| Tri Vo | bc8dc3a | 2019-05-26 13:17:08 -0700 | [diff] [blame^] | 1 | ########################## |
| 2 | # property service keys |
| 3 | # |
| 4 | # |
| 5 | net.rmnet u:object_r:net_radio_prop:s0 |
| 6 | net.gprs u:object_r:net_radio_prop:s0 |
| 7 | net.ppp u:object_r:net_radio_prop:s0 |
| 8 | net.qmi u:object_r:net_radio_prop:s0 |
| 9 | net.lte u:object_r:net_radio_prop:s0 |
| 10 | net.cdma u:object_r:net_radio_prop:s0 |
| 11 | net.dns u:object_r:net_dns_prop:s0 |
| 12 | sys.usb.config u:object_r:system_radio_prop:s0 |
| 13 | ril. u:object_r:radio_prop:s0 |
| 14 | ro.ril. u:object_r:radio_prop:s0 |
| 15 | gsm. u:object_r:radio_prop:s0 |
| 16 | persist.radio u:object_r:radio_prop:s0 |
| 17 | |
| 18 | net. u:object_r:system_prop:s0 |
| 19 | dev. u:object_r:system_prop:s0 |
| 20 | ro.runtime. u:object_r:system_prop:s0 |
| 21 | ro.runtime.firstboot u:object_r:firstboot_prop:s0 |
| 22 | hw. u:object_r:system_prop:s0 |
| 23 | ro.hw. u:object_r:system_prop:s0 |
| 24 | sys. u:object_r:system_prop:s0 |
| 25 | sys.cppreopt u:object_r:cppreopt_prop:s0 |
| 26 | sys.lpdumpd u:object_r:lpdumpd_prop:s0 |
| 27 | sys.powerctl u:object_r:powerctl_prop:s0 |
| 28 | sys.usb.ffs. u:object_r:ffs_prop:s0 |
| 29 | service. u:object_r:system_prop:s0 |
| 30 | dhcp. u:object_r:dhcp_prop:s0 |
| 31 | dhcp.bt-pan.result u:object_r:pan_result_prop:s0 |
| 32 | bluetooth. u:object_r:bluetooth_prop:s0 |
| 33 | |
| 34 | debug. u:object_r:debug_prop:s0 |
| 35 | debug.db. u:object_r:debuggerd_prop:s0 |
| 36 | dumpstate. u:object_r:dumpstate_prop:s0 |
| 37 | dumpstate.options u:object_r:dumpstate_options_prop:s0 |
| 38 | llk. u:object_r:llkd_prop:s0 |
| 39 | khungtask. u:object_r:llkd_prop:s0 |
| 40 | ro.llk. u:object_r:llkd_prop:s0 |
| 41 | ro.khungtask. u:object_r:llkd_prop:s0 |
| 42 | log. u:object_r:log_prop:s0 |
| 43 | log.tag u:object_r:log_tag_prop:s0 |
| 44 | log.tag.WifiHAL u:object_r:wifi_log_prop:s0 |
| 45 | security.perf_harden u:object_r:shell_prop:s0 |
| 46 | service.adb.root u:object_r:shell_prop:s0 |
| 47 | service.adb.tcp.port u:object_r:shell_prop:s0 |
| 48 | |
| 49 | persist.audio. u:object_r:audio_prop:s0 |
| 50 | persist.bluetooth. u:object_r:bluetooth_prop:s0 |
| 51 | persist.debug. u:object_r:persist_debug_prop:s0 |
| 52 | persist.logd. u:object_r:logd_prop:s0 |
| 53 | ro.logd. u:object_r:logd_prop:s0 |
| 54 | persist.logd.security u:object_r:device_logging_prop:s0 |
| 55 | persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0 |
| 56 | logd.logpersistd u:object_r:logpersistd_logging_prop:s0 |
| 57 | persist.log.tag u:object_r:log_tag_prop:s0 |
| 58 | persist.mmc. u:object_r:mmc_prop:s0 |
| 59 | persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0 |
| 60 | persist.sys. u:object_r:system_prop:s0 |
| 61 | persist.sys.safemode u:object_r:safemode_prop:s0 |
| 62 | persist.sys.fflag.override.settings_dynamic_system u:object_r:dynamic_system_prop:s0 |
| 63 | ro.sys.safemode u:object_r:safemode_prop:s0 |
| 64 | persist.sys.audit_safemode u:object_r:safemode_prop:s0 |
| 65 | persist.service. u:object_r:system_prop:s0 |
| 66 | persist.service.bdroid. u:object_r:bluetooth_prop:s0 |
| 67 | persist.security. u:object_r:system_prop:s0 |
| 68 | persist.traced.enable u:object_r:traced_enabled_prop:s0 |
| 69 | traced.lazy. u:object_r:traced_lazy_prop:s0 |
| 70 | persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0 |
| 71 | persist.vendor.overlay. u:object_r:overlay_prop:s0 |
| 72 | ro.boot.vendor.overlay. u:object_r:overlay_prop:s0 |
| 73 | ro.boottime. u:object_r:boottime_prop:s0 |
| 74 | ro.serialno u:object_r:serialno_prop:s0 |
| 75 | ro.boot.btmacaddr u:object_r:bluetooth_prop:s0 |
| 76 | ro.boot.serialno u:object_r:serialno_prop:s0 |
| 77 | ro.bt. u:object_r:bluetooth_prop:s0 |
| 78 | ro.boot.bootreason u:object_r:bootloader_boot_reason_prop:s0 |
| 79 | persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0 |
| 80 | sys.boot.reason u:object_r:system_boot_reason_prop:s0 |
| 81 | sys.boot.reason.last u:object_r:last_boot_reason_prop:s0 |
| 82 | pm. u:object_r:pm_prop:s0 |
| 83 | test.sys.boot.reason u:object_r:test_boot_reason_prop:s0 |
| 84 | sys.lmk. u:object_r:system_lmk_prop:s0 |
| 85 | sys.trace. u:object_r:system_trace_prop:s0 |
| 86 | |
| 87 | # Boolean property set by system server upon boot indicating |
| 88 | # if device owner is provisioned. |
| 89 | ro.device_owner u:object_r:device_logging_prop:s0 |
| 90 | |
| 91 | # selinux non-persistent properties |
| 92 | selinux.restorecon_recursive u:object_r:restorecon_prop:s0 |
| 93 | |
| 94 | # default property context |
| 95 | * u:object_r:default_prop:s0 |
| 96 | |
| 97 | # data partition encryption properties |
| 98 | vold. u:object_r:vold_prop:s0 |
| 99 | ro.crypto. u:object_r:vold_prop:s0 |
| 100 | |
| 101 | # ro.build.fingerprint is either set in /system/build.prop, or is |
| 102 | # set at runtime by system_server. |
| 103 | ro.build.fingerprint u:object_r:fingerprint_prop:s0 |
| 104 | |
| 105 | ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0 |
| 106 | |
| 107 | # ctl properties |
| 108 | ctl.bootanim u:object_r:ctl_bootanim_prop:s0 |
| 109 | ctl.android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0 |
| 110 | ctl.dumpstate u:object_r:ctl_dumpstate_prop:s0 |
| 111 | ctl.fuse_ u:object_r:ctl_fuse_prop:s0 |
| 112 | ctl.mdnsd u:object_r:ctl_mdnsd_prop:s0 |
| 113 | ctl.ril-daemon u:object_r:ctl_rildaemon_prop:s0 |
| 114 | ctl.bugreport u:object_r:ctl_bugreport_prop:s0 |
| 115 | ctl.console u:object_r:ctl_console_prop:s0 |
| 116 | ctl. u:object_r:ctl_default_prop:s0 |
| 117 | |
| 118 | # Don't allow blind access to all services |
| 119 | ctl.sigstop_on$ u:object_r:ctl_sigstop_prop:s0 |
| 120 | ctl.sigstop_off$ u:object_r:ctl_sigstop_prop:s0 |
| 121 | ctl.start$ u:object_r:ctl_start_prop:s0 |
| 122 | ctl.stop$ u:object_r:ctl_stop_prop:s0 |
| 123 | ctl.restart$ u:object_r:ctl_restart_prop:s0 |
| 124 | ctl.interface_start$ u:object_r:ctl_interface_start_prop:s0 |
| 125 | ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0 |
| 126 | ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0 |
| 127 | |
| 128 | # Restrict access to starting/stopping adbd |
| 129 | ctl.start$adbd u:object_r:ctl_adbd_prop:s0 |
| 130 | ctl.stop$adbd u:object_r:ctl_adbd_prop:s0 |
| 131 | ctl.restart$adbd u:object_r:ctl_adbd_prop:s0 |
| 132 | |
| 133 | # Restrict access to starting/stopping gsid. |
| 134 | ctl.start$gsid u:object_r:ctl_gsid_prop:s0 |
| 135 | ctl.stop$gsid u:object_r:ctl_gsid_prop:s0 |
| 136 | ctl.restart$gsid u:object_r:ctl_gsid_prop:s0 |
| 137 | |
| 138 | # NFC properties |
| 139 | nfc. u:object_r:nfc_prop:s0 |
| 140 | |
| 141 | # These properties are not normally set by processes other than init. |
| 142 | # They are only distinguished here for setting by qemu-props on the |
| 143 | # emulator/goldfish. |
| 144 | config. u:object_r:config_prop:s0 |
| 145 | ro.config. u:object_r:config_prop:s0 |
| 146 | dalvik. u:object_r:dalvik_prop:s0 |
| 147 | ro.dalvik. u:object_r:dalvik_prop:s0 |
| 148 | |
| 149 | # Shared between system server and wificond |
| 150 | wlan. u:object_r:wifi_prop:s0 |
| 151 | |
| 152 | # Lowpan properties |
| 153 | lowpan. u:object_r:lowpan_prop:s0 |
| 154 | ro.lowpan. u:object_r:lowpan_prop:s0 |
| 155 | |
| 156 | # heapprofd properties |
| 157 | heapprofd. u:object_r:heapprofd_prop:s0 |
| 158 | |
| 159 | # hwservicemanager properties |
| 160 | hwservicemanager. u:object_r:hwservicemanager_prop:s0 |
| 161 | |
| 162 | # Common default properties for vendor and odm. |
| 163 | init.svc.odm. u:object_r:vendor_default_prop:s0 |
| 164 | init.svc.vendor. u:object_r:vendor_default_prop:s0 |
| 165 | ro.hardware. u:object_r:vendor_default_prop:s0 |
| 166 | ro.odm. u:object_r:vendor_default_prop:s0 |
| 167 | ro.vendor. u:object_r:vendor_default_prop:s0 |
| 168 | odm. u:object_r:vendor_default_prop:s0 |
| 169 | persist.odm. u:object_r:vendor_default_prop:s0 |
| 170 | persist.vendor. u:object_r:vendor_default_prop:s0 |
| 171 | vendor. u:object_r:vendor_default_prop:s0 |
| 172 | # ro.boot. properties are set based on kernel commandline arguments, which are vendor owned. |
| 173 | ro.boot. u:object_r:exported2_default_prop:s0 |
| 174 | |
| 175 | # Properties that relate to time / time zone detection behavior. |
| 176 | persist.time. u:object_r:time_prop:s0 |
| 177 | |
| 178 | # Properties that relate to server configurable flags |
| 179 | device_config.reset_performed u:object_r:device_config_reset_performed_prop:s0 |
| 180 | persist.device_config.activity_manager_native_boot. u:object_r:device_config_activity_manager_native_boot_prop:s0 |
| 181 | persist.device_config.attempted_boot_count u:object_r:device_config_boot_count_prop:s0 |
| 182 | persist.device_config.input_native_boot. u:object_r:device_config_input_native_boot_prop:s0 |
| 183 | persist.device_config.netd_native. u:object_r:device_config_netd_native_prop:s0 |
| 184 | persist.device_config.runtime_native. u:object_r:device_config_runtime_native_prop:s0 |
| 185 | persist.device_config.runtime_native_boot. u:object_r:device_config_runtime_native_boot_prop:s0 |
| 186 | persist.device_config.media_native. u:object_r:device_config_media_native_prop:s0 |
| 187 | |
| 188 | # Properties that relate to legacy server configurable flags |
| 189 | |
| 190 | apexd. u:object_r:apexd_prop:s0 |
| 191 | persist.apexd. u:object_r:apexd_prop:s0 |
| 192 | |
| 193 | bpf.progs_loaded u:object_r:bpf_progs_loaded_prop:s0 |
| 194 | |
| 195 | gsid. u:object_r:gsid_prop:s0 |
| 196 | ro.gsid. u:object_r:gsid_prop:s0 |
| 197 | |
| 198 | # Property for disabling NNAPI vendor extensions on product image (used on GSI /product image, |
| 199 | # which can't use NNAPI vendor extensions). |
| 200 | ro.nnapi.extensions.deny_on_product u:object_r:nnapi_ext_deny_product_prop:s0 |