Blame - private/property_contexts - android_system_sepolicy

blob: 2726d84a6005d5abd021549eefb05e8872a4765e [file] [log] [blame]

Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	1	##########################
				2	# property service keys
				3	#
				4	#
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	5	net.rmnet u:object_r:net_radio_prop:s0
				6	net.gprs u:object_r:net_radio_prop:s0
				7	net.ppp u:object_r:net_radio_prop:s0
				8	net.qmi u:object_r:net_radio_prop:s0
				9	net.lte u:object_r:net_radio_prop:s0
				10	net.cdma u:object_r:net_radio_prop:s0
Nick Kralevich	4e40429	2017-02-09 16:08:11 -0800	[diff] [blame]	11	net.dns u:object_r:net_dns_prop:s0
Jaekyun Seok	f9d2788	2018-01-12 10:19:48 +0900	[diff] [blame]	12	sys.usb.config u:object_r:system_radio_prop:s0
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	13	ril. u:object_r:radio_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	14	ro.ril. u:object_r:radio_prop:s0
Stephen Smalley	730957a	2012-04-04 16:01:19 -0400	[diff] [blame]	15	gsm. u:object_r:radio_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	16	persist.radio u:object_r:radio_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	17
				18	net. u:object_r:system_prop:s0
				19	dev. u:object_r:system_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	20	ro.runtime. u:object_r:system_prop:s0
Alex Klyubin	062236a	2016-12-27 14:05:46 -0800	[diff] [blame]	21	ro.runtime.firstboot u:object_r:firstboot_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	22	hw. u:object_r:system_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	23	ro.hw. u:object_r:system_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	24	sys. u:object_r:system_prop:s0
Alex Light	b7ebb32	2016-06-22 15:47:09 -0700	[diff] [blame]	25	sys.cppreopt u:object_r:cppreopt_prop:s0
Nick Kralevich	7914a47	2013-06-28 20:15:37 -0700	[diff] [blame]	26	sys.powerctl u:object_r:powerctl_prop:s0
Nick Kralevich	caefbd7	2015-04-23 19:42:25 -0700	[diff] [blame]	27	sys.usb.ffs. u:object_r:ffs_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	28	service. u:object_r:system_prop:s0
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	29	dhcp. u:object_r:dhcp_prop:s0
Paul Jensen	97a2cfd	2014-06-18 09:20:36 -0400	[diff] [blame]	30	dhcp.bt-pan.result u:object_r:pan_result_prop:s0
Alex Klyubin	3123b1e	2013-05-06 10:18:27 -0700	[diff] [blame]	31	bluetooth. u:object_r:bluetooth_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	32
Nick Kralevich	dd1ec6d	2013-11-01 10:45:03 -0700	[diff] [blame]	33	debug. u:object_r:debug_prop:s0
Nick Kralevich	116a20f	2014-02-05 16:36:25 -0800	[diff] [blame]	34	debug.db. u:object_r:debuggerd_prop:s0
Felipe Leme	83fd8a5	2015-12-01 18:03:05 -0800	[diff] [blame]	35	dumpstate. u:object_r:dumpstate_prop:s0
Felipe Leme	a5a8072	2016-09-21 10:44:11 -0700	[diff] [blame]	36	dumpstate.options u:object_r:dumpstate_options_prop:s0
mukesh agrawal	84cfde2	2016-04-15 11:10:06 -0700	[diff] [blame]	37	log. u:object_r:log_prop:s0
Mark Salyzyn	44c98bb	2016-06-06 12:10:00 -0700	[diff] [blame]	38	log.tag u:object_r:log_tag_prop:s0
mukesh agrawal	e651f6f	2016-04-15 11:10:39 -0700	[diff] [blame]	39	log.tag.WifiHAL u:object_r:wifi_log_prop:s0
Daniel Micay	38ac77e	2016-05-31 16:01:08 -0400	[diff] [blame]	40	security.perf_harden u:object_r:shell_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	41	service.adb.root u:object_r:shell_prop:s0
				42	service.adb.tcp.port u:object_r:shell_prop:s0
				43
William Roberts	e2ad318	2012-11-27 17:34:54 -0800	[diff] [blame]	44	persist.audio. u:object_r:audio_prop:s0
Andre Eisenbach	eebdb47	2016-02-08 15:39:00 -0800	[diff] [blame]	45	persist.bluetooth. u:object_r:bluetooth_prop:s0
Yasuhiro Matsuda	3d32817	2015-06-24 15:24:17 +0900	[diff] [blame]	46	persist.debug. u:object_r:persist_debug_prop:s0
Mark Salyzyn	9e7bbf6	2014-06-12 12:47:22 -0700	[diff] [blame]	47	persist.logd. u:object_r:logd_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	48	ro.logd. u:object_r:logd_prop:s0
Rubin Xu	0c8286f	2016-01-04 15:20:45 +0000	[diff] [blame]	49	persist.logd.security u:object_r:device_logging_prop:s0
Mark Salyzyn	68d67a0	2016-06-06 12:18:46 -0700	[diff] [blame]	50	persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0
Mark Salyzyn	91e7ac9	2016-07-08 08:41:08 -0700	[diff] [blame]	51	logd.logpersistd u:object_r:logpersistd_logging_prop:s0
Mark Salyzyn	44c98bb	2016-06-06 12:10:00 -0700	[diff] [blame]	52	persist.log.tag u:object_r:log_tag_prop:s0
Mark Salyzyn	d143560	2016-02-04 10:55:43 -0800	[diff] [blame]	53	persist.mmc. u:object_r:mmc_prop:s0
Lorenzo Colitti	5b3efd3	2017-07-11 09:43:19 +0900	[diff] [blame]	54	persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	55	persist.sys. u:object_r:system_prop:s0
Sami Tolvanen	9c16871	2016-02-05 15:42:32 -0800	[diff] [blame]	56	persist.sys.safemode u:object_r:safemode_prop:s0
dcashman	3e8d1bf	2016-03-02 16:14:17 -0800	[diff] [blame]	57	ro.sys.safemode u:object_r:safemode_prop:s0
Sami Tolvanen	9c16871	2016-02-05 15:42:32 -0800	[diff] [blame]	58	persist.sys.audit_safemode u:object_r:safemode_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	59	persist.service. u:object_r:system_prop:s0
Alex Klyubin	3123b1e	2013-05-06 10:18:27 -0700	[diff] [blame]	60	persist.service.bdroid. u:object_r:bluetooth_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	61	persist.security. u:object_r:system_prop:s0
Lalit Maganti	673b4db	2018-04-20 19:09:45 +0100	[diff] [blame]	62	persist.traced.enable u:object_r:traced_enabled_prop:s0
Jason Monk	0e1cbf5	2016-11-09 15:19:05 -0500	[diff] [blame]	63	persist.vendor.overlay. u:object_r:overlay_prop:s0
				64	ro.boot.vendor.overlay. u:object_r:overlay_prop:s0
Nick Kralevich	bb9a388	2016-12-13 19:50:36 -0800	[diff] [blame]	65	ro.boottime. u:object_r:boottime_prop:s0
Alex Klyubin	2015107	2016-12-20 15:31:37 -0800	[diff] [blame]	66	ro.serialno u:object_r:serialno_prop:s0
Alex Klyubin	6e4508e	2016-12-27 18:05:46 -0800	[diff] [blame]	67	ro.boot.btmacaddr u:object_r:bluetooth_prop:s0
Alex Klyubin	2015107	2016-12-20 15:31:37 -0800	[diff] [blame]	68	ro.boot.serialno u:object_r:serialno_prop:s0
Alex Klyubin	6e4508e	2016-12-27 18:05:46 -0800	[diff] [blame]	69	ro.bt. u:object_r:bluetooth_prop:s0
Mark Salyzyn	006c2e9	2017-08-14 14:25:10 -0700	[diff] [blame]	70	ro.boot.bootreason u:object_r:bootloader_boot_reason_prop:s0
				71	persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0
				72	sys.boot.reason u:object_r:system_boot_reason_prop:s0
Mark Salyzyn	a1bce77	2018-06-05 09:41:59 -0700	[diff] [blame]	73	sys.boot.reason.last u:object_r:last_boot_reason_prop:s0
Calin Juravle	5316548	2017-11-16 05:28:14 +0000	[diff] [blame]	74	pm. u:object_r:pm_prop:s0
Mark Salyzyn	3443caf	2015-10-24 16:20:18 -0700	[diff] [blame]	75	test.sys.boot.reason u:object_r:test_boot_reason_prop:s0
Suren Baghdasaryan	c8ed855	2018-07-24 17:04:18 -0700	[diff] [blame]	76	sys.lmk. u:object_r:system_lmk_prop:s0
William Roberts	9e70c8b	2013-01-23 14:02:43 -0800	[diff] [blame]	77
Rubin Xu	0c8286f	2016-01-04 15:20:45 +0000	[diff] [blame]	78	# Boolean property set by system server upon boot indicating
				79	# if device owner is provisioned.
				80	ro.device_owner u:object_r:device_logging_prop:s0
				81
William Roberts	9e70c8b	2013-01-23 14:02:43 -0800	[diff] [blame]	82	# selinux non-persistent properties
Jeff Sharkey	7617cd4	2015-06-09 11:01:04 -0700	[diff] [blame]	83	selinux.restorecon_recursive u:object_r:restorecon_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	84
				85	# default property context
				86	* u:object_r:default_prop:s0
				87
				88	# data partition encryption properties
				89	vold. u:object_r:vold_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	90	ro.crypto. u:object_r:vold_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	91
Nick Kralevich	c48971f	2014-11-18 14:36:23 -0800	[diff] [blame]	92	# ro.build.fingerprint is either set in /system/build.prop, or is
				93	# set at runtime by system_server.
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	94	ro.build.fingerprint u:object_r:fingerprint_prop:s0
Nick Kralevich	c48971f	2014-11-18 14:36:23 -0800	[diff] [blame]	95
Keun-young Park	f67c346	2017-02-28 19:21:31 -0800	[diff] [blame]	96	ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0
				97
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	98	# ctl properties
Robert Craig	4b3893f	2014-02-18 13:24:26 -0500	[diff] [blame]	99	ctl.bootanim u:object_r:ctl_bootanim_prop:s0
Wei Wang	a1db36e	2018-04-05 12:13:43 -0700	[diff] [blame]	100	ctl.android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	101	ctl.dumpstate u:object_r:ctl_dumpstate_prop:s0
Robert Craig	4b3893f	2014-02-18 13:24:26 -0500	[diff] [blame]	102	ctl.fuse_ u:object_r:ctl_fuse_prop:s0
				103	ctl.mdnsd u:object_r:ctl_mdnsd_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	104	ctl.ril-daemon u:object_r:ctl_rildaemon_prop:s0
Stephen Smalley	1c0c010	2014-03-06 14:47:22 -0500	[diff] [blame]	105	ctl.bugreport u:object_r:ctl_bugreport_prop:s0
Jeff Vander Stoep	8b015f9	2015-04-24 14:39:16 -0700	[diff] [blame]	106	ctl.console u:object_r:ctl_console_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	107	ctl. u:object_r:ctl_default_prop:s0
Martijn Coenen	9ac7df2	2014-09-25 15:13:41 -0700	[diff] [blame]	108
Tom Cherry	7b8be35	2018-05-03 17:00:16 -0700	[diff] [blame]	109	# Don't allow blind access to all services
				110	ctl.sigstop_on$ u:object_r:ctl_sigstop_prop:s0
				111	ctl.sigstop_off$ u:object_r:ctl_sigstop_prop:s0
				112	ctl.start$ u:object_r:ctl_start_prop:s0
				113	ctl.stop$ u:object_r:ctl_stop_prop:s0
				114	ctl.restart$ u:object_r:ctl_restart_prop:s0
				115	ctl.interface_start$ u:object_r:ctl_interface_start_prop:s0
				116	ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0
				117	ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0
				118
Samuel Ha	22f9819	2018-06-26 19:52:21 +0000	[diff] [blame]	119	# Restrict access to starting/stopping adbd
				120	ctl.start$adbd u:object_r:ctl_adbd_prop:s0
				121	ctl.stop$adbd u:object_r:ctl_adbd_prop:s0
				122	ctl.restart$adbd u:object_r:ctl_adbd_prop:s0
				123
Martijn Coenen	9ac7df2	2014-09-25 15:13:41 -0700	[diff] [blame]	124	# NFC properties
				125	nfc. u:object_r:nfc_prop:s0
Stephen Smalley	54e9bc4	2014-09-04 08:44:49 -0400	[diff] [blame]	126
				127	# These properties are not normally set by processes other than init.
				128	# They are only distinguished here for setting by qemu-props on the
				129	# emulator/goldfish.
				130	config. u:object_r:config_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	131	ro.config. u:object_r:config_prop:s0
Stephen Smalley	54e9bc4	2014-09-04 08:44:49 -0400	[diff] [blame]	132	dalvik. u:object_r:dalvik_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	133	ro.dalvik. u:object_r:dalvik_prop:s0
Christopher Wiley	bf18eca	2016-06-29 11:28:20 -0700	[diff] [blame]	134
				135	# Shared between system server and wificond
				136	wlan. u:object_r:wifi_prop:s0
Iliyan Malchev	96031a8	2016-09-19 15:23:41 -0700	[diff] [blame]	137
Dan Cashman	91d398d	2017-09-26 12:58:29 -0700	[diff] [blame]	138	# Lowpan properties
				139	lowpan. u:object_r:lowpan_prop:s0
				140	ro.lowpan. u:object_r:lowpan_prop:s0
				141
Iliyan Malchev	96031a8	2016-09-19 15:23:41 -0700	[diff] [blame]	142	# hwservicemanager properties
				143	hwservicemanager. u:object_r:hwservicemanager_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	144
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	145	# Common default properties for vendor and odm.
				146	init.svc.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	147	init.svc.vendor. u:object_r:vendor_default_prop:s0
				148	ro.hardware. u:object_r:vendor_default_prop:s0
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	149	ro.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	150	ro.vendor. u:object_r:vendor_default_prop:s0
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	151	odm. u:object_r:vendor_default_prop:s0
				152	persist.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	153	persist.vendor. u:object_r:vendor_default_prop:s0
				154	vendor. u:object_r:vendor_default_prop:s0
Neil Fuller	b794ad0	2018-06-25 15:36:51 +0100	[diff] [blame]	155
				156	# Properties that relate to time / time zone detection behavior.
				157	persist.time. u:object_r:time_prop:s0