, hal_omx_client) -binder_call(hal_omx_client, mediaswcodec_server) - -### -### neverallow rules -### - -# mediaswcodec_server should never execute any executable without a -# domain transition -neverallow mediaswcodec_server { file_type fs_type }:file execute_no_trans; - -# The goal of the mediaserver/codec split is to place media processing code into -# restrictive sandboxes with limited responsibilities and thus limited -# permissions. Example: Audioserver is only responsible for controlling audio -# hardware and processing audio content. Cameraserver does the same for camera -# hardware/content. Etc. -# -# Media processing code is inherently risky and thus should have limited -# permissions and be isolated from the rest of the system and network. -# Lengthier explanation here: -# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html -neverallow mediaswcodec_server domain:{ tcp_socket udp_socket rawip_socket } *; diff --git a/prebuilts/api/29.0/public/system_app.te b/prebuilts/api/29.0/public/system_app.te deleted file mode 100644 index 023058ee0..000000000 --- a/prebuilts/api/29.0/public/system_app.te +++ /dev/null @@ -1,7 +0,0 @@ -### -### Apps that run with the system UID, e.g. com.android.system.ui, -### com.android.settings. These are not as privileged as the system -### server. -### - -type system_app, domain; diff --git a/prebuilts/api/29.0/public/system_server.te b/prebuilts/api/29.0/public/system_server.te deleted file mode 100644 index ff18bdf84..000000000 --- a/prebuilts/api/29.0/public/system_server.te +++ /dev/null @@ -1,6 +0,0 @@ -# -# System Server aka system_server spawned by zygote. -# Most of the framework services run in this process. -# -type system_server, domain; -type system_server_tmpfs, file_type, mlstrustedobject; diff --git a/prebuilts/api/29.0/public/system_suspend_server.te b/prebuilts/api/29.0/public/system_suspend_server.te deleted file mode 100644 index 8e8310d5e..000000000 --- a/prebuilts/api/29.0/public/system_suspend_server.te +++ /dev/null @@ -1,6 +0,0 @@ -# Required to export a HIDL interface. -hwbinder_use(system_suspend_server) -get_prop(system_suspend_server, hwservicemanager_prop) - -# To serve ISystemSuspend.hal. -add_hwservice(system_suspend_server, system_suspend_hwservice) diff --git a/prebuilts/api/29.0/public/te_macros b/prebuilts/api/29.0/public/te_macros deleted file mode 100644 index cd4bf6145..000000000 --- a/prebuilts/api/29.0/public/te_macros +++ /dev/null @@ -1,704 +0,0 @@ -##################################### -# domain_trans(olddomain, type, newdomain) -# Allow a transition from olddomain to newdomain -# upon executing a file labeled with type. -# This only allows the transition; it does not -# cause it to occur automatically - use domain_auto_trans -# if that is what you want. -# -define(`domain_trans', ` -# Old domain may exec the file and transition to the new domain. -allow $1 $2:file { getattr open read execute map }; -allow $1 $3:process transition; -# New domain is entered by executing the file. -allow $3 $2:file { entrypoint open read execute getattr map }; -# New domain can send SIGCHLD to its caller. -ifelse($1, `init', `', `allow $3 $1:process sigchld;') -# Enable AT_SECURE, i.e. libc secure mode. -dontaudit $1 $3:process noatsecure; -# XXX dontaudit candidate but requires further study. -allow $1 $3:process { siginh rlimitinh }; -') - -##################################### -# domain_auto_trans(olddomain, type, newdomain) -# Automatically transition from olddomain to newdomain -# upon executing a file labeled with type. -# -define(`domain_auto_trans', ` -# Allow the necessary permissions. -domain_trans($1,$2,$3) -# Make the transition occur by default. -type_transition $1 $2:process $3; -') - -##################################### -# file_type_trans(domain, dir_type, file_type) -# Allow domain to create a file labeled file_type in a -# directory labeled dir_type. -# This only allows the transition; it does not -# cause it to occur automatically - use file_type_auto_trans -# if that is what you want. -# -define(`file_type_trans', ` -# Allow the domain to add entries to the directory. -allow $1 $2:dir ra_dir_perms; -# Allow the domain to create the file. -allow $1 $3:notdevfile_class_set create_file_perms; -allow $1 $3:dir create_dir_perms; -') - -##################################### -# file_type_auto_trans(domain, dir_type, file_type) -# Automatically label new files with file_type when -# they are created by domain in directories labeled dir_type. -# -define(`file_type_auto_trans', ` -# Allow the necessary permissions. -file_type_trans($1, $2, $3) -# Make the transition occur by default. -type_transition $1 $2:dir $3; -type_transition $1 $2:notdevfile_class_set $3; -') - -##################################### -# r_dir_file(domain, type) -# Allow the specified domain to read directories, files -# and symbolic links of the specified type. -define(`r_dir_file', ` -allow $1 $2:dir r_dir_perms; -allow $1 $2:{ file lnk_file } r_file_perms; -') - -##################################### -# tmpfs_domain(domain) -# Allow access to a unique type for this domain when creating tmpfs / ashmem files. -define(`tmpfs_domain', ` -type_transition $1 tmpfs:file $1_tmpfs; -allow $1 $1_tmpfs:file { read write getattr map }; -') - -# pdx macros for IPC. pdx is a high-level name which contains transport-specific -# rules from underlying transport (e.g. UDS-based implementation). - -##################################### -# pdx_service_attributes(service) -# Defines type attribute used to identify various service-related types. -define(`pdx_service_attributes', ` -attribute pdx_$1_endpoint_dir_type; -attribute pdx_$1_endpoint_socket_type; -attribute pdx_$1_channel_socket_type; -attribute pdx_$1_server_type; -') - -##################################### -# pdx_service_socket_types(service, endpoint_dir_t) -# Define types for endpoint and channel sockets. -define(`pdx_service_socket_types', ` -typeattribute $2 pdx_$1_endpoint_dir_type; -type pdx_$1_endpoint_socket, pdx_$1_endpoint_socket_type, pdx_endpoint_socket_type, file_type, coredomain_socket, mlstrustedobject, mlstrustedsubject; -type pdx_$1_channel_socket, pdx_$1_channel_socket_type, pdx_channel_socket_type, coredomain_socket; -userdebug_or_eng(` -dontaudit su pdx_$1_endpoint_socket:unix_stream_socket *; -dontaudit su pdx_$1_channel_socket:unix_stream_socket *; -') -') - -##################################### -# pdx_server(server_domain, service) -define(`pdx_server', ` -# Mark the server domain as a PDX server. -typeattribute $1 pdx_$2_server_type; -# Allow the init process to create the initial endpoint socket. -allow init pdx_$2_endpoint_socket_type:unix_stream_socket { create bind }; -# Allow the server domain to use the endpoint socket and accept connections on it. -# Not using macro like "rw_socket_perms_no_ioctl" because it provides more rights -# than we need (e.g. we don"t need "bind" or "connect"). -allow $1 pdx_$2_endpoint_socket_type:unix_stream_socket { read getattr write setattr lock append getopt setopt shutdown listen accept }; -# Allow the server domain to apply security context label to the channel socket pair (allow process to use setsockcreatecon_raw()). -allow $1 self:process setsockcreate; -# Allow the server domain to create a client channel socket. -allow $1 pdx_$2_channel_socket_type:unix_stream_socket create_stream_socket_perms; -# Prevent other processes from claiming to be a server for the same service. -neverallow {domain -$1} pdx_$2_endpoint_socket_type:unix_stream_socket { listen accept }; -') - -##################################### -# pdx_connect(client, service) -define(`pdx_connect', ` -# Allow client to open the service endpoint file. -allow $1 pdx_$2_endpoint_dir_type:dir r_dir_perms; -allow $1 pdx_$2_endpoint_socket_type:sock_file rw_file_perms; -# Allow the client to connect to endpoint socket. -allow $1 pdx_$2_endpoint_socket_type:unix_stream_socket { connectto read write shutdown }; -') - -##################################### -# pdx_use(client, service) -define(`pdx_use', ` -# Allow the client to use the PDX channel socket. -# Not using macro like "rw_socket_perms_no_ioctl" because it provides more rights -# than we need (e.g. we don"t need "bind" or "connect"). -allow $1 pdx_$2_channel_socket_type:unix_stream_socket { read getattr write setattr lock append getopt setopt shutdown }; -# Client needs to use an channel event fd from the server. -allow $1 pdx_$2_server_type:fd use; -# Servers may receive sync fences, gralloc buffers, etc, from clients. -# This could be tightened on a per-server basis, but keeping track of service -# clients is error prone. -allow pdx_$2_server_type $1:fd use; -') - -##################################### -# pdx_client(client, service) -define(`pdx_client', ` -pdx_connect($1, $2) -pdx_use($1, $2) -') - -##################################### -# init_daemon_domain(domain) -# Set up a transition from init to the daemon domain -# upon executing its binary. -define(`init_daemon_domain', ` -domain_auto_trans(init, $1_exec, $1) -') - -##################################### -# app_domain(domain) -# Allow a base set of permissions required for all apps. -define(`app_domain', ` -typeattribute $1 appdomain; -# Label tmpfs objects for all apps. -type_transition $1 tmpfs:file appdomain_tmpfs; -allow $1 appdomain_tmpfs:file { execute getattr map read write }; -neverallow { $1 -runas_app -shell } { domain -$1 }:file no_rw_file_perms; -neverallow { appdomain -runas_app -shell -$1 } $1:file no_rw_file_perms; -# The Android security model guarantees the confidentiality and integrity -# of application data and execution state. Ptrace bypasses those -# confidentiality guarantees. Disallow ptrace access from system components -# to apps. Crash_dump is excluded, as it needs ptrace access to -# produce stack traces. llkd is excluded, as it needs to inspect -# the kernel stack for live lock conditions. runas_app is excluded, as it can -# only access debuggable apps. -neverallow { domain -$1 -crash_dump userdebug_or_eng(`-llkd') -runas_app } $1:process ptrace; -') - -##################################### -# untrusted_app_domain(domain) -# Allow a base set of permissions required for all untrusted apps. -define(`untrusted_app_domain', ` -typeattribute $1 untrusted_app_all; -') - -##################################### -# net_domain(domain) -# Allow a base set of permissions required for network access. -define(`net_domain', ` -typeattribute $1 netdomain; -') - -##################################### -# bluetooth_domain(domain) -# Allow a base set of permissions required for bluetooth access. -define(`bluetooth_domain', ` -typeattribute $1 bluetoothdomain; -') - -##################################### -# hal_attribute(hal_name) -# Add an attribute for hal implementations along with necessary -# restrictions. -define(`hal_attribute', ` -attribute hal_$1; -expandattribute hal_$1 true; -attribute hal_$1_client; -expandattribute hal_$1_client true; -attribute hal_$1_server; -expandattribute hal_$1_server false; - -neverallow { hal_$1_server -halserverdomain } domain:process fork; -# hal_*_client and halclientdomain attributes are always expanded for -# performance reasons. Neverallow rules targeting expanded attributes can not be -# verified by CTS since these attributes are already expanded by that time. -build_test_only(` -neverallow { hal_$1_server -hal_$1 } domain:process fork; -neverallow { hal_$1_client -halclientdomain } domain:process fork; -') -') - -##################################### -# hal_server_domain(domain, hal_type) -# Allow a base set of permissions required for a domain to offer a -# HAL implementation of the specified type over HwBinder. -# -# For example, default implementation of Foo HAL: -# type hal_foo_default, domain; -# hal_server_domain(hal_foo_default, hal_foo) -# -define(`hal_server_domain', ` -typeattribute $1 halserverdomain; -typeattribute $1 $2_server; -typeattribute $1 $2; -') - -##################################### -# hal_client_domain(domain, hal_type) -# Allow a base set of permissions required for a domain to be a -# client of a HAL of the specified type. -# -# For example, make some_domain a client of Foo HAL: -# hal_client_domain(some_domain, hal_foo) -# -define(`hal_client_domain', ` -typeattribute $1 halclientdomain; -typeattribute $1 $2_client; - -# TODO(b/34170079): Make the inclusion of the rules below conditional also on -# non-Treble devices. For now, on non-Treble device, always grant clients of a -# HAL sufficient access to run the HAL in passthrough mode (i.e., in-process). -not_full_treble(` -typeattribute $1 $2; -# Find passthrough HAL implementations -allow $2 system_file:dir r_dir_perms; -allow $2 vendor_file:dir r_dir_perms; -allow $2 vendor_file:file { read open getattr execute map }; -') -') - -##################################### -# passthrough_hal_client_domain(domain, hal_type) -# Allow a base set of permissions required for a domain to be a -# client of a passthrough HAL of the specified type. -# -# For example, make some_domain a client of passthrough Foo HAL: -# passthrough_hal_client_domain(some_domain, hal_foo) -# -define(`passthrough_hal_client_domain', ` -typeattribute $1 halclientdomain; -typeattribute $1 $2_client; -typeattribute $1 $2; -# Find passthrough HAL implementations -allow $2 system_file:dir r_dir_perms; -allow $2 vendor_file:dir r_dir_perms; -allow $2 vendor_file:file { read open getattr execute map }; -') - -##################################### -# unix_socket_connect(clientdomain, socket, serverdomain) -# Allow a local socket connection from clientdomain via -# socket to serverdomain. -# -# Note: If you see denial records that distill to the -# following allow rules: -# allow clientdomain property_socket:sock_file write; -# allow clientdomain init:unix_stream_socket connectto; -# allow clientdomain something_prop:property_service set; -# -# This sequence is indicative of attempting to set a property. -# use set_prop(sourcedomain, targetproperty) -# -define(`unix_socket_connect', ` -allow $1 $2_socket:sock_file write; -allow $1 $3:unix_stream_socket connectto; -') - -##################################### -# set_prop(sourcedomain, targetproperty) -# Allows source domain to set the -# targetproperty. -# -define(`set_prop', ` -unix_socket_connect($1, property, init) -allow $1 $2:property_service set; -get_prop($1, $2) -') - -##################################### -# get_prop(sourcedomain, targetproperty) -# Allows source domain to read the -# targetproperty. -# -define(`get_prop', ` -allow $1 $2:file { getattr open read map }; -') - -##################################### -# unix_socket_send(clientdomain, socket, serverdomain) -# Allow a local socket send from clientdomain via -# socket to serverdomain. -define(`unix_socket_send', ` -allow $1 $2_socket:sock_file write; -allow $1 $3:unix_dgram_socket sendto; -') - -##################################### -# binder_use(domain) -# Allow domain to use Binder IPC. -define(`binder_use', ` -# Call the servicemanager and transfer references to it. -allow $1 servicemanager:binder { call transfer }; -# servicemanager performs getpidcon on clients. -allow servicemanager $1:dir search; -allow servicemanager $1:file { read open }; -allow servicemanager $1:process getattr; -# rw access to /dev/binder and /dev/ashmem is presently granted to -# all domains in domain.te. -') - -##################################### -# hwbinder_use(domain) -# Allow domain to use HwBinder IPC. -define(`hwbinder_use', ` -# Call the hwservicemanager and transfer references to it. -allow $1 hwservicemanager:binder { call transfer }; -# Allow hwservicemanager to send out callbacks -allow hwservicemanager $1:binder { call transfer }; -# hwservicemanager performs getpidcon on clients. -allow hwservicemanager $1:dir search; -allow hwservicemanager $1:file { read open map }; -allow hwservicemanager $1:process getattr; -# rw access to /dev/hwbinder and /dev/ashmem is presently granted to -# all domains in domain.te. -') - -##################################### -# vndbinder_use(domain) -# Allow domain to use Binder IPC. -define(`vndbinder_use', ` -# Talk to the vndbinder device node -allow $1 vndbinder_device:chr_file rw_file_perms; -# Call the vndservicemanager and transfer references to it. -allow $1 vndservicemanager:binder { call transfer }; -# vndservicemanager performs getpidcon on clients. -allow vndservicemanager $1:dir search; -allow vndservicemanager $1:file { read open map }; -allow vndservicemanager $1:process getattr; -') - -##################################### -# binder_call(clientdomain, serverdomain) -# Allow clientdomain to perform binder IPC to serverdomain. -define(`binder_call', ` -# Call the server domain and optionally transfer references to it. -allow $1 $2:binder { call transfer }; -# Allow the serverdomain to transfer references to the client on the reply. -allow $2 $1:binder transfer; -# Receive and use open files from the server. -allow $1 $2:fd use; -') - -##################################### -# binder_service(domain) -# Mark a domain as being a Binder service domain. -# Used to allow binder IPC to the various system services. -define(`binder_service', ` -typeattribute $1 binderservicedomain; -') - -##################################### -# wakelock_use(domain) -# Allow domain to manage wake locks -define(`wakelock_use', ` -# TODO(b/115946999): Remove /sys/power/* permissions once CONFIG_PM_WAKELOCKS is -# deprecated. -# Access /sys/power/wake_lock and /sys/power/wake_unlock -allow $1 sysfs_wake_lock:file rw_file_perms; -# Accessing these files requires CAP_BLOCK_SUSPEND -allow $1 self:global_capability2_class_set block_suspend; -# system_suspend permissions -binder_call($1, system_suspend_server) -allow $1 system_suspend_hwservice:hwservice_manager find; -# halclientdomain permissions -hwbinder_use($1) -get_prop($1, hwservicemanager_prop) -allow $1 hidl_manager_hwservice:hwservice_manager find; -') - -##################################### -# selinux_check_access(domain) -# Allow domain to check SELinux permissions via selinuxfs. -define(`selinux_check_access', ` -r_dir_file($1, selinuxfs) -allow $1 selinuxfs:file w_file_perms; -allow $1 kernel:security compute_av; -allow $1 self:netlink_selinux_socket { read write create getattr setattr lock relabelfrom relabelto append bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind }; -') - -##################################### -# selinux_check_context(domain) -# Allow domain to check SELinux contexts via selinuxfs. -define(`selinux_check_context', ` -r_dir_file($1, selinuxfs) -allow $1 selinuxfs:file w_file_perms; -allow $1 kernel:security check_context; -') - -##################################### -# create_pty(domain) -# Allow domain to create and use a pty, isolated from any other domain ptys. -define(`create_pty', ` -# Each domain gets a unique devpts type. -type $1_devpts, fs_type; -# Label the pty with the unique type when created. -type_transition $1 devpts:chr_file $1_devpts; -# Allow use of the pty after creation. -allow $1 $1_devpts:chr_file { open getattr read write ioctl }; -allowxperm $1 $1_devpts:chr_file ioctl unpriv_tty_ioctls; -# TIOCSTI is only ever used for exploits. Block it. -# b/33073072, b/7530569 -# http://www.openwall.com/lists/oss-security/2016/09/26/14 -neverallowxperm * $1_devpts:chr_file ioctl TIOCSTI; -# Note: devpts:dir search and ptmx_device:chr_file rw_file_perms -# allowed to everyone via domain.te. -') - -##################################### -# Non system_app application set -# -define(`non_system_app_set', `{ appdomain -system_app }') - -##################################### -# Recovery only -# SELinux rules which apply only to recovery mode -# -define(`recovery_only', ifelse(target_recovery, `true', $1, )) - -##################################### -# Full TREBLE only -# SELinux rules which apply only to full TREBLE devices -# -define(`full_treble_only', ifelse(target_full_treble, `true', $1, -ifelse(target_full_treble, `cts', -# BEGIN_TREBLE_ONLY -- this marker is used by CTS -- do not modify -$1 -# END_TREBLE_ONLY -- this marker is used by CTS -- do not modify -, ))) - -##################################### -# Not full TREBLE -# SELinux rules which apply only to devices which are not full TREBLE devices -# -define(`not_full_treble', ifelse(target_full_treble, `true', , $1)) - -##################################### -# Compatible property only -# SELinux rules which apply only to devices with compatible property -# -define(`compatible_property_only', ifelse(target_compatible_property, `true', $1, -ifelse(target_compatible_property, `cts', -# BEGIN_COMPATIBLE_PROPERTY_ONLY -- this marker is used by CTS -- do not modify -$1 -# END_COMPATIBLE_PROPERTY_ONLY -- this marker is used by CTS -- do not modify -, ))) - -##################################### -# Not compatible property -# SELinux rules which apply only to devices without compatible property -# -define(`not_compatible_property', ifelse(target_compatible_property, `true', , $1)) - -##################################### -# Userdebug or eng builds -# SELinux rules which apply only to userdebug or eng builds -# -define(`userdebug_or_eng', ifelse(target_build_variant, `eng', $1, ifelse(target_build_variant, `userdebug', $1))) - -##################################### -# asan builds -# SELinux rules which apply only to asan builds -# -define(`with_asan', ifelse(target_with_asan, `true', userdebug_or_eng(`$1'), )) - -##################################### -# Build-time-only test -# SELinux rules which are verified during build, but not as part of *TS testing. -# -define(`build_test_only', ifelse(target_exclude_build_test, `true', , $1)) - -#################################### -# Fallback crash handling for processes that can't exec crash_dump (e.g. because of seccomp). -# -define(`crash_dump_fallback', ` -userdebug_or_eng(` - allow $1 su:fifo_file append; -') -allow $1 anr_data_file:file append; -allow $1 dumpstate:fd use; -allow $1 incidentd:fd use; -# TODO: Figure out why write is needed. -allow $1 dumpstate:fifo_file { append write }; -allow $1 incidentd:fifo_file { append write }; -allow $1 system_server:fifo_file { append write }; -allow $1 tombstoned:unix_stream_socket connectto; -allow $1 tombstoned:fd use; -allow $1 tombstoned_crash_socket:sock_file write; -allow $1 tombstone_data_file:file append; -') - -##################################### -# WITH_DEXPREOPT builds -# SELinux rules which apply only when pre-opting. -# -define(`with_dexpreopt', ifelse(target_with_dexpreopt, `true', $1)) - -##################################### -# write_logd(domain) -# Ability to write to android log -# daemon via sockets -define(`write_logd', ` -unix_socket_send($1, logdw, logd) -allow $1 pmsg_device:chr_file w_file_perms; -') - -##################################### -# read_logd(domain) -# Ability to run logcat and read from android -# log daemon via sockets -define(`read_logd', ` -allow $1 logcat_exec:file rx_file_perms; -unix_socket_connect($1, logdr, logd) -') - -##################################### -# read_runtime_log_tags(domain) -# ability to directly map the runtime event log tags -define(`read_runtime_log_tags', ` -allow $1 runtime_event_log_tags_file:file r_file_perms; -') - -##################################### -# control_logd(domain) -# Ability to control -# android log daemon via sockets -define(`control_logd', ` -# Group AID_LOG checked by filesystem & logd -# to permit control commands -unix_socket_connect($1, logd, logd) -') - -##################################### -# use_keystore(domain) -# Ability to use keystore. -# Keystore is requires the following permissions -# to call getpidcon. -define(`use_keystore', ` - allow keystore $1:dir search; - allow keystore $1:file { read open }; - allow keystore $1:process getattr; - allow $1 keystore_service:service_manager find; - binder_call($1, keystore) - binder_call(keystore, $1) -') - -########################################### -# use_drmservice(domain) -# Ability to use DrmService which requires -# DrmService to call getpidcon. -define(`use_drmservice', ` - allow drmserver $1:dir search; - allow drmserver $1:file { read open }; - allow drmserver $1:process getattr; -') - -########################################### -# add_service(domain, service) -# Ability for domain to add a service to service_manager -# and find it. It also creates a neverallow preventing -# others from adding it. -define(`add_service', ` - allow $1 $2:service_manager { add find }; - neverallow { domain -$1 } $2:service_manager add; -') - -########################################### -# add_hwservice(domain, service) -# Ability for domain to add a service to hwservice_manager -# and find it. It also creates a neverallow preventing -# others from adding it. -define(`add_hwservice', ` - allow $1 $2:hwservice_manager { add find }; - allow $1 hidl_base_hwservice:hwservice_manager add; - neverallow { domain -$1 } $2:hwservice_manager add; -') - -########################################### -# hal_attribute_hwservice(attribute, service) -# Ability for domain to get a service to hwservice_manager -# and find it. It also creates a neverallow preventing -# others from adding it. -# -# Used to pair hal_foo_client with hal_foo_hwservice -define(`hal_attribute_hwservice', ` - allow $1_client $2:hwservice_manager find; - add_hwservice($1_server, $2) - - build_test_only(` - neverallow { domain -$1_client -$1_server } $2:hwservice_manager find; - ') -') - -################################### -# can_profile_heap(domain) -# Allow processes within the domain to have their heap profiled by heapprofd. -# -# Note that profiling is performed differently between debug and user builds. -# This macro covers both user and debug builds, but see -# can_profile_heap_userdebug_or_eng for a variant that can be used when -# allowing profiling for a domain only on debug builds, without granting -# the exec permission. The exec permission is necessary for user builds, but -# only a nice-to-have for development and testing purposes on debug builds. -define(`can_profile_heap', ` - # Allow central daemon to send signal for client initialization. - allow heapprofd $1:process signal; - - # Allow executing a private heapprofd process to handle profiling on - # user builds (also debug builds for testing & development purposes). - allow $1 heapprofd_exec:file rx_file_perms; - - # Allow directory & file read to the central heapprofd daemon, as it scans - # /proc/[pid]/cmdline for by-process-name profiling configs. - # Note that this excludes /proc/[pid]/mem, as it requires ptrace capabilities. - allow heapprofd $1:file r_file_perms; - allow heapprofd $1:dir r_dir_perms; - - # Profilability on user implies profilability on userdebug and eng. - can_profile_heap_userdebug_or_eng($1) -') - -################################### -# can_profile_heap_userdebug_or_eng(domain) -# Allow processes within the domain to have their heap profiled by heapprofd on -# debug builds only. -# -# Only necessary when can_profile_heap cannot be applied, see its description -# for rationale. -define(`can_profile_heap_userdebug_or_eng', ` - userdebug_or_eng(` - # Allow central daemon to send signal for client initialization. - allow heapprofd $1:process signal; - # Allow connecting to the daemon. - unix_socket_connect($1, heapprofd, heapprofd) - # Allow daemon to use the passed fds. - allow heapprofd $1:fd use; - # Allow to read and write to heapprofd shmem. - # The client needs to read the read and write pointers in order to write. - allow $1 heapprofd_tmpfs:file { read write getattr map }; - # Use shared memory received over the unix socket. - allow $1 heapprofd:fd use; - - # To read from the received file descriptors. - # /proc/[pid]/maps and /proc/[pid]/mem have the same SELinux label as the - # process they relate to. - allow heapprofd $1:file r_file_perms; - # Allow searching the /proc/[pid] directory for cmdline. - allow heapprofd $1:dir r_dir_perms; - ') -') - -################################### -# never_profile_heap(domain) -# Opt out of heap profiling by heapprofd. -define(`never_profile_heap', ` - neverallow heapprofd $1:file read; - neverallow heapprofd $1:process signal; -') diff --git a/prebuilts/api/29.0/public/tee.te b/prebuilts/api/29.0/public/tee.te deleted file mode 100644 index 0f9b32dc9..000000000 --- a/prebuilts/api/29.0/public/tee.te +++ /dev/null @@ -1,11 +0,0 @@ -## -# trusted execution environment (tee) daemon -# -type tee, domain; - -# Device(s) for communicating with the TEE -type tee_device, dev_type; - -allow tee fingerprint_vendor_data_file:dir rw_dir_perms; -allow tee fingerprint_vendor_data_file:file create_file_perms; - diff --git a/prebuilts/api/29.0/public/thermalserviced.te b/prebuilts/api/29.0/public/thermalserviced.te deleted file mode 100644 index 471682622..000000000 --- a/prebuilts/api/29.0/public/thermalserviced.te +++ /dev/null @@ -1,14 +0,0 @@ -# thermalserviced -- thermal management services for system and vendor -type thermalserviced, domain; -type thermalserviced_exec, system_file_type, exec_type, file_type; - -binder_use(thermalserviced) -binder_service(thermalserviced) -add_service(thermalserviced, thermal_service) - -hwbinder_use(thermalserviced) -hal_client_domain(thermalserviced, hal_thermal) -add_hwservice(thermalserviced, thermalcallback_hwservice) - -binder_call(thermalserviced, platform_app) -binder_call(thermalserviced, system_server) diff --git a/prebuilts/api/29.0/public/tombstoned.te b/prebuilts/api/29.0/public/tombstoned.te deleted file mode 100644 index ea2abbb75..000000000 --- a/prebuilts/api/29.0/public/tombstoned.te +++ /dev/null @@ -1,17 +0,0 @@ -# debugger interface -type tombstoned, domain, mlstrustedsubject; -type tombstoned_exec, system_file_type, exec_type, file_type; - -# Write to arbitrary pipes given to us. -allow tombstoned domain:fd use; -allow tombstoned domain:fifo_file write; - -allow tombstoned domain:dir r_dir_perms; -allow tombstoned domain:file r_file_perms; -allow tombstoned tombstone_data_file:dir rw_dir_perms; -allow tombstoned tombstone_data_file:file { create_file_perms link }; - -# Changes for the new stack dumping mechanism. Each trace goes into a -# separate file, and these files are managed by tombstoned. -allow tombstoned anr_data_file:dir rw_dir_perms; -allow tombstoned anr_data_file:file { append create getattr open link unlink }; diff --git a/prebuilts/api/29.0/public/toolbox.te b/prebuilts/api/29.0/public/toolbox.te deleted file mode 100644 index 19cc3b6fe..000000000 --- a/prebuilts/api/29.0/public/toolbox.te +++ /dev/null @@ -1,24 +0,0 @@ -# Any toolbox command run by init. -# At present, the only known usage is for running mkswap via fs_mgr. -# Do NOT use this domain for toolbox when run by any other domain. -type toolbox, domain; -type toolbox_exec, system_file_type, exec_type, file_type; - -# /dev/__null__ created by init prior to policy load, -# open fd inherited by fsck. -allow toolbox tmpfs:chr_file { read write ioctl }; - -# Inherit and use pty created by android_fork_execvp_ext(). -allow toolbox devpts:chr_file { read write getattr ioctl }; - -# mkswap-specific. -# Read/write block devices used for swap partitions. -# Assign swap_block_device type any such partition in your -# device///sepolicy/file_contexts file. -allow toolbox block_device:dir search; -allow toolbox swap_block_device:blk_file rw_file_perms; - -# Only allow entry from init via the toolbox binary. -neverallow { domain -init } toolbox:process transition; -neverallow * toolbox:process dyntransition; -neverallow toolbox { file_type fs_type -toolbox_exec}:file entrypoint; diff --git a/prebuilts/api/29.0/public/traced.te b/prebuilts/api/29.0/public/traced.te deleted file mode 100644 index ec5b85039..000000000 --- a/prebuilts/api/29.0/public/traced.te +++ /dev/null @@ -1,2 +0,0 @@ -type traced, domain, coredomain, mlstrustedsubject; - diff --git a/prebuilts/api/29.0/public/traced_probes.te b/prebuilts/api/29.0/public/traced_probes.te deleted file mode 100644 index 3e587c8ef..000000000 --- a/prebuilts/api/29.0/public/traced_probes.te +++ /dev/null @@ -1 +0,0 @@ -type traced_probes, domain, coredomain, mlstrustedsubject; diff --git a/prebuilts/api/29.0/public/traceur_app.te b/prebuilts/api/29.0/public/traceur_app.te deleted file mode 100644 index 5333015f3..000000000 --- a/prebuilts/api/29.0/public/traceur_app.te +++ /dev/null @@ -1,31 +0,0 @@ -type traceur_app, domain; - -allow traceur_app servicemanager:service_manager list; -allow traceur_app hwservicemanager:hwservice_manager list; - -# Allow Traceur to enable traced if necessary. -set_prop(traceur_app, traced_enabled_prop) - -set_prop(traceur_app, debug_prop) - -allow traceur_app { - service_manager_type - -apex_service - -dnsresolver_service - -gatekeeper_service - -incident_service - -installd_service - -iorapd_service - -lpdump_service - -netd_service - -virtual_touchpad_service - -vold_service - -vr_hwc_service -}:service_manager find; - -# Allow traceur_app to use atrace HAL -hal_client_domain(traceur_app, hal_atrace) - -dontaudit traceur_app service_manager_type:service_manager find; -dontaudit traceur_app hwservice_manager_type:hwservice_manager find; -dontaudit traceur_app domain:binder call; diff --git a/prebuilts/api/29.0/public/tzdatacheck.te b/prebuilts/api/29.0/public/tzdatacheck.te deleted file mode 100644 index cf9b95de9..000000000 --- a/prebuilts/api/29.0/public/tzdatacheck.te +++ /dev/null @@ -1,18 +0,0 @@ -# The tzdatacheck command run by init. -type tzdatacheck, domain; -type tzdatacheck_exec, system_file_type, exec_type, file_type; - -allow tzdatacheck zoneinfo_data_file:dir create_dir_perms; -allow tzdatacheck zoneinfo_data_file:file unlink; - -# Below are strong assertion that only init, system_server and tzdatacheck -# can modify the /data time zone rules directories. This is to make it very -# clear that only these domains should modify the actual time zone rules data. -# The tzdatacheck binary itself may be executed by shell for tests but it must -# not be able to modify the real rules. -# If other users / binaries could modify time zone rules on device this might -# have negative implications for users (who may get incorrect local times) -# or break assumptions made / invalidate data held by the components actually -# responsible for updating time zone rules. -neverallow { domain -system_server -init -tzdatacheck } zoneinfo_data_file:file no_w_file_perms; -neverallow { domain -system_server -init -tzdatacheck } zoneinfo_data_file:dir no_w_dir_perms; diff --git a/prebuilts/api/29.0/public/ueventd.te b/prebuilts/api/29.0/public/ueventd.te deleted file mode 100644 index 98e3bda7c..000000000 --- a/prebuilts/api/29.0/public/ueventd.te +++ /dev/null @@ -1,80 +0,0 @@ -# ueventd seclabel is specified in init.rc since -# it lives in the rootfs and has no unique file type. -type ueventd, domain; -type ueventd_tmpfs, file_type; - -# Write to /dev/kmsg. -allow ueventd kmsg_device:chr_file rw_file_perms; - -allow ueventd self:global_capability_class_set { chown mknod net_admin setgid fsetid sys_rawio dac_override dac_read_search fowner }; -allow ueventd device:file create_file_perms; - -r_dir_file(ueventd, rootfs) - -# ueventd needs write access to files in /sys to regenerate uevents -allow ueventd sysfs_type:file w_file_perms; -r_dir_file(ueventd, sysfs_type) -allow ueventd sysfs_type:{ file lnk_file } { relabelfrom relabelto setattr }; -allow ueventd sysfs_type:dir { relabelfrom relabelto setattr }; -allow ueventd tmpfs:chr_file rw_file_perms; -allow ueventd dev_type:dir create_dir_perms; -allow ueventd dev_type:lnk_file { create unlink }; -allow ueventd dev_type:chr_file { getattr create setattr unlink }; -allow ueventd dev_type:blk_file { getattr relabelfrom relabelto create setattr unlink }; -allow ueventd self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; -allow ueventd efs_file:dir search; -allow ueventd efs_file:file r_file_perms; - -# Get SELinux enforcing status. -r_dir_file(ueventd, selinuxfs) - -# Access for /vendor/ueventd.rc and /vendor/firmware -r_dir_file(ueventd, { vendor_file_type -vendor_app_file -vendor_overlay_file }) - -# Get file contexts for new device nodes -allow ueventd file_contexts_file:file r_file_perms; - -# Use setfscreatecon() to label /dev directories and files. -allow ueventd self:process setfscreate; - -# Allow ueventd to read androidboot.android_dt_dir from kernel cmdline. -allow ueventd proc_cmdline:file r_file_perms; - -# Everything is labeled as rootfs in recovery mode. ueventd has to execute -# the dynamic linker and shared libraries. -recovery_only(` - allow ueventd rootfs:file { r_file_perms execute }; -') - -# Suppress denials for ueventd to getattr /postinstall. This occurs when the -# linker tries to resolve paths in ld.config.txt. -dontaudit ueventd postinstall_mnt_dir:dir getattr; - -# ueventd loads modules in response to modalias events. -allow ueventd self:global_capability_class_set sys_module; -allow ueventd vendor_file:system module_load; -allow ueventd kernel:key search; - -# ueventd is using bootstrap bionic -allow ueventd system_bootstrap_lib_file:dir r_dir_perms; -allow ueventd system_bootstrap_lib_file:file { execute read open getattr map }; - -##### -##### neverallow rules -##### - -# ueventd must never set properties, otherwise deadlocks may occur. -# https://android-review.googlesource.com/#/c/133120/6/init/devices.cpp@941 -# No writing to the property socket, connecting to init, or setting properties. -neverallow ueventd property_socket:sock_file write; -neverallow ueventd init:unix_stream_socket connectto; -neverallow ueventd property_type:property_service set; - -# Restrict ueventd access on block devices to maintenence operations. -neverallow ueventd dev_type:blk_file ~{ getattr relabelfrom relabelto create setattr unlink }; - -# Only relabelto as we would never want to relabelfrom port_device -neverallow ueventd port_device:chr_file ~{ getattr create setattr unlink relabelto }; - -# Nobody should be able to ptrace ueventd -neverallow * ueventd:process ptrace; diff --git a/prebuilts/api/29.0/public/uncrypt.te b/prebuilts/api/29.0/public/uncrypt.te deleted file mode 100644 index 28dc3f209..000000000 --- a/prebuilts/api/29.0/public/uncrypt.te +++ /dev/null @@ -1,42 +0,0 @@ -# uncrypt -type uncrypt, domain, mlstrustedsubject; -type uncrypt_exec, system_file_type, exec_type, file_type; - -allow uncrypt self:global_capability_class_set { dac_override dac_read_search }; - -userdebug_or_eng(` - # For debugging, allow /data/local/tmp access - r_dir_file(uncrypt, shell_data_file) -') - -# Read /cache/recovery/command -# Read /cache/recovery/uncrypt_file -allow uncrypt cache_file:dir search; -allow uncrypt cache_recovery_file:dir rw_dir_perms; -allow uncrypt cache_recovery_file:file create_file_perms; - -# Read OTA zip file at /data/ota_package/. -allow uncrypt ota_package_file:dir r_dir_perms; -allow uncrypt ota_package_file:file r_file_perms; - -# Write to /dev/socket/uncrypt -unix_socket_connect(uncrypt, uncrypt, uncrypt) - -# Set a property to reboot the device. -set_prop(uncrypt, powerctl_prop) - -# Raw writes to block device -allow uncrypt self:global_capability_class_set sys_rawio; -allow uncrypt misc_block_device:blk_file w_file_perms; -allow uncrypt block_device:dir r_dir_perms; - -# Access userdata block device. -allow uncrypt userdata_block_device:blk_file w_file_perms; - -r_dir_file(uncrypt, rootfs) - -# uncrypt reads /proc/cmdline -allow uncrypt proc_cmdline:file r_file_perms; - -# Read files in /sys -r_dir_file(uncrypt, sysfs_dt_firmware_android) diff --git a/prebuilts/api/29.0/public/untrusted_app.te b/prebuilts/api/29.0/public/untrusted_app.te deleted file mode 100644 index 5289bf96b..000000000 --- a/prebuilts/api/29.0/public/untrusted_app.te +++ /dev/null @@ -1,21 +0,0 @@ -### -### Untrusted apps. -### -### Apps are labeled based on mac_permissions.xml (maps signer and -### optionally package name to seinfo value) and seapp_contexts (maps UID -### and optionally seinfo value to domain for process and type for data -### directory). The untrusted_app domain is the default assignment in -### seapp_contexts for any app with UID between APP_AID (10000) -### and AID_ISOLATED_START (99000) if the app has no specific seinfo -### value as determined from mac_permissions.xml. In current AOSP, this -### domain is assigned to all non-system apps as well as to any system apps -### that are not signed by the platform key. To move -### a system app into a specific domain, add a signer entry for it to -### mac_permissions.xml and assign it one of the pre-existing seinfo values -### or define and use a new seinfo value in both mac_permissions.xml and -### seapp_contexts. -### - -type untrusted_app, domain; -type untrusted_app_27, domain; -type untrusted_app_25, domain; diff --git a/prebuilts/api/29.0/public/update_engine.te b/prebuilts/api/29.0/public/update_engine.te deleted file mode 100644 index 7bcaca640..000000000 --- a/prebuilts/api/29.0/public/update_engine.te +++ /dev/null @@ -1,56 +0,0 @@ -# Domain for update_engine daemon. -type update_engine, domain, update_engine_common; -type update_engine_exec, system_file_type, exec_type, file_type; - -net_domain(update_engine); - -# Following permissions are needed for update_engine. -allow update_engine self:process { setsched }; -allow update_engine self:global_capability_class_set { fowner sys_admin }; -# Note: fsetid checks are triggered when creating a file in a directory with -# the setgid bit set to determine if the file should inherit setgid. In this -# case, setgid on the file is undesirable so we should just suppress the -# denial. -dontaudit update_engine self:global_capability_class_set fsetid; - -allow update_engine kmsg_device:chr_file { getattr w_file_perms }; -allow update_engine update_engine_exec:file rx_file_perms; -wakelock_use(update_engine); - -# Ignore these denials. -dontaudit update_engine kernel:process setsched; -dontaudit update_engine self:global_capability_class_set sys_rawio; - -# Allow using persistent storage in /data/misc/update_engine. -allow update_engine update_engine_data_file:dir create_dir_perms; -allow update_engine update_engine_data_file:file create_file_perms; - -# Allow using persistent storage in /data/misc/update_engine_log. -allow update_engine update_engine_log_data_file:dir create_dir_perms; -allow update_engine update_engine_log_data_file:file create_file_perms; - -# Don't allow kernel module loading, just silence the logs. -dontaudit update_engine kernel:system module_request; - -# Register the service to perform Binder IPC. -binder_use(update_engine) -add_service(update_engine, update_engine_service) - -# Allow update_engine to call the callback function provided by priv_app. -binder_call(update_engine, priv_app) - -# Allow update_engine to call the callback function provided by system_server. -binder_call(update_engine, system_server) - -# Read OTA zip file at /data/ota_package/. -allow update_engine ota_package_file:file r_file_perms; -allow update_engine ota_package_file:dir r_dir_perms; - -# Use Boot Control HAL -hal_client_domain(update_engine, hal_bootctl) - -# access /proc/misc -allow update_engine proc_misc:file r_file_perms; - -# read directories on /system and /vendor -allow update_engine system_file:dir r_dir_perms; diff --git a/prebuilts/api/29.0/public/update_engine_common.te b/prebuilts/api/29.0/public/update_engine_common.te deleted file mode 100644 index a326d4c89..000000000 --- a/prebuilts/api/29.0/public/update_engine_common.te +++ /dev/null @@ -1,75 +0,0 @@ -# update_engine payload application permissions. These are shared between the -# background daemon and the recovery tool to sideload an update. - -# Allow update_engine to reach block devices in /dev/block. -allow update_engine_common block_device:dir search; - -# Allow read/write on system and boot partitions. -allow update_engine_common boot_block_device:blk_file rw_file_perms; -allow update_engine_common system_block_device:blk_file rw_file_perms; - -# Where ioctls are granted via standard allow rules to block devices, -# automatically allow common ioctls that are generally needed by -# update_engine. -allowxperm update_engine_common dev_type:blk_file ioctl { - BLKDISCARD - BLKDISCARDZEROES - BLKROGET - BLKROSET - BLKSECDISCARD - BLKZEROOUT -}; - -# Allow to set recovery options in the BCB. Used to trigger factory reset when -# the update to an older version (channel change) or incompatible version -# requires it. -allow update_engine_common misc_block_device:blk_file rw_file_perms; - -# read fstab -allow update_engine_common rootfs:dir getattr; -allow update_engine_common rootfs:file r_file_perms; - -# Allow update_engine_common to mount on the /postinstall directory and reset the -# labels on the mounted filesystem to postinstall_file. -allow update_engine_common postinstall_mnt_dir:dir { mounton getattr search }; -allow update_engine_common postinstall_file:filesystem { mount unmount relabelfrom relabelto }; -allow update_engine_common labeledfs:filesystem relabelfrom; - -# Allow update_engine_common to read and execute postinstall_file. -allow update_engine_common postinstall_file:file rx_file_perms; -allow update_engine_common postinstall_file:lnk_file r_file_perms; -allow update_engine_common postinstall_file:dir r_dir_perms; - -# install update.zip from cache -r_dir_file(update_engine_common, cache_file) - -# A postinstall program is typically a shell script (with a #!), so we allow -# to execute those. -allow update_engine_common shell_exec:file rx_file_perms; - -# Allow update_engine_common to suspend, resume and kill the postinstall program. -allow update_engine_common postinstall:process { signal sigstop sigkill }; - -# access /proc/cmdline -allow update_engine_common proc_cmdline:file r_file_perms; - -# Read files in /sys/firmware/devicetree/base/firmware/android/ -r_dir_file(update_engine_common, sysfs_dt_firmware_android) - -# read / write on /dev/device-mapper to map / unmap devices -allow update_engine_common dm_device:chr_file rw_file_perms; - -# apply / verify updates on devices mapped via device mapper -allow update_engine_common dm_device:blk_file rw_file_perms; - -# read / write metadata on super device to resize partitions -allow update_engine_common super_block_device_type:blk_file rw_file_perms; - -# ioctl on super device to get block device alignment and alignment offset -allowxperm update_engine_common super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; - -# get physical block device to map logical partitions on device mapper -allow update_engine_common block_device:dir r_dir_perms; - -# Allow update_engine_common to write to statsd socket. -unix_socket_send(update_engine_common, statsdw, statsd) diff --git a/prebuilts/api/29.0/public/update_verifier.te b/prebuilts/api/29.0/public/update_verifier.te deleted file mode 100644 index 8d40cddcc..000000000 --- a/prebuilts/api/29.0/public/update_verifier.te +++ /dev/null @@ -1,36 +0,0 @@ -# update_verifier -type update_verifier, domain; -type update_verifier_exec, system_file_type, exec_type, file_type; - -# Allow update_verifier to reach block devices in /dev/block. -allow update_verifier block_device:dir search; - -# Read care map in /data/ota_package/. -allow update_verifier ota_package_file:dir r_dir_perms; -allow update_verifier ota_package_file:file r_file_perms; - -# Read /sys/block to find all the DM directories like (/sys/block/dm-X). -allow update_verifier sysfs:dir r_dir_perms; - -# Read /sys/block/dm-X/dm/name (which is a symlink to -# /sys/devices/virtual/block/dm-X/dm/name) to identify the mapping between -# dm-X and system/vendor partitions. -allow update_verifier sysfs_dm:dir r_dir_perms; -allow update_verifier sysfs_dm:file r_file_perms; - -# Read all blocks in DM wrapped system partition. -allow update_verifier dm_device:blk_file r_file_perms; - -# Write to kernel message. -allow update_verifier kmsg_device:chr_file { getattr w_file_perms }; - -# Allow update_verifier to reboot the device. -set_prop(update_verifier, powerctl_prop) - -# Use Boot Control HAL -hal_client_domain(update_verifier, hal_bootctl) - -# Access Checkpoint commands over binder -allow update_verifier vold_service:service_manager find; -binder_call(update_verifier, servicemanager) -binder_call(update_verifier, vold) diff --git a/prebuilts/api/29.0/public/usbd.te b/prebuilts/api/29.0/public/usbd.te deleted file mode 100644 index 991e7be5f..000000000 --- a/prebuilts/api/29.0/public/usbd.te +++ /dev/null @@ -1,5 +0,0 @@ -type usbd, domain; -type usbd_exec, system_file_type, exec_type, file_type; - -# Start/stop adbd via ctl.start adbd -set_prop(usbd, ctl_adbd_prop) diff --git a/prebuilts/api/29.0/public/vdc.te b/prebuilts/api/29.0/public/vdc.te deleted file mode 100644 index e638e50a6..000000000 --- a/prebuilts/api/29.0/public/vdc.te +++ /dev/null @@ -1,20 +0,0 @@ -# vdc spawned from init for the following services: -# defaultcrypto -# encrypt -# -# We also transition into this domain from dumpstate, when -# collecting bug reports. - -type vdc, domain; -type vdc_exec, system_file_type, exec_type, file_type; - -# vdc can be invoked with logwrapper, so let it write to pty -allow vdc devpts:chr_file rw_file_perms; - -# vdc writes directly to kmsg during the boot process -allow vdc kmsg_device:chr_file { getattr w_file_perms }; - -# vdc talks to vold over Binder -binder_use(vdc) -binder_call(vdc, vold) -allow vdc vold_service:service_manager find; diff --git a/prebuilts/api/29.0/public/vendor_init.te b/prebuilts/api/29.0/public/vendor_init.te deleted file mode 100644 index da4dddcb1..000000000 --- a/prebuilts/api/29.0/public/vendor_init.te +++ /dev/null @@ -1,278 +0,0 @@ -# vendor_init is its own domain. -type vendor_init, domain, mlstrustedsubject; - -# Communication to the main init process -allow vendor_init init:unix_stream_socket { read write }; - -# Logging to kmsg -allow vendor_init kmsg_device:chr_file { open getattr write }; - -# Mount on /dev/usb-ffs/adb. -allow vendor_init device:dir mounton; - -# Create and remove symlinks in /. -allow vendor_init rootfs:lnk_file { create unlink }; - -# Create cgroups mount points in tmpfs and mount cgroups on them. -allow vendor_init cgroup:dir create_dir_perms; -allow vendor_init cgroup:file w_file_perms; - -# /config -allow vendor_init configfs:dir mounton; -allow vendor_init configfs:dir create_dir_perms; -allow vendor_init configfs:{ file lnk_file } create_file_perms; - -# Create directories under /dev/cpuctl after chowning it to system. -allow vendor_init self:global_capability_class_set { dac_override dac_read_search }; - -# mkdir, symlink, write, rm/rmdir, chown/chmod, restorecon/restorecon_recursive from init.rc files. -# chown/chmod require open+read+setattr required for open()+fchown/fchmod(). -# system/core/init.rc requires at least cache_file and data_file_type. -# init..rc files often include device-specific types, so -# we just allow all file types except /system files here. -allow vendor_init self:global_capability_class_set { chown fowner fsetid }; - -# mkdir with FBE requires reading /data/unencrypted/{ref,mode}. -allow vendor_init unencrypted_data_file:dir search; -allow vendor_init unencrypted_data_file:file r_file_perms; - -# Set encryption policy on dirs in /data -allowxperm vendor_init data_file_type:dir ioctl { - FS_IOC_GET_ENCRYPTION_POLICY - FS_IOC_SET_ENCRYPTION_POLICY -}; - -allow vendor_init system_data_file:dir getattr; - -allow vendor_init { - file_type - -core_data_file_type - -exec_type - -system_file_type - -mnt_product_file - -password_slot_metadata_file - -unlabeled - -vendor_file_type - -vold_metadata_file - -gsi_metadata_file - -apex_metadata_file -}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom }; - -allow vendor_init unlabeled:{ dir notdevfile_class_set } { getattr relabelfrom }; - -allow vendor_init { - file_type - -core_data_file_type - -exec_type - -password_slot_metadata_file - -runtime_event_log_tags_file - -system_file_type - -unlabeled - -vendor_file_type - -vold_metadata_file - -gsi_metadata_file - -apex_metadata_file -}:file { create getattr open read write setattr relabelfrom unlink map }; - -allow vendor_init { - file_type - -core_data_file_type - -exec_type - -password_slot_metadata_file - -system_file_type - -unlabeled - -vendor_file_type - -vold_metadata_file - -gsi_metadata_file - -apex_metadata_file -}:{ sock_file fifo_file } { create getattr open read setattr relabelfrom unlink }; - -allow vendor_init { - file_type - -apex_mnt_dir - -core_data_file_type - -exec_type - -password_slot_metadata_file - -system_file_type - -unlabeled - -vendor_file_type - -vold_metadata_file - -gsi_metadata_file - -apex_metadata_file -}:lnk_file { create getattr setattr relabelfrom unlink }; - -allow vendor_init { - file_type - -core_data_file_type - -exec_type - -mnt_product_file - -password_slot_metadata_file - -system_file_type - -vendor_file_type - -vold_metadata_file - -gsi_metadata_file - -apex_metadata_file -}:dir_file_class_set relabelto; - -allow vendor_init dev_type:dir create_dir_perms; -allow vendor_init dev_type:lnk_file create; - -# Disable tracing by writing to /sys/kernel/debug/tracing/tracing_on -allow vendor_init debugfs_tracing:file w_file_perms; - -# chown/chmod on pseudo files. -allow vendor_init { - fs_type - -contextmount_type - -keychord_device - -sdcard_type - -rootfs - -proc_uid_time_in_state - -proc_uid_concurrent_active_time - -proc_uid_concurrent_policy_time -}:file { open read setattr map }; - -allow vendor_init { - fs_type - -contextmount_type - -sdcard_type - -rootfs - -proc_uid_time_in_state - -proc_uid_concurrent_active_time - -proc_uid_concurrent_policy_time -}:dir { open read setattr search }; - -# chown/chmod on devices, e.g. /dev/ttyHS0 -allow vendor_init { - dev_type - -keychord_device - -port_device - -lowpan_device - -hw_random_device -}:chr_file setattr; - -allow vendor_init dev_type:blk_file getattr; - -# Write to /proc/sys/net/ping_group_range and other /proc/sys/net files. -r_dir_file(vendor_init, proc_net_type) -allow vendor_init proc_net_type:file w_file_perms; -allow vendor_init self:global_capability_class_set net_admin; - -# Write to /proc/sys/vm/page-cluster -allow vendor_init proc_page_cluster:file w_file_perms; - -# Write to sysfs nodes. -allow vendor_init sysfs_type:dir r_dir_perms; -allow vendor_init sysfs_type:lnk_file read; -allow vendor_init { sysfs_type -sysfs_usermodehelper }:file rw_file_perms; - -# setfscreatecon() for labeling directories and socket files. -allow vendor_init self:process { setfscreate }; - -r_dir_file(vendor_init, vendor_file_type) - -# Vendor init can read properties -allow vendor_init serialno_prop:file { getattr open read map }; - -# Vendor init can perform operations on trusted and security Extended Attributes -allow vendor_init self:global_capability_class_set sys_admin; - -# Raw writes to misc block device -allow vendor_init misc_block_device:blk_file w_file_perms; - -# vendor_init is using bootstrap bionic -allow vendor_init system_bootstrap_lib_file:dir r_dir_perms; -allow vendor_init system_bootstrap_lib_file:file { execute read open getattr map }; - -# Everything is labeled as rootfs in recovery mode. Vendor init has to execute -# the dynamic linker and shared libraries. -recovery_only(` - allow vendor_init rootfs:file { r_file_perms execute }; -') - -not_compatible_property(` - set_prop(vendor_init, { - property_type - -device_config_activity_manager_native_boot_prop - -device_config_boot_count_prop - -device_config_reset_performed_prop - -device_config_input_native_boot_prop - -device_config_netd_native_prop - -device_config_runtime_native_boot_prop - -device_config_runtime_native_prop - -device_config_media_native_prop - -restorecon_prop - -netd_stable_secret_prop - -firstboot_prop - -pm_prop - -system_boot_reason_prop - -bootloader_boot_reason_prop - -last_boot_reason_prop - -apexd_prop - -gsid_prop - -nnapi_ext_deny_product_prop - }) -') - -# Get file context -allow vendor_init file_contexts_file:file r_file_perms; - -set_prop(vendor_init, bluetooth_a2dp_offload_prop) -set_prop(vendor_init, bluetooth_audio_hal_prop) -set_prop(vendor_init, cpu_variant_prop) -set_prop(vendor_init, debug_prop) -set_prop(vendor_init, exported_audio_prop) -set_prop(vendor_init, exported_bluetooth_prop) -set_prop(vendor_init, exported_config_prop) -set_prop(vendor_init, exported_dalvik_prop) -set_prop(vendor_init, exported_default_prop) -set_prop(vendor_init, exported_ffs_prop) -set_prop(vendor_init, exported_overlay_prop) -set_prop(vendor_init, exported_pm_prop) -set_prop(vendor_init, exported_radio_prop) -set_prop(vendor_init, exported_system_radio_prop) -set_prop(vendor_init, exported_wifi_prop) -set_prop(vendor_init, exported2_config_prop) -set_prop(vendor_init, exported2_system_prop) -set_prop(vendor_init, exported2_vold_prop) -set_prop(vendor_init, exported3_default_prop) -set_prop(vendor_init, exported3_radio_prop) -set_prop(vendor_init, logd_prop) -set_prop(vendor_init, log_tag_prop) -set_prop(vendor_init, log_prop) -set_prop(vendor_init, serialno_prop) -set_prop(vendor_init, vendor_default_prop) -set_prop(vendor_init, vendor_security_patch_level_prop) -set_prop(vendor_init, wifi_log_prop) - -get_prop(vendor_init, exported2_radio_prop) -get_prop(vendor_init, exported3_system_prop) - -### -### neverallow rules -### - -# Vendor init shouldn't communicate with any vendor process, nor most system processes. -neverallow_establish_socket_comms(vendor_init, { domain -init -logd -su -vendor_init }); - -# The vendor_init domain is only entered via an exec based transition from the -# init domain, never via setcon(). -neverallow domain vendor_init:process dyntransition; -neverallow { domain -init } vendor_init:process transition; -neverallow vendor_init { file_type fs_type -init_exec }:file entrypoint; - -# Never read/follow symlinks created by shell or untrusted apps. -neverallow vendor_init { app_data_file privapp_data_file }:lnk_file read; -neverallow vendor_init shell_data_file:lnk_file read; -# Init should not be creating subdirectories in /data/local/tmp -neverallow vendor_init shell_data_file:dir { write add_name remove_name }; - -# init should never execute a program without changing to another domain. -neverallow vendor_init { file_type fs_type }:file execute_no_trans; - -# Init never adds or uses services via service_manager. -neverallow vendor_init service_manager_type:service_manager { add find }; -neverallow vendor_init servicemanager:service_manager list; - -# vendor_init should never be ptraced -neverallow * vendor_init:process ptrace; diff --git a/prebuilts/api/29.0/public/vendor_misc_writer.te b/prebuilts/api/29.0/public/vendor_misc_writer.te deleted file mode 100644 index 7093fec22..000000000 --- a/prebuilts/api/29.0/public/vendor_misc_writer.te +++ /dev/null @@ -1,11 +0,0 @@ -# vendor_misc_writer -type vendor_misc_writer, domain; -type vendor_misc_writer_exec, vendor_file_type, exec_type, file_type; - -# Raw writes to misc_block_device -allow vendor_misc_writer misc_block_device:blk_file w_file_perms; -allow vendor_misc_writer block_device:dir r_dir_perms; - -# Silence the denial when calling libfstab's ReadDefaultFstab. -dontaudit vendor_misc_writer proc_cmdline:file read; -dontaudit vendor_misc_writer metadata_file:dir search; diff --git a/prebuilts/api/29.0/public/vendor_shell.te b/prebuilts/api/29.0/public/vendor_shell.te deleted file mode 100644 index 7d30acba4..000000000 --- a/prebuilts/api/29.0/public/vendor_shell.te +++ /dev/null @@ -1,19 +0,0 @@ -type vendor_shell, domain; -type vendor_shell_exec, exec_type, vendor_file_type, file_type; - -allow vendor_shell vendor_shell_exec:file rx_file_perms; -allow vendor_shell vendor_toolbox_exec:file rx_file_perms; - -# Use fd from shell when vendor_shell is started from shell -allow vendor_shell shell:fd use; - -# adbd: allow `adb shell /vendor/bin/sh` and `adb shell` then `/vendor/bin/sh` -allow vendor_shell adbd:fd use; -allow vendor_shell adbd:process sigchld; -allow vendor_shell adbd:unix_stream_socket { getattr ioctl read write }; - -allow vendor_shell devpts:chr_file rw_file_perms; -allow vendor_shell tty_device:chr_file rw_file_perms; -allow vendor_shell console_device:chr_file rw_file_perms; -allow vendor_shell input_device:dir r_dir_perms; -allow vendor_shell input_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/public/vendor_toolbox.te b/prebuilts/api/29.0/public/vendor_toolbox.te deleted file mode 100644 index eb292cafb..000000000 --- a/prebuilts/api/29.0/public/vendor_toolbox.te +++ /dev/null @@ -1,16 +0,0 @@ -# Toolbox installation for vendor binaries / scripts -# Non-vendor processes are not allowed to execute the binary -# and is always executed without transition. -type vendor_toolbox_exec, exec_type, vendor_file_type, file_type; - -# Do not allow domains to transition to vendor toolbox -# or read, execute the vendor_toolbox file. -full_treble_only(` - # Do not allow non-vendor domains to transition - # to vendor toolbox except for the whitelisted domains. - neverallow { - coredomain - -init - -modprobe - } vendor_toolbox_exec:file { entrypoint execute execute_no_trans }; -') diff --git a/prebuilts/api/29.0/public/virtual_touchpad.te b/prebuilts/api/29.0/public/virtual_touchpad.te deleted file mode 100644 index 49c87044c..000000000 --- a/prebuilts/api/29.0/public/virtual_touchpad.te +++ /dev/null @@ -1,16 +0,0 @@ -type virtual_touchpad, domain; -type virtual_touchpad_exec, system_file_type, exec_type, file_type; - -binder_use(virtual_touchpad) -binder_service(virtual_touchpad) -add_service(virtual_touchpad, virtual_touchpad_service) - -# Needed to check app permissions. -binder_call(virtual_touchpad, system_server) - -# Requires access to /dev/uinput to create and feed the virtual device. -allow virtual_touchpad uhid_device:chr_file { w_file_perms ioctl }; - -# Requires access to the permission service to validate that clients have the -# appropriate VR permissions. -allow virtual_touchpad permission_service:service_manager find; diff --git a/prebuilts/api/29.0/public/vndservice.te b/prebuilts/api/29.0/public/vndservice.te deleted file mode 100644 index 0d309bf71..000000000 --- a/prebuilts/api/29.0/public/vndservice.te +++ /dev/null @@ -1 +0,0 @@ -type default_android_vndservice, vndservice_manager_type; diff --git a/prebuilts/api/29.0/public/vndservicemanager.te b/prebuilts/api/29.0/public/vndservicemanager.te deleted file mode 100644 index 6b9f73dc0..000000000 --- a/prebuilts/api/29.0/public/vndservicemanager.te +++ /dev/null @@ -1,2 +0,0 @@ -# vndservicemanager - the Binder context manager for vendor processes -type vndservicemanager, domain; diff --git a/prebuilts/api/29.0/public/vold.te b/prebuilts/api/29.0/public/vold.te deleted file mode 100644 index 2a278eb82..000000000 --- a/prebuilts/api/29.0/public/vold.te +++ /dev/null @@ -1,321 +0,0 @@ -# volume manager -type vold, domain; -type vold_exec, exec_type, file_type, system_file_type; - -# Read already opened /cache files. -allow vold cache_file:dir r_dir_perms; -allow vold cache_file:file { getattr read }; -allow vold cache_file:lnk_file r_file_perms; - -r_dir_file(vold, { sysfs_type -sysfs_batteryinfo }) -# XXX Label sysfs files with a specific type? -allow vold { - sysfs # writing to /sys/*/uevent during coldboot. - sysfs_devices_block - sysfs_dm - sysfs_loop # writing to /sys/block/loop*/uevent during coldboot. - sysfs_usb - sysfs_zram_uevent - sysfs_fs_f2fs -}:file w_file_perms; - -r_dir_file(vold, rootfs) -r_dir_file(vold, metadata_file) -allow vold { - proc # b/67049235 processes /proc//* files are mislabeled. - proc_cmdline - proc_drop_caches - proc_filesystems - proc_meminfo - proc_mounts -}:file r_file_perms; - -#Get file contexts -allow vold file_contexts_file:file r_file_perms; - -# Allow us to jump into execution domains of above tools -allow vold self:process setexec; - -# For formatting adoptable storage devices -allow vold e2fs_exec:file rx_file_perms; - -# Run fstrim on mounted partitions -# allowxperm still requires the ioctl permission for the individual type -allowxperm vold { fs_type file_type }:dir ioctl FITRIM; - -# Get encryption policy for dirs in /data -allowxperm vold data_file_type:dir ioctl { - FS_IOC_GET_ENCRYPTION_POLICY - FS_IOC_SET_ENCRYPTION_POLICY -}; - -# Find the location on the raw block device where the -# crypto key is stored so it can be destroyed -allowxperm vold vold_data_file:file ioctl { - FS_IOC_FIEMAP -}; - -typeattribute vold mlstrustedsubject; -allow vold self:process setfscreate; -allow vold system_file:file x_file_perms; -not_full_treble(`allow vold vendor_file:file x_file_perms;') -allow vold block_device:dir create_dir_perms; -allow vold device:dir write; -allow vold devpts:chr_file rw_file_perms; -allow vold rootfs:dir mounton; -allow vold sdcard_type:dir mounton; # TODO: deprecated in M -allow vold sdcard_type:filesystem { mount remount unmount }; # TODO: deprecated in M -allow vold sdcard_type:dir create_dir_perms; # TODO: deprecated in M -allow vold sdcard_type:file create_file_perms; # TODO: deprecated in M - -# Manage locations where storage is mounted -allow vold { mnt_media_rw_file storage_file sdcard_type }:dir create_dir_perms; -allow vold { mnt_media_rw_file storage_file sdcard_type }:file create_file_perms; - -# Access to storage that backs emulated FUSE daemons for migration optimization -allow vold media_rw_data_file:dir create_dir_perms; -allow vold media_rw_data_file:file create_file_perms; - -# Allow mounting of storage devices -allow vold { mnt_media_rw_stub_file storage_stub_file }:dir { mounton create rmdir getattr setattr }; - -# Manage per-user primary symlinks -allow vold mnt_user_file:dir { create_dir_perms mounton }; -allow vold mnt_user_file:lnk_file create_file_perms; -allow vold mnt_user_file:file create_file_perms; - -# Allow to create and mount expanded storage -allow vold mnt_expand_file:dir { create_dir_perms mounton }; -allow vold apk_data_file:dir { create getattr setattr }; -allow vold shell_data_file:dir { create getattr setattr }; - -allow vold tmpfs:filesystem { mount unmount }; -allow vold tmpfs:dir create_dir_perms; -allow vold tmpfs:dir mounton; -allow vold self:global_capability_class_set { net_admin dac_override dac_read_search mknod sys_admin chown fowner fsetid }; -allow vold self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; -allow vold loop_control_device:chr_file rw_file_perms; -allow vold loop_device:blk_file { create setattr unlink rw_file_perms }; -allowxperm vold loop_device:blk_file ioctl { - LOOP_CLR_FD - LOOP_CTL_GET_FREE - LOOP_GET_STATUS64 - LOOP_SET_FD - LOOP_SET_STATUS64 -}; -allow vold vold_device:blk_file { create setattr unlink rw_file_perms }; -allowxperm vold vold_device:blk_file ioctl { BLKDISCARD BLKGETSIZE }; -allow vold dm_device:chr_file rw_file_perms; -allow vold dm_device:blk_file rw_file_perms; -allowxperm vold dm_device:blk_file ioctl BLKSECDISCARD; -# For vold Process::killProcessesWithOpenFiles function. -allow vold domain:dir r_dir_perms; -allow vold domain:{ file lnk_file } r_file_perms; -allow vold domain:process { signal sigkill }; -allow vold self:global_capability_class_set { sys_ptrace kill }; - -allow vold kmsg_device:chr_file rw_file_perms; - -# Run fsck in the fsck domain. -allow vold fsck_exec:file { r_file_perms execute }; - -# Log fsck results -allow vold fscklogs:dir rw_dir_perms; -allow vold fscklogs:file create_file_perms; - -# -# Rules to support encrypted fs support. -# - -# Unmount and mount the fs. -allow vold labeledfs:filesystem { mount unmount remount }; - -# Access /efs/userdata_footer. -# XXX Split into a separate type? -allow vold efs_file:file rw_file_perms; - -# Create and mount on /data/tmp_mnt and management of expansion mounts -allow vold system_data_file:dir { create rw_dir_perms mounton setattr rmdir }; -allow vold system_data_file:lnk_file getattr; - -# Vold create users in /data/vendor_{ce,de}/[0-9]+ -allow vold vendor_data_file:dir create_dir_perms; - -# for secdiscard -allow vold system_data_file:file read; - -# Set scheduling policy of kernel processes -allow vold kernel:process setsched; - -# Property Service -set_prop(vold, vold_prop) -set_prop(vold, exported_vold_prop) -set_prop(vold, exported2_vold_prop) -set_prop(vold, powerctl_prop) -set_prop(vold, ctl_fuse_prop) -set_prop(vold, restorecon_prop) - -# ASEC -allow vold asec_image_file:file create_file_perms; -allow vold asec_image_file:dir rw_dir_perms; -allow vold asec_apk_file:dir { create_dir_perms mounton relabelfrom relabelto }; -allow vold asec_public_file:dir { relabelto setattr }; -allow vold asec_apk_file:file { r_file_perms setattr relabelfrom relabelto }; -allow vold asec_public_file:file { relabelto setattr }; -# restorecon files in asec containers created on 4.2 or earlier. -allow vold unlabeled:dir { r_dir_perms setattr relabelfrom }; -allow vold unlabeled:file { r_file_perms setattr relabelfrom }; - -# Handle wake locks (used for device encryption) -wakelock_use(vold) - -# Allow vold to publish a binder service and make binder calls. -binder_use(vold) -add_service(vold, vold_service) - -# Allow vold to call into the system server so it can check permissions. -binder_call(vold, system_server) -allow vold permission_service:service_manager find; - -# talk to batteryservice -binder_call(vold, healthd) - -# talk to keymaster -hal_client_domain(vold, hal_keymaster) - -# talk to health storage HAL -hal_client_domain(vold, hal_health_storage) - -# talk to bootloader HAL -full_treble_only(`hal_client_domain(vold, hal_bootctl)') - -# Access userdata block device. -allow vold userdata_block_device:blk_file rw_file_perms; -allowxperm vold userdata_block_device:blk_file ioctl BLKSECDISCARD; - -# Access metadata block device used for encryption meta-data. -allow vold metadata_block_device:blk_file rw_file_perms; - -# Allow vold to manipulate /data/unencrypted -allow vold unencrypted_data_file:{ file } create_file_perms; -allow vold unencrypted_data_file:dir create_dir_perms; - -# Write to /proc/sys/vm/drop_caches -allow vold proc_drop_caches:file w_file_perms; - -# Give vold a place where only vold can store files; everyone else is off limits -allow vold vold_data_file:dir create_dir_perms; -allow vold vold_data_file:file create_file_perms; - -# And a similar place in the metadata partition -allow vold vold_metadata_file:dir create_dir_perms; -allow vold vold_metadata_file:file create_file_perms; - -# linux keyring configuration -allow vold init:key { write search setattr }; -allow vold vold:key { write search setattr }; - -# vold temporarily changes its priority when running benchmarks -allow vold self:global_capability_class_set sys_nice; - -# vold needs to chroot into app namespaces to remount when runtime permissions change -allow vold self:global_capability_class_set sys_chroot; -allow vold storage_file:dir mounton; - -# For AppFuse. -allow vold fuse_device:chr_file rw_file_perms; -allow vold fuse:filesystem { relabelfrom }; -allow vold app_fusefs:filesystem { relabelfrom relabelto }; -allow vold app_fusefs:filesystem { mount unmount }; -allow vold app_fuse_file:dir rw_dir_perms; -allow vold app_fuse_file:file { read write open getattr append }; - -# MoveTask.cpp executes cp and rm -allow vold toolbox_exec:file rx_file_perms; - -# Prepare profile dir for users. -allow vold user_profile_data_file:dir create_dir_perms; - -# Raw writes to misc block device -allow vold misc_block_device:blk_file w_file_perms; - -# vold might need to search or mount /mnt/vendor/* -allow vold mnt_vendor_file:dir search; - -dontaudit vold self:global_capability_class_set sys_resource; - -# vold needs to know whether we're running a GSI. -allow vold gsi_metadata_file:dir r_dir_perms; -allow vold gsi_metadata_file:file r_file_perms; - -neverallow { - domain - -vold - -vold_prepare_subdirs -} vold_data_file:dir ~{ open create read getattr setattr search relabelfrom relabelto ioctl }; - -neverallow { - domain - -init - -vold - -vold_prepare_subdirs -} vold_data_file:dir *; - -neverallow { - domain - -init - -vold -} vold_metadata_file:dir *; - -neverallow { - domain - -kernel - -vold - -vold_prepare_subdirs -} vold_data_file:notdevfile_class_set ~{ relabelto getattr }; - -neverallow { - domain - -init - -vold - -vold_prepare_subdirs -} vold_metadata_file:notdevfile_class_set ~{ relabelto getattr }; - -neverallow { - domain - -init - -kernel - -vold - -vold_prepare_subdirs -} { vold_data_file vold_metadata_file }:notdevfile_class_set *; - -neverallow { domain -vold -init } restorecon_prop:property_service set; - -neverallow { - domain - -system_server - -vdc - -vold - -update_verifier - -apexd -} vold_service:service_manager find; - -neverallow vold { - domain - -ashmemd - -hal_health_storage_server - -hal_keymaster_server - -system_suspend_server - -hal_bootctl_server - -healthd - -hwservicemanager - -iorapd_service - -servicemanager - -system_server - userdebug_or_eng(`-su') -}:binder call; - -neverallow vold fsck_exec:file execute_no_trans; -neverallow { domain -init } vold:process { transition dyntransition }; -neverallow vold *:process ptrace; -neverallow vold *:rawip_socket *; diff --git a/prebuilts/api/29.0/public/vold_prepare_subdirs.te b/prebuilts/api/29.0/public/vold_prepare_subdirs.te deleted file mode 100644 index 3087fa861..000000000 --- a/prebuilts/api/29.0/public/vold_prepare_subdirs.te +++ /dev/null @@ -1,6 +0,0 @@ -# SELinux directory creation and labelling for vold-managed directories - -type vold_prepare_subdirs, domain; -type vold_prepare_subdirs_exec, system_file_type, exec_type, file_type; - -typeattribute vold_prepare_subdirs coredomain; diff --git a/prebuilts/api/29.0/public/vr_hwc.te b/prebuilts/api/29.0/public/vr_hwc.te deleted file mode 100644 index c14688703..000000000 --- a/prebuilts/api/29.0/public/vr_hwc.te +++ /dev/null @@ -1,33 +0,0 @@ -type vr_hwc, domain; -type vr_hwc_exec, system_file_type, exec_type, file_type; - -# Get buffer metadata. -hal_client_domain(vr_hwc, hal_graphics_allocator) - -binder_use(vr_hwc) -binder_service(vr_hwc) - -binder_call(vr_hwc, surfaceflinger) -# Needed to check for app permissions. -binder_call(vr_hwc, system_server) - -add_service(vr_hwc, vr_hwc_service) - -# Hosts the VR HWC implementation and provides a simple Binder interface for VR -# Window Manager to receive the layers/buffers. -hwbinder_use(vr_hwc) - -# Load vendor libraries. -allow vr_hwc system_file:dir r_dir_perms; - -allow vr_hwc ion_device:chr_file r_file_perms; - -# Allow connection to VR DisplayClient to get the primary display metadata -# (ie: size). -pdx_client(vr_hwc, display_client) - -# Requires access to the permission service to validate that clients have the -# appropriate VR permissions. -allow vr_hwc permission_service:service_manager find; - -allow vr_hwc vrflinger_vsync_service:service_manager find; diff --git a/prebuilts/api/29.0/public/watchdogd.te b/prebuilts/api/29.0/public/watchdogd.te deleted file mode 100644 index 72e368564..000000000 --- a/prebuilts/api/29.0/public/watchdogd.te +++ /dev/null @@ -1,6 +0,0 @@ -# watchdogd seclabel is specified in init..rc -type watchdogd, domain; -type watchdogd_exec, system_file_type, exec_type, file_type; - -allow watchdogd watchdog_device:chr_file rw_file_perms; -allow watchdogd kmsg_device:chr_file rw_file_perms; diff --git a/prebuilts/api/29.0/public/webview_zygote.te b/prebuilts/api/29.0/public/webview_zygote.te deleted file mode 100644 index ace3a013e..000000000 --- a/prebuilts/api/29.0/public/webview_zygote.te +++ /dev/null @@ -1,6 +0,0 @@ -# webview_zygote is an auxiliary zygote process that is used to spawn -# isolated_app processes for rendering untrusted web content. - -type webview_zygote, domain; -type webview_zygote_exec, exec_type, file_type; -type webview_zygote_tmpfs, file_type; diff --git a/prebuilts/api/29.0/public/wificond.te b/prebuilts/api/29.0/public/wificond.te deleted file mode 100644 index 656abad06..000000000 --- a/prebuilts/api/29.0/public/wificond.te +++ /dev/null @@ -1,31 +0,0 @@ -# wificond -type wificond, domain; -type wificond_exec, system_file_type, exec_type, file_type; - -binder_use(wificond) -binder_call(wificond, system_server) - -add_service(wificond, wificond_service) - -set_prop(wificond, exported_wifi_prop) -set_prop(wificond, wifi_prop) -set_prop(wificond, ctl_default_prop) - -# create sockets to set interfaces up and down -allow wificond self:udp_socket create_socket_perms; -# setting interface state up/down is a privileged ioctl -allowxperm wificond self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR }; -allow wificond self:global_capability_class_set { net_admin net_raw }; -# allow wificond to speak to nl80211 in the kernel -allow wificond self:netlink_socket create_socket_perms_no_ioctl; -# newer kernels (e.g. 4.4 but not 4.1) have a new class for sockets -allow wificond self:netlink_generic_socket create_socket_perms_no_ioctl; - -r_dir_file(wificond, proc_net_type) - -# allow wificond to check permission for dumping logs -allow wificond permission_service:service_manager find; - -# dumpstate support -allow wificond dumpstate:fd use; -allow wificond dumpstate:fifo_file write; diff --git a/prebuilts/api/29.0/public/wpantund.te b/prebuilts/api/29.0/public/wpantund.te deleted file mode 100644 index 8ddd6935d..000000000 --- a/prebuilts/api/29.0/public/wpantund.te +++ /dev/null @@ -1,29 +0,0 @@ -type wpantund, domain; -type wpantund_exec, system_file_type, exec_type, file_type; - -hal_client_domain(wpantund, hal_lowpan) -net_domain(wpantund) - -binder_use(wpantund) -binder_call(wpantund, system_server) - -# wpantund needs to be able to check in with the lowpan_service -allow wpantund lowpan_service:service_manager find; - -# Allow wpantund to call any callbacks that have been registered with it. -# Generally, only privileged apps are able to register callbacks with -# wpantund, so we are limiting the scope for callbacks to only privileged -# apps. We also add shell to allow the command-line utility `lowpanctl` -# to work properly from `adb shell`. -allow wpantund {priv_app shell}:binder call; - -# create sockets to set interfaces up and down, add multicast groups, etc. -allow wpantund self:udp_socket create_socket_perms; - -# setting interface state up/down and changing MTU are privileged ioctls -allowxperm wpantund self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFMTU }; - -# Allow us to bring up a TUN network interface. -allow wpantund tun_device:chr_file rw_file_perms; -allow wpantund self:global_capability_class_set { net_admin net_raw }; -allow wpantund self:tun_socket create; diff --git a/prebuilts/api/29.0/public/zygote.te b/prebuilts/api/29.0/public/zygote.te deleted file mode 100644 index 071354e82..000000000 --- a/prebuilts/api/29.0/public/zygote.te +++ /dev/null @@ -1,4 +0,0 @@ -# zygote -type zygote, domain; -type zygote_tmpfs, file_type; -type zygote_exec, system_file_type, exec_type, file_type;