Blame - private/property_contexts - android_system_sepolicy

blob: a34a52c3f9a26c5e811ac8f07142697dfd5195d7 [file] [log] [blame]

Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	1	##########################
				2	# property service keys
				3	#
				4	#
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	5	net.rmnet u:object_r:net_radio_prop:s0
				6	net.gprs u:object_r:net_radio_prop:s0
				7	net.ppp u:object_r:net_radio_prop:s0
				8	net.qmi u:object_r:net_radio_prop:s0
				9	net.lte u:object_r:net_radio_prop:s0
				10	net.cdma u:object_r:net_radio_prop:s0
Nick Kralevich	4e40429	2017-02-09 16:08:11 -0800	[diff] [blame]	11	net.dns u:object_r:net_dns_prop:s0
Jaekyun Seok	f9d2788	2018-01-12 10:19:48 +0900	[diff] [blame]	12	sys.usb.config u:object_r:system_radio_prop:s0
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	13	ril. u:object_r:radio_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	14	ro.ril. u:object_r:radio_prop:s0
Stephen Smalley	730957a	2012-04-04 16:01:19 -0400	[diff] [blame]	15	gsm. u:object_r:radio_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	16	persist.radio u:object_r:radio_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	17
				18	net. u:object_r:system_prop:s0
				19	dev. u:object_r:system_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	20	ro.runtime. u:object_r:system_prop:s0
Alex Klyubin	062236a	2016-12-27 14:05:46 -0800	[diff] [blame]	21	ro.runtime.firstboot u:object_r:firstboot_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	22	hw. u:object_r:system_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	23	ro.hw. u:object_r:system_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	24	sys. u:object_r:system_prop:s0
Alex Light	b7ebb32	2016-06-22 15:47:09 -0700	[diff] [blame]	25	sys.cppreopt u:object_r:cppreopt_prop:s0
Nick Kralevich	7914a47	2013-06-28 20:15:37 -0700	[diff] [blame]	26	sys.powerctl u:object_r:powerctl_prop:s0
Nick Kralevich	caefbd7	2015-04-23 19:42:25 -0700	[diff] [blame]	27	sys.usb.ffs. u:object_r:ffs_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	28	service. u:object_r:system_prop:s0
Stephen Smalley	fee4915	2014-06-19 10:27:02 -0400	[diff] [blame]	29	dhcp. u:object_r:dhcp_prop:s0
Paul Jensen	97a2cfd	2014-06-18 09:20:36 -0400	[diff] [blame]	30	dhcp.bt-pan.result u:object_r:pan_result_prop:s0
Alex Klyubin	3123b1e	2013-05-06 10:18:27 -0700	[diff] [blame]	31	bluetooth. u:object_r:bluetooth_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	32
Nick Kralevich	dd1ec6d	2013-11-01 10:45:03 -0700	[diff] [blame]	33	debug. u:object_r:debug_prop:s0
Nick Kralevich	116a20f	2014-02-05 16:36:25 -0800	[diff] [blame]	34	debug.db. u:object_r:debuggerd_prop:s0
Felipe Leme	83fd8a5	2015-12-01 18:03:05 -0800	[diff] [blame]	35	dumpstate. u:object_r:dumpstate_prop:s0
Felipe Leme	a5a8072	2016-09-21 10:44:11 -0700	[diff] [blame]	36	dumpstate.options u:object_r:dumpstate_options_prop:s0
Mark Salyzyn	275ea12	2018-08-07 16:03:47 -0700	[diff] [blame]	37	llk. u:object_r:llkd_prop:s0
				38	khungtask. u:object_r:llkd_prop:s0
				39	ro.llk. u:object_r:llkd_prop:s0
				40	ro.khungtask. u:object_r:llkd_prop:s0
mukesh agrawal	84cfde2	2016-04-15 11:10:06 -0700	[diff] [blame]	41	log. u:object_r:log_prop:s0
Mark Salyzyn	44c98bb	2016-06-06 12:10:00 -0700	[diff] [blame]	42	log.tag u:object_r:log_tag_prop:s0
mukesh agrawal	e651f6f	2016-04-15 11:10:39 -0700	[diff] [blame]	43	log.tag.WifiHAL u:object_r:wifi_log_prop:s0
Daniel Micay	38ac77e	2016-05-31 16:01:08 -0400	[diff] [blame]	44	security.perf_harden u:object_r:shell_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	45	service.adb.root u:object_r:shell_prop:s0
				46	service.adb.tcp.port u:object_r:shell_prop:s0
				47
William Roberts	e2ad318	2012-11-27 17:34:54 -0800	[diff] [blame]	48	persist.audio. u:object_r:audio_prop:s0
Andre Eisenbach	eebdb47	2016-02-08 15:39:00 -0800	[diff] [blame]	49	persist.bluetooth. u:object_r:bluetooth_prop:s0
Yasuhiro Matsuda	3d32817	2015-06-24 15:24:17 +0900	[diff] [blame]	50	persist.debug. u:object_r:persist_debug_prop:s0
Mark Salyzyn	9e7bbf6	2014-06-12 12:47:22 -0700	[diff] [blame]	51	persist.logd. u:object_r:logd_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	52	ro.logd. u:object_r:logd_prop:s0
Rubin Xu	0c8286f	2016-01-04 15:20:45 +0000	[diff] [blame]	53	persist.logd.security u:object_r:device_logging_prop:s0
Mark Salyzyn	68d67a0	2016-06-06 12:18:46 -0700	[diff] [blame]	54	persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0
Mark Salyzyn	91e7ac9	2016-07-08 08:41:08 -0700	[diff] [blame]	55	logd.logpersistd u:object_r:logpersistd_logging_prop:s0
Mark Salyzyn	44c98bb	2016-06-06 12:10:00 -0700	[diff] [blame]	56	persist.log.tag u:object_r:log_tag_prop:s0
Mark Salyzyn	d143560	2016-02-04 10:55:43 -0800	[diff] [blame]	57	persist.mmc. u:object_r:mmc_prop:s0
Lorenzo Colitti	5b3efd3	2017-07-11 09:43:19 +0900	[diff] [blame]	58	persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	59	persist.sys. u:object_r:system_prop:s0
Sami Tolvanen	9c16871	2016-02-05 15:42:32 -0800	[diff] [blame]	60	persist.sys.safemode u:object_r:safemode_prop:s0
dcashman	3e8d1bf	2016-03-02 16:14:17 -0800	[diff] [blame]	61	ro.sys.safemode u:object_r:safemode_prop:s0
Sami Tolvanen	9c16871	2016-02-05 15:42:32 -0800	[diff] [blame]	62	persist.sys.audit_safemode u:object_r:safemode_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	63	persist.service. u:object_r:system_prop:s0
Alex Klyubin	3123b1e	2013-05-06 10:18:27 -0700	[diff] [blame]	64	persist.service.bdroid. u:object_r:bluetooth_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	65	persist.security. u:object_r:system_prop:s0
Lalit Maganti	673b4db	2018-04-20 19:09:45 +0100	[diff] [blame]	66	persist.traced.enable u:object_r:traced_enabled_prop:s0
Florian Mayer	c32ca90	2018-12-10 16:20:20 +0000	[diff] [blame]	67	persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0
Jason Monk	0e1cbf5	2016-11-09 15:19:05 -0500	[diff] [blame]	68	persist.vendor.overlay. u:object_r:overlay_prop:s0
				69	ro.boot.vendor.overlay. u:object_r:overlay_prop:s0
Nick Kralevich	bb9a388	2016-12-13 19:50:36 -0800	[diff] [blame]	70	ro.boottime. u:object_r:boottime_prop:s0
Alex Klyubin	2015107	2016-12-20 15:31:37 -0800	[diff] [blame]	71	ro.serialno u:object_r:serialno_prop:s0
Alex Klyubin	6e4508e	2016-12-27 18:05:46 -0800	[diff] [blame]	72	ro.boot.btmacaddr u:object_r:bluetooth_prop:s0
Alex Klyubin	2015107	2016-12-20 15:31:37 -0800	[diff] [blame]	73	ro.boot.serialno u:object_r:serialno_prop:s0
Alex Klyubin	6e4508e	2016-12-27 18:05:46 -0800	[diff] [blame]	74	ro.bt. u:object_r:bluetooth_prop:s0
Mark Salyzyn	006c2e9	2017-08-14 14:25:10 -0700	[diff] [blame]	75	ro.boot.bootreason u:object_r:bootloader_boot_reason_prop:s0
				76	persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0
				77	sys.boot.reason u:object_r:system_boot_reason_prop:s0
Mark Salyzyn	a1bce77	2018-06-05 09:41:59 -0700	[diff] [blame]	78	sys.boot.reason.last u:object_r:last_boot_reason_prop:s0
Calin Juravle	5316548	2017-11-16 05:28:14 +0000	[diff] [blame]	79	pm. u:object_r:pm_prop:s0
Mark Salyzyn	3443caf	2015-10-24 16:20:18 -0700	[diff] [blame]	80	test.sys.boot.reason u:object_r:test_boot_reason_prop:s0
Suren Baghdasaryan	c8ed855	2018-07-24 17:04:18 -0700	[diff] [blame]	81	sys.lmk. u:object_r:system_lmk_prop:s0
Primiano Tucci	8da4e4f	2019-02-01 22:52:02 +0000	[diff] [blame]	82	sys.trace. u:object_r:system_trace_prop:s0
William Roberts	9e70c8b	2013-01-23 14:02:43 -0800	[diff] [blame]	83
Rubin Xu	0c8286f	2016-01-04 15:20:45 +0000	[diff] [blame]	84	# Boolean property set by system server upon boot indicating
				85	# if device owner is provisioned.
				86	ro.device_owner u:object_r:device_logging_prop:s0
				87
William Roberts	9e70c8b	2013-01-23 14:02:43 -0800	[diff] [blame]	88	# selinux non-persistent properties
Jeff Sharkey	7617cd4	2015-06-09 11:01:04 -0700	[diff] [blame]	89	selinux.restorecon_recursive u:object_r:restorecon_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	90
				91	# default property context
				92	* u:object_r:default_prop:s0
				93
				94	# data partition encryption properties
				95	vold. u:object_r:vold_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	96	ro.crypto. u:object_r:vold_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	97
Nick Kralevich	c48971f	2014-11-18 14:36:23 -0800	[diff] [blame]	98	# ro.build.fingerprint is either set in /system/build.prop, or is
				99	# set at runtime by system_server.
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	100	ro.build.fingerprint u:object_r:fingerprint_prop:s0
Nick Kralevich	c48971f	2014-11-18 14:36:23 -0800	[diff] [blame]	101
Keun-young Park	f67c346	2017-02-28 19:21:31 -0800	[diff] [blame]	102	ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0
				103
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	104	# ctl properties
Robert Craig	4b3893f	2014-02-18 13:24:26 -0500	[diff] [blame]	105	ctl.bootanim u:object_r:ctl_bootanim_prop:s0
Wei Wang	a1db36e	2018-04-05 12:13:43 -0700	[diff] [blame]	106	ctl.android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	107	ctl.dumpstate u:object_r:ctl_dumpstate_prop:s0
Robert Craig	4b3893f	2014-02-18 13:24:26 -0500	[diff] [blame]	108	ctl.fuse_ u:object_r:ctl_fuse_prop:s0
				109	ctl.mdnsd u:object_r:ctl_mdnsd_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	110	ctl.ril-daemon u:object_r:ctl_rildaemon_prop:s0
Stephen Smalley	1c0c010	2014-03-06 14:47:22 -0500	[diff] [blame]	111	ctl.bugreport u:object_r:ctl_bugreport_prop:s0
Jeff Vander Stoep	8b015f9	2015-04-24 14:39:16 -0700	[diff] [blame]	112	ctl.console u:object_r:ctl_console_prop:s0
Stephen Smalley	124720a	2012-04-04 10:11:16 -0400	[diff] [blame]	113	ctl. u:object_r:ctl_default_prop:s0
Martijn Coenen	9ac7df2	2014-09-25 15:13:41 -0700	[diff] [blame]	114
Tom Cherry	7b8be35	2018-05-03 17:00:16 -0700	[diff] [blame]	115	# Don't allow blind access to all services
				116	ctl.sigstop_on$ u:object_r:ctl_sigstop_prop:s0
				117	ctl.sigstop_off$ u:object_r:ctl_sigstop_prop:s0
				118	ctl.start$ u:object_r:ctl_start_prop:s0
				119	ctl.stop$ u:object_r:ctl_stop_prop:s0
				120	ctl.restart$ u:object_r:ctl_restart_prop:s0
				121	ctl.interface_start$ u:object_r:ctl_interface_start_prop:s0
				122	ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0
				123	ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0
				124
Samuel Ha	22f9819	2018-06-26 19:52:21 +0000	[diff] [blame]	125	# Restrict access to starting/stopping adbd
				126	ctl.start$adbd u:object_r:ctl_adbd_prop:s0
				127	ctl.stop$adbd u:object_r:ctl_adbd_prop:s0
				128	ctl.restart$adbd u:object_r:ctl_adbd_prop:s0
				129
Martijn Coenen	9ac7df2	2014-09-25 15:13:41 -0700	[diff] [blame]	130	# NFC properties
				131	nfc. u:object_r:nfc_prop:s0
Stephen Smalley	54e9bc4	2014-09-04 08:44:49 -0400	[diff] [blame]	132
				133	# These properties are not normally set by processes other than init.
				134	# They are only distinguished here for setting by qemu-props on the
				135	# emulator/goldfish.
				136	config. u:object_r:config_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	137	ro.config. u:object_r:config_prop:s0
Stephen Smalley	54e9bc4	2014-09-04 08:44:49 -0400	[diff] [blame]	138	dalvik. u:object_r:dalvik_prop:s0
Tom Cherry	f89847a	2016-01-11 13:06:25 -0800	[diff] [blame]	139	ro.dalvik. u:object_r:dalvik_prop:s0
Christopher Wiley	bf18eca	2016-06-29 11:28:20 -0700	[diff] [blame]	140
				141	# Shared between system server and wificond
				142	wlan. u:object_r:wifi_prop:s0
Iliyan Malchev	96031a8	2016-09-19 15:23:41 -0700	[diff] [blame]	143
Dan Cashman	91d398d	2017-09-26 12:58:29 -0700	[diff] [blame]	144	# Lowpan properties
				145	lowpan. u:object_r:lowpan_prop:s0
				146	ro.lowpan. u:object_r:lowpan_prop:s0
				147
Florian Mayer	0f3decf	2018-11-08 13:58:13 +0000	[diff] [blame]	148	# heapprofd properties
				149	heapprofd. u:object_r:heapprofd_prop:s0
				150
Iliyan Malchev	96031a8	2016-09-19 15:23:41 -0700	[diff] [blame]	151	# hwservicemanager properties
				152	hwservicemanager. u:object_r:hwservicemanager_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	153
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	154	# Common default properties for vendor and odm.
				155	init.svc.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	156	init.svc.vendor. u:object_r:vendor_default_prop:s0
				157	ro.hardware. u:object_r:vendor_default_prop:s0
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	158	ro.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	159	ro.vendor. u:object_r:vendor_default_prop:s0
Jaekyun Seok	afca82a	2018-01-18 13:25:28 +0900	[diff] [blame]	160	odm. u:object_r:vendor_default_prop:s0
				161	persist.odm. u:object_r:vendor_default_prop:s0
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	162	persist.vendor. u:object_r:vendor_default_prop:s0
				163	vendor. u:object_r:vendor_default_prop:s0
Tom Cherry	30dd711	2018-10-23 13:25:05 -0700	[diff] [blame]	164	# ro.boot. properties are set based on kernel commandline arguments, which are vendor owned.
				165	ro.boot. u:object_r:exported2_default_prop:s0
Neil Fuller	b794ad0	2018-06-25 15:36:51 +0100	[diff] [blame]	166
				167	# Properties that relate to time / time zone detection behavior.
				168	persist.time. u:object_r:time_prop:s0
Hongyi Zhang	a6f9892	2018-10-25 20:09:55 -0700	[diff] [blame]	169
				170	# Properties that relate to server configurable flags
Hongyi Zhang	b965e3c	2018-11-08 16:46:19 -0800	[diff] [blame]	171	device_config.reset_performed u:object_r:device_config_reset_performed_prop:s0
Ng Zhi An	c5bf4a3	2019-01-17 13:30:05 -0800	[diff] [blame]	172	persist.device_config.activity_manager_native_boot. u:object_r:device_config_activity_manager_native_boot_prop:s0
Hongyi Zhang	a6f9892	2018-10-25 20:09:55 -0700	[diff] [blame]	173	persist.device_config.attempted_boot_count u:object_r:device_config_boot_count_prop:s0
Siarhei Vishniakou	c0c9155	2019-01-14 14:18:38 -0800	[diff] [blame]	174	persist.device_config.input_native_boot. u:object_r:device_config_input_native_boot_prop:s0
chenbruce	e3d625b	2018-12-27 18:01:25 +0800	[diff] [blame]	175	persist.device_config.netd_native. u:object_r:device_config_netd_native_prop:s0
Mathieu Chartier	669cef8	2019-01-29 09:57:11 -0800	[diff] [blame]	176	persist.device_config.runtime_native. u:object_r:device_config_runtime_native_prop:s0
Mathieu Chartier	0327d10	2019-02-01 13:43:11 -0800	[diff] [blame]	177	persist.device_config.runtime_native_boot. u:object_r:device_config_runtime_native_boot_prop:s0
Dongwon Kang	523c746	2019-01-30 15:28:31 -0800	[diff] [blame]	178	persist.device_config.media_native. u:object_r:device_config_media_native_prop:s0
Jiyong Park	b14c1a9	2018-11-08 11:24:34 +0900	[diff] [blame]	179
				180	apexd. u:object_r:apexd_prop:s0
Martijn Coenen	97650f5	2019-01-09 12:04:03 +0100	[diff] [blame]	181	persist.apexd. u:object_r:apexd_prop:s0
Joel Fernandes	b76a639	2019-01-11 08:32:45 -0500	[diff] [blame]	182
				183	bpf.progs_loaded u:object_r:bpf_progs_loaded_prop:s0
David Anderson	8fe3c74	2019-02-07 13:14:20 -0800	[diff] [blame]	184
				185	gsid. u:object_r:gsid_prop:s0
				186	ro.gsid. u:object_r:gsid_prop:s0