| # Filesystem types |
| type labeledfs, fs_type; |
| type pipefs, fs_type; |
| type sockfs, fs_type; |
| type rootfs, fs_type; |
| type proc, fs_type; |
| type selinuxfs, fs_type; |
| type cgroup, fs_type, mlstrustedobject; |
| type sysfs, fs_type, mlstrustedobject; |
| type sysfs_writable, fs_type, sysfs_type, mlstrustedobject; |
| type inotify, fs_type, mlstrustedobject; |
| type devpts, fs_type; |
| type tmpfs, fs_type; |
| type shm, fs_type; |
| type mqueue, fs_type; |
| type sdcard, fs_type, mlstrustedobject; |
| type debugfs, fs_type, mlstrustedobject; |
| |
| # File types |
| type unlabeled, file_type; |
| # Default type for anything under /system. |
| type system_file, file_type; |
| # Default type for anything under /data. |
| type system_data_file, file_type, data_file_type; |
| # /data/anr - ANR traces |
| type anr_data_file, file_type, data_file_type; |
| # /data/tombstones - core dumps |
| type tombstone_data_file, file_type, data_file_type; |
| # /data/app - user-installed apps |
| type apk_data_file, file_type, data_file_type, mlstrustedobject; |
| # /data/dalvik-cache |
| type dalvikcache_data_file, file_type, data_file_type; |
| # /data/local - writable by shell |
| type shell_data_file, file_type, data_file_type; |
| # /data/gps |
| type gps_data_file, file_type, data_file_type; |
| # /data/misc subdirectories |
| type bluetoothd_data_file, file_type, data_file_type; |
| type bluetooth_data_file, file_type, data_file_type; |
| type keystore_data_file, file_type, data_file_type; |
| type vpn_data_file, file_type, data_file_type; |
| type systemkeys_data_file, file_type, data_file_type; |
| type wifi_data_file, file_type, data_file_type; |
| type radio_data_file, file_type, data_file_type; |
| type nfc_data_file, file_type, data_file_type; |
| # /data/data subdirectories - app sandboxes |
| type app_data_file, file_type, data_file_type; |
| # Default type for anything under /cache |
| type cache_file, file_type, mlstrustedobject; |
| # Default type for anything under /efs |
| type efs_file, file_type; |
| |
| # Socket types |
| type bluetooth_socket, file_type; |
| type dbus_socket, file_type; |
| type dnsproxyd_socket, file_type, mlstrustedobject; |
| type gps_socket, file_type; |
| type installd_socket, file_type; |
| type keystore_socket, file_type; |
| type netd_socket, file_type; |
| type property_socket, file_type; |
| type qemud_socket, file_type; |
| type rild_socket, file_type; |
| type rild_debug_socket, file_type; |
| type system_wpa_socket, file_type; |
| type vold_socket, file_type; |
| type wpa_socket, file_type; |
| type zygote_socket, file_type; |
| |
| # Allow files to be created in their appropriate filesystems. |
| allow fs_type self:filesystem associate; |
| allow sysfs_type sysfs:filesystem associate; |
| allow file_type labeledfs:filesystem associate; |
| allow file_type tmpfs:filesystem associate; |
| allow dev_type tmpfs:filesystem associate; |