sepolicy/file_contexts - device/google/marlin - Git at Google

 /dev/at_.*                     u:object_r:at_device:s0
 /dev/avtimer                   u:object_r:avtimer_device:s0
 /dev/adsprpc-smd               u:object_r:adsprpcd_device:s0
 /dev/diag                      u:object_r:diag_device:s0
 /dev/jpeg[0-9]+                u:object_r:camera_device:s0
 /dev/kgsl-3d0                  u:object_r:gpu_device:s0
 /dev/mdss_rotator              u:object_r:graphics_device:s0
 /dev/media([0-9])+             u:object_r:camera_device:s0
 /dev/nanohub                   u:object_r:sensors_device:s0
 /dev/nanohub_comms             u:object_r:sensors_device:s0
 /dev/qseecom                   u:object_r:tee_device:s0
 /dev/ramdump_.*                u:object_r:ramdump_device:s0
 /dev/sdsprpc-smd               u:object_r:sdsprpc_device:s0
 /dev/sg[0-9]+                  u:object_r:sg_device:s0
 /dev/subsys_.*                 u:object_r:ssr_device:s0
 /dev/msm_thermal_query         u:object_r:thermal_device:s0
 /dev/ttyHS0                    u:object_r:hci_attach_dev:s0
 /dev/ttyHSL0                   u:object_r:console_device:s0
 /dev/v4l-subdev.*              u:object_r:video_device:s0
 /dev/socket/cnd                                 u:object_r:cnd_socket:s0
 /dev/socket/ims_.*                              u:object_r:ims_socket:s0
 /dev/socket/msm_irqbalance                      u:object_r:irqbalance_socket:s0
 /dev/socket/netmgr(/.*)?                        u:object_r:netmgrd_socket:s0
 /dev/socket/nims                                u:object_r:cnd_socket:s0
 /dev/socket/qmux_audio(/.*)?                    u:object_r:qmuxd_socket:s0
 /dev/socket/qmux_bluetooth(/.*)?                u:object_r:qmuxd_socket:s0
 /dev/socket/qmux_gps(/.*)?                      u:object_r:qmuxd_socket:s0
 /dev/socket/qmux_radio(/.*)?                    u:object_r:qmuxd_socket:s0
 /dev/socket/qmux_nfc(/.*)?                      u:object_r:qmuxd_socket:s0
 /dev/socket/thermal-send-client                 u:object_r:thermal_socket:s0
 /dev/socket/thermal-recv-client                 u:object_r:thermal_socket:s0
 /dev/socket/thermal-recv-passive-client         u:object_r:thermal_socket:s0
 /dev/msm_audio_cal             u:object_r:audio_cal_device:s0
 /dev/msm_rtac                  u:object_r:audio_cal_device:s0
 /dev/pn551                     u:object_r:nfc_device:s0

 # A/B partitions.
 /dev/block/platform/soc/624000\.ufshc/by-name/aboot_[ab]        u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/apdp_[ab]         u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/boot_[ab]         u:object_r:boot_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/bootlocker_[ab]   u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/cmnlib32_[ab]     u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/cmnlib64_[ab]     u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/devcfg_[ab]       u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/hosd_[ab]         u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/hyp_[ab]          u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/keymaster_[ab]    u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/keystore_[ab]     u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/modem_[ab]        u:object_r:modem_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/msadp_[ab]        u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/pmic_[ab]         u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/rpm_[ab]          u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/system_[ab]       u:object_r:system_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/tz_[ab]           u:object_r:custom_ab_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/vendor_[ab]       u:object_r:system_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/xbl_[ab]          u:object_r:xbl_block_device:s0

 # Block device holding the GPT, where the A/B attributes are stored.
 /dev/block/platform/soc/624000\.ufshc/sda                    u:object_r:gpt_block_device:s0

 # Block devices for the drive that holds the xbl_a and xbl_b partitions.
 /dev/block/platform/soc/624000\.ufshc/sd[bc]                 u:object_r:xbl_block_device:s0

 # Other, non-A/B partitions.
 /dev/block/platform/soc/624000\.ufshc/by-name/frp           u:object_r:frp_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/userdata      u:object_r:userdata_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/misc          u:object_r:misc_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/metadata      u:object_r:metadata_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/fsc           u:object_r:modem_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/fsg           u:object_r:modem_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/modemst1      u:object_r:modem_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/modemst2      u:object_r:modem_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/ssd           u:object_r:ssd_block_device:s0
 /dev/block/platform/soc/624000\.ufshc/by-name/ramdump       u:object_r:ramdump_block_device:s0
 /dev/block/zram0                                            u:object_r:swap_block_device:s0

 # files in firmware
 /firmware(/.*)?         u:object_r:firmware_file:s0

 # files in /system
 /system/bin/irsc_util              u:object_r:irsc_util_exec:s0
 /system/bin/mm-pp-dpps             u:object_r:mm-pp-daemon_exec:s0
 /system/bin/pm-service             u:object_r:per_mgr_exec:s0
 /system/bin/pm-proxy               u:object_r:per_proxy_exec:s0
 /system/bin/rmt_storage            u:object_r:rmt_exec:s0
 /system/bin/time_daemon            u:object_r:time_exec:s0
 /system/bin/wcnss_filter           u:object_r:wcnss_filter_exec:s0
 /system/bin/nanoapp_cmd            u:object_r:nanoapp_cmd_exec:s0
 /system/bin/netmgrd                u:object_r:netmgrd_exec:s0
 /system/bin/qmuxd                  u:object_r:qmuxd_exec:s0
 /system/bin/init\.qcom\.qseecomd\.sh u:object_r:init-qcom-qseecomd-sh_exec:s0
 /system/bin/mm-qcamera-daemon      u:object_r:camera_exec:s0
 /system/bin/port-bridge            u:object_r:port-bridge_exec:s0
 /system/bin/loc_launcher           u:object_r:location_exec:s0
 /system/bin/location-mq            u:object_r:location_exec:s0
 /system/bin/lowi-server            u:object_r:location_exec:s0
 /vendor/bin/qseecomd               u:object_r:tee_exec:s0
 /system/bin/cnd                    u:object_r:cnd_exec:s0
 /system/bin/imsdatadaemon          u:object_r:ims_exec:s0
 /system/bin/imsqmidaemon           u:object_r:ims_exec:s0
 /system/bin/ims_rtp_daemon         u:object_r:ims_exec:s0
 /system/bin/imscmservice           u:object_r:imscm_exec:s0
 /system/bin/adsprpcd               u:object_r:adsprpcd_exec:s0
 /system/bin/ATFWD-daemon           u:object_r:atfwd_exec:s0
 /system/bin/cnss-daemon            u:object_r:cnss-daemon_exec:s0
 /system/bin/cnss_diag              u:object_r:cnss_diag_exec:s0
 /system/bin/subsystem_ramdump      u:object_r:subsystem_ramdump_exec:s0
 /system/bin/ssr_setup              u:object_r:ssr_setup_exec:s0
 /system/bin/ramdump                u:object_r:htc_ramdump_exec:s0

 /system/bin/init\.mid\.sh          u:object_r:init_mid_exec:s0
 /system/bin/init\.power\.sh        u:object_r:init_power_exec:s0
 /system/bin/init\.radio\.sh        u:object_r:init_radio_exec:s0
 /system/bin/init\.foreground\.sh   u:object_r:init_foreground_exec:s0

 /system/bin/preloads_copy\.sh     u:object_r:preloads_copy_exec:s0

 # files in /vendor
 /vendor/bin/thermal-engine  u:object_r:thermal-engine_exec:s0
 /vendor/bin/perfd           u:object_r:perfd_exec:s0
 /vendor/bin/nanohub_slpi    u:object_r:nanohub_slpi_exec:s0
 /vendor/bin/msm_irqbalance  u:object_r:irqbalance_exec:s0

 # /sys
 /sys/devices/virtual/nanohub/nanohub(/.*)?       u:object_r:sysfs_nanoapp_cmd:s0
 /sys/devices/virtual/thermal(/.*)?               u:object_r:sysfs_thermal:s0
 /sys/devices/bt_qca[0-9]+/extldo                 u:object_r:sysfs_bluetooth_writable:s0
 /sys/devices/bt_qca[0-9]+/rfkill/rfkill0/state   u:object_r:sysfs_bluetooth_writable:s0
 /sys/module/msm_core(/.*)?                       u:object_r:sysfs_msm_core:s0
 /sys/devices/soc/70000\.qcom,msm-core(/.*)?      u:object_r:sysfs_msm_core:s0
 /sys/module/msm_thermal(/.*)?                    u:object_r:sysfs_thermal:s0
 /sys/module/msm_performance(/.*)?                u:object_r:sysfs_perf:s0
 /sys/devices/virtual/net(/.*)?                   u:object_r:sysfs_net:s0
 /sys/module/subsystem_restart(/.*)?              u:object_r:sysfs_msm_subsys_restart:s0
 /sys/bus/msm_subsys(/.*)?                        u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/ce0000\.qcom,venus(/.*)?        u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/b00000\.qcom,kgsl-3d0(/.*)?     u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/soc:qcom,cpubw(/.*)?            u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/soc:qcom,kgsl-hyp(/.*)?         u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/soc:qcom,cnss(/.*)?             u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/9300000\.qcom,lpass(/.*)?       u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/1c00000\.qcom,ssc(/.*)?         u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/2080000\.qcom,mss(/.*)?         u:object_r:sysfs_msm_subsys:s0
 /sys/devices/soc/600000\.qcom,pcie(/.*)?         u:object_r:sysfs_pcie:s0
 /sys/devices/soc/8c0000\.qcom,msm-cam(/.*)?      u:object_r:sysfs_camera:s0
 /sys/devices/soc/aa4000\.qcom,fd(/.*)?           u:object_r:sysfs_video:s0
 /sys/devices/soc/soc:fp_fpc1020(/.*)?            u:object_r:sysfs_fingerprint:s0
 /sys/devices/soc0(/.*)?                          u:object_r:sysfs_soc:s0
 /sys/devices/virtual/htc_laser(/.*)?             u:object_r:sysfs_camera:s0
 /sys/devices/virtual/htc_laser/laser/enable_ps_sensor u:object_r:sysfs_enable_ps_sensor:s0
 /sys/devices/soc/600000\.qcom,pcie/pci0000:00/0000:00:00\.0/0000:01:00\.0/net/wlan0(/.*)? u:object_r:sysfs_wifi:s0
 /sys/devices/soc/0\.qcom,rmtfs_sharedmem(/.*)?             u:object_r:sysfs_rmtfs:s0
 /sys/devices/soc/84000000\.qcom,rmtfs_rtel_sharedmem(/.*)? u:object_r:sysfs_rmtfs:s0
 /sys/module/lpm_levels/parameters(/.*)?                u:object_r:sysfs_power_management:s0
 /sys/devices/soc/qpnp-fg-[0-9a-f]+/power_supply/bms/capacity             u:object_r:sysfs_batteryinfo:s0
 /sys/devices/soc/qpnp-smbcharger-[0-9a-f]+/power_supply/battery/capacity u:object_r:sysfs_batteryinfo:s0

 # debugfs
 /sys/kernel/debug/msm_core(/.*)?                 u:object_r:debugfs_msm_core:s0
 /sys/kernel/debug/rmt_storage(/.*)?              u:object_r:debugfs_rmt_storage:s0
 /sys/kernel/debug/sps(/.*)?                      u:object_r:debugfs_sps:s0

 # /data
 /data/diag_logs(/.*)?            u:object_r:diag_logs:s0
 /data/nfc(/.*)?                  u:object_r:nfc_data_file:s0
 /data/time(/.*)?                 u:object_r:time_data_file:s0
 /data/ramdump(/.*)?              u:object_r:ramdump_data_file:s0
 /data/misc/location(/.*)?        u:object_r:location_data_file:s0
 /data/misc/display(/.*)?         u:object_r:display_data_file:s0

 /data/misc/perfd(/.*)?           u:object_r:perfd_data_file:s0
 /data/system/perfd(/.*)?         u:object_r:perfd_data_file:s0
 /data/misc/radio(/.*)?           u:object_r:radio_data_file:s0

 # /

 /bt_firmware(/.*)?      u:object_r:bt_firmware_file:s0
 /tombstones             u:object_r:rootfs:s0
 /dsp                    u:object_r:rootfs:s0

 # make /dev/snd/seq and /dev/snd/timer inaccessible by labeling with
 # default "device" label
 /dev/snd/seq            u:object_r:device:s0
 /dev/snd/timer          u:object_r:device:s0

 # /persist
 /persist(/.*)?          u:object_r:persist_file:s0
 /persist/data(/.*)?     u:object_r:persist_data_file:s0
 /persist/display(/.*)?  u:object_r:persist_display_file:s0
	/dev/at_.* u:object_r:at_device:s0
	/dev/avtimer u:object_r:avtimer_device:s0
	/dev/adsprpc-smd u:object_r:adsprpcd_device:s0
	/dev/diag u:object_r:diag_device:s0
	/dev/jpeg[0-9]+ u:object_r:camera_device:s0
	/dev/kgsl-3d0 u:object_r:gpu_device:s0
	/dev/mdss_rotator u:object_r:graphics_device:s0
	/dev/media([0-9])+ u:object_r:camera_device:s0
	/dev/nanohub u:object_r:sensors_device:s0
	/dev/nanohub_comms u:object_r:sensors_device:s0
	/dev/qseecom u:object_r:tee_device:s0
	/dev/ramdump_.* u:object_r:ramdump_device:s0
	/dev/sdsprpc-smd u:object_r:sdsprpc_device:s0
	/dev/sg[0-9]+ u:object_r:sg_device:s0
	/dev/subsys_.* u:object_r:ssr_device:s0
	/dev/msm_thermal_query u:object_r:thermal_device:s0
	/dev/ttyHS0 u:object_r:hci_attach_dev:s0
	/dev/ttyHSL0 u:object_r:console_device:s0
	/dev/v4l-subdev.* u:object_r:video_device:s0
	/dev/socket/cnd u:object_r:cnd_socket:s0
	/dev/socket/ims_.* u:object_r:ims_socket:s0
	/dev/socket/msm_irqbalance u:object_r:irqbalance_socket:s0
	/dev/socket/netmgr(/.*)? u:object_r:netmgrd_socket:s0
	/dev/socket/nims u:object_r:cnd_socket:s0
	/dev/socket/qmux_audio(/.*)? u:object_r:qmuxd_socket:s0
	/dev/socket/qmux_bluetooth(/.*)? u:object_r:qmuxd_socket:s0
	/dev/socket/qmux_gps(/.*)? u:object_r:qmuxd_socket:s0
	/dev/socket/qmux_radio(/.*)? u:object_r:qmuxd_socket:s0
	/dev/socket/qmux_nfc(/.*)? u:object_r:qmuxd_socket:s0
	/dev/socket/thermal-send-client u:object_r:thermal_socket:s0
	/dev/socket/thermal-recv-client u:object_r:thermal_socket:s0
	/dev/socket/thermal-recv-passive-client u:object_r:thermal_socket:s0
	/dev/msm_audio_cal u:object_r:audio_cal_device:s0
	/dev/msm_rtac u:object_r:audio_cal_device:s0
	/dev/pn551 u:object_r:nfc_device:s0

	# A/B partitions.
	/dev/block/platform/soc/624000\.ufshc/by-name/aboot_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/apdp_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/boot_[ab] u:object_r:boot_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/bootlocker_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/cmnlib32_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/cmnlib64_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/devcfg_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/hosd_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/hyp_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/keymaster_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/keystore_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/modem_[ab] u:object_r:modem_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/msadp_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/pmic_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/rpm_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/system_[ab] u:object_r:system_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/tz_[ab] u:object_r:custom_ab_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/vendor_[ab] u:object_r:system_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/xbl_[ab] u:object_r:xbl_block_device:s0

	# Block device holding the GPT, where the A/B attributes are stored.
	/dev/block/platform/soc/624000\.ufshc/sda u:object_r:gpt_block_device:s0

	# Block devices for the drive that holds the xbl_a and xbl_b partitions.
	/dev/block/platform/soc/624000\.ufshc/sd[bc] u:object_r:xbl_block_device:s0

	# Other, non-A/B partitions.
	/dev/block/platform/soc/624000\.ufshc/by-name/frp u:object_r:frp_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/userdata u:object_r:userdata_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/misc u:object_r:misc_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/metadata u:object_r:metadata_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/fsc u:object_r:modem_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/fsg u:object_r:modem_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/modemst1 u:object_r:modem_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/modemst2 u:object_r:modem_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/ssd u:object_r:ssd_block_device:s0
	/dev/block/platform/soc/624000\.ufshc/by-name/ramdump u:object_r:ramdump_block_device:s0
	/dev/block/zram0 u:object_r:swap_block_device:s0

	# files in firmware
	/firmware(/.*)? u:object_r:firmware_file:s0

	# files in /system
	/system/bin/irsc_util u:object_r:irsc_util_exec:s0
	/system/bin/mm-pp-dpps u:object_r:mm-pp-daemon_exec:s0
	/system/bin/pm-service u:object_r:per_mgr_exec:s0
	/system/bin/pm-proxy u:object_r:per_proxy_exec:s0
	/system/bin/rmt_storage u:object_r:rmt_exec:s0
	/system/bin/time_daemon u:object_r:time_exec:s0
	/system/bin/wcnss_filter u:object_r:wcnss_filter_exec:s0
	/system/bin/nanoapp_cmd u:object_r:nanoapp_cmd_exec:s0
	/system/bin/netmgrd u:object_r:netmgrd_exec:s0
	/system/bin/qmuxd u:object_r:qmuxd_exec:s0
	/system/bin/init\.qcom\.qseecomd\.sh u:object_r:init-qcom-qseecomd-sh_exec:s0
	/system/bin/mm-qcamera-daemon u:object_r:camera_exec:s0
	/system/bin/port-bridge u:object_r:port-bridge_exec:s0
	/system/bin/loc_launcher u:object_r:location_exec:s0
	/system/bin/location-mq u:object_r:location_exec:s0
	/system/bin/lowi-server u:object_r:location_exec:s0
	/vendor/bin/qseecomd u:object_r:tee_exec:s0
	/system/bin/cnd u:object_r:cnd_exec:s0
	/system/bin/imsdatadaemon u:object_r:ims_exec:s0
	/system/bin/imsqmidaemon u:object_r:ims_exec:s0
	/system/bin/ims_rtp_daemon u:object_r:ims_exec:s0
	/system/bin/imscmservice u:object_r:imscm_exec:s0
	/system/bin/adsprpcd u:object_r:adsprpcd_exec:s0
	/system/bin/ATFWD-daemon u:object_r:atfwd_exec:s0
	/system/bin/cnss-daemon u:object_r:cnss-daemon_exec:s0
	/system/bin/cnss_diag u:object_r:cnss_diag_exec:s0
	/system/bin/subsystem_ramdump u:object_r:subsystem_ramdump_exec:s0
	/system/bin/ssr_setup u:object_r:ssr_setup_exec:s0
	/system/bin/ramdump u:object_r:htc_ramdump_exec:s0

	/system/bin/init\.mid\.sh u:object_r:init_mid_exec:s0
	/system/bin/init\.power\.sh u:object_r:init_power_exec:s0
	/system/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
	/system/bin/init\.foreground\.sh u:object_r:init_foreground_exec:s0

	/system/bin/preloads_copy\.sh u:object_r:preloads_copy_exec:s0

	# files in /vendor
	/vendor/bin/thermal-engine u:object_r:thermal-engine_exec:s0
	/vendor/bin/perfd u:object_r:perfd_exec:s0
	/vendor/bin/nanohub_slpi u:object_r:nanohub_slpi_exec:s0
	/vendor/bin/msm_irqbalance u:object_r:irqbalance_exec:s0

	# /sys
	/sys/devices/virtual/nanohub/nanohub(/.*)? u:object_r:sysfs_nanoapp_cmd:s0
	/sys/devices/virtual/thermal(/.*)? u:object_r:sysfs_thermal:s0
	/sys/devices/bt_qca[0-9]+/extldo u:object_r:sysfs_bluetooth_writable:s0
	/sys/devices/bt_qca[0-9]+/rfkill/rfkill0/state u:object_r:sysfs_bluetooth_writable:s0
	/sys/module/msm_core(/.*)? u:object_r:sysfs_msm_core:s0
	/sys/devices/soc/70000\.qcom,msm-core(/.*)? u:object_r:sysfs_msm_core:s0
	/sys/module/msm_thermal(/.*)? u:object_r:sysfs_thermal:s0
	/sys/module/msm_performance(/.*)? u:object_r:sysfs_perf:s0
	/sys/devices/virtual/net(/.*)? u:object_r:sysfs_net:s0
	/sys/module/subsystem_restart(/.*)? u:object_r:sysfs_msm_subsys_restart:s0
	/sys/bus/msm_subsys(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/ce0000\.qcom,venus(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/b00000\.qcom,kgsl-3d0(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/soc:qcom,cpubw(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/soc:qcom,kgsl-hyp(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/soc:qcom,cnss(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/9300000\.qcom,lpass(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/1c00000\.qcom,ssc(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/2080000\.qcom,mss(/.*)? u:object_r:sysfs_msm_subsys:s0
	/sys/devices/soc/600000\.qcom,pcie(/.*)? u:object_r:sysfs_pcie:s0
	/sys/devices/soc/8c0000\.qcom,msm-cam(/.*)? u:object_r:sysfs_camera:s0
	/sys/devices/soc/aa4000\.qcom,fd(/.*)? u:object_r:sysfs_video:s0
	/sys/devices/soc/soc:fp_fpc1020(/.*)? u:object_r:sysfs_fingerprint:s0
	/sys/devices/soc0(/.*)? u:object_r:sysfs_soc:s0
	/sys/devices/virtual/htc_laser(/.*)? u:object_r:sysfs_camera:s0
	/sys/devices/virtual/htc_laser/laser/enable_ps_sensor u:object_r:sysfs_enable_ps_sensor:s0
	/sys/devices/soc/600000\.qcom,pcie/pci0000:00/0000:00:00\.0/0000:01:00\.0/net/wlan0(/.*)? u:object_r:sysfs_wifi:s0
	/sys/devices/soc/0\.qcom,rmtfs_sharedmem(/.*)? u:object_r:sysfs_rmtfs:s0
	/sys/devices/soc/84000000\.qcom,rmtfs_rtel_sharedmem(/.*)? u:object_r:sysfs_rmtfs:s0
	/sys/module/lpm_levels/parameters(/.*)? u:object_r:sysfs_power_management:s0
	/sys/devices/soc/qpnp-fg-[0-9a-f]+/power_supply/bms/capacity u:object_r:sysfs_batteryinfo:s0
	/sys/devices/soc/qpnp-smbcharger-[0-9a-f]+/power_supply/battery/capacity u:object_r:sysfs_batteryinfo:s0

	# debugfs
	/sys/kernel/debug/msm_core(/.*)? u:object_r:debugfs_msm_core:s0
	/sys/kernel/debug/rmt_storage(/.*)? u:object_r:debugfs_rmt_storage:s0
	/sys/kernel/debug/sps(/.*)? u:object_r:debugfs_sps:s0

	# /data
	/data/diag_logs(/.*)? u:object_r:diag_logs:s0
	/data/nfc(/.*)? u:object_r:nfc_data_file:s0
	/data/time(/.*)? u:object_r:time_data_file:s0
	/data/ramdump(/.*)? u:object_r:ramdump_data_file:s0
	/data/misc/location(/.*)? u:object_r:location_data_file:s0
	/data/misc/display(/.*)? u:object_r:display_data_file:s0

	/data/misc/perfd(/.*)? u:object_r:perfd_data_file:s0
	/data/system/perfd(/.*)? u:object_r:perfd_data_file:s0
	/data/misc/radio(/.*)? u:object_r:radio_data_file:s0

	# /

	/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0
	/tombstones u:object_r:rootfs:s0
	/dsp u:object_r:rootfs:s0

	# make /dev/snd/seq and /dev/snd/timer inaccessible by labeling with
	# default "device" label
	/dev/snd/seq u:object_r:device:s0
	/dev/snd/timer u:object_r:device:s0

	# /persist
	/persist(/.*)? u:object_r:persist_file:s0
	/persist/data(/.*)? u:object_r:persist_data_file:s0
	/persist/display(/.*)? u:object_r:persist_display_file:s0