Home | History | Annotate | Download | only in sepolicy 
      1 # Filesystem types
      2 type labeledfs, fs_type;
      3 type pipefs, fs_type;
      4 type sockfs, fs_type;
      5 type rootfs, fs_type;
      6 type proc, fs_type;
      7 type qtaguid_proc, fs_type, mlstrustedobject;
      8 type proc_bluetooth_writable, fs_type;
      9 type selinuxfs, fs_type;
     10 type cgroup, fs_type, mlstrustedobject;
     11 type sysfs, fs_type, mlstrustedobject;
     12 type sysfs_writable, fs_type, sysfs_type, mlstrustedobject;
     13 type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject;
     14 type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
     15 type inotify, fs_type, mlstrustedobject;
     16 type devpts, fs_type, mlstrustedobject;
     17 type tmpfs, fs_type;
     18 type shm, fs_type;
     19 type mqueue, fs_type;
     20 type sdcard_internal, sdcard_type, fs_type, mlstrustedobject;
     21 type sdcard_external, sdcard_type, fs_type, mlstrustedobject;
     22 type debugfs, fs_type, mlstrustedobject;
     23 
     24 # File types
     25 type unlabeled, file_type;
     26 # Default type for anything under /system.
     27 type system_file, file_type;
     28 # Default type for anything under /data.
     29 type system_data_file, file_type, data_file_type;
     30 # /data/drm - DRM plugin data
     31 type drm_data_file, file_type, data_file_type;
     32 # /data/anr - ANR traces
     33 type anr_data_file, file_type, data_file_type, mlstrustedobject;
     34 # /data/tombstones - core dumps
     35 type tombstone_data_file, file_type, data_file_type;
     36 # /data/app - user-installed apps
     37 type apk_data_file, file_type, data_file_type;
     38 type apk_tmp_file, file_type, data_file_type, mlstrustedobject;
     39 # /data/app-private - forward-locked apps
     40 type apk_private_data_file, file_type, data_file_type;
     41 type apk_private_tmp_file, file_type, data_file_type, mlstrustedobject;
     42 # /data/dalvik-cache
     43 type dalvikcache_data_file, file_type, data_file_type;
     44 # /data/local - writable by shell
     45 type shell_data_file, file_type, data_file_type;
     46 # /data/gps
     47 type gps_data_file, file_type, data_file_type;
     48 # /data/misc subdirectories
     49 type bluetoothd_data_file, file_type, data_file_type;
     50 type bluetooth_data_file, file_type, data_file_type;
     51 type keystore_data_file, file_type, data_file_type;
     52 type vpn_data_file, file_type, data_file_type;
     53 type systemkeys_data_file, file_type, data_file_type;
     54 type wifi_data_file, file_type, data_file_type;
     55 type radio_data_file, file_type, data_file_type;
     56 type nfc_data_file, file_type, data_file_type;
     57 type camera_calibration_file, file_type, data_file_type;
     58 # /data/data subdirectories - app sandboxes
     59 type app_data_file, file_type, data_file_type;
     60 type platform_app_data_file, file_type, data_file_type, mlstrustedobject;
     61 # Default type for anything under /cache
     62 type cache_file, file_type, mlstrustedobject;
     63 # Type for /cache/.*\.{data|restore} and default
     64 # type for anything under /cache/backup
     65 type cache_backup_file, file_type, mlstrustedobject;
     66 # Default type for anything under /efs
     67 type efs_file, file_type;
     68 # Type for wallpaper file.
     69 type wallpaper_file, file_type, mlstrustedobject;
     70 # /mnt/asec
     71 type asec_apk_file, file_type, data_file_type;
     72 # /data/app-asec
     73 type asec_image_file, file_type, data_file_type;
     74 # /data/backup and /data/secure/backup
     75 type backup_data_file, file_type, data_file_type, mlstrustedobject;
     76 # For /data/security
     77 type security_file, file_type;
     78 # All devices have bluetooth efs files. But they
     79 # vary per device, so this type is used in per
     80 # device policy
     81 type bluetooth_efs_file, file_type;
     82 # Downloaded files
     83 type download_file, file_type;
     84 # /sys/devices/system/cpu
     85 type sysfs_devices_system_cpu, file_type;
     86 
     87 # Socket types
     88 type adbd_socket, file_type;
     89 type bluetooth_socket, file_type;
     90 type dbus_socket, file_type;
     91 type dnsproxyd_socket, file_type, mlstrustedobject;
     92 type gps_socket, file_type;
     93 type installd_socket, file_type;
     94 type keystore_socket, file_type;
     95 type netd_socket, file_type;
     96 type property_socket, file_type;
     97 type qemud_socket, file_type;
     98 type racoon_socket, file_type;
     99 type rild_socket, file_type;
    100 type rild_debug_socket, file_type;
    101 type system_wpa_socket, file_type;
    102 type vold_socket, file_type;
    103 type wpa_socket, file_type;
    104 type zygote_socket, file_type;
    105 
    106 # UART (for GPS) control proc file
    107 type gps_control, file_type;
    108 
    109 # Allow files to be created in their appropriate filesystems.
    110 allow fs_type self:filesystem associate;
    111 allow sysfs_type sysfs:filesystem associate;
    112 allow file_type labeledfs:filesystem associate;
    113 allow file_type tmpfs:filesystem associate;
    114 allow dev_type tmpfs:filesystem associate;
    115