| Inseob Kim | ff43be2 | 2021-06-07 16:56:56 +0900 | [diff] [blame^] | 1 | type aidl_lazy_test_service, service_manager_type; |
| 2 | type apc_service, service_manager_type; |
| 3 | type apex_service, service_manager_type; |
| 4 | type artd_service, service_manager_type; |
| 5 | type audioserver_service, service_manager_type; |
| 6 | type authorization_service, service_manager_type; |
| 7 | type batteryproperties_service, app_api_service, ephemeral_app_api_service, service_manager_type; |
| 8 | type bluetooth_service, service_manager_type; |
| 9 | type cameraserver_service, service_manager_type; |
| 10 | type default_android_service, service_manager_type; |
| 11 | type dnsresolver_service, service_manager_type; |
| 12 | type drmserver_service, service_manager_type; |
| 13 | type dumpstate_service, service_manager_type; |
| 14 | type fingerprintd_service, service_manager_type; |
| 15 | type gatekeeper_service, app_api_service, service_manager_type; |
| 16 | type gpu_service, app_api_service, ephemeral_app_api_service, service_manager_type; |
| 17 | type idmap_service, service_manager_type; |
| 18 | type iorapd_service, service_manager_type; |
| 19 | type incident_service, service_manager_type; |
| 20 | type installd_service, service_manager_type; |
| 21 | type credstore_service, app_api_service, service_manager_type; |
| 22 | type keystore_compat_hal_service, service_manager_type; |
| 23 | type keystore_maintenance_service, service_manager_type; |
| 24 | type keystore_service, service_manager_type; |
| 25 | type lpdump_service, service_manager_type; |
| 26 | type mediaserver_service, service_manager_type; |
| 27 | type mediametrics_service, service_manager_type; |
| 28 | type mediaextractor_service, service_manager_type; |
| 29 | type mediadrmserver_service, service_manager_type; |
| 30 | type mediatranscoding_service, app_api_service, service_manager_type; |
| 31 | type netd_service, service_manager_type; |
| 32 | type nfc_service, service_manager_type; |
| 33 | type radio_service, service_manager_type; |
| 34 | type remoteprovisioning_service, service_manager_type; |
| 35 | type secure_element_service, service_manager_type; |
| 36 | type service_manager_service, service_manager_type; |
| 37 | type storaged_service, service_manager_type; |
| 38 | type surfaceflinger_service, app_api_service, ephemeral_app_api_service, service_manager_type; |
| 39 | type system_app_service, service_manager_type; |
| 40 | type system_suspend_control_internal_service, service_manager_type; |
| 41 | type system_suspend_control_service, service_manager_type; |
| 42 | type update_engine_service, service_manager_type; |
| 43 | type update_engine_stable_service, service_manager_type; |
| 44 | type virtualization_service, service_manager_type; |
| 45 | type virtual_touchpad_service, service_manager_type; |
| 46 | type vold_service, service_manager_type; |
| 47 | type vpnprofilestore_service, service_manager_type; |
| 48 | type vr_hwc_service, service_manager_type; |
| 49 | type vrflinger_vsync_service, service_manager_type; |
| 50 | |
| 51 | # system_server_services broken down |
| 52 | type accessibility_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 53 | type account_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 54 | type activity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 55 | type activity_task_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 56 | type adb_service, system_api_service, system_server_service, service_manager_type; |
| 57 | type alarm_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 58 | type app_binding_service, system_server_service, service_manager_type; |
| 59 | type app_hibernation_service, system_api_service, system_server_service, service_manager_type; |
| 60 | type app_integrity_service, system_api_service, system_server_service, service_manager_type; |
| 61 | type app_prediction_service, app_api_service, system_server_service, service_manager_type; |
| 62 | type app_search_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 63 | type appops_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 64 | type appwidget_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 65 | type assetatlas_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 66 | type audio_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 67 | type auth_service, app_api_service, system_server_service, service_manager_type; |
| 68 | type autofill_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 69 | type backup_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 70 | type batterystats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 71 | type battery_service, system_server_service, service_manager_type; |
| 72 | type binder_calls_stats_service, system_server_service, service_manager_type; |
| 73 | type blob_store_service, app_api_service, system_server_service, service_manager_type; |
| 74 | type bluetooth_manager_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 75 | type broadcastradio_service, system_server_service, service_manager_type; |
| 76 | type cacheinfo_service, system_api_service, system_server_service, service_manager_type; |
| 77 | type cameraproxy_service, system_server_service, service_manager_type; |
| 78 | type clipboard_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 79 | type contexthub_service, app_api_service, system_server_service, service_manager_type; |
| 80 | type crossprofileapps_service, app_api_service, system_server_service, service_manager_type; |
| 81 | type IProxyService_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 82 | type companion_device_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 83 | type connectivity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 84 | type connmetrics_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 85 | type consumer_ir_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 86 | type content_capture_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 87 | type content_suggestions_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 88 | type content_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 89 | type country_detector_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 90 | # Note: The coverage_service should only be enabled for userdebug / eng builds that were compiled |
| 91 | # with EMMA_INSTRUMENT=true. We should consider locking this down in the future. |
| 92 | type coverage_service, system_server_service, service_manager_type; |
| 93 | type cpuinfo_service, system_api_service, system_server_service, service_manager_type; |
| 94 | type dataloader_manager_service, system_server_service, service_manager_type; |
| 95 | type dbinfo_service, system_api_service, system_server_service, service_manager_type; |
| 96 | type device_config_service, system_server_service, service_manager_type; |
| 97 | type device_policy_service, app_api_service, system_server_service, service_manager_type; |
| 98 | type device_state_service, app_api_service, system_api_service, system_server_service, service_manager_type; |
| 99 | type deviceidle_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 100 | type device_identifiers_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 101 | type devicestoragemonitor_service, system_server_service, service_manager_type; |
| 102 | type diskstats_service, system_api_service, system_server_service, service_manager_type; |
| 103 | type display_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 104 | type domain_verification_service, app_api_service, system_server_service, service_manager_type; |
| 105 | type color_display_service, system_api_service, system_server_service, service_manager_type; |
| 106 | type external_vibrator_service, system_server_service, service_manager_type; |
| 107 | type file_integrity_service, app_api_service, system_server_service, service_manager_type; |
| 108 | type font_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 109 | type netd_listener_service, system_server_service, service_manager_type; |
| 110 | type network_watchlist_service, system_server_service, service_manager_type; |
| 111 | type DockObserver_service, system_server_service, service_manager_type; |
| 112 | type dreams_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 113 | type dropbox_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 114 | type lowpan_service, system_api_service, system_server_service, service_manager_type; |
| 115 | type ethernet_service, app_api_service, system_server_service, service_manager_type; |
| 116 | type biometric_service, app_api_service, system_server_service, service_manager_type; |
| 117 | type bugreport_service, app_api_service, system_server_service, service_manager_type; |
| 118 | type platform_compat_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 119 | type face_service, app_api_service, system_server_service, service_manager_type; |
| 120 | type fingerprint_service, app_api_service, system_server_service, service_manager_type; |
| 121 | type fwk_stats_service, app_api_service, system_server_service, service_manager_type; |
| 122 | type game_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 123 | type gfxinfo_service, system_api_service, system_server_service, service_manager_type; |
| 124 | type graphicsstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 125 | type hardware_service, system_server_service, service_manager_type; |
| 126 | type hardware_properties_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 127 | type hdmi_control_service, app_api_service, system_server_service, service_manager_type; |
| 128 | type hint_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 129 | type imms_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 130 | type incremental_service, system_server_service, service_manager_type; |
| 131 | type input_method_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 132 | type input_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 133 | type ipsec_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 134 | type iris_service, app_api_service, system_server_service, service_manager_type; |
| 135 | type jobscheduler_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 136 | type launcherapps_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 137 | type legacy_permission_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 138 | type light_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 139 | type location_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 140 | type location_time_zone_manager_service, system_server_service, service_manager_type; |
| 141 | type lock_settings_service, app_api_service, system_api_service, system_server_service, service_manager_type; |
| 142 | type looper_stats_service, system_server_service, service_manager_type; |
| 143 | type media_communication_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 144 | type media_metrics_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 145 | type media_projection_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 146 | type media_router_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 147 | type media_session_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 148 | type meminfo_service, system_api_service, system_server_service, service_manager_type; |
| 149 | type memtrackproxy_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 150 | type midi_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 151 | type mount_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 152 | type music_recognition_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 153 | type netpolicy_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 154 | type netstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 155 | type network_management_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 156 | type network_score_service, system_api_service, system_server_service, service_manager_type; |
| 157 | type network_stack_service, system_server_service, service_manager_type; |
| 158 | type network_time_update_service, system_server_service, service_manager_type; |
| 159 | type notification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 160 | type oem_lock_service, system_api_service, system_server_service, service_manager_type; |
| 161 | type otadexopt_service, system_server_service, service_manager_type; |
| 162 | type overlay_service, system_api_service, system_server_service, service_manager_type; |
| 163 | type pac_proxy_service, system_server_service, service_manager_type; |
| 164 | type package_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 165 | type package_native_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 166 | type people_service, app_api_service, system_server_service, service_manager_type; |
| 167 | type permission_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 168 | type permissionmgr_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 169 | type permission_checker_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 170 | type persistent_data_block_service, system_api_service, system_server_service, service_manager_type; |
| 171 | type pinner_service, system_server_service, service_manager_type; |
| 172 | type power_stats_service, app_api_service, system_server_service, service_manager_type; |
| 173 | type power_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 174 | type print_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 175 | type processinfo_service, system_server_service, service_manager_type; |
| 176 | type procstats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 177 | type reboot_readiness_service, app_api_service, system_server_service, service_manager_type; |
| 178 | type recovery_service, system_server_service, service_manager_type; |
| 179 | type registry_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 180 | type restrictions_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 181 | type role_service, app_api_service, system_server_service, service_manager_type; |
| 182 | type rollback_service, app_api_service, system_server_service, service_manager_type; |
| 183 | type runtime_service, system_server_service, service_manager_type; |
| 184 | type rttmanager_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 185 | type samplingprofiler_service, system_server_service, service_manager_type; |
| 186 | type scheduling_policy_service, system_server_service, service_manager_type; |
| 187 | type search_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 188 | type search_ui_service, app_api_service, system_server_service, service_manager_type; |
| 189 | type sec_key_att_app_id_provider_service, app_api_service, system_server_service, service_manager_type; |
| 190 | type sensorservice_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 191 | type sensor_privacy_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 192 | type serial_service, system_api_service, system_server_service, service_manager_type; |
| 193 | type servicediscovery_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 194 | type settings_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 195 | type shortcut_service, app_api_service, system_server_service, service_manager_type; |
| 196 | type slice_service, app_api_service, system_server_service, service_manager_type; |
| 197 | type smartspace_service, app_api_service, system_server_service, service_manager_type; |
| 198 | type statusbar_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 199 | type storagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 200 | type system_config_service, system_api_service, system_server_service, service_manager_type; |
| 201 | type system_server_dumper_service, system_api_service, system_server_service, service_manager_type; |
| 202 | type system_update_service, system_server_service, service_manager_type; |
| 203 | type soundtrigger_middleware_service, system_server_service, service_manager_type; |
| 204 | type speech_recognition_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 205 | type task_service, system_server_service, service_manager_type; |
| 206 | type testharness_service, system_server_service, service_manager_type; |
| 207 | type textclassification_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 208 | type textservices_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 209 | type texttospeech_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 210 | type telecom_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 211 | type thermal_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 212 | type timedetector_service, app_api_service, system_server_service, service_manager_type; |
| 213 | type timezone_service, system_server_service, service_manager_type; |
| 214 | type timezonedetector_service, app_api_service, system_server_service, service_manager_type; |
| 215 | type transformer_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 216 | type trust_service, app_api_service, system_server_service, service_manager_type; |
| 217 | type tv_input_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 218 | type tv_tuner_resource_mgr_service, app_api_service, system_server_service, service_manager_type; |
| 219 | type uimode_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 220 | type updatelock_service, system_api_service, system_server_service, service_manager_type; |
| 221 | type uri_grants_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 222 | type usagestats_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 223 | type usb_service, app_api_service, system_server_service, service_manager_type; |
| 224 | type user_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 225 | type uwb_service, app_api_service, system_server_service, service_manager_type; |
| 226 | type vcn_management_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 227 | type vibrator_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 228 | type vibrator_manager_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 229 | type voiceinteraction_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 230 | type vpn_management_service, app_api_service, system_server_service, service_manager_type; |
| 231 | type vr_manager_service, system_server_service, service_manager_type; |
| 232 | type wallpaper_service, app_api_service, system_server_service, service_manager_type; |
| 233 | type webviewupdate_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 234 | type wifip2p_service, app_api_service, system_server_service, service_manager_type; |
| 235 | type wifiscanner_service, system_api_service, system_server_service, service_manager_type; |
| 236 | type wifi_service, app_api_service, system_server_service, service_manager_type; |
| 237 | type wifinl80211_service, service_manager_type; |
| 238 | type wifiaware_service, app_api_service, system_server_service, service_manager_type; |
| 239 | type window_service, system_api_service, system_server_service, service_manager_type; |
| 240 | type inputflinger_service, system_api_service, system_server_service, service_manager_type; |
| 241 | type wpantund_service, system_api_service, service_manager_type; |
| 242 | type tethering_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; |
| 243 | type emergency_affordance_service, system_server_service, service_manager_type; |
| 244 | |
| 245 | ### |
| 246 | ### HAL Services |
| 247 | ### |
| 248 | |
| 249 | type hal_audio_service, vendor_service, protected_service, service_manager_type; |
| 250 | type hal_audiocontrol_service, vendor_service, service_manager_type; |
| 251 | type hal_authsecret_service, vendor_service, protected_service, service_manager_type; |
| 252 | type hal_face_service, vendor_service, protected_service, service_manager_type; |
| 253 | type hal_fingerprint_service, vendor_service, protected_service, service_manager_type; |
| 254 | type hal_gnss_service, vendor_service, protected_service, service_manager_type; |
| 255 | type hal_health_storage_service, vendor_service, protected_service, service_manager_type; |
| 256 | type hal_identity_service, vendor_service, protected_service, service_manager_type; |
| 257 | type hal_keymint_service, vendor_service, protected_service, service_manager_type; |
| 258 | type hal_light_service, vendor_service, protected_service, service_manager_type; |
| 259 | type hal_memtrack_service, vendor_service, protected_service, service_manager_type; |
| 260 | type hal_neuralnetworks_service, vendor_service, service_manager_type; |
| 261 | type hal_oemlock_service, vendor_service, protected_service, service_manager_type; |
| 262 | type hal_power_service, vendor_service, protected_service, service_manager_type; |
| 263 | type hal_power_stats_service, vendor_service, protected_service, service_manager_type; |
| 264 | type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type; |
| 265 | type hal_remotelyprovisionedcomponent_service, vendor_service, protected_service, service_manager_type; |
| 266 | type hal_secureclock_service, vendor_service, protected_service, service_manager_type; |
| 267 | type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type; |
| 268 | type hal_vibrator_service, vendor_service, protected_service, service_manager_type; |
| 269 | type hal_weaver_service, vendor_service, protected_service, service_manager_type; |
| 270 | |
| 271 | ### |
| 272 | ### Neverallow rules |
| 273 | ### |
| 274 | |
| 275 | # servicemanager handles registering or looking up named services. |
| 276 | # It does not make sense to register or lookup something which is not a service. |
| 277 | # Trigger a compile error if this occurs. |
| 278 | neverallow domain ~{ service_manager_type vndservice_manager_type }:service_manager { add find }; |