1# dev nodes 2/dev/btpower u:object_r:bt_device:s0 3/dev/diag u:object_r:diag_device:s0 4/dev/kgsl-3d0 u:object_r:gpu_device:s0 5/dev/rtc0 u:object_r:rtc_device:s0 6/dev/smd.* u:object_r:smd_device:s0 7# TODO: does ttyMSM0 need to be more specific 8/dev/ttyMSM0 u:object_r:tty_device:s0 9/dev/ipa u:object_r:ipa_dev:s0 10/dev/wwan_ioctl u:object_r:ipa_dev:s0 11/dev/ipaNatTable u:object_r:ipa_dev:s0 12/dev/cpu_dma_latency u:object_r:latency_device:s0 13/dev/rmnet_ctrl.* u:object_r:rmnet_device:s0 14/dev/at_.* u:object_r:at_device:s0 15/dev/video([0-9])+ u:object_r:video_device:s0 16/dev/media([0-9])+ u:object_r:video_device:s0 17/dev/v4l-subdev.* u:object_r:video_device:s0 18/dev/qseecom u:object_r:tee_device:s0 19/dev/qsee_ipc_irq_spss u:object_r:qsee_ipc_irq_spss_device:s0 20/dev/seemplog u:object_r:seemplog_device:s0 21/dev/spcom u:object_r:spcom_device:s0 22/dev/jpeg[0-9]* u:object_r:video_device:s0 23/dev/adsprpc-smd u:object_r:qdsp_device:s0 24/dev/sdsprpc-smd u:object_r:dsp_device:s0 25/dev/adsprpc-smd-secure u:object_r:qdsp_device:s0 26/dev/wcd-dsp-glink u:object_r:audio_device:s0 27/dev/wcd_dsp0_control u:object_r:audio_device:s0 28/dev/wcd-spi-ac-client u:object_r:audio_device:s0 29/dev/msm_.* u:object_r:audio_device:s0 30/dev/avtimer u:object_r:avtimer_device:s0 31/dev/subsys_.* u:object_r:ssr_device:s0 32/dev/ramdump_.* u:object_r:ramdump_device:s0 33/dev/sg[0-9]+ u:object_r:sg_device:s0 34/dev/sensors u:object_r:sensors_device:s0 35/dev/mnh_sm u:object_r:easel_device:s0 36/dev/easelcomm-client u:object_r:easel_device:s0 37/dev/pn81a u:object_r:secure_element_device:s0 38# camera rainbow sensor 39/dev/vd6281 u:object_r:camera_device:s0 40# pcm device receiving rainbow sensor data 41/dev/snd/pcmC0D27c u:object_r:camera_device:s0 42/dev/snd/pcmC1D27c u:object_r:camera_device:s0 43/dev/dri/card0 u:object_r:graphics_device:s0 44/dev/dri/controlD64 u:object_r:graphics_device:s0 45/dev/dri/renderD128 u:object_r:graphics_device:s0 46 47# dev socket nodes 48/dev/socket/chre u:object_r:chre_socket:s0 49/dev/socket/msm_irqbalance u:object_r:irqbalance_socket:s0 50/dev/socket/qmux_audio(/.*)? u:object_r:qmuxd_socket:s0 51/dev/socket/qmux_bluetooth(/.*)? u:object_r:qmuxd_socket:s0 52/dev/socket/qmux_gps(/.*)? u:object_r:qmuxd_socket:s0 53/dev/socket/qmux_nfc(/.*)? u:object_r:qmuxd_socket:s0 54/dev/socket/qmux_radio(/.*)? u:object_r:qmuxd_socket:s0 55/dev/socket/ims_qmid u:object_r:ims_socket:s0 56/dev/socket/ims_datad u:object_r:ims_socket:s0 57/dev/socket/ipacm_log_file u:object_r:ipacm_socket:s0 58/dev/socket/cnd u:object_r:cnd_socket:s0 59/dev/socket/thermal-send-client u:object_r:thermal_socket:s0 60/dev/socket/thermal-recv-client u:object_r:thermal_socket:s0 61/dev/socket/thermal-recv-passive-client u:object_r:thermal_socket:s0 62/dev/socket/netmgr(/.*)? u:object_r:netmgrd_socket:s0 63/data/vendor/netmgr/recovery(/.*)? u:object_r:netmgr_recovery_data_file:s0 64/dev/socket/pps u:object_r:pps_socket:s0 65/dev/socket/location(/.*)? u:object_r:location_socket:s0 66/dev/nq-nci u:object_r:nfc_device:s0 67/dev/ttyHS0 u:object_r:hci_attach_dev:s0 68/dev/wlan u:object_r:wlan_device:s0 69/dev/socket/diag_router u:object_r:diag_socket:s0 70 71# Block device holding the GPT, where the A/B attributes are stored. 72# For eMMC storage device. 73/dev/block/mmcblk0 u:object_r:gpt_block_device:s0 74 75# For UFS storage device. 76/dev/block/sda u:object_r:gpt_block_device:s0 77 78# Block devices for the drive that holds the xbl_a and xbl_b partitions. 79/dev/block/sd[bc]1? u:object_r:xbl_block_device:s0 80 81# Block device for hal_bootctl 82/dev/block/sde u:object_r:boot_block_device:s0 83 84# Block device for ZRAM 85/dev/block/zram0 u:object_r:swap_block_device:s0 86 87# files in /vendor 88/vendor/firmware(/.*)? u:object_r:vendor_firmware_file:s0 89/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0 90 91/vendor/bin/hw/android\.hardware\.dumpstate@1\.[01]-service\.bonito u:object_r:hal_dumpstate_impl_exec:s0 92/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.fpc u:object_r:hal_fingerprint_default_exec:s0 93/vendor/bin/thermal-engine u:object_r:thermal-engine_exec:s0 94/vendor/bin/sensors\.qti u:object_r:sensors_exec:s0 95/vendor/bin/ssr_setup u:object_r:ssr_setup_exec:s0 96/vendor/bin/ssr_diag u:object_r:ssr_diag_exec:s0 97/vendor/bin/pm-service u:object_r:per_mgr_exec:s0 98/vendor/bin/pm-proxy u:object_r:per_proxy_exec:s0 99/vendor/bin/qseecomd u:object_r:tee_exec:s0 100/vendor/bin/subsystem_ramdump u:object_r:subsystem_ramdump_exec:s0 101/vendor/bin/adsprpcd u:object_r:adsprpcd_exec:s0 102/vendor/bin/cdsprpcd u:object_r:cdsprpcd_exec:s0 103/vendor/bin/irsc_util u:object_r:irsc_util_exec:s0 104/vendor/bin/rmt_storage u:object_r:rmt_storage_exec:s0 105/vendor/bin/tftp_server u:object_r:rfs_access_exec:s0 106/vendor/bin/cnss-daemon u:object_r:wcnss_service_exec:s0 107/vendor/bin/cnss_diag u:object_r:wcnss_service_exec:s0 108/vendor/bin/diag_mdlog u:object_r:qlogd_exec:s0 109/vendor/bin/netmgrd u:object_r:netmgrd_exec:s0 110/vendor/bin/port-bridge u:object_r:port-bridge_exec:s0 111/vendor/bin/qti u:object_r:qti_exec:s0 112/vendor/bin/ramdump u:object_r:ramdump_exec:s0 113/vendor/bin/smlog_dump u:object_r:smlog_dump_exec:s0 114/vendor/bin/loc_launcher u:object_r:location_exec:s0 115/vendor/bin/lowi-server u:object_r:location_exec:s0 116/vendor/bin/xtra-daemon u:object_r:location_exec:s0 117/vendor/bin/pd-mapper u:object_r:pd_mapper_exec:s0 118/vendor/bin/imsqmidaemon u:object_r:ims_exec:s0 119/vendor/bin/imsdatadaemon u:object_r:ims_exec:s0 120/vendor/bin/ims_rtp_daemon u:object_r:hal_imsrtp_exec:s0 121/vendor/bin/ipacm u:object_r:hal_tetheroffload_default_exec:s0 122/vendor/bin/ipacm-diag u:object_r:hal_tetheroffload_default_exec:s0 123/vendor/bin/msm_irqbalance u:object_r:irqbalance_exec:s0 124/vendor/bin/cnd u:object_r:cnd_exec:s0 125/vendor/bin/easelmanagerd u:object_r:easel_exec:s0 126/vendor/bin/hw/android\.hardware\.usb@1\.1-service\.bonito u:object_r:hal_usb_impl_exec:s0 127/vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.pixel u:object_r:hal_thermal_default_exec:s0 128/vendor/bin/chre u:object_r:chre_exec:s0 129/vendor/bin/time_daemon u:object_r:time_daemon_exec:s0 130/vendor/bin/tcpdump_logger u:object_r:tcpdump_logger_exec:s0 131/vendor/bin/imsrcsd u:object_r:hal_rcsservice_exec:s0 132/vendor/bin/init\.qcom\.devstart\.sh u:object_r:init-qcom-devstart-sh_exec:s0 133/vendor/bin/init\.qcom\.ipastart\.sh u:object_r:init-qcom-ipastart-sh_exec:s0 134/vendor/bin/init\.qcom\.wlan\.sh u:object_r:init-qcom-wlan-sh_exec:s0 135/vendor/bin/init\.insmod\.sh u:object_r:init-insmod-sh_exec:s0 136/vendor/etc/init\.insmod\.cfg u:object_r:init-insmod-sh_exec:s0 137/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0 138/vendor/bin/ftmdaemon u:object_r:ftmd_exec:s0 139/vendor/bin/hw/qcrild u:object_r:rild_exec:s0 140/vendor/bin/mm-pp-dpps u:object_r:mm-pp-daemon_exec:s0 141/vendor/bin/grep u:object_r:vendor_grep_exec:s0 142/vendor/bin/wifi_sniffer u:object_r:wifi_sniffer_exec:s0 143 144/vendor/bin/hw/android\.hardware\.confirmationui@1\.0-service-bonito u:object_r:hal_confirmationui_default_exec:s0 145/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0 146/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service\.widevine u:object_r:hal_drm_widevine_exec:s0 147/vendor/bin/hw/android\.hardware\.vibrator@1\.2-service\.bonito u:object_r:hal_vibrator_default_exec:s0 148/vendor/bin/hw/android\.hardware\.keymaster@4\.0-service-qti u:object_r:hal_keymaster_qti_exec:s0 149/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service-qti u:object_r:hal_gatekeeper_qti_exec:s0 150/vendor/bin/hw/android\.hardware\.gnss@1\.1-service-qti u:object_r:hal_gnss_qti_exec:s0 151/vendor/bin/hw/android\.hardware\.bluetooth@1\.0-service-qti u:object_r:hal_bluetooth_default_exec:s0 152/vendor/bin/hw/vendor\.qti\.hardware\.tui_comm@1\.0-service-qti u:object_r:hal_tui_comm_exec:s0 153/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 154/vendor/bin/hw/android\.hardware\.neuralnetworks@1\.0-service-paintbox u:object_r:hal_neuralnetworks_paintbox_exec:s0 155/vendor/bin/hw/android\.hardware\.health@2\.0-service\.bonito u:object_r:hal_health_default_exec:s0 156/vendor/bin/hw/vendor\.qti\.media\.c2@1\.0-service u:object_r:mediacodec_exec:s0 157/vendor/bin/hw/hardware\.google\.media\.c2@1\.0-service-software u:object_r:mediacodec_exec:s0 158/vendor/bin/hw/vendor\.qti\.hardware\.display\.allocator@1\.0-service u:object_r:hal_graphics_allocator_default_exec:s0 159/vendor/bin/hw/vendor\.google\.wireless_charger@1\.0-service-vendor u:object_r:hal_wlc_exec:s0 160 161############################################### 162# same-process HAL files and their dependencies 163# 164/vendor/lib(64)?/hw/android\.hardware\.graphics\.mapper@2\.0-impl-qti-display\.so u:object_r:same_process_hal_file:s0 165/vendor/lib(64)?/libgrallocutils\.so u:object_r:same_process_hal_file:s0 166/vendor/lib(64)?/libgralloccore\.so u:object_r:same_process_hal_file:s0 167/vendor/lib(64)?/libqdMetaData\.so u:object_r:same_process_hal_file:s0 168/vendor/lib(64)?/lib_aion_buffer\.so u:object_r:same_process_hal_file:s0 169/vendor/lib(64)?/libqservice\.so u:object_r:same_process_hal_file:s0 170/vendor/lib(64)?/libqdutils\.so u:object_r:same_process_hal_file:s0 171/vendor/lib(64)?/libadreno_utils\.so u:object_r:same_process_hal_file:s0 172/vendor/lib(64)?/libgsl\.so u:object_r:same_process_hal_file:s0 173 174/vendor/lib(64)?/libEGL_adreno\.so u:object_r:same_process_hal_file:s0 175 176/vendor/lib(64)?/libdrmutils\.so u:object_r:same_process_hal_file:s0 177/vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0 178 179# /vendor/app/TimeService/TimeService.apk 180/vendor/lib(64)?/libTimeService\.so u:object_r:same_process_hal_file:s0 181/vendor/lib(64)?/libtime_genoff\.so u:object_r:same_process_hal_file:s0 182 183# RenderScript dependencies. 184# To test: run cts -m CtsRenderscriptTestCases 185/vendor/lib(64)?/libRSDriver_adreno\.so u:object_r:same_process_hal_file:s0 186/vendor/lib(64)?/libCB\.so u:object_r:same_process_hal_file:s0 187/vendor/lib(64)?/libllvm-qgl\.so u:object_r:same_process_hal_file:s0 188/vendor/lib(64)?/libbccQTI\.so u:object_r:same_process_hal_file:s0 189/vendor/lib(64)?/libllvm-qcom\.so u:object_r:same_process_hal_file:s0 190/vendor/lib(64)?/librs_adreno\.so u:object_r:same_process_hal_file:s0 191/vendor/lib(64)?/librs_adreno_sha1\.so u:object_r:same_process_hal_file:s0 192 193# libGLESv2_adreno depends on this 194/vendor/lib(64)?/libllvm-glnext\.so u:object_r:same_process_hal_file:s0 195 196# Hexagon DSP-side executable needed for Halide operation 197# This is labeled as same_process_hal_file as it needs to be read by apps 198# (e.g. Google Camera App) 199/vendor/lib/dsp/cdsp/fastrpc_shell_3 u:object_r:same_process_hal_file:s0 200 201# Vendor libs that are exposed to apps (those listed in /vendor/etc/public.libraries.txt 202# and their dependencies) 203# 204/vendor/lib(64)?/libOpenCL-pixel\.so u:object_r:same_process_hal_file:s0 205/vendor/lib(64)?/libOpenCL\.so u:object_r:same_process_hal_file:s0 206/vendor/lib(64)?/libadsprpc\.so u:object_r:same_process_hal_file:s0 207/vendor/lib(64)?/libcdsprpc\.so u:object_r:same_process_hal_file:s0 208/vendor/lib(64)?/libsdsprpc\.so u:object_r:same_process_hal_file:s0 209/vendor/lib(64)?/libeaselmanager_client\.so u:object_r:same_process_hal_file:s0 210/vendor/lib(64)?/vendor\.google_paintbox@1\.0\.so u:object_r:same_process_hal_file:s0 211 212# data files 213/data/vendor/netmgr(/.*)? u:object_r:netmgr_data_file:s0 214/data/vendor/location(/.*)? u:object_r:location_data_file:s0 215/data/nfc(/.*)? u:object_r:nfc_data_file:s0 216/data/vendor/camera(/.*)? u:object_r:camera_vendor_data_file:s0 217/data/vendor/display(/.*)? u:object_r:display_vendor_data_file:s0 218/data/vendor/nfc(/.*)? u:object_r:nfc_vendor_data_file:s0 219/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0 220/data/vendor/wifi/cnss_diag(/.*)? u:object_r:cnss_vendor_data_file:s0 221/data/vendor/wifi/wlan_logs(/.*)? u:object_r:wifi_vendor_log_data_file:s0 222/data/vendor/ramdump(/.*)? u:object_r:ramdump_vendor_data_file:s0 223/data/vendor/ssrdump(/.*)? u:object_r:ramdump_vendor_data_file:s0 224/data/vendor/wifidump(/.*)? u:object_r:wifidump_vendor_data_file:s0 225/data/vendor/modem_dump(/.*)? u:object_r:modem_dump_file:s0 226/data/vendor/ipa(/.*)? u:object_r:ipa_vendor_data_file:s0 227/data/vendor/sensors(/.*)? u:object_r:sensors_vendor_data_file:s0 228/data/vendor/rfs/mpss(/.*)? u:object_r:mpss_rfs_data_file:s0 229/data/vendor/tombstones/rfs(/.*)? u:object_r:rfs_tombstone_data_file:s0 230/data/vendor/ssrlog(/.*)? u:object_r:ssr_log_file:s0 231/data/vendor/secure_element(/.*)? u:object_r:secure_element_vendor_data_file:s0 232/data/vendor/audio(/.*)? u:object_r:audio_vendor_data_file:s0 233/data/vendor/modem_fdr(/.*)? u:object_r:modem_fdr_file:s0 234/data/vendor/connectivity(/.*)? u:object_r:cnd_data_file:s0 235/data/vendor/misc/qsee(/.*)? u:object_r:data_qsee_file:s0 236/data/vendor/mediadrm(/.*)? u:object_r:mediadrm_vendor_data_file:s0 237/data/vendor/tui(/.*)? u:object_r:vendor_tui_data_file:s0 238/data/vendor/nnhal(/.*)? u:object_r:hal_neuralnetworks_data_file:s0 239/data/vendor/modem_stat/debug\.txt u:object_r:modem_stat_data_file:s0 240/data/vendor/tcpdump_logger(/.*)? u:object_r:tcpdump_vendor_data_file:s0 241/data/vendor/time(/.*)? u:object_r:vendor_time_data_file:s0 242 243# / 244/tombstones u:object_r:rootfs:s0 245# TODO: Remove them once no need to maintain the backward compatibility. 246/dsp(/.*)? u:object_r:adsprpcd_file:s0 247 248/vendor/dsp(/.*)? u:object_r:adsprpcd_file:s0 249 250# files in firmware 251/firmware u:object_r:rootfs:s0 252/vendor/firmware_mnt(/.*)? u:object_r:vendor_firmware_file:s0 253 254# TODO: Remove them once no need to maintain the backward compatibility. (b/111219177) 255/persist u:object_r:rootfs:s0 256/dsp u:object_r:rootfs:s0 257 258# /persist 259/mnt/vendor/persist(/.*)? u:object_r:persist_file:s0 260/mnt/vendor/persist/audio(/.*)? u:object_r:persist_audio_file:s0 261/mnt/vendor/persist/camera(/.*)? u:object_r:persist_camera_file:s0 262/mnt/vendor/persist/data(/.*)? u:object_r:persist_data_file:s0 263/mnt/vendor/persist/display(/.*)? u:object_r:persist_display_file:s0 264/mnt/vendor/persist/drm(/.*)? u:object_r:persist_drm_file:s0 265/mnt/vendor/persist/haptics(/.*)? u:object_r:persist_haptics_file:s0 266/mnt/vendor/persist/hlos_rfs(/.*)? u:object_r:persist_rfs_file:s0 267/mnt/vendor/persist/rfs(/.*)? u:object_r:persist_rfs_file:s0 268/mnt/vendor/persist/sensors(/.*)? u:object_r:persist_sensors_file:s0 269/mnt/vendor/persist/time(/.*)? u:object_r:persist_time_file:s0 270 271# b/70518189 vDSO experiments 272/sys/module/vdso/parameters u:object_r:sysfs_vdso:s0 273 274# eSIM 275/sys/firmware/devicetree/base/chosen/cdt/cdb2/esim u:object_r:sysfs_esim:s0 276 277# vendor-provided system HAL 278/system/bin/hw/hardware\.google\.pixelstats@1\.0-service u:object_r:pixelstats_system_exec:s0 279