1##########################
2# property service keys
3#
4#
5net.rmnet               u:object_r:net_radio_prop:s0
6net.gprs                u:object_r:net_radio_prop:s0
7net.ppp                 u:object_r:net_radio_prop:s0
8net.qmi                 u:object_r:net_radio_prop:s0
9net.lte                 u:object_r:net_radio_prop:s0
10net.cdma                u:object_r:net_radio_prop:s0
11net.dns                 u:object_r:net_dns_prop:s0
12sys.usb.config          u:object_r:system_radio_prop:s0
13ril.                    u:object_r:radio_prop:s0
14ro.ril.                 u:object_r:radio_prop:s0
15gsm.                    u:object_r:radio_prop:s0
16persist.radio           u:object_r:radio_prop:s0
17
18net.                    u:object_r:system_prop:s0
19dev.                    u:object_r:system_prop:s0
20ro.runtime.             u:object_r:system_prop:s0
21ro.runtime.firstboot    u:object_r:firstboot_prop:s0
22hw.                     u:object_r:system_prop:s0
23ro.hw.                  u:object_r:system_prop:s0
24sys.                    u:object_r:system_prop:s0
25sys.cppreopt            u:object_r:cppreopt_prop:s0
26sys.lpdumpd             u:object_r:lpdumpd_prop:s0
27sys.powerctl            u:object_r:powerctl_prop:s0
28sys.usb.ffs.            u:object_r:ffs_prop:s0
29service.                u:object_r:system_prop:s0
30dhcp.                   u:object_r:dhcp_prop:s0
31dhcp.bt-pan.result      u:object_r:pan_result_prop:s0
32bluetooth.              u:object_r:bluetooth_prop:s0
33
34debug.                  u:object_r:debug_prop:s0
35debug.db.               u:object_r:debuggerd_prop:s0
36dumpstate.              u:object_r:dumpstate_prop:s0
37dumpstate.options       u:object_r:dumpstate_options_prop:s0
38llk.                    u:object_r:llkd_prop:s0
39khungtask.              u:object_r:llkd_prop:s0
40ro.llk.                 u:object_r:llkd_prop:s0
41ro.khungtask.           u:object_r:llkd_prop:s0
42log.                    u:object_r:log_prop:s0
43log.tag                 u:object_r:log_tag_prop:s0
44log.tag.WifiHAL         u:object_r:wifi_log_prop:s0
45security.perf_harden    u:object_r:shell_prop:s0
46service.adb.root        u:object_r:shell_prop:s0
47service.adb.tcp.port    u:object_r:shell_prop:s0
48
49persist.audio.          u:object_r:audio_prop:s0
50persist.bluetooth.      u:object_r:bluetooth_prop:s0
51persist.debug.          u:object_r:persist_debug_prop:s0
52persist.logd.           u:object_r:logd_prop:s0
53ro.logd.                u:object_r:logd_prop:s0
54persist.logd.security   u:object_r:device_logging_prop:s0
55persist.logd.logpersistd        u:object_r:logpersistd_logging_prop:s0
56logd.logpersistd        u:object_r:logpersistd_logging_prop:s0
57persist.log.tag         u:object_r:log_tag_prop:s0
58persist.mmc.            u:object_r:mmc_prop:s0
59persist.netd.stable_secret      u:object_r:netd_stable_secret_prop:s0
60persist.sys.            u:object_r:system_prop:s0
61persist.sys.safemode    u:object_r:safemode_prop:s0
62persist.sys.theme       u:object_r:theme_prop:s0
63persist.sys.fflag.override.settings_dynamic_system    u:object_r:dynamic_system_prop:s0
64ro.sys.safemode         u:object_r:safemode_prop:s0
65persist.sys.audit_safemode      u:object_r:safemode_prop:s0
66persist.service.        u:object_r:system_prop:s0
67persist.service.bdroid. u:object_r:bluetooth_prop:s0
68persist.security.       u:object_r:system_prop:s0
69persist.traced.enable   u:object_r:traced_enabled_prop:s0
70traced.lazy.            u:object_r:traced_lazy_prop:s0
71persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0
72persist.vendor.overlay.  u:object_r:overlay_prop:s0
73ro.boot.vendor.overlay.  u:object_r:overlay_prop:s0
74ro.boottime.             u:object_r:boottime_prop:s0
75ro.serialno             u:object_r:serialno_prop:s0
76ro.boot.btmacaddr       u:object_r:bluetooth_prop:s0
77ro.boot.serialno        u:object_r:serialno_prop:s0
78ro.bt.                  u:object_r:bluetooth_prop:s0
79ro.boot.bootreason      u:object_r:bootloader_boot_reason_prop:s0
80persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0
81sys.boot.reason         u:object_r:system_boot_reason_prop:s0
82sys.boot.reason.last    u:object_r:last_boot_reason_prop:s0
83pm.                     u:object_r:pm_prop:s0
84test.sys.boot.reason    u:object_r:test_boot_reason_prop:s0
85sys.lmk.                u:object_r:system_lmk_prop:s0
86sys.trace.              u:object_r:system_trace_prop:s0
87
88# Boolean property set by system server upon boot indicating
89# if device owner is provisioned.
90ro.device_owner         u:object_r:device_logging_prop:s0
91
92# selinux non-persistent properties
93selinux.restorecon_recursive   u:object_r:restorecon_prop:s0
94
95# default property context
96*                       u:object_r:default_prop:s0
97
98# data partition encryption properties
99vold.                   u:object_r:vold_prop:s0
100ro.crypto.              u:object_r:vold_prop:s0
101
102# ro.build.fingerprint is either set in /system/build.prop, or is
103# set at runtime by system_server.
104ro.build.fingerprint    u:object_r:fingerprint_prop:s0
105
106ro.persistent_properties.ready  u:object_r:persistent_properties_ready_prop:s0
107
108# ctl properties
109ctl.bootanim            u:object_r:ctl_bootanim_prop:s0
110ctl.dumpstate           u:object_r:ctl_dumpstate_prop:s0
111ctl.fuse_               u:object_r:ctl_fuse_prop:s0
112ctl.mdnsd               u:object_r:ctl_mdnsd_prop:s0
113ctl.ril-daemon          u:object_r:ctl_rildaemon_prop:s0
114ctl.bugreport           u:object_r:ctl_bugreport_prop:s0
115ctl.console             u:object_r:ctl_console_prop:s0
116ctl.                    u:object_r:ctl_default_prop:s0
117
118# Don't allow blind access to all services
119ctl.sigstop_on$         u:object_r:ctl_sigstop_prop:s0
120ctl.sigstop_off$        u:object_r:ctl_sigstop_prop:s0
121ctl.start$              u:object_r:ctl_start_prop:s0
122ctl.stop$               u:object_r:ctl_stop_prop:s0
123ctl.restart$            u:object_r:ctl_restart_prop:s0
124ctl.interface_start$    u:object_r:ctl_interface_start_prop:s0
125ctl.interface_stop$     u:object_r:ctl_interface_stop_prop:s0
126ctl.interface_restart$  u:object_r:ctl_interface_restart_prop:s0
127
128 # Restrict access to starting/stopping adbd
129ctl.start$adbd             u:object_r:ctl_adbd_prop:s0
130ctl.stop$adbd              u:object_r:ctl_adbd_prop:s0
131ctl.restart$adbd           u:object_r:ctl_adbd_prop:s0
132
133# Restrict access to starting/stopping gsid.
134ctl.start$gsid          u:object_r:ctl_gsid_prop:s0
135ctl.stop$gsid           u:object_r:ctl_gsid_prop:s0
136ctl.restart$gsid        u:object_r:ctl_gsid_prop:s0
137
138# Restrict access to restart dumpstate
139ctl.interface_restart$android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0
140
141# NFC properties
142nfc.                    u:object_r:nfc_prop:s0
143
144# These properties are not normally set by processes other than init.
145# They are only distinguished here for setting by qemu-props on the
146# emulator/goldfish.
147config.                 u:object_r:config_prop:s0
148ro.config.              u:object_r:config_prop:s0
149dalvik.                 u:object_r:dalvik_prop:s0
150ro.dalvik.              u:object_r:dalvik_prop:s0
151
152# Shared between system server and wificond
153wlan.                   u:object_r:wifi_prop:s0
154
155# Lowpan properties
156lowpan.                 u:object_r:lowpan_prop:s0
157ro.lowpan.              u:object_r:lowpan_prop:s0
158
159# heapprofd properties
160heapprofd.              u:object_r:heapprofd_prop:s0
161
162# hwservicemanager properties
163hwservicemanager.       u:object_r:hwservicemanager_prop:s0
164
165# Common default properties for vendor and odm.
166init.svc.odm.           u:object_r:vendor_default_prop:s0
167init.svc.vendor.        u:object_r:vendor_default_prop:s0
168ro.hardware.            u:object_r:vendor_default_prop:s0
169ro.odm.                 u:object_r:vendor_default_prop:s0
170ro.vendor.              u:object_r:vendor_default_prop:s0
171odm.                    u:object_r:vendor_default_prop:s0
172persist.odm.            u:object_r:vendor_default_prop:s0
173persist.vendor.         u:object_r:vendor_default_prop:s0
174vendor.                 u:object_r:vendor_default_prop:s0
175# ro.boot. properties are set based on kernel commandline arguments, which are vendor owned.
176ro.boot.                u:object_r:exported2_default_prop:s0
177
178# Properties that relate to time / time zone detection behavior.
179persist.time.           u:object_r:time_prop:s0
180
181# Properties that relate to server configurable flags
182device_config.reset_performed           u:object_r:device_config_reset_performed_prop:s0
183persist.device_config.activity_manager_native_boot. u:object_r:device_config_activity_manager_native_boot_prop:s0
184persist.device_config.attempted_boot_count        u:object_r:device_config_boot_count_prop:s0
185persist.device_config.input_native_boot. u:object_r:device_config_input_native_boot_prop:s0
186persist.device_config.netd_native.           u:object_r:device_config_netd_native_prop:s0
187persist.device_config.runtime_native.        u:object_r:device_config_runtime_native_prop:s0
188persist.device_config.runtime_native_boot.   u:object_r:device_config_runtime_native_boot_prop:s0
189persist.device_config.media_native.          u:object_r:device_config_media_native_prop:s0
190
191apexd.                  u:object_r:apexd_prop:s0
192persist.apexd.          u:object_r:apexd_prop:s0
193
194bpf.progs_loaded        u:object_r:bpf_progs_loaded_prop:s0
195
196gsid.                   u:object_r:gsid_prop:s0
197ro.gsid.                u:object_r:gsid_prop:s0
198
199# Property for disabling NNAPI vendor extensions on product image (used on GSI /product image,
200# which can't use NNAPI vendor extensions).
201ro.nnapi.extensions.deny_on_product                u:object_r:nnapi_ext_deny_product_prop:s0
202