[automerger skipped] Let dumpstate access hal_identity am: 11aaf9c6b5 am: 41e92ed113 -s ours
am skip reason: Change-Id Ic07e64b0bb18f948764e7bde5985eab91747b882 with SHA-1 8cc3f8d9ee is in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/11986297
Change-Id: Ifb73a60696ed02a3b24374358db4295a73d7e5f7
diff --git a/Android.bp b/Android.bp
index 8705622..dbd52cb 100644
--- a/Android.bp
+++ b/Android.bp
@@ -43,6 +43,13 @@
}
se_filegroup {
+ name: "30.0.board.compat.map",
+ srcs: [
+ "compat/30.0/30.0.cil",
+ ],
+}
+
+se_filegroup {
name: "26.0.board.ignore.map",
srcs: [
"compat/26.0/26.0.ignore.cil",
@@ -70,6 +77,13 @@
],
}
+se_filegroup {
+ name: "30.0.board.ignore.map",
+ srcs: [
+ "compat/30.0/30.0.ignore.cil",
+ ],
+}
+
se_cil_compat_map {
name: "plat_26.0.cil",
stem: "26.0.cil",
@@ -95,7 +109,14 @@
name: "plat_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
- // top_half: "plat_30.0.cil",
+ top_half: "plat_30.0.cil",
+}
+
+se_cil_compat_map {
+ name: "plat_30.0.cil",
+ stem: "30.0.cil",
+ bottom_half: [":30.0.board.compat.map"],
+ // top_half: "plat_31.0.cil",
}
se_cil_compat_map {
@@ -126,7 +147,15 @@
name: "system_ext_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
- // top_half: "system_ext_30.0.cil",
+ top_half: "system_ext_30.0.cil",
+ system_ext_specific: true,
+}
+
+se_cil_compat_map {
+ name: "system_ext_30.0.cil",
+ stem: "30.0.cil",
+ bottom_half: [":30.0.board.compat.map"],
+ // top_half: "system_ext_31.0.cil",
system_ext_specific: true,
}
@@ -158,7 +187,15 @@
name: "product_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
- // top_half: "product_30.0.cil",
+ top_half: "product_30.0.cil",
+ product_specific: true,
+}
+
+se_cil_compat_map {
+ name: "product_30.0.cil",
+ stem: "30.0.cil",
+ bottom_half: [":30.0.board.compat.map"],
+ // top_half: "product_31.0.cil",
product_specific: true,
}
@@ -183,7 +220,13 @@
se_cil_compat_map {
name: "29.0.ignore.cil",
bottom_half: [":29.0.board.ignore.map"],
- // top_half: "30.0.ignore.cil",
+ top_half: "30.0.ignore.cil",
+}
+
+se_cil_compat_map {
+ name: "30.0.ignore.cil",
+ bottom_half: [":30.0.board.ignore.map"],
+ // top_half: "31.0.ignore.cil",
}
prebuilt_etc {
@@ -210,6 +253,12 @@
sub_dir: "selinux/mapping",
}
+prebuilt_etc {
+ name: "30.0.compat.cil",
+ src: "private/compat/30.0/30.0.compat.cil",
+ sub_dir: "selinux/mapping",
+}
+
se_filegroup {
name: "file_contexts_files",
srcs: ["file_contexts"],
@@ -378,8 +427,8 @@
// For vts_treble_sys_prop_test
filegroup {
- name: "public_property_contexts",
- srcs: ["public/property_contexts"],
+ name: "private_property_contexts",
+ srcs: ["private/property_contexts"],
visibility: [
"//test/vts-testcase/security/system_property",
],
diff --git a/Android.mk b/Android.mk
index f545b41..b667fd2 100644
--- a/Android.mk
+++ b/Android.mk
@@ -1637,6 +1637,8 @@
include $(LOCAL_PATH)/treble_sepolicy_tests_for_release.mk
version_under_treble_tests := 29.0
include $(LOCAL_PATH)/treble_sepolicy_tests_for_release.mk
+version_under_treble_tests := 30.0
+include $(LOCAL_PATH)/treble_sepolicy_tests_for_release.mk
endif # PRODUCT_SEPOLICY_SPLIT
version_under_treble_tests := 26.0
@@ -1647,6 +1649,8 @@
include $(LOCAL_PATH)/compat.mk
version_under_treble_tests := 29.0
include $(LOCAL_PATH)/compat.mk
+version_under_treble_tests := 30.0
+include $(LOCAL_PATH)/compat.mk
base_plat_policy.conf :=
base_plat_pub_policy.conf :=
diff --git a/METADATA b/METADATA
new file mode 100644
index 0000000..313792c
--- /dev/null
+++ b/METADATA
@@ -0,0 +1,3 @@
+third_party {
+ license_type: UNENCUMBERED
+}
diff --git a/apex/com.android.i18n-file_contexts b/apex/com.android.i18n-file_contexts
index c8b6ba1..51d45a0 100644
--- a/apex/com.android.i18n-file_contexts
+++ b/apex/com.android.i18n-file_contexts
@@ -2,3 +2,4 @@
# System files
#
(/.*)? u:object_r:system_file:s0
+/lib(64)?(/.*)? u:object_r:system_lib_file:s0
diff --git a/apex/com.android.runtime-file_contexts b/apex/com.android.runtime-file_contexts
index 7878b20..eed0981 100644
--- a/apex/com.android.runtime-file_contexts
+++ b/apex/com.android.runtime-file_contexts
@@ -2,5 +2,6 @@
# System files
#
(/.*)? u:object_r:system_file:s0
+/bin/crash_dump(32|64) u:object_r:crash_dump_exec:s0
/bin/linker(64)? u:object_r:system_linker_exec:s0
/lib(64)?(/.*)? u:object_r:system_lib_file:s0
diff --git a/build/file_utils.py b/build/file_utils.py
index 1559a9b..9f95f52 100644
--- a/build/file_utils.py
+++ b/build/file_utils.py
@@ -43,6 +43,9 @@
with open(input_file, 'r') as in_file:
tmp_output.writelines(line for line in in_file.readlines()
if line not in patterns)
+ # Append empty line because a completely empty file
+ # will trip up secilc later on:
+ tmp_output.write("\n")
tmp_output.flush()
# Replaces the input_file.
diff --git a/build/soong/Android.bp b/build/soong/Android.bp
index ae2bdd6..699a2a4 100644
--- a/build/soong/Android.bp
+++ b/build/soong/Android.bp
@@ -20,6 +20,7 @@
"soong",
"soong-android",
"soong-genrule",
+ "soong-sysprop",
],
srcs: [
"cil_compat_map.go",
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index 03f8f19..635ebda 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -19,9 +19,11 @@
"io"
"strings"
+ "github.com/google/blueprint"
"github.com/google/blueprint/proptools"
"android/soong/android"
+ "android/soong/sysprop"
)
const (
@@ -72,13 +74,15 @@
properties selinuxContextsProperties
fileContextsProperties fileContextsProperties
- build func(ctx android.ModuleContext, inputs android.Paths)
- outputPath android.ModuleGenPath
+ build func(ctx android.ModuleContext, inputs android.Paths) android.Path
+ deps func(ctx android.BottomUpMutatorContext)
+ outputPath android.Path
installPath android.InstallPath
}
var (
- reuseContextsDepTag = dependencyTag{name: "reuseContexts"}
+ reuseContextsDepTag = dependencyTag{name: "reuseContexts"}
+ syspropLibraryDepTag = dependencyTag{name: "sysprop_library"}
)
func init() {
@@ -110,6 +114,18 @@
return m.inRecovery()
}
+func (m *selinuxContextsModule) DepsMutator(ctx android.BottomUpMutatorContext) {
+ if m.deps != nil {
+ m.deps(ctx)
+ }
+}
+
+func (m *selinuxContextsModule) propertyContextsDeps(ctx android.BottomUpMutatorContext) {
+ for _, lib := range sysprop.SyspropLibraries(ctx.Config()) {
+ ctx.AddFarVariationDependencies([]blueprint.Variation{}, syspropLibraryDepTag, lib)
+ }
+}
+
func (m *selinuxContextsModule) GenerateAndroidBuildActions(ctx android.ModuleContext) {
if m.inRecovery() {
// Installing context files at the root of the recovery partition
@@ -149,10 +165,7 @@
inputs = append(inputs, segroup.SystemExtPrivateSrcs()...)
} else {
inputs = append(inputs, segroup.SystemPrivateSrcs()...)
-
- if ctx.Config().ProductCompatibleProperty() {
- inputs = append(inputs, segroup.SystemPublicSrcs()...)
- }
+ inputs = append(inputs, segroup.SystemPublicSrcs()...)
}
if proptools.Bool(m.properties.Reqd_mask) {
@@ -167,7 +180,8 @@
}
}
- m.build(ctx, inputs)
+ m.outputPath = m.build(ctx, inputs)
+ ctx.InstallFile(m.installPath, ctx.ModuleName(), m.outputPath)
}
func newModule() *selinuxContextsModule {
@@ -261,8 +275,8 @@
}
}
-func (m *selinuxContextsModule) buildGeneralContexts(ctx android.ModuleContext, inputs android.Paths) {
- m.outputPath = android.PathForModuleGen(ctx, ctx.ModuleName()+"_m4out")
+func (m *selinuxContextsModule) buildGeneralContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
+ ret := android.PathForModuleGen(ctx, ctx.ModuleName()+"_m4out")
rule := android.NewRuleBuilder()
@@ -271,42 +285,42 @@
Text("--fatal-warnings -s").
FlagForEachArg("-D", ctx.DeviceConfig().SepolicyM4Defs()).
Inputs(inputs).
- FlagWithOutput("> ", m.outputPath)
+ FlagWithOutput("> ", ret)
if proptools.Bool(m.properties.Remove_comment) {
- rule.Temporary(m.outputPath)
+ rule.Temporary(ret)
remove_comment_output := android.PathForModuleGen(ctx, ctx.ModuleName()+"_remove_comment")
rule.Command().
Text("sed -e 's/#.*$//' -e '/^$/d'").
- Input(m.outputPath).
+ Input(ret).
FlagWithOutput("> ", remove_comment_output)
- m.outputPath = remove_comment_output
+ ret = remove_comment_output
}
if proptools.Bool(m.properties.Fc_sort) {
- rule.Temporary(m.outputPath)
+ rule.Temporary(ret)
sorted_output := android.PathForModuleGen(ctx, ctx.ModuleName()+"_sorted")
rule.Command().
Tool(ctx.Config().HostToolPath(ctx, "fc_sort")).
- FlagWithInput("-i ", m.outputPath).
+ FlagWithInput("-i ", ret).
FlagWithOutput("-o ", sorted_output)
- m.outputPath = sorted_output
+ ret = sorted_output
}
- rule.Build(pctx, ctx, "selinux_contexts", m.Name())
+ rule.Build(pctx, ctx, "selinux_contexts", "building contexts: "+m.Name())
rule.DeleteTemporaryFiles()
- ctx.InstallFile(m.installPath, ctx.ModuleName(), m.outputPath)
+ return ret
}
-func (m *selinuxContextsModule) buildFileContexts(ctx android.ModuleContext, inputs android.Paths) {
+func (m *selinuxContextsModule) buildFileContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
if m.properties.Fc_sort == nil {
m.properties.Fc_sort = proptools.BoolPtr(true)
}
@@ -318,7 +332,7 @@
if m := android.SrcIsModule(src); m != "" {
ctx.ModuleErrorf(
"Module srcs dependency %q is not supported for flatten_apex.srcs", m)
- return
+ return nil
}
for _, path := range android.PathsForModuleSrcExcludes(ctx, []string{src}, nil) {
out := android.PathForModuleGen(ctx, "flattened_apex", path.Rel())
@@ -337,7 +351,7 @@
}
rule.Build(pctx, ctx, m.Name(), "flattened_apex_file_contexts")
- m.buildGeneralContexts(ctx, inputs)
+ return m.buildGeneralContexts(ctx, inputs)
}
func fileFactory() android.Module {
@@ -347,12 +361,51 @@
return m
}
-func (m *selinuxContextsModule) buildHwServiceContexts(ctx android.ModuleContext, inputs android.Paths) {
+func (m *selinuxContextsModule) buildHwServiceContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
if m.properties.Remove_comment == nil {
m.properties.Remove_comment = proptools.BoolPtr(true)
}
- m.buildGeneralContexts(ctx, inputs)
+ return m.buildGeneralContexts(ctx, inputs)
+}
+
+func (m *selinuxContextsModule) buildPropertyContexts(ctx android.ModuleContext, inputs android.Paths) android.Path {
+ builtCtxFile := m.buildGeneralContexts(ctx, inputs)
+
+ var apiFiles android.Paths
+ ctx.VisitDirectDepsWithTag(syspropLibraryDepTag, func(c android.Module) {
+ i, ok := c.(interface{ CurrentSyspropApiFile() android.Path })
+ if !ok {
+ panic(fmt.Errorf("unknown dependency %q for %q", ctx.OtherModuleName(c), ctx.ModuleName()))
+ }
+ apiFiles = append(apiFiles, i.CurrentSyspropApiFile())
+ })
+
+ // check compatibility with sysprop_library
+ if len(apiFiles) > 0 {
+ out := android.PathForModuleGen(ctx, ctx.ModuleName()+"_api_checked")
+ rule := android.NewRuleBuilder()
+
+ msg := `\n******************************\n` +
+ `API of sysprop_library doesn't match with property_contexts\n` +
+ `Please fix the breakage and rebuild.\n` +
+ `******************************\n`
+
+ rule.Command().
+ Text("( ").
+ BuiltTool(ctx, "sysprop_type_checker").
+ FlagForEachInput("--api ", apiFiles).
+ FlagWithInput("--context ", builtCtxFile).
+ Text(" || ( echo").Flag("-e").
+ Flag(`"` + msg + `"`).
+ Text("; exit 38) )")
+
+ rule.Command().Text("cp -f").Input(builtCtxFile).Output(out)
+ rule.Build(pctx, ctx, "property_contexts_check_api", "checking API: "+m.Name())
+ builtCtxFile = out
+ }
+
+ return builtCtxFile
}
func hwServiceFactory() android.Module {
@@ -363,7 +416,8 @@
func propertyFactory() android.Module {
m := newModule()
- m.build = m.buildGeneralContexts
+ m.build = m.buildPropertyContexts
+ m.deps = m.propertyContextsDeps
return m
}
diff --git a/prebuilts/api/29.0/public/property_contexts b/prebuilts/api/29.0/public/property_contexts
index 865502e..71002be 100644
--- a/prebuilts/api/29.0/public/property_contexts
+++ b/prebuilts/api/29.0/public/property_contexts
@@ -148,6 +148,9 @@
ro.url.legal u:object_r:exported3_default_prop:s0 exact string
ro.url.legal.android_privacy u:object_r:exported3_default_prop:s0 exact string
ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
+ro.media.xml_variant.codecs u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.codecs_performance u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.profiles u:object_r:media_variant_prop:s0 exact string
ro.zram.mark_idle_delay_mins u:object_r:exported3_default_prop:s0 exact int
ro.zram.first_wb_delay_mins u:object_r:exported3_default_prop:s0 exact int
ro.zram.periodic_wb_delay_hours u:object_r:exported3_default_prop:s0 exact int
diff --git a/prebuilts/api/30.0/plat_pub_versioned.cil b/prebuilts/api/30.0/plat_pub_versioned.cil
new file mode 100644
index 0000000..b593a35
--- /dev/null
+++ b/prebuilts/api/30.0/plat_pub_versioned.cil
@@ -0,0 +1,2992 @@
+(type DockObserver_service)
+(type IProxyService_service)
+(type accessibility_service)
+(type account_service)
+(type activity_service)
+(type activity_task_service)
+(type adb_data_file)
+(type adb_keys_file)
+(type adb_service)
+(type adbd)
+(type adbd_exec)
+(type adbd_prop)
+(type adbd_socket)
+(type aidl_lazy_test_server)
+(type aidl_lazy_test_server_exec)
+(type aidl_lazy_test_service)
+(type alarm_service)
+(type anr_data_file)
+(type apex_data_file)
+(type apex_metadata_file)
+(type apex_mnt_dir)
+(type apex_module_data_file)
+(type apex_permission_data_file)
+(type apex_rollback_data_file)
+(type apex_service)
+(type apex_wifi_data_file)
+(type apexd)
+(type apexd_exec)
+(type apexd_prop)
+(type apk_data_file)
+(type apk_private_data_file)
+(type apk_private_tmp_file)
+(type apk_tmp_file)
+(type apk_verity_prop)
+(type app_binding_service)
+(type app_data_file)
+(type app_fuse_file)
+(type app_fusefs)
+(type app_integrity_service)
+(type app_prediction_service)
+(type app_search_service)
+(type app_zygote)
+(type app_zygote_tmpfs)
+(type appdomain_tmpfs)
+(type appops_service)
+(type appwidget_service)
+(type art_apex_dir)
+(type asec_apk_file)
+(type asec_image_file)
+(type asec_public_file)
+(type ashmem_device)
+(type ashmem_libcutils_device)
+(type assetatlas_service)
+(type audio_data_file)
+(type audio_device)
+(type audio_prop)
+(type audio_service)
+(type audiohal_data_file)
+(type audioserver)
+(type audioserver_data_file)
+(type audioserver_service)
+(type audioserver_tmpfs)
+(type auth_service)
+(type autofill_service)
+(type backup_data_file)
+(type backup_service)
+(type battery_service)
+(type batteryproperties_service)
+(type batterystats_service)
+(type binder_cache_bluetooth_server_prop)
+(type binder_cache_system_server_prop)
+(type binder_cache_telephony_server_prop)
+(type binder_calls_stats_service)
+(type binder_device)
+(type binderfs)
+(type binderfs_logs)
+(type binderfs_logs_proc)
+(type binfmt_miscfs)
+(type biometric_service)
+(type blkid)
+(type blkid_untrusted)
+(type blob_store_service)
+(type block_device)
+(type bluetooth)
+(type bluetooth_a2dp_offload_prop)
+(type bluetooth_audio_hal_prop)
+(type bluetooth_data_file)
+(type bluetooth_efs_file)
+(type bluetooth_logs_data_file)
+(type bluetooth_manager_service)
+(type bluetooth_prop)
+(type bluetooth_service)
+(type bluetooth_socket)
+(type boot_block_device)
+(type bootanim)
+(type bootanim_exec)
+(type bootchart_data_file)
+(type bootloader_boot_reason_prop)
+(type bootstat)
+(type bootstat_data_file)
+(type bootstat_exec)
+(type boottime_prop)
+(type boottime_public_prop)
+(type boottrace_data_file)
+(type bpf_progs_loaded_prop)
+(type bq_config_prop)
+(type broadcastradio_service)
+(type bufferhubd)
+(type bufferhubd_exec)
+(type bugreport_service)
+(type cache_backup_file)
+(type cache_block_device)
+(type cache_file)
+(type cache_private_backup_file)
+(type cache_recovery_file)
+(type camera_data_file)
+(type camera_device)
+(type cameraproxy_service)
+(type cameraserver)
+(type cameraserver_exec)
+(type cameraserver_service)
+(type cameraserver_tmpfs)
+(type cgroup)
+(type cgroup_bpf)
+(type cgroup_desc_file)
+(type cgroup_rc_file)
+(type charger)
+(type charger_exec)
+(type charger_prop)
+(type clipboard_service)
+(type cold_boot_done_prop)
+(type color_display_service)
+(type companion_device_service)
+(type config_prop)
+(type configfs)
+(type connectivity_service)
+(type connmetrics_service)
+(type console_device)
+(type consumer_ir_service)
+(type content_capture_service)
+(type content_service)
+(type content_suggestions_service)
+(type contexthub_service)
+(type coredump_file)
+(type country_detector_service)
+(type coverage_service)
+(type cppreopt_prop)
+(type cpu_variant_prop)
+(type cpuinfo_service)
+(type crash_dump)
+(type crash_dump_exec)
+(type credstore)
+(type credstore_data_file)
+(type credstore_exec)
+(type credstore_service)
+(type crossprofileapps_service)
+(type ctl_adbd_prop)
+(type ctl_apexd_prop)
+(type ctl_bootanim_prop)
+(type ctl_bugreport_prop)
+(type ctl_console_prop)
+(type ctl_default_prop)
+(type ctl_dumpstate_prop)
+(type ctl_fuse_prop)
+(type ctl_gsid_prop)
+(type ctl_interface_restart_prop)
+(type ctl_interface_start_prop)
+(type ctl_interface_stop_prop)
+(type ctl_mdnsd_prop)
+(type ctl_restart_prop)
+(type ctl_rildaemon_prop)
+(type ctl_sigstop_prop)
+(type ctl_start_prop)
+(type ctl_stop_prop)
+(type dalvik_prop)
+(type dalvikcache_data_file)
+(type dataloader_manager_service)
+(type dbinfo_service)
+(type debug_prop)
+(type debugfs)
+(type debugfs_mmc)
+(type debugfs_trace_marker)
+(type debugfs_tracing)
+(type debugfs_tracing_debug)
+(type debugfs_tracing_instances)
+(type debugfs_wakeup_sources)
+(type debugfs_wifi_tracing)
+(type debuggerd_prop)
+(type default_android_hwservice)
+(type default_android_service)
+(type default_android_vndservice)
+(type default_prop)
+(type dev_cpu_variant)
+(type device)
+(type device_config_activity_manager_native_boot_prop)
+(type device_config_boot_count_prop)
+(type device_config_configuration_prop)
+(type device_config_input_native_boot_prop)
+(type device_config_media_native_prop)
+(type device_config_netd_native_prop)
+(type device_config_reset_performed_prop)
+(type device_config_runtime_native_boot_prop)
+(type device_config_runtime_native_prop)
+(type device_config_service)
+(type device_config_storage_native_boot_prop)
+(type device_config_sys_traced_prop)
+(type device_config_window_manager_native_boot_prop)
+(type device_identifiers_service)
+(type device_logging_prop)
+(type device_policy_service)
+(type deviceidle_service)
+(type devicestoragemonitor_service)
+(type devpts)
+(type dhcp)
+(type dhcp_data_file)
+(type dhcp_exec)
+(type dhcp_prop)
+(type diskstats_service)
+(type display_service)
+(type dm_device)
+(type dnsmasq)
+(type dnsmasq_exec)
+(type dnsproxyd_socket)
+(type dnsresolver_service)
+(type dreams_service)
+(type drm_data_file)
+(type drmserver)
+(type drmserver_exec)
+(type drmserver_service)
+(type drmserver_socket)
+(type dropbox_data_file)
+(type dropbox_service)
+(type dumpstate)
+(type dumpstate_exec)
+(type dumpstate_options_prop)
+(type dumpstate_prop)
+(type dumpstate_service)
+(type dumpstate_socket)
+(type dynamic_system_prop)
+(type e2fs)
+(type e2fs_exec)
+(type efs_file)
+(type emergency_affordance_service)
+(type ephemeral_app)
+(type ethernet_service)
+(type exfat)
+(type exported2_config_prop)
+(type exported2_default_prop)
+(type exported2_radio_prop)
+(type exported2_system_prop)
+(type exported2_vold_prop)
+(type exported3_default_prop)
+(type exported3_radio_prop)
+(type exported3_system_prop)
+(type exported_audio_prop)
+(type exported_bluetooth_prop)
+(type exported_camera_prop)
+(type exported_config_prop)
+(type exported_dalvik_prop)
+(type exported_default_prop)
+(type exported_dumpstate_prop)
+(type exported_ffs_prop)
+(type exported_fingerprint_prop)
+(type exported_overlay_prop)
+(type exported_pm_prop)
+(type exported_radio_prop)
+(type exported_secure_prop)
+(type exported_system_prop)
+(type exported_system_radio_prop)
+(type exported_vold_prop)
+(type exported_wifi_prop)
+(type external_vibrator_service)
+(type face_service)
+(type face_vendor_data_file)
+(type fastbootd)
+(type ffs_prop)
+(type file_contexts_file)
+(type file_integrity_service)
+(type fingerprint_prop)
+(type fingerprint_service)
+(type fingerprint_vendor_data_file)
+(type fingerprintd)
+(type fingerprintd_data_file)
+(type fingerprintd_exec)
+(type fingerprintd_service)
+(type firstboot_prop)
+(type flags_health_check)
+(type flags_health_check_exec)
+(type font_service)
+(type frp_block_device)
+(type fs_bpf)
+(type fsck)
+(type fsck_exec)
+(type fsck_untrusted)
+(type fscklogs)
+(type functionfs)
+(type fuse)
+(type fuse_device)
+(type fwk_automotive_display_hwservice)
+(type fwk_bufferhub_hwservice)
+(type fwk_camera_hwservice)
+(type fwk_display_hwservice)
+(type fwk_scheduler_hwservice)
+(type fwk_sensor_hwservice)
+(type fwk_stats_hwservice)
+(type fwmarkd_socket)
+(type gatekeeper_data_file)
+(type gatekeeper_service)
+(type gatekeeperd)
+(type gatekeeperd_exec)
+(type gfxinfo_service)
+(type gmscore_app)
+(type gps_control)
+(type gpu_device)
+(type gpu_service)
+(type gpuservice)
+(type graphics_device)
+(type graphicsstats_service)
+(type gsi_data_file)
+(type gsi_metadata_file)
+(type gsid_prop)
+(type hal_atrace_hwservice)
+(type hal_audio_hwservice)
+(type hal_audiocontrol_hwservice)
+(type hal_authsecret_hwservice)
+(type hal_bluetooth_hwservice)
+(type hal_bootctl_hwservice)
+(type hal_broadcastradio_hwservice)
+(type hal_camera_hwservice)
+(type hal_can_bus_hwservice)
+(type hal_can_controller_hwservice)
+(type hal_cas_hwservice)
+(type hal_codec2_hwservice)
+(type hal_configstore_ISurfaceFlingerConfigs)
+(type hal_confirmationui_hwservice)
+(type hal_contexthub_hwservice)
+(type hal_drm_hwservice)
+(type hal_dumpstate_hwservice)
+(type hal_evs_hwservice)
+(type hal_face_hwservice)
+(type hal_fingerprint_hwservice)
+(type hal_fingerprint_service)
+(type hal_gatekeeper_hwservice)
+(type hal_gnss_hwservice)
+(type hal_graphics_allocator_hwservice)
+(type hal_graphics_composer_hwservice)
+(type hal_graphics_composer_server_tmpfs)
+(type hal_graphics_mapper_hwservice)
+(type hal_health_hwservice)
+(type hal_health_storage_hwservice)
+(type hal_identity_service)
+(type hal_input_classifier_hwservice)
+(type hal_ir_hwservice)
+(type hal_keymaster_hwservice)
+(type hal_light_hwservice)
+(type hal_light_service)
+(type hal_lowpan_hwservice)
+(type hal_memtrack_hwservice)
+(type hal_neuralnetworks_hwservice)
+(type hal_nfc_hwservice)
+(type hal_oemlock_hwservice)
+(type hal_omx_hwservice)
+(type hal_power_hwservice)
+(type hal_power_service)
+(type hal_power_stats_hwservice)
+(type hal_rebootescrow_service)
+(type hal_renderscript_hwservice)
+(type hal_secure_element_hwservice)
+(type hal_sensors_hwservice)
+(type hal_telephony_hwservice)
+(type hal_tetheroffload_hwservice)
+(type hal_thermal_hwservice)
+(type hal_tv_cec_hwservice)
+(type hal_tv_input_hwservice)
+(type hal_tv_tuner_hwservice)
+(type hal_usb_gadget_hwservice)
+(type hal_usb_hwservice)
+(type hal_vehicle_hwservice)
+(type hal_vibrator_hwservice)
+(type hal_vibrator_service)
+(type hal_vr_hwservice)
+(type hal_weaver_hwservice)
+(type hal_wifi_hostapd_hwservice)
+(type hal_wifi_hwservice)
+(type hal_wifi_supplicant_hwservice)
+(type hardware_properties_service)
+(type hardware_service)
+(type hci_attach_dev)
+(type hdmi_control_service)
+(type healthd)
+(type healthd_exec)
+(type heapdump_data_file)
+(type heapprofd)
+(type heapprofd_enabled_prop)
+(type heapprofd_prop)
+(type heapprofd_socket)
+(type hidl_allocator_hwservice)
+(type hidl_base_hwservice)
+(type hidl_manager_hwservice)
+(type hidl_memory_hwservice)
+(type hidl_token_hwservice)
+(type hw_random_device)
+(type hwbinder_device)
+(type hwservice_contexts_file)
+(type hwservicemanager)
+(type hwservicemanager_exec)
+(type hwservicemanager_prop)
+(type icon_file)
+(type idmap)
+(type idmap_exec)
+(type idmap_service)
+(type iio_device)
+(type imms_service)
+(type incident)
+(type incident_data_file)
+(type incident_helper)
+(type incident_service)
+(type incidentd)
+(type incremental_control_file)
+(type incremental_prop)
+(type incremental_service)
+(type init)
+(type init_exec)
+(type init_perf_lsm_hooks_prop)
+(type init_svc_debug_prop)
+(type init_tmpfs)
+(type inotify)
+(type input_device)
+(type input_method_service)
+(type input_service)
+(type inputflinger)
+(type inputflinger_exec)
+(type inputflinger_service)
+(type install_data_file)
+(type installd)
+(type installd_exec)
+(type installd_service)
+(type ion_device)
+(type iorap_inode2filename)
+(type iorap_inode2filename_exec)
+(type iorap_inode2filename_tmpfs)
+(type iorap_prefetcherd)
+(type iorap_prefetcherd_exec)
+(type iorap_prefetcherd_tmpfs)
+(type iorapd)
+(type iorapd_data_file)
+(type iorapd_exec)
+(type iorapd_service)
+(type iorapd_tmpfs)
+(type ipsec_service)
+(type iris_service)
+(type iris_vendor_data_file)
+(type isolated_app)
+(type jobscheduler_service)
+(type kernel)
+(type keychain_data_file)
+(type keychord_device)
+(type keystore)
+(type keystore_data_file)
+(type keystore_exec)
+(type keystore_service)
+(type kmsg_debug_device)
+(type kmsg_device)
+(type labeledfs)
+(type last_boot_reason_prop)
+(type launcherapps_service)
+(type light_service)
+(type linkerconfig_file)
+(type llkd)
+(type llkd_exec)
+(type llkd_prop)
+(type lmkd)
+(type lmkd_exec)
+(type lmkd_prop)
+(type lmkd_socket)
+(type location_service)
+(type lock_settings_service)
+(type log_prop)
+(type log_tag_prop)
+(type logcat_exec)
+(type logd)
+(type logd_exec)
+(type logd_prop)
+(type logd_socket)
+(type logdr_socket)
+(type logdw_socket)
+(type logpersist)
+(type logpersistd_logging_prop)
+(type loop_control_device)
+(type loop_device)
+(type looper_stats_service)
+(type lowpan_device)
+(type lowpan_prop)
+(type lowpan_service)
+(type lpdump_service)
+(type lpdumpd_prop)
+(type mac_perms_file)
+(type mdns_socket)
+(type mdnsd)
+(type mdnsd_socket)
+(type media_data_file)
+(type media_projection_service)
+(type media_router_service)
+(type media_rw_data_file)
+(type media_session_service)
+(type media_variant_prop)
+(type mediadrmserver)
+(type mediadrmserver_exec)
+(type mediadrmserver_service)
+(type mediaextractor)
+(type mediaextractor_exec)
+(type mediaextractor_service)
+(type mediaextractor_tmpfs)
+(type mediametrics)
+(type mediametrics_exec)
+(type mediametrics_service)
+(type mediaprovider)
+(type mediaserver)
+(type mediaserver_exec)
+(type mediaserver_service)
+(type mediaserver_tmpfs)
+(type mediaswcodec)
+(type mediaswcodec_exec)
+(type mediatranscoding)
+(type mediatranscoding_exec)
+(type mediatranscoding_service)
+(type meminfo_service)
+(type metadata_block_device)
+(type metadata_bootstat_file)
+(type metadata_file)
+(type method_trace_data_file)
+(type midi_service)
+(type mirror_data_file)
+(type misc_block_device)
+(type misc_logd_file)
+(type misc_user_data_file)
+(type mmc_prop)
+(type mnt_expand_file)
+(type mnt_media_rw_file)
+(type mnt_media_rw_stub_file)
+(type mnt_pass_through_file)
+(type mnt_product_file)
+(type mnt_sdcard_file)
+(type mnt_user_file)
+(type mnt_vendor_file)
+(type mock_ota_prop)
+(type modprobe)
+(type module_sdkextensions_prop)
+(type mount_service)
+(type mqueue)
+(type mtp)
+(type mtp_device)
+(type mtp_exec)
+(type mtpd_socket)
+(type nativetest_data_file)
+(type net_data_file)
+(type net_dns_prop)
+(type net_radio_prop)
+(type netd)
+(type netd_exec)
+(type netd_listener_service)
+(type netd_service)
+(type netd_stable_secret_prop)
+(type netif)
+(type netpolicy_service)
+(type netstats_service)
+(type netutils_wrapper)
+(type netutils_wrapper_exec)
+(type network_management_service)
+(type network_score_service)
+(type network_stack)
+(type network_stack_service)
+(type network_time_update_service)
+(type network_watchlist_data_file)
+(type network_watchlist_service)
+(type nfc)
+(type nfc_data_file)
+(type nfc_device)
+(type nfc_prop)
+(type nfc_service)
+(type nnapi_ext_deny_product_prop)
+(type node)
+(type nonplat_service_contexts_file)
+(type notification_service)
+(type null_device)
+(type oem_lock_service)
+(type oemfs)
+(type ota_data_file)
+(type ota_metadata_file)
+(type ota_package_file)
+(type ota_prop)
+(type otadexopt_service)
+(type overlay_prop)
+(type overlay_service)
+(type overlayfs_file)
+(type owntty_device)
+(type package_native_service)
+(type package_service)
+(type packages_list_file)
+(type pan_result_prop)
+(type password_slot_metadata_file)
+(type pdx_bufferhub_client_channel_socket)
+(type pdx_bufferhub_client_endpoint_socket)
+(type pdx_bufferhub_dir)
+(type pdx_display_client_channel_socket)
+(type pdx_display_client_endpoint_socket)
+(type pdx_display_dir)
+(type pdx_display_manager_channel_socket)
+(type pdx_display_manager_endpoint_socket)
+(type pdx_display_screenshot_channel_socket)
+(type pdx_display_screenshot_endpoint_socket)
+(type pdx_display_vsync_channel_socket)
+(type pdx_display_vsync_endpoint_socket)
+(type pdx_performance_client_channel_socket)
+(type pdx_performance_client_endpoint_socket)
+(type pdx_performance_dir)
+(type perfetto)
+(type performanced)
+(type performanced_exec)
+(type permission_service)
+(type permissionmgr_service)
+(type persist_debug_prop)
+(type persistent_data_block_service)
+(type persistent_properties_ready_prop)
+(type pinner_service)
+(type pipefs)
+(type platform_app)
+(type platform_compat_service)
+(type pm_prop)
+(type pmsg_device)
+(type port)
+(type port_device)
+(type postinstall)
+(type postinstall_apex_mnt_dir)
+(type postinstall_file)
+(type postinstall_mnt_dir)
+(type power_service)
+(type powerctl_prop)
+(type ppp)
+(type ppp_device)
+(type ppp_exec)
+(type preloads_data_file)
+(type preloads_media_file)
+(type prereboot_data_file)
+(type print_service)
+(type priv_app)
+(type privapp_data_file)
+(type proc)
+(type proc_abi)
+(type proc_asound)
+(type proc_bluetooth_writable)
+(type proc_buddyinfo)
+(type proc_cmdline)
+(type proc_cpuinfo)
+(type proc_dirty)
+(type proc_diskstats)
+(type proc_drop_caches)
+(type proc_extra_free_kbytes)
+(type proc_filesystems)
+(type proc_fs_verity)
+(type proc_hostname)
+(type proc_hung_task)
+(type proc_interrupts)
+(type proc_iomem)
+(type proc_keys)
+(type proc_kmsg)
+(type proc_kpageflags)
+(type proc_loadavg)
+(type proc_lowmemorykiller)
+(type proc_max_map_count)
+(type proc_meminfo)
+(type proc_min_free_order_shift)
+(type proc_misc)
+(type proc_modules)
+(type proc_mounts)
+(type proc_net)
+(type proc_net_tcp_udp)
+(type proc_overcommit_memory)
+(type proc_page_cluster)
+(type proc_pagetypeinfo)
+(type proc_panic)
+(type proc_perf)
+(type proc_pid_max)
+(type proc_pipe_conf)
+(type proc_pressure_cpu)
+(type proc_pressure_io)
+(type proc_pressure_mem)
+(type proc_qtaguid_ctrl)
+(type proc_qtaguid_stat)
+(type proc_random)
+(type proc_sched)
+(type proc_security)
+(type proc_slabinfo)
+(type proc_stat)
+(type proc_swaps)
+(type proc_sysrq)
+(type proc_timer)
+(type proc_tty_drivers)
+(type proc_uid_concurrent_active_time)
+(type proc_uid_concurrent_policy_time)
+(type proc_uid_cpupower)
+(type proc_uid_cputime_removeuid)
+(type proc_uid_cputime_showstat)
+(type proc_uid_io_stats)
+(type proc_uid_procstat_set)
+(type proc_uid_time_in_state)
+(type proc_uptime)
+(type proc_version)
+(type proc_vmallocinfo)
+(type proc_vmstat)
+(type proc_zoneinfo)
+(type processinfo_service)
+(type procstats_service)
+(type profman)
+(type profman_dump_data_file)
+(type profman_exec)
+(type properties_device)
+(type properties_serial)
+(type property_contexts_file)
+(type property_data_file)
+(type property_info)
+(type property_socket)
+(type pstorefs)
+(type ptmx_device)
+(type qtaguid_device)
+(type racoon)
+(type racoon_exec)
+(type racoon_socket)
+(type radio)
+(type radio_data_file)
+(type radio_device)
+(type radio_prop)
+(type radio_service)
+(type ram_device)
+(type random_device)
+(type rebootescrow_hal_prop)
+(type recovery)
+(type recovery_block_device)
+(type recovery_data_file)
+(type recovery_persist)
+(type recovery_persist_exec)
+(type recovery_refresh)
+(type recovery_refresh_exec)
+(type recovery_service)
+(type recovery_socket)
+(type registry_service)
+(type resourcecache_data_file)
+(type restorecon_prop)
+(type restrictions_service)
+(type rild_debug_socket)
+(type rild_socket)
+(type ringtone_file)
+(type role_service)
+(type rollback_service)
+(type root_block_device)
+(type rootfs)
+(type rpmsg_device)
+(type rs)
+(type rs_exec)
+(type rss_hwm_reset)
+(type rtc_device)
+(type rttmanager_service)
+(type runas)
+(type runas_app)
+(type runas_exec)
+(type runtime_event_log_tags_file)
+(type runtime_service)
+(type safemode_prop)
+(type same_process_hal_file)
+(type samplingprofiler_service)
+(type scheduling_policy_service)
+(type sdcard_block_device)
+(type sdcardd)
+(type sdcardd_exec)
+(type sdcardfs)
+(type seapp_contexts_file)
+(type search_service)
+(type sec_key_att_app_id_provider_service)
+(type secure_element)
+(type secure_element_device)
+(type secure_element_service)
+(type securityfs)
+(type selinuxfs)
+(type sensor_privacy_service)
+(type sensors_device)
+(type sensorservice_service)
+(type sepolicy_file)
+(type serial_device)
+(type serial_service)
+(type serialno_prop)
+(type server_configurable_flags_data_file)
+(type service_contexts_file)
+(type service_manager_service)
+(type service_manager_vndservice)
+(type servicediscovery_service)
+(type servicemanager)
+(type servicemanager_exec)
+(type settings_service)
+(type sgdisk)
+(type sgdisk_exec)
+(type shared_relro)
+(type shared_relro_file)
+(type shell)
+(type shell_data_file)
+(type shell_exec)
+(type shell_prop)
+(type shm)
+(type shortcut_manager_icons)
+(type shortcut_service)
+(type simpleperf)
+(type simpleperf_app_runner)
+(type simpleperf_app_runner_exec)
+(type slice_service)
+(type slideshow)
+(type snapshotctl_log_data_file)
+(type socket_device)
+(type socket_hook_prop)
+(type sockfs)
+(type sota_prop)
+(type soundtrigger_middleware_service)
+(type staging_data_file)
+(type stats_data_file)
+(type statsd)
+(type statsd_exec)
+(type statsdw_socket)
+(type statusbar_service)
+(type storage_config_prop)
+(type storage_file)
+(type storage_stub_file)
+(type storaged_service)
+(type storagestats_service)
+(type su)
+(type su_exec)
+(type super_block_device)
+(type surfaceflinger)
+(type surfaceflinger_service)
+(type surfaceflinger_tmpfs)
+(type swap_block_device)
+(type sysfs)
+(type sysfs_android_usb)
+(type sysfs_batteryinfo)
+(type sysfs_bluetooth_writable)
+(type sysfs_devices_block)
+(type sysfs_devices_system_cpu)
+(type sysfs_dm)
+(type sysfs_dm_verity)
+(type sysfs_dt_firmware_android)
+(type sysfs_extcon)
+(type sysfs_fs_ext4_features)
+(type sysfs_fs_f2fs)
+(type sysfs_hwrandom)
+(type sysfs_ion)
+(type sysfs_ipv4)
+(type sysfs_kernel_notes)
+(type sysfs_leds)
+(type sysfs_loop)
+(type sysfs_lowmemorykiller)
+(type sysfs_net)
+(type sysfs_nfc_power_writable)
+(type sysfs_power)
+(type sysfs_rtc)
+(type sysfs_suspend_stats)
+(type sysfs_switch)
+(type sysfs_thermal)
+(type sysfs_transparent_hugepage)
+(type sysfs_uio)
+(type sysfs_usb)
+(type sysfs_usermodehelper)
+(type sysfs_vibrator)
+(type sysfs_wake_lock)
+(type sysfs_wakeup)
+(type sysfs_wakeup_reasons)
+(type sysfs_wlan_fwpath)
+(type sysfs_zram)
+(type sysfs_zram_uevent)
+(type system_adbd_prop)
+(type system_app)
+(type system_app_data_file)
+(type system_app_service)
+(type system_asan_options_file)
+(type system_block_device)
+(type system_boot_reason_prop)
+(type system_bootstrap_lib_file)
+(type system_config_service)
+(type system_data_file)
+(type system_data_root_file)
+(type system_event_log_tags_file)
+(type system_file)
+(type system_group_file)
+(type system_jvmti_agent_prop)
+(type system_lib_file)
+(type system_linker_config_file)
+(type system_linker_exec)
+(type system_lmk_prop)
+(type system_ndebug_socket)
+(type system_net_netd_hwservice)
+(type system_passwd_file)
+(type system_prop)
+(type system_radio_prop)
+(type system_seccomp_policy_file)
+(type system_security_cacerts_file)
+(type system_server)
+(type system_server_tmpfs)
+(type system_suspend_control_service)
+(type system_suspend_hwservice)
+(type system_trace_prop)
+(type system_unsolzygote_socket)
+(type system_update_service)
+(type system_wifi_keystore_hwservice)
+(type system_wpa_socket)
+(type system_zoneinfo_file)
+(type systemkeys_data_file)
+(type task_profiles_file)
+(type task_service)
+(type tcpdump_exec)
+(type tee)
+(type tee_data_file)
+(type tee_device)
+(type telecom_service)
+(type test_boot_reason_prop)
+(type test_harness_prop)
+(type testharness_service)
+(type tethering_service)
+(type textclassification_service)
+(type textclassifier_data_file)
+(type textservices_service)
+(type theme_prop)
+(type thermal_service)
+(type thermalcallback_hwservice)
+(type time_prop)
+(type timedetector_service)
+(type timezone_service)
+(type timezonedetector_service)
+(type tmpfs)
+(type tombstone_data_file)
+(type tombstone_wifi_data_file)
+(type tombstoned)
+(type tombstoned_crash_socket)
+(type tombstoned_exec)
+(type tombstoned_intercept_socket)
+(type tombstoned_java_trace_socket)
+(type toolbox)
+(type toolbox_exec)
+(type trace_data_file)
+(type traced)
+(type traced_consumer_socket)
+(type traced_enabled_prop)
+(type traced_lazy_prop)
+(type traced_perf)
+(type traced_perf_enabled_prop)
+(type traced_perf_socket)
+(type traced_probes)
+(type traced_producer_socket)
+(type traceur_app)
+(type trust_service)
+(type tty_device)
+(type tun_device)
+(type tv_input_service)
+(type tv_tuner_resource_mgr_service)
+(type tzdatacheck)
+(type tzdatacheck_exec)
+(type ueventd)
+(type ueventd_tmpfs)
+(type uhid_device)
+(type uimode_service)
+(type uio_device)
+(type uncrypt)
+(type uncrypt_exec)
+(type uncrypt_socket)
+(type unencrypted_data_file)
+(type unlabeled)
+(type untrusted_app)
+(type untrusted_app_25)
+(type untrusted_app_27)
+(type untrusted_app_29)
+(type update_engine)
+(type update_engine_data_file)
+(type update_engine_exec)
+(type update_engine_log_data_file)
+(type update_engine_service)
+(type update_verifier)
+(type update_verifier_exec)
+(type updatelock_service)
+(type uri_grants_service)
+(type usagestats_service)
+(type usb_device)
+(type usb_serial_device)
+(type usb_service)
+(type usbaccessory_device)
+(type usbd)
+(type usbd_exec)
+(type usbfs)
+(type use_memfd_prop)
+(type user_profile_data_file)
+(type user_service)
+(type userdata_block_device)
+(type usermodehelper)
+(type userspace_reboot_config_prop)
+(type userspace_reboot_exported_prop)
+(type userspace_reboot_log_prop)
+(type userspace_reboot_test_prop)
+(type vdc)
+(type vdc_exec)
+(type vehicle_hal_prop)
+(type vendor_apex_file)
+(type vendor_app_file)
+(type vendor_cgroup_desc_file)
+(type vendor_configs_file)
+(type vendor_data_file)
+(type vendor_default_prop)
+(type vendor_file)
+(type vendor_framework_file)
+(type vendor_hal_file)
+(type vendor_idc_file)
+(type vendor_init)
+(type vendor_keychars_file)
+(type vendor_keylayout_file)
+(type vendor_misc_writer)
+(type vendor_misc_writer_exec)
+(type vendor_overlay_file)
+(type vendor_public_lib_file)
+(type vendor_security_patch_level_prop)
+(type vendor_shell)
+(type vendor_shell_exec)
+(type vendor_socket_hook_prop)
+(type vendor_task_profiles_file)
+(type vendor_toolbox_exec)
+(type vfat)
+(type vibrator_service)
+(type video_device)
+(type virtual_ab_prop)
+(type virtual_touchpad)
+(type virtual_touchpad_exec)
+(type virtual_touchpad_service)
+(type vndbinder_device)
+(type vndk_prop)
+(type vndk_sp_file)
+(type vndservice_contexts_file)
+(type vndservicemanager)
+(type voiceinteraction_service)
+(type vold)
+(type vold_data_file)
+(type vold_device)
+(type vold_exec)
+(type vold_metadata_file)
+(type vold_prepare_subdirs)
+(type vold_prepare_subdirs_exec)
+(type vold_prop)
+(type vold_service)
+(type vpn_data_file)
+(type vr_hwc)
+(type vr_hwc_exec)
+(type vr_hwc_service)
+(type vr_manager_service)
+(type vrflinger_vsync_service)
+(type wallpaper_file)
+(type wallpaper_service)
+(type watchdog_device)
+(type watchdogd)
+(type watchdogd_exec)
+(type webview_zygote)
+(type webview_zygote_exec)
+(type webview_zygote_tmpfs)
+(type webviewupdate_service)
+(type wifi_data_file)
+(type wifi_log_prop)
+(type wifi_prop)
+(type wifi_service)
+(type wifiaware_service)
+(type wificond)
+(type wificond_exec)
+(type wifinl80211_service)
+(type wifip2p_service)
+(type wifiscanner_service)
+(type window_service)
+(type wpa_socket)
+(type wpantund)
+(type wpantund_exec)
+(type wpantund_service)
+(type zero_device)
+(type zoneinfo_data_file)
+(type zygote)
+(type zygote_exec)
+(type zygote_socket)
+(type zygote_tmpfs)
+(typeattribute DockObserver_service_30_0)
+(typeattribute IProxyService_service_30_0)
+(typeattribute accessibility_service_30_0)
+(typeattribute account_service_30_0)
+(typeattribute activity_service_30_0)
+(typeattribute activity_task_service_30_0)
+(typeattribute adb_data_file_30_0)
+(typeattribute adb_keys_file_30_0)
+(typeattribute adb_service_30_0)
+(typeattribute adbd_30_0)
+(typeattribute adbd_exec_30_0)
+(typeattribute adbd_prop_30_0)
+(typeattribute adbd_socket_30_0)
+(typeattribute aidl_lazy_test_server_30_0)
+(typeattribute aidl_lazy_test_server_exec_30_0)
+(typeattribute aidl_lazy_test_service_30_0)
+(typeattribute alarm_service_30_0)
+(typeattribute anr_data_file_30_0)
+(typeattribute apex_data_file_30_0)
+(typeattribute apex_metadata_file_30_0)
+(typeattribute apex_mnt_dir_30_0)
+(typeattribute apex_module_data_file_30_0)
+(typeattribute apex_permission_data_file_30_0)
+(typeattribute apex_rollback_data_file_30_0)
+(typeattribute apex_service_30_0)
+(typeattribute apex_wifi_data_file_30_0)
+(typeattribute apexd_30_0)
+(typeattribute apexd_exec_30_0)
+(typeattribute apexd_prop_30_0)
+(typeattribute apk_data_file_30_0)
+(typeattribute apk_private_data_file_30_0)
+(typeattribute apk_private_tmp_file_30_0)
+(typeattribute apk_tmp_file_30_0)
+(typeattribute apk_verity_prop_30_0)
+(typeattribute app_api_service)
+(typeattribute app_binding_service_30_0)
+(typeattribute app_data_file_30_0)
+(typeattribute app_fuse_file_30_0)
+(typeattribute app_fusefs_30_0)
+(typeattribute app_integrity_service_30_0)
+(typeattribute app_prediction_service_30_0)
+(typeattribute app_search_service_30_0)
+(typeattribute app_zygote_30_0)
+(typeattribute app_zygote_tmpfs_30_0)
+(typeattribute appdomain)
+(typeattribute appdomain_tmpfs_30_0)
+(typeattribute appops_service_30_0)
+(typeattribute appwidget_service_30_0)
+(typeattribute art_apex_dir_30_0)
+(typeattribute asec_apk_file_30_0)
+(typeattribute asec_image_file_30_0)
+(typeattribute asec_public_file_30_0)
+(typeattribute ashmem_device_30_0)
+(typeattribute ashmem_libcutils_device_30_0)
+(typeattribute assetatlas_service_30_0)
+(typeattribute audio_data_file_30_0)
+(typeattribute audio_device_30_0)
+(typeattribute audio_prop_30_0)
+(typeattribute audio_service_30_0)
+(typeattribute audiohal_data_file_30_0)
+(typeattribute audioserver_30_0)
+(typeattribute audioserver_data_file_30_0)
+(typeattribute audioserver_service_30_0)
+(typeattribute audioserver_tmpfs_30_0)
+(typeattribute auth_service_30_0)
+(typeattribute autofill_service_30_0)
+(typeattribute automotive_display_service_server)
+(typeattribute backup_data_file_30_0)
+(typeattribute backup_service_30_0)
+(typeattribute base_typeattr_100_30_0)
+(typeattribute base_typeattr_101_30_0)
+(typeattribute base_typeattr_102_30_0)
+(typeattribute base_typeattr_103_30_0)
+(typeattribute base_typeattr_104_30_0)
+(typeattribute base_typeattr_105_30_0)
+(typeattribute base_typeattr_106_30_0)
+(typeattribute base_typeattr_107_30_0)
+(typeattribute base_typeattr_108_30_0)
+(typeattribute base_typeattr_109_30_0)
+(typeattribute base_typeattr_10_30_0)
+(typeattribute base_typeattr_110_30_0)
+(typeattribute base_typeattr_111_30_0)
+(typeattribute base_typeattr_112_30_0)
+(typeattribute base_typeattr_113_30_0)
+(typeattribute base_typeattr_114_30_0)
+(typeattribute base_typeattr_115_30_0)
+(typeattribute base_typeattr_116_30_0)
+(typeattribute base_typeattr_117_30_0)
+(typeattribute base_typeattr_118_30_0)
+(typeattribute base_typeattr_119_30_0)
+(typeattribute base_typeattr_11_30_0)
+(typeattribute base_typeattr_120_30_0)
+(typeattribute base_typeattr_121_30_0)
+(typeattribute base_typeattr_122_30_0)
+(typeattribute base_typeattr_123_30_0)
+(typeattribute base_typeattr_124_30_0)
+(typeattribute base_typeattr_125_30_0)
+(typeattribute base_typeattr_126_30_0)
+(typeattribute base_typeattr_127_30_0)
+(typeattribute base_typeattr_128_30_0)
+(typeattribute base_typeattr_129_30_0)
+(typeattribute base_typeattr_12_30_0)
+(typeattribute base_typeattr_130_30_0)
+(typeattribute base_typeattr_131_30_0)
+(typeattribute base_typeattr_132_30_0)
+(typeattribute base_typeattr_133_30_0)
+(typeattribute base_typeattr_134_30_0)
+(typeattribute base_typeattr_135_30_0)
+(typeattribute base_typeattr_136_30_0)
+(typeattribute base_typeattr_137_30_0)
+(typeattribute base_typeattr_138_30_0)
+(typeattribute base_typeattr_139_30_0)
+(typeattribute base_typeattr_13_30_0)
+(typeattribute base_typeattr_140_30_0)
+(typeattribute base_typeattr_141_30_0)
+(typeattribute base_typeattr_142_30_0)
+(typeattribute base_typeattr_143_30_0)
+(typeattribute base_typeattr_144_30_0)
+(typeattribute base_typeattr_145_30_0)
+(typeattribute base_typeattr_146_30_0)
+(typeattribute base_typeattr_147_30_0)
+(typeattribute base_typeattr_148_30_0)
+(typeattribute base_typeattr_149_30_0)
+(typeattribute base_typeattr_14_30_0)
+(typeattribute base_typeattr_150_30_0)
+(typeattribute base_typeattr_151_30_0)
+(typeattribute base_typeattr_152_30_0)
+(typeattribute base_typeattr_153_30_0)
+(typeattribute base_typeattr_154_30_0)
+(typeattribute base_typeattr_155_30_0)
+(typeattribute base_typeattr_156_30_0)
+(typeattribute base_typeattr_157_30_0)
+(typeattribute base_typeattr_158_30_0)
+(typeattribute base_typeattr_159_30_0)
+(typeattribute base_typeattr_15_30_0)
+(typeattribute base_typeattr_160_30_0)
+(typeattribute base_typeattr_161_30_0)
+(typeattribute base_typeattr_162_30_0)
+(typeattribute base_typeattr_163_30_0)
+(typeattribute base_typeattr_164_30_0)
+(typeattribute base_typeattr_165_30_0)
+(typeattribute base_typeattr_166_30_0)
+(typeattribute base_typeattr_167_30_0)
+(typeattribute base_typeattr_168_30_0)
+(typeattribute base_typeattr_169_30_0)
+(typeattribute base_typeattr_16_30_0)
+(typeattribute base_typeattr_170_30_0)
+(typeattribute base_typeattr_171_30_0)
+(typeattribute base_typeattr_172_30_0)
+(typeattribute base_typeattr_173_30_0)
+(typeattribute base_typeattr_174_30_0)
+(typeattribute base_typeattr_175_30_0)
+(typeattribute base_typeattr_176_30_0)
+(typeattribute base_typeattr_177_30_0)
+(typeattribute base_typeattr_178_30_0)
+(typeattribute base_typeattr_179_30_0)
+(typeattribute base_typeattr_17_30_0)
+(typeattribute base_typeattr_180_30_0)
+(typeattribute base_typeattr_181_30_0)
+(typeattribute base_typeattr_182_30_0)
+(typeattribute base_typeattr_183_30_0)
+(typeattribute base_typeattr_184_30_0)
+(typeattribute base_typeattr_185_30_0)
+(typeattribute base_typeattr_186_30_0)
+(typeattribute base_typeattr_187_30_0)
+(typeattribute base_typeattr_188_30_0)
+(typeattribute base_typeattr_189_30_0)
+(typeattribute base_typeattr_18_30_0)
+(typeattribute base_typeattr_190_30_0)
+(typeattribute base_typeattr_191_30_0)
+(typeattribute base_typeattr_192_30_0)
+(typeattribute base_typeattr_193_30_0)
+(typeattribute base_typeattr_194_30_0)
+(typeattribute base_typeattr_195_30_0)
+(typeattribute base_typeattr_196_30_0)
+(typeattribute base_typeattr_197_30_0)
+(typeattribute base_typeattr_198_30_0)
+(typeattribute base_typeattr_199_30_0)
+(typeattribute base_typeattr_19_30_0)
+(typeattribute base_typeattr_1_30_0)
+(typeattribute base_typeattr_200_30_0)
+(typeattribute base_typeattr_201_30_0)
+(typeattribute base_typeattr_202_30_0)
+(typeattribute base_typeattr_203_30_0)
+(typeattribute base_typeattr_204_30_0)
+(typeattribute base_typeattr_205_30_0)
+(typeattribute base_typeattr_206_30_0)
+(typeattribute base_typeattr_207_30_0)
+(typeattribute base_typeattr_208_30_0)
+(typeattribute base_typeattr_209_30_0)
+(typeattribute base_typeattr_20_30_0)
+(typeattribute base_typeattr_210_30_0)
+(typeattribute base_typeattr_211_30_0)
+(typeattribute base_typeattr_212_30_0)
+(typeattribute base_typeattr_213_30_0)
+(typeattribute base_typeattr_214_30_0)
+(typeattribute base_typeattr_215_30_0)
+(typeattribute base_typeattr_216_30_0)
+(typeattribute base_typeattr_217_30_0)
+(typeattribute base_typeattr_218_30_0)
+(typeattribute base_typeattr_219_30_0)
+(typeattribute base_typeattr_21_30_0)
+(typeattribute base_typeattr_220_30_0)
+(typeattribute base_typeattr_221_30_0)
+(typeattribute base_typeattr_222_30_0)
+(typeattribute base_typeattr_223_30_0)
+(typeattribute base_typeattr_224_30_0)
+(typeattribute base_typeattr_225_30_0)
+(typeattribute base_typeattr_226_30_0)
+(typeattribute base_typeattr_227_30_0)
+(typeattribute base_typeattr_228_30_0)
+(typeattribute base_typeattr_229_30_0)
+(typeattribute base_typeattr_22_30_0)
+(typeattribute base_typeattr_230_30_0)
+(typeattribute base_typeattr_231_30_0)
+(typeattribute base_typeattr_232_30_0)
+(typeattribute base_typeattr_233_30_0)
+(typeattribute base_typeattr_234_30_0)
+(typeattribute base_typeattr_235_30_0)
+(typeattribute base_typeattr_236_30_0)
+(typeattribute base_typeattr_237_30_0)
+(typeattribute base_typeattr_238_30_0)
+(typeattribute base_typeattr_239_30_0)
+(typeattribute base_typeattr_23_30_0)
+(typeattribute base_typeattr_240_30_0)
+(typeattribute base_typeattr_241_30_0)
+(typeattribute base_typeattr_242_30_0)
+(typeattribute base_typeattr_243_30_0)
+(typeattribute base_typeattr_244_30_0)
+(typeattribute base_typeattr_245_30_0)
+(typeattribute base_typeattr_246_30_0)
+(typeattribute base_typeattr_247_30_0)
+(typeattribute base_typeattr_248_30_0)
+(typeattribute base_typeattr_249_30_0)
+(typeattribute base_typeattr_24_30_0)
+(typeattribute base_typeattr_250_30_0)
+(typeattribute base_typeattr_251_30_0)
+(typeattribute base_typeattr_252_30_0)
+(typeattribute base_typeattr_253_30_0)
+(typeattribute base_typeattr_254_30_0)
+(typeattribute base_typeattr_255_30_0)
+(typeattribute base_typeattr_256_30_0)
+(typeattribute base_typeattr_257_30_0)
+(typeattribute base_typeattr_258_30_0)
+(typeattribute base_typeattr_259_30_0)
+(typeattribute base_typeattr_25_30_0)
+(typeattribute base_typeattr_260_30_0)
+(typeattribute base_typeattr_261_30_0)
+(typeattribute base_typeattr_262_30_0)
+(typeattribute base_typeattr_263_30_0)
+(typeattribute base_typeattr_264_30_0)
+(typeattribute base_typeattr_265_30_0)
+(typeattribute base_typeattr_266_30_0)
+(typeattribute base_typeattr_267_30_0)
+(typeattribute base_typeattr_268_30_0)
+(typeattribute base_typeattr_269_30_0)
+(typeattribute base_typeattr_26_30_0)
+(typeattribute base_typeattr_270_30_0)
+(typeattribute base_typeattr_271_30_0)
+(typeattribute base_typeattr_272_30_0)
+(typeattribute base_typeattr_273_30_0)
+(typeattribute base_typeattr_274_30_0)
+(typeattribute base_typeattr_275_30_0)
+(typeattribute base_typeattr_276_30_0)
+(typeattribute base_typeattr_277_30_0)
+(typeattribute base_typeattr_278_30_0)
+(typeattribute base_typeattr_279_30_0)
+(typeattribute base_typeattr_27_30_0)
+(typeattribute base_typeattr_280_30_0)
+(typeattribute base_typeattr_281_30_0)
+(typeattribute base_typeattr_282_30_0)
+(typeattribute base_typeattr_283_30_0)
+(typeattribute base_typeattr_284_30_0)
+(typeattribute base_typeattr_285_30_0)
+(typeattribute base_typeattr_286_30_0)
+(typeattribute base_typeattr_287_30_0)
+(typeattribute base_typeattr_288_30_0)
+(typeattribute base_typeattr_289_30_0)
+(typeattribute base_typeattr_28_30_0)
+(typeattribute base_typeattr_290_30_0)
+(typeattribute base_typeattr_291_30_0)
+(typeattribute base_typeattr_292_30_0)
+(typeattribute base_typeattr_293_30_0)
+(typeattribute base_typeattr_294_30_0)
+(typeattribute base_typeattr_295_30_0)
+(typeattribute base_typeattr_296_30_0)
+(typeattribute base_typeattr_297_30_0)
+(typeattribute base_typeattr_298_30_0)
+(typeattribute base_typeattr_299_30_0)
+(typeattribute base_typeattr_29_30_0)
+(typeattribute base_typeattr_2_30_0)
+(typeattribute base_typeattr_300_30_0)
+(typeattribute base_typeattr_301_30_0)
+(typeattribute base_typeattr_302_30_0)
+(typeattribute base_typeattr_303_30_0)
+(typeattribute base_typeattr_304_30_0)
+(typeattribute base_typeattr_305_30_0)
+(typeattribute base_typeattr_306_30_0)
+(typeattribute base_typeattr_307_30_0)
+(typeattribute base_typeattr_308_30_0)
+(typeattribute base_typeattr_309_30_0)
+(typeattribute base_typeattr_30_30_0)
+(typeattribute base_typeattr_310_30_0)
+(typeattribute base_typeattr_311_30_0)
+(typeattribute base_typeattr_312_30_0)
+(typeattribute base_typeattr_313_30_0)
+(typeattribute base_typeattr_314_30_0)
+(typeattribute base_typeattr_315_30_0)
+(typeattribute base_typeattr_316_30_0)
+(typeattribute base_typeattr_317_30_0)
+(typeattribute base_typeattr_318_30_0)
+(typeattribute base_typeattr_319_30_0)
+(typeattribute base_typeattr_31_30_0)
+(typeattribute base_typeattr_320_30_0)
+(typeattribute base_typeattr_321_30_0)
+(typeattribute base_typeattr_322_30_0)
+(typeattribute base_typeattr_323_30_0)
+(typeattribute base_typeattr_324_30_0)
+(typeattribute base_typeattr_325_30_0)
+(typeattribute base_typeattr_326_30_0)
+(typeattribute base_typeattr_327_30_0)
+(typeattribute base_typeattr_328_30_0)
+(typeattribute base_typeattr_329_30_0)
+(typeattribute base_typeattr_32_30_0)
+(typeattribute base_typeattr_330_30_0)
+(typeattribute base_typeattr_331_30_0)
+(typeattribute base_typeattr_332_30_0)
+(typeattribute base_typeattr_333_30_0)
+(typeattribute base_typeattr_334_30_0)
+(typeattribute base_typeattr_335_30_0)
+(typeattribute base_typeattr_336_30_0)
+(typeattribute base_typeattr_337_30_0)
+(typeattribute base_typeattr_338_30_0)
+(typeattribute base_typeattr_339_30_0)
+(typeattribute base_typeattr_33_30_0)
+(typeattribute base_typeattr_340_30_0)
+(typeattribute base_typeattr_341_30_0)
+(typeattribute base_typeattr_342_30_0)
+(typeattribute base_typeattr_343_30_0)
+(typeattribute base_typeattr_344_30_0)
+(typeattribute base_typeattr_345_30_0)
+(typeattribute base_typeattr_346_30_0)
+(typeattribute base_typeattr_347_30_0)
+(typeattribute base_typeattr_348_30_0)
+(typeattribute base_typeattr_349_30_0)
+(typeattribute base_typeattr_34_30_0)
+(typeattribute base_typeattr_350_30_0)
+(typeattribute base_typeattr_351_30_0)
+(typeattribute base_typeattr_352_30_0)
+(typeattribute base_typeattr_353_30_0)
+(typeattribute base_typeattr_354_30_0)
+(typeattribute base_typeattr_355_30_0)
+(typeattribute base_typeattr_356_30_0)
+(typeattribute base_typeattr_357_30_0)
+(typeattribute base_typeattr_358_30_0)
+(typeattribute base_typeattr_359_30_0)
+(typeattribute base_typeattr_35_30_0)
+(typeattribute base_typeattr_360_30_0)
+(typeattribute base_typeattr_361_30_0)
+(typeattribute base_typeattr_362_30_0)
+(typeattribute base_typeattr_363_30_0)
+(typeattribute base_typeattr_364_30_0)
+(typeattribute base_typeattr_365_30_0)
+(typeattribute base_typeattr_366_30_0)
+(typeattribute base_typeattr_367_30_0)
+(typeattribute base_typeattr_368_30_0)
+(typeattribute base_typeattr_369_30_0)
+(typeattribute base_typeattr_36_30_0)
+(typeattribute base_typeattr_370_30_0)
+(typeattribute base_typeattr_371_30_0)
+(typeattribute base_typeattr_372_30_0)
+(typeattribute base_typeattr_373_30_0)
+(typeattribute base_typeattr_374_30_0)
+(typeattribute base_typeattr_375_30_0)
+(typeattribute base_typeattr_376_30_0)
+(typeattribute base_typeattr_377_30_0)
+(typeattribute base_typeattr_378_30_0)
+(typeattribute base_typeattr_379_30_0)
+(typeattribute base_typeattr_37_30_0)
+(typeattribute base_typeattr_380_30_0)
+(typeattribute base_typeattr_381_30_0)
+(typeattribute base_typeattr_382_30_0)
+(typeattribute base_typeattr_383_30_0)
+(typeattribute base_typeattr_384_30_0)
+(typeattribute base_typeattr_385_30_0)
+(typeattribute base_typeattr_386_30_0)
+(typeattribute base_typeattr_387_30_0)
+(typeattribute base_typeattr_388_30_0)
+(typeattribute base_typeattr_389_30_0)
+(typeattribute base_typeattr_38_30_0)
+(typeattribute base_typeattr_390_30_0)
+(typeattribute base_typeattr_391_30_0)
+(typeattribute base_typeattr_392_30_0)
+(typeattribute base_typeattr_393_30_0)
+(typeattribute base_typeattr_394_30_0)
+(typeattribute base_typeattr_395_30_0)
+(typeattribute base_typeattr_396_30_0)
+(typeattribute base_typeattr_397_30_0)
+(typeattribute base_typeattr_398_30_0)
+(typeattribute base_typeattr_399_30_0)
+(typeattribute base_typeattr_39_30_0)
+(typeattribute base_typeattr_3_30_0)
+(typeattribute base_typeattr_400_30_0)
+(typeattribute base_typeattr_401_30_0)
+(typeattribute base_typeattr_402_30_0)
+(typeattribute base_typeattr_403_30_0)
+(typeattribute base_typeattr_404_30_0)
+(typeattribute base_typeattr_405_30_0)
+(typeattribute base_typeattr_406_30_0)
+(typeattribute base_typeattr_407_30_0)
+(typeattribute base_typeattr_408_30_0)
+(typeattribute base_typeattr_409_30_0)
+(typeattribute base_typeattr_40_30_0)
+(typeattribute base_typeattr_410_30_0)
+(typeattribute base_typeattr_411_30_0)
+(typeattribute base_typeattr_412_30_0)
+(typeattribute base_typeattr_413_30_0)
+(typeattribute base_typeattr_414_30_0)
+(typeattribute base_typeattr_415_30_0)
+(typeattribute base_typeattr_416_30_0)
+(typeattribute base_typeattr_417_30_0)
+(typeattribute base_typeattr_418_30_0)
+(typeattribute base_typeattr_419_30_0)
+(typeattribute base_typeattr_41_30_0)
+(typeattribute base_typeattr_420_30_0)
+(typeattribute base_typeattr_421_30_0)
+(typeattribute base_typeattr_422_30_0)
+(typeattribute base_typeattr_423_30_0)
+(typeattribute base_typeattr_424_30_0)
+(typeattribute base_typeattr_425_30_0)
+(typeattribute base_typeattr_426_30_0)
+(typeattribute base_typeattr_427_30_0)
+(typeattribute base_typeattr_428_30_0)
+(typeattribute base_typeattr_429_30_0)
+(typeattribute base_typeattr_42_30_0)
+(typeattribute base_typeattr_430_30_0)
+(typeattribute base_typeattr_431_30_0)
+(typeattribute base_typeattr_432_30_0)
+(typeattribute base_typeattr_433_30_0)
+(typeattribute base_typeattr_434_30_0)
+(typeattribute base_typeattr_435_30_0)
+(typeattribute base_typeattr_436_30_0)
+(typeattribute base_typeattr_437_30_0)
+(typeattribute base_typeattr_438_30_0)
+(typeattribute base_typeattr_439_30_0)
+(typeattribute base_typeattr_43_30_0)
+(typeattribute base_typeattr_440_30_0)
+(typeattribute base_typeattr_441_30_0)
+(typeattribute base_typeattr_442_30_0)
+(typeattribute base_typeattr_443_30_0)
+(typeattribute base_typeattr_444_30_0)
+(typeattribute base_typeattr_445_30_0)
+(typeattribute base_typeattr_446_30_0)
+(typeattribute base_typeattr_447_30_0)
+(typeattribute base_typeattr_448_30_0)
+(typeattribute base_typeattr_449_30_0)
+(typeattribute base_typeattr_44_30_0)
+(typeattribute base_typeattr_450_30_0)
+(typeattribute base_typeattr_451_30_0)
+(typeattribute base_typeattr_452_30_0)
+(typeattribute base_typeattr_453_30_0)
+(typeattribute base_typeattr_454_30_0)
+(typeattribute base_typeattr_455_30_0)
+(typeattribute base_typeattr_456_30_0)
+(typeattribute base_typeattr_457_30_0)
+(typeattribute base_typeattr_458_30_0)
+(typeattribute base_typeattr_459_30_0)
+(typeattribute base_typeattr_45_30_0)
+(typeattribute base_typeattr_460_30_0)
+(typeattribute base_typeattr_461_30_0)
+(typeattribute base_typeattr_462_30_0)
+(typeattribute base_typeattr_463_30_0)
+(typeattribute base_typeattr_464_30_0)
+(typeattribute base_typeattr_465_30_0)
+(typeattribute base_typeattr_466_30_0)
+(typeattribute base_typeattr_467_30_0)
+(typeattribute base_typeattr_468_30_0)
+(typeattribute base_typeattr_469_30_0)
+(typeattribute base_typeattr_46_30_0)
+(typeattribute base_typeattr_470_30_0)
+(typeattribute base_typeattr_471_30_0)
+(typeattribute base_typeattr_472_30_0)
+(typeattribute base_typeattr_473_30_0)
+(typeattribute base_typeattr_474_30_0)
+(typeattribute base_typeattr_475_30_0)
+(typeattribute base_typeattr_476_30_0)
+(typeattribute base_typeattr_477_30_0)
+(typeattribute base_typeattr_478_30_0)
+(typeattribute base_typeattr_479_30_0)
+(typeattribute base_typeattr_47_30_0)
+(typeattribute base_typeattr_480_30_0)
+(typeattribute base_typeattr_481_30_0)
+(typeattribute base_typeattr_482_30_0)
+(typeattribute base_typeattr_483_30_0)
+(typeattribute base_typeattr_484_30_0)
+(typeattribute base_typeattr_485_30_0)
+(typeattribute base_typeattr_486_30_0)
+(typeattribute base_typeattr_487_30_0)
+(typeattribute base_typeattr_488_30_0)
+(typeattribute base_typeattr_489_30_0)
+(typeattribute base_typeattr_48_30_0)
+(typeattribute base_typeattr_490_30_0)
+(typeattribute base_typeattr_491_30_0)
+(typeattribute base_typeattr_492_30_0)
+(typeattribute base_typeattr_493_30_0)
+(typeattribute base_typeattr_494_30_0)
+(typeattribute base_typeattr_495_30_0)
+(typeattribute base_typeattr_496_30_0)
+(typeattribute base_typeattr_497_30_0)
+(typeattribute base_typeattr_498_30_0)
+(typeattribute base_typeattr_499_30_0)
+(typeattribute base_typeattr_49_30_0)
+(typeattribute base_typeattr_4_30_0)
+(typeattribute base_typeattr_500_30_0)
+(typeattribute base_typeattr_501_30_0)
+(typeattribute base_typeattr_502_30_0)
+(typeattribute base_typeattr_503_30_0)
+(typeattribute base_typeattr_504_30_0)
+(typeattribute base_typeattr_505_30_0)
+(typeattribute base_typeattr_506_30_0)
+(typeattribute base_typeattr_507_30_0)
+(typeattribute base_typeattr_508_30_0)
+(typeattribute base_typeattr_509_30_0)
+(typeattribute base_typeattr_50_30_0)
+(typeattribute base_typeattr_510_30_0)
+(typeattribute base_typeattr_511_30_0)
+(typeattribute base_typeattr_512_30_0)
+(typeattribute base_typeattr_513_30_0)
+(typeattribute base_typeattr_514_30_0)
+(typeattribute base_typeattr_515_30_0)
+(typeattribute base_typeattr_516_30_0)
+(typeattribute base_typeattr_517_30_0)
+(typeattribute base_typeattr_518_30_0)
+(typeattribute base_typeattr_519_30_0)
+(typeattribute base_typeattr_51_30_0)
+(typeattribute base_typeattr_520_30_0)
+(typeattribute base_typeattr_521_30_0)
+(typeattribute base_typeattr_522_30_0)
+(typeattribute base_typeattr_523_30_0)
+(typeattribute base_typeattr_524_30_0)
+(typeattribute base_typeattr_525_30_0)
+(typeattribute base_typeattr_526_30_0)
+(typeattribute base_typeattr_527_30_0)
+(typeattribute base_typeattr_528_30_0)
+(typeattribute base_typeattr_529_30_0)
+(typeattribute base_typeattr_52_30_0)
+(typeattribute base_typeattr_530_30_0)
+(typeattribute base_typeattr_531_30_0)
+(typeattribute base_typeattr_532_30_0)
+(typeattribute base_typeattr_533_30_0)
+(typeattribute base_typeattr_534_30_0)
+(typeattribute base_typeattr_535_30_0)
+(typeattribute base_typeattr_536_30_0)
+(typeattribute base_typeattr_537_30_0)
+(typeattribute base_typeattr_538_30_0)
+(typeattribute base_typeattr_539_30_0)
+(typeattribute base_typeattr_53_30_0)
+(typeattribute base_typeattr_540_30_0)
+(typeattribute base_typeattr_541_30_0)
+(typeattribute base_typeattr_542_30_0)
+(typeattribute base_typeattr_543_30_0)
+(typeattribute base_typeattr_544_30_0)
+(typeattribute base_typeattr_545_30_0)
+(typeattribute base_typeattr_54_30_0)
+(typeattribute base_typeattr_55_30_0)
+(typeattribute base_typeattr_56_30_0)
+(typeattribute base_typeattr_57_30_0)
+(typeattribute base_typeattr_58_30_0)
+(typeattribute base_typeattr_59_30_0)
+(typeattribute base_typeattr_5_30_0)
+(typeattribute base_typeattr_60_30_0)
+(typeattribute base_typeattr_61_30_0)
+(typeattribute base_typeattr_62_30_0)
+(typeattribute base_typeattr_63_30_0)
+(typeattribute base_typeattr_64_30_0)
+(typeattribute base_typeattr_65_30_0)
+(typeattribute base_typeattr_66_30_0)
+(typeattribute base_typeattr_67_30_0)
+(typeattribute base_typeattr_68_30_0)
+(typeattribute base_typeattr_69_30_0)
+(typeattribute base_typeattr_6_30_0)
+(typeattribute base_typeattr_70_30_0)
+(typeattribute base_typeattr_71_30_0)
+(typeattribute base_typeattr_72_30_0)
+(typeattribute base_typeattr_73_30_0)
+(typeattribute base_typeattr_74_30_0)
+(typeattribute base_typeattr_75_30_0)
+(typeattribute base_typeattr_76_30_0)
+(typeattribute base_typeattr_77_30_0)
+(typeattribute base_typeattr_78_30_0)
+(typeattribute base_typeattr_79_30_0)
+(typeattribute base_typeattr_7_30_0)
+(typeattribute base_typeattr_80_30_0)
+(typeattribute base_typeattr_81_30_0)
+(typeattribute base_typeattr_82_30_0)
+(typeattribute base_typeattr_83_30_0)
+(typeattribute base_typeattr_84_30_0)
+(typeattribute base_typeattr_85_30_0)
+(typeattribute base_typeattr_86_30_0)
+(typeattribute base_typeattr_87_30_0)
+(typeattribute base_typeattr_88_30_0)
+(typeattribute base_typeattr_89_30_0)
+(typeattribute base_typeattr_8_30_0)
+(typeattribute base_typeattr_90_30_0)
+(typeattribute base_typeattr_91_30_0)
+(typeattribute base_typeattr_92_30_0)
+(typeattribute base_typeattr_93_30_0)
+(typeattribute base_typeattr_94_30_0)
+(typeattribute base_typeattr_95_30_0)
+(typeattribute base_typeattr_96_30_0)
+(typeattribute base_typeattr_97_30_0)
+(typeattribute base_typeattr_98_30_0)
+(typeattribute base_typeattr_99_30_0)
+(typeattribute base_typeattr_9_30_0)
+(typeattribute battery_service_30_0)
+(typeattribute batteryproperties_service_30_0)
+(typeattribute batterystats_service_30_0)
+(typeattribute binder_cache_bluetooth_server_prop_30_0)
+(typeattribute binder_cache_system_server_prop_30_0)
+(typeattribute binder_cache_telephony_server_prop_30_0)
+(typeattribute binder_calls_stats_service_30_0)
+(typeattribute binder_device_30_0)
+(typeattribute binder_in_vendor_violators)
+(typeattribute binderfs_30_0)
+(typeattribute binderfs_logs_30_0)
+(typeattribute binderfs_logs_proc_30_0)
+(typeattribute binderservicedomain)
+(typeattribute binfmt_miscfs_30_0)
+(typeattribute biometric_service_30_0)
+(typeattribute blkid_30_0)
+(typeattribute blkid_untrusted_30_0)
+(typeattribute blob_store_service_30_0)
+(typeattribute block_device_30_0)
+(typeattribute bluetooth_30_0)
+(typeattribute bluetooth_a2dp_offload_prop_30_0)
+(typeattribute bluetooth_audio_hal_prop_30_0)
+(typeattribute bluetooth_data_file_30_0)
+(typeattribute bluetooth_efs_file_30_0)
+(typeattribute bluetooth_logs_data_file_30_0)
+(typeattribute bluetooth_manager_service_30_0)
+(typeattribute bluetooth_prop_30_0)
+(typeattribute bluetooth_service_30_0)
+(typeattribute bluetooth_socket_30_0)
+(typeattribute bluetoothdomain)
+(typeattribute boot_block_device_30_0)
+(typeattribute bootanim_30_0)
+(typeattribute bootanim_exec_30_0)
+(typeattribute bootchart_data_file_30_0)
+(typeattribute bootloader_boot_reason_prop_30_0)
+(typeattribute bootstat_30_0)
+(typeattribute bootstat_data_file_30_0)
+(typeattribute bootstat_exec_30_0)
+(typeattribute boottime_prop_30_0)
+(typeattribute boottime_public_prop_30_0)
+(typeattribute boottrace_data_file_30_0)
+(typeattribute bpf_progs_loaded_prop_30_0)
+(typeattribute bq_config_prop_30_0)
+(typeattribute broadcastradio_service_30_0)
+(typeattribute bufferhubd_30_0)
+(typeattribute bufferhubd_exec_30_0)
+(typeattribute bugreport_service_30_0)
+(typeattribute cache_backup_file_30_0)
+(typeattribute cache_block_device_30_0)
+(typeattribute cache_file_30_0)
+(typeattribute cache_private_backup_file_30_0)
+(typeattribute cache_recovery_file_30_0)
+(typeattribute camera_data_file_30_0)
+(typeattribute camera_device_30_0)
+(typeattribute camera_service_server)
+(typeattribute cameraproxy_service_30_0)
+(typeattribute cameraserver_30_0)
+(typeattribute cameraserver_exec_30_0)
+(typeattribute cameraserver_service_30_0)
+(typeattribute cameraserver_tmpfs_30_0)
+(typeattribute cgroup_30_0)
+(typeattribute cgroup_bpf_30_0)
+(typeattribute cgroup_desc_file_30_0)
+(typeattribute cgroup_rc_file_30_0)
+(typeattribute charger_30_0)
+(typeattribute charger_exec_30_0)
+(typeattribute charger_prop_30_0)
+(typeattribute clipboard_service_30_0)
+(typeattribute cold_boot_done_prop_30_0)
+(typeattribute color_display_service_30_0)
+(typeattribute companion_device_service_30_0)
+(typeattribute config_prop_30_0)
+(typeattribute configfs_30_0)
+(typeattribute connectivity_service_30_0)
+(typeattribute connmetrics_service_30_0)
+(typeattribute console_device_30_0)
+(typeattribute consumer_ir_service_30_0)
+(typeattribute content_capture_service_30_0)
+(typeattribute content_service_30_0)
+(typeattribute content_suggestions_service_30_0)
+(typeattribute contexthub_service_30_0)
+(typeattribute contextmount_type)
+(typeattribute core_data_file_type)
+(typeattribute core_property_type)
+(typeattribute coredomain)
+(typeattribute coredomain_hwservice)
+(typeattribute coredomain_socket)
+(typeattribute coredump_file_30_0)
+(typeattribute country_detector_service_30_0)
+(typeattribute coverage_service_30_0)
+(typeattribute cppreopt_prop_30_0)
+(typeattribute cpu_variant_prop_30_0)
+(typeattribute cpuinfo_service_30_0)
+(typeattribute crash_dump_30_0)
+(typeattribute crash_dump_exec_30_0)
+(typeattribute credstore_30_0)
+(typeattribute credstore_data_file_30_0)
+(typeattribute credstore_exec_30_0)
+(typeattribute credstore_service_30_0)
+(typeattribute crossprofileapps_service_30_0)
+(typeattribute ctl_adbd_prop_30_0)
+(typeattribute ctl_apexd_prop_30_0)
+(typeattribute ctl_bootanim_prop_30_0)
+(typeattribute ctl_bugreport_prop_30_0)
+(typeattribute ctl_console_prop_30_0)
+(typeattribute ctl_default_prop_30_0)
+(typeattribute ctl_dumpstate_prop_30_0)
+(typeattribute ctl_fuse_prop_30_0)
+(typeattribute ctl_gsid_prop_30_0)
+(typeattribute ctl_interface_restart_prop_30_0)
+(typeattribute ctl_interface_start_prop_30_0)
+(typeattribute ctl_interface_stop_prop_30_0)
+(typeattribute ctl_mdnsd_prop_30_0)
+(typeattribute ctl_restart_prop_30_0)
+(typeattribute ctl_rildaemon_prop_30_0)
+(typeattribute ctl_sigstop_prop_30_0)
+(typeattribute ctl_start_prop_30_0)
+(typeattribute ctl_stop_prop_30_0)
+(typeattribute dalvik_prop_30_0)
+(typeattribute dalvikcache_data_file_30_0)
+(typeattribute data_between_core_and_vendor_violators)
+(typeattribute data_file_type)
+(typeattribute dataloader_manager_service_30_0)
+(typeattribute dbinfo_service_30_0)
+(typeattribute debug_prop_30_0)
+(typeattribute debugfs_30_0)
+(typeattribute debugfs_mmc_30_0)
+(typeattribute debugfs_trace_marker_30_0)
+(typeattribute debugfs_tracing_30_0)
+(typeattribute debugfs_tracing_debug_30_0)
+(typeattribute debugfs_tracing_instances_30_0)
+(typeattribute debugfs_type)
+(typeattribute debugfs_wakeup_sources_30_0)
+(typeattribute debugfs_wifi_tracing_30_0)
+(typeattribute debuggerd_prop_30_0)
+(typeattribute default_android_hwservice_30_0)
+(typeattribute default_android_service_30_0)
+(typeattribute default_android_vndservice_30_0)
+(typeattribute default_prop_30_0)
+(typeattribute dev_cpu_variant_30_0)
+(typeattribute dev_type)
+(typeattribute device_30_0)
+(typeattribute device_config_activity_manager_native_boot_prop_30_0)
+(typeattribute device_config_boot_count_prop_30_0)
+(typeattribute device_config_configuration_prop_30_0)
+(typeattribute device_config_input_native_boot_prop_30_0)
+(typeattribute device_config_media_native_prop_30_0)
+(typeattribute device_config_netd_native_prop_30_0)
+(typeattribute device_config_reset_performed_prop_30_0)
+(typeattribute device_config_runtime_native_boot_prop_30_0)
+(typeattribute device_config_runtime_native_prop_30_0)
+(typeattribute device_config_service_30_0)
+(typeattribute device_config_storage_native_boot_prop_30_0)
+(typeattribute device_config_sys_traced_prop_30_0)
+(typeattribute device_config_window_manager_native_boot_prop_30_0)
+(typeattribute device_identifiers_service_30_0)
+(typeattribute device_logging_prop_30_0)
+(typeattribute device_policy_service_30_0)
+(typeattribute deviceidle_service_30_0)
+(typeattribute devicestoragemonitor_service_30_0)
+(typeattribute devpts_30_0)
+(typeattribute dhcp_30_0)
+(typeattribute dhcp_data_file_30_0)
+(typeattribute dhcp_exec_30_0)
+(typeattribute dhcp_prop_30_0)
+(typeattribute diskstats_service_30_0)
+(typeattribute display_service_30_0)
+(typeattribute display_service_server)
+(typeattribute dm_device_30_0)
+(typeattribute dnsmasq_30_0)
+(typeattribute dnsmasq_exec_30_0)
+(typeattribute dnsproxyd_socket_30_0)
+(typeattribute dnsresolver_service_30_0)
+(typeattribute domain)
+(typeattribute dreams_service_30_0)
+(typeattribute drm_data_file_30_0)
+(typeattribute drmserver_30_0)
+(typeattribute drmserver_exec_30_0)
+(typeattribute drmserver_service_30_0)
+(typeattribute drmserver_socket_30_0)
+(typeattribute dropbox_data_file_30_0)
+(typeattribute dropbox_service_30_0)
+(typeattribute dumpstate_30_0)
+(typeattribute dumpstate_exec_30_0)
+(typeattribute dumpstate_options_prop_30_0)
+(typeattribute dumpstate_prop_30_0)
+(typeattribute dumpstate_service_30_0)
+(typeattribute dumpstate_socket_30_0)
+(typeattribute dynamic_system_prop_30_0)
+(typeattribute e2fs_30_0)
+(typeattribute e2fs_exec_30_0)
+(typeattribute efs_file_30_0)
+(typeattribute emergency_affordance_service_30_0)
+(typeattribute ephemeral_app_30_0)
+(typeattribute ephemeral_app_api_service)
+(typeattribute ethernet_service_30_0)
+(typeattribute exec_type)
+(typeattribute exfat_30_0)
+(typeattribute exported2_config_prop_30_0)
+(typeattribute exported2_default_prop_30_0)
+(typeattribute exported2_radio_prop_30_0)
+(typeattribute exported2_system_prop_30_0)
+(typeattribute exported2_vold_prop_30_0)
+(typeattribute exported3_default_prop_30_0)
+(typeattribute exported3_radio_prop_30_0)
+(typeattribute exported3_system_prop_30_0)
+(typeattribute exported_audio_prop_30_0)
+(typeattribute exported_bluetooth_prop_30_0)
+(typeattribute exported_camera_prop_30_0)
+(typeattribute exported_config_prop_30_0)
+(typeattribute exported_dalvik_prop_30_0)
+(typeattribute exported_default_prop_30_0)
+(typeattribute exported_dumpstate_prop_30_0)
+(typeattribute exported_ffs_prop_30_0)
+(typeattribute exported_fingerprint_prop_30_0)
+(typeattribute exported_overlay_prop_30_0)
+(typeattribute exported_pm_prop_30_0)
+(typeattribute exported_radio_prop_30_0)
+(typeattribute exported_secure_prop_30_0)
+(typeattribute exported_system_prop_30_0)
+(typeattribute exported_system_radio_prop_30_0)
+(typeattribute exported_vold_prop_30_0)
+(typeattribute exported_wifi_prop_30_0)
+(typeattribute extended_core_property_type)
+(typeattribute external_vibrator_service_30_0)
+(typeattribute face_service_30_0)
+(typeattribute face_vendor_data_file_30_0)
+(typeattribute fastbootd_30_0)
+(typeattribute ffs_prop_30_0)
+(typeattribute file_contexts_file_30_0)
+(typeattribute file_integrity_service_30_0)
+(typeattribute file_type)
+(typeattribute fingerprint_prop_30_0)
+(typeattribute fingerprint_service_30_0)
+(typeattribute fingerprint_vendor_data_file_30_0)
+(typeattribute fingerprintd_30_0)
+(typeattribute fingerprintd_data_file_30_0)
+(typeattribute fingerprintd_exec_30_0)
+(typeattribute fingerprintd_service_30_0)
+(typeattribute firstboot_prop_30_0)
+(typeattribute flags_health_check_30_0)
+(typeattribute flags_health_check_exec_30_0)
+(typeattribute font_service_30_0)
+(typeattribute frp_block_device_30_0)
+(typeattribute fs_bpf_30_0)
+(typeattribute fs_type)
+(typeattribute fsck_30_0)
+(typeattribute fsck_exec_30_0)
+(typeattribute fsck_untrusted_30_0)
+(typeattribute fscklogs_30_0)
+(typeattribute functionfs_30_0)
+(typeattribute fuse_30_0)
+(typeattribute fuse_device_30_0)
+(typeattribute fwk_automotive_display_hwservice_30_0)
+(typeattribute fwk_bufferhub_hwservice_30_0)
+(typeattribute fwk_camera_hwservice_30_0)
+(typeattribute fwk_display_hwservice_30_0)
+(typeattribute fwk_scheduler_hwservice_30_0)
+(typeattribute fwk_sensor_hwservice_30_0)
+(typeattribute fwk_stats_hwservice_30_0)
+(typeattribute fwmarkd_socket_30_0)
+(typeattribute gatekeeper_data_file_30_0)
+(typeattribute gatekeeper_service_30_0)
+(typeattribute gatekeeperd_30_0)
+(typeattribute gatekeeperd_exec_30_0)
+(typeattribute gfxinfo_service_30_0)
+(typeattribute gmscore_app_30_0)
+(typeattribute gps_control_30_0)
+(typeattribute gpu_device_30_0)
+(typeattribute gpu_service_30_0)
+(typeattribute gpuservice_30_0)
+(typeattribute graphics_device_30_0)
+(typeattribute graphicsstats_service_30_0)
+(typeattribute gsi_data_file_30_0)
+(typeattribute gsi_metadata_file_30_0)
+(typeattribute gsid_prop_30_0)
+(typeattribute hal_allocator)
+(typeattribute hal_allocator_client)
+(typeattribute hal_allocator_server)
+(typeattribute hal_atrace)
+(typeattribute hal_atrace_client)
+(typeattribute hal_atrace_hwservice_30_0)
+(typeattribute hal_atrace_server)
+(typeattribute hal_audio)
+(typeattribute hal_audio_client)
+(typeattribute hal_audio_hwservice_30_0)
+(typeattribute hal_audio_server)
+(typeattribute hal_audiocontrol)
+(typeattribute hal_audiocontrol_client)
+(typeattribute hal_audiocontrol_hwservice_30_0)
+(typeattribute hal_audiocontrol_server)
+(typeattribute hal_authsecret)
+(typeattribute hal_authsecret_client)
+(typeattribute hal_authsecret_hwservice_30_0)
+(typeattribute hal_authsecret_server)
+(typeattribute hal_automotive_socket_exemption)
+(typeattribute hal_bluetooth)
+(typeattribute hal_bluetooth_client)
+(typeattribute hal_bluetooth_hwservice_30_0)
+(typeattribute hal_bluetooth_server)
+(typeattribute hal_bootctl)
+(typeattribute hal_bootctl_client)
+(typeattribute hal_bootctl_hwservice_30_0)
+(typeattribute hal_bootctl_server)
+(typeattribute hal_broadcastradio)
+(typeattribute hal_broadcastradio_client)
+(typeattribute hal_broadcastradio_hwservice_30_0)
+(typeattribute hal_broadcastradio_server)
+(typeattribute hal_bufferhub)
+(typeattribute hal_bufferhub_client)
+(typeattribute hal_bufferhub_server)
+(typeattribute hal_camera)
+(typeattribute hal_camera_client)
+(typeattribute hal_camera_hwservice_30_0)
+(typeattribute hal_camera_server)
+(typeattribute hal_can_bus)
+(typeattribute hal_can_bus_client)
+(typeattribute hal_can_bus_hwservice_30_0)
+(typeattribute hal_can_bus_server)
+(typeattribute hal_can_controller)
+(typeattribute hal_can_controller_client)
+(typeattribute hal_can_controller_hwservice_30_0)
+(typeattribute hal_can_controller_server)
+(typeattribute hal_cas)
+(typeattribute hal_cas_client)
+(typeattribute hal_cas_hwservice_30_0)
+(typeattribute hal_cas_server)
+(typeattribute hal_codec2)
+(typeattribute hal_codec2_client)
+(typeattribute hal_codec2_hwservice_30_0)
+(typeattribute hal_codec2_server)
+(typeattribute hal_configstore)
+(typeattribute hal_configstore_ISurfaceFlingerConfigs_30_0)
+(typeattribute hal_configstore_client)
+(typeattribute hal_configstore_server)
+(typeattribute hal_confirmationui)
+(typeattribute hal_confirmationui_client)
+(typeattribute hal_confirmationui_hwservice_30_0)
+(typeattribute hal_confirmationui_server)
+(typeattribute hal_contexthub)
+(typeattribute hal_contexthub_client)
+(typeattribute hal_contexthub_hwservice_30_0)
+(typeattribute hal_contexthub_server)
+(typeattribute hal_drm)
+(typeattribute hal_drm_client)
+(typeattribute hal_drm_hwservice_30_0)
+(typeattribute hal_drm_server)
+(typeattribute hal_dumpstate)
+(typeattribute hal_dumpstate_client)
+(typeattribute hal_dumpstate_hwservice_30_0)
+(typeattribute hal_dumpstate_server)
+(typeattribute hal_evs)
+(typeattribute hal_evs_client)
+(typeattribute hal_evs_hwservice_30_0)
+(typeattribute hal_evs_server)
+(typeattribute hal_face)
+(typeattribute hal_face_client)
+(typeattribute hal_face_hwservice_30_0)
+(typeattribute hal_face_server)
+(typeattribute hal_fingerprint)
+(typeattribute hal_fingerprint_client)
+(typeattribute hal_fingerprint_hwservice_30_0)
+(typeattribute hal_fingerprint_server)
+(typeattribute hal_fingerprint_service_30_0)
+(typeattribute hal_gatekeeper)
+(typeattribute hal_gatekeeper_client)
+(typeattribute hal_gatekeeper_hwservice_30_0)
+(typeattribute hal_gatekeeper_server)
+(typeattribute hal_gnss)
+(typeattribute hal_gnss_client)
+(typeattribute hal_gnss_hwservice_30_0)
+(typeattribute hal_gnss_server)
+(typeattribute hal_graphics_allocator)
+(typeattribute hal_graphics_allocator_client)
+(typeattribute hal_graphics_allocator_hwservice_30_0)
+(typeattribute hal_graphics_allocator_server)
+(typeattribute hal_graphics_composer)
+(typeattribute hal_graphics_composer_client)
+(typeattribute hal_graphics_composer_client_tmpfs)
+(typeattribute hal_graphics_composer_hwservice_30_0)
+(typeattribute hal_graphics_composer_server)
+(typeattribute hal_graphics_composer_server_tmpfs_30_0)
+(typeattribute hal_graphics_mapper_hwservice_30_0)
+(typeattribute hal_health)
+(typeattribute hal_health_client)
+(typeattribute hal_health_hwservice_30_0)
+(typeattribute hal_health_server)
+(typeattribute hal_health_storage)
+(typeattribute hal_health_storage_client)
+(typeattribute hal_health_storage_hwservice_30_0)
+(typeattribute hal_health_storage_server)
+(typeattribute hal_identity)
+(typeattribute hal_identity_client)
+(typeattribute hal_identity_server)
+(typeattribute hal_identity_service_30_0)
+(typeattribute hal_input_classifier)
+(typeattribute hal_input_classifier_client)
+(typeattribute hal_input_classifier_hwservice_30_0)
+(typeattribute hal_input_classifier_server)
+(typeattribute hal_ir)
+(typeattribute hal_ir_client)
+(typeattribute hal_ir_hwservice_30_0)
+(typeattribute hal_ir_server)
+(typeattribute hal_keymaster)
+(typeattribute hal_keymaster_client)
+(typeattribute hal_keymaster_hwservice_30_0)
+(typeattribute hal_keymaster_server)
+(typeattribute hal_light)
+(typeattribute hal_light_client)
+(typeattribute hal_light_hwservice_30_0)
+(typeattribute hal_light_server)
+(typeattribute hal_light_service_30_0)
+(typeattribute hal_lowpan)
+(typeattribute hal_lowpan_client)
+(typeattribute hal_lowpan_hwservice_30_0)
+(typeattribute hal_lowpan_server)
+(typeattribute hal_memtrack)
+(typeattribute hal_memtrack_client)
+(typeattribute hal_memtrack_hwservice_30_0)
+(typeattribute hal_memtrack_server)
+(typeattribute hal_neuralnetworks)
+(typeattribute hal_neuralnetworks_client)
+(typeattribute hal_neuralnetworks_hwservice_30_0)
+(typeattribute hal_neuralnetworks_server)
+(typeattribute hal_nfc)
+(typeattribute hal_nfc_client)
+(typeattribute hal_nfc_hwservice_30_0)
+(typeattribute hal_nfc_server)
+(typeattribute hal_oemlock)
+(typeattribute hal_oemlock_client)
+(typeattribute hal_oemlock_hwservice_30_0)
+(typeattribute hal_oemlock_server)
+(typeattribute hal_omx)
+(typeattribute hal_omx_client)
+(typeattribute hal_omx_hwservice_30_0)
+(typeattribute hal_omx_server)
+(typeattribute hal_power)
+(typeattribute hal_power_client)
+(typeattribute hal_power_hwservice_30_0)
+(typeattribute hal_power_server)
+(typeattribute hal_power_service_30_0)
+(typeattribute hal_power_stats)
+(typeattribute hal_power_stats_client)
+(typeattribute hal_power_stats_hwservice_30_0)
+(typeattribute hal_power_stats_server)
+(typeattribute hal_rebootescrow)
+(typeattribute hal_rebootescrow_client)
+(typeattribute hal_rebootescrow_server)
+(typeattribute hal_rebootescrow_service_30_0)
+(typeattribute hal_renderscript_hwservice_30_0)
+(typeattribute hal_secure_element)
+(typeattribute hal_secure_element_client)
+(typeattribute hal_secure_element_hwservice_30_0)
+(typeattribute hal_secure_element_server)
+(typeattribute hal_sensors)
+(typeattribute hal_sensors_client)
+(typeattribute hal_sensors_hwservice_30_0)
+(typeattribute hal_sensors_server)
+(typeattribute hal_telephony)
+(typeattribute hal_telephony_client)
+(typeattribute hal_telephony_hwservice_30_0)
+(typeattribute hal_telephony_server)
+(typeattribute hal_tetheroffload)
+(typeattribute hal_tetheroffload_client)
+(typeattribute hal_tetheroffload_hwservice_30_0)
+(typeattribute hal_tetheroffload_server)
+(typeattribute hal_thermal)
+(typeattribute hal_thermal_client)
+(typeattribute hal_thermal_hwservice_30_0)
+(typeattribute hal_thermal_server)
+(typeattribute hal_tv_cec)
+(typeattribute hal_tv_cec_client)
+(typeattribute hal_tv_cec_hwservice_30_0)
+(typeattribute hal_tv_cec_server)
+(typeattribute hal_tv_input)
+(typeattribute hal_tv_input_client)
+(typeattribute hal_tv_input_hwservice_30_0)
+(typeattribute hal_tv_input_server)
+(typeattribute hal_tv_tuner)
+(typeattribute hal_tv_tuner_client)
+(typeattribute hal_tv_tuner_hwservice_30_0)
+(typeattribute hal_tv_tuner_server)
+(typeattribute hal_usb)
+(typeattribute hal_usb_client)
+(typeattribute hal_usb_gadget)
+(typeattribute hal_usb_gadget_client)
+(typeattribute hal_usb_gadget_hwservice_30_0)
+(typeattribute hal_usb_gadget_server)
+(typeattribute hal_usb_hwservice_30_0)
+(typeattribute hal_usb_server)
+(typeattribute hal_vehicle)
+(typeattribute hal_vehicle_client)
+(typeattribute hal_vehicle_hwservice_30_0)
+(typeattribute hal_vehicle_server)
+(typeattribute hal_vibrator)
+(typeattribute hal_vibrator_client)
+(typeattribute hal_vibrator_hwservice_30_0)
+(typeattribute hal_vibrator_server)
+(typeattribute hal_vibrator_service_30_0)
+(typeattribute hal_vr)
+(typeattribute hal_vr_client)
+(typeattribute hal_vr_hwservice_30_0)
+(typeattribute hal_vr_server)
+(typeattribute hal_weaver)
+(typeattribute hal_weaver_client)
+(typeattribute hal_weaver_hwservice_30_0)
+(typeattribute hal_weaver_server)
+(typeattribute hal_wifi)
+(typeattribute hal_wifi_client)
+(typeattribute hal_wifi_hostapd)
+(typeattribute hal_wifi_hostapd_client)
+(typeattribute hal_wifi_hostapd_hwservice_30_0)
+(typeattribute hal_wifi_hostapd_server)
+(typeattribute hal_wifi_hwservice_30_0)
+(typeattribute hal_wifi_server)
+(typeattribute hal_wifi_supplicant)
+(typeattribute hal_wifi_supplicant_client)
+(typeattribute hal_wifi_supplicant_hwservice_30_0)
+(typeattribute hal_wifi_supplicant_server)
+(typeattribute halclientdomain)
+(typeattribute halserverdomain)
+(typeattribute hardware_properties_service_30_0)
+(typeattribute hardware_service_30_0)
+(typeattribute hci_attach_dev_30_0)
+(typeattribute hdmi_control_service_30_0)
+(typeattribute healthd_30_0)
+(typeattribute healthd_exec_30_0)
+(typeattribute heapdump_data_file_30_0)
+(typeattribute heapprofd_30_0)
+(typeattribute heapprofd_enabled_prop_30_0)
+(typeattribute heapprofd_prop_30_0)
+(typeattribute heapprofd_socket_30_0)
+(typeattribute hidl_allocator_hwservice_30_0)
+(typeattribute hidl_base_hwservice_30_0)
+(typeattribute hidl_manager_hwservice_30_0)
+(typeattribute hidl_memory_hwservice_30_0)
+(typeattribute hidl_token_hwservice_30_0)
+(typeattribute hw_random_device_30_0)
+(typeattribute hwbinder_device_30_0)
+(typeattribute hwservice_contexts_file_30_0)
+(typeattribute hwservice_manager_type)
+(typeattribute hwservicemanager_30_0)
+(typeattribute hwservicemanager_exec_30_0)
+(typeattribute hwservicemanager_prop_30_0)
+(typeattribute icon_file_30_0)
+(typeattribute idmap_30_0)
+(typeattribute idmap_exec_30_0)
+(typeattribute idmap_service_30_0)
+(typeattribute iio_device_30_0)
+(typeattribute imms_service_30_0)
+(typeattribute incident_30_0)
+(typeattribute incident_data_file_30_0)
+(typeattribute incident_helper_30_0)
+(typeattribute incident_service_30_0)
+(typeattribute incidentd_30_0)
+(typeattribute incremental_control_file_30_0)
+(typeattribute incremental_prop_30_0)
+(typeattribute incremental_service_30_0)
+(typeattribute init_30_0)
+(typeattribute init_exec_30_0)
+(typeattribute init_perf_lsm_hooks_prop_30_0)
+(typeattribute init_svc_debug_prop_30_0)
+(typeattribute init_tmpfs_30_0)
+(typeattribute inotify_30_0)
+(typeattribute input_device_30_0)
+(typeattribute input_method_service_30_0)
+(typeattribute input_service_30_0)
+(typeattribute inputflinger_30_0)
+(typeattribute inputflinger_exec_30_0)
+(typeattribute inputflinger_service_30_0)
+(typeattribute install_data_file_30_0)
+(typeattribute installd_30_0)
+(typeattribute installd_exec_30_0)
+(typeattribute installd_service_30_0)
+(typeattribute ion_device_30_0)
+(typeattribute iorap_inode2filename_30_0)
+(typeattribute iorap_inode2filename_exec_30_0)
+(typeattribute iorap_inode2filename_tmpfs_30_0)
+(typeattribute iorap_prefetcherd_30_0)
+(typeattribute iorap_prefetcherd_exec_30_0)
+(typeattribute iorap_prefetcherd_tmpfs_30_0)
+(typeattribute iorapd_30_0)
+(typeattribute iorapd_data_file_30_0)
+(typeattribute iorapd_exec_30_0)
+(typeattribute iorapd_service_30_0)
+(typeattribute iorapd_tmpfs_30_0)
+(typeattribute ipsec_service_30_0)
+(typeattribute iris_service_30_0)
+(typeattribute iris_vendor_data_file_30_0)
+(typeattribute isolated_app_30_0)
+(typeattribute jobscheduler_service_30_0)
+(typeattribute kernel_30_0)
+(typeattribute keychain_data_file_30_0)
+(typeattribute keychord_device_30_0)
+(typeattribute keystore_30_0)
+(typeattribute keystore_data_file_30_0)
+(typeattribute keystore_exec_30_0)
+(typeattribute keystore_service_30_0)
+(typeattribute kmsg_debug_device_30_0)
+(typeattribute kmsg_device_30_0)
+(typeattribute labeledfs_30_0)
+(typeattribute last_boot_reason_prop_30_0)
+(typeattribute launcherapps_service_30_0)
+(typeattribute light_service_30_0)
+(typeattribute linkerconfig_file_30_0)
+(typeattribute llkd_30_0)
+(typeattribute llkd_exec_30_0)
+(typeattribute llkd_prop_30_0)
+(typeattribute lmkd_30_0)
+(typeattribute lmkd_exec_30_0)
+(typeattribute lmkd_prop_30_0)
+(typeattribute lmkd_socket_30_0)
+(typeattribute location_service_30_0)
+(typeattribute lock_settings_service_30_0)
+(typeattribute log_prop_30_0)
+(typeattribute log_property_type)
+(typeattribute log_tag_prop_30_0)
+(typeattribute logcat_exec_30_0)
+(typeattribute logd_30_0)
+(typeattribute logd_exec_30_0)
+(typeattribute logd_prop_30_0)
+(typeattribute logd_socket_30_0)
+(typeattribute logdr_socket_30_0)
+(typeattribute logdw_socket_30_0)
+(typeattribute logpersist_30_0)
+(typeattribute logpersistd_logging_prop_30_0)
+(typeattribute loop_control_device_30_0)
+(typeattribute loop_device_30_0)
+(typeattribute looper_stats_service_30_0)
+(typeattribute lowpan_device_30_0)
+(typeattribute lowpan_prop_30_0)
+(typeattribute lowpan_service_30_0)
+(typeattribute lpdump_service_30_0)
+(typeattribute lpdumpd_prop_30_0)
+(typeattribute mac_perms_file_30_0)
+(typeattribute mdns_socket_30_0)
+(typeattribute mdnsd_30_0)
+(typeattribute mdnsd_socket_30_0)
+(typeattribute media_data_file_30_0)
+(typeattribute media_projection_service_30_0)
+(typeattribute media_router_service_30_0)
+(typeattribute media_rw_data_file_30_0)
+(typeattribute media_session_service_30_0)
+(typeattribute media_variant_prop_30_0)
+(typeattribute mediadrmserver_30_0)
+(typeattribute mediadrmserver_exec_30_0)
+(typeattribute mediadrmserver_service_30_0)
+(typeattribute mediaextractor_30_0)
+(typeattribute mediaextractor_exec_30_0)
+(typeattribute mediaextractor_service_30_0)
+(typeattribute mediaextractor_tmpfs_30_0)
+(typeattribute mediametrics_30_0)
+(typeattribute mediametrics_exec_30_0)
+(typeattribute mediametrics_service_30_0)
+(typeattribute mediaprovider_30_0)
+(typeattribute mediaserver_30_0)
+(typeattribute mediaserver_exec_30_0)
+(typeattribute mediaserver_service_30_0)
+(typeattribute mediaserver_tmpfs_30_0)
+(typeattribute mediaswcodec_30_0)
+(typeattribute mediaswcodec_exec_30_0)
+(typeattribute mediatranscoding_30_0)
+(typeattribute mediatranscoding_exec_30_0)
+(typeattribute mediatranscoding_service_30_0)
+(typeattribute meminfo_service_30_0)
+(typeattribute metadata_block_device_30_0)
+(typeattribute metadata_bootstat_file_30_0)
+(typeattribute metadata_file_30_0)
+(typeattribute method_trace_data_file_30_0)
+(typeattribute midi_service_30_0)
+(typeattribute mirror_data_file_30_0)
+(typeattribute misc_block_device_30_0)
+(typeattribute misc_logd_file_30_0)
+(typeattribute misc_user_data_file_30_0)
+(typeattribute mlstrustedobject)
+(typeattribute mlstrustedsubject)
+(typeattribute mmc_prop_30_0)
+(typeattribute mnt_expand_file_30_0)
+(typeattribute mnt_media_rw_file_30_0)
+(typeattribute mnt_media_rw_stub_file_30_0)
+(typeattribute mnt_pass_through_file_30_0)
+(typeattribute mnt_product_file_30_0)
+(typeattribute mnt_sdcard_file_30_0)
+(typeattribute mnt_user_file_30_0)
+(typeattribute mnt_vendor_file_30_0)
+(typeattribute mock_ota_prop_30_0)
+(typeattribute modprobe_30_0)
+(typeattribute module_sdkextensions_prop_30_0)
+(typeattribute mount_service_30_0)
+(typeattribute mqueue_30_0)
+(typeattribute mtp_30_0)
+(typeattribute mtp_device_30_0)
+(typeattribute mtp_exec_30_0)
+(typeattribute mtpd_socket_30_0)
+(typeattribute nativetest_data_file_30_0)
+(typeattribute net_data_file_30_0)
+(typeattribute net_dns_prop_30_0)
+(typeattribute net_radio_prop_30_0)
+(typeattribute netd_30_0)
+(typeattribute netd_exec_30_0)
+(typeattribute netd_listener_service_30_0)
+(typeattribute netd_service_30_0)
+(typeattribute netd_stable_secret_prop_30_0)
+(typeattribute netdomain)
+(typeattribute netif_30_0)
+(typeattribute netif_type)
+(typeattribute netpolicy_service_30_0)
+(typeattribute netstats_service_30_0)
+(typeattribute netutils_wrapper_30_0)
+(typeattribute netutils_wrapper_exec_30_0)
+(typeattribute network_management_service_30_0)
+(typeattribute network_score_service_30_0)
+(typeattribute network_stack_30_0)
+(typeattribute network_stack_service_30_0)
+(typeattribute network_time_update_service_30_0)
+(typeattribute network_watchlist_data_file_30_0)
+(typeattribute network_watchlist_service_30_0)
+(typeattribute nfc_30_0)
+(typeattribute nfc_data_file_30_0)
+(typeattribute nfc_device_30_0)
+(typeattribute nfc_prop_30_0)
+(typeattribute nfc_service_30_0)
+(typeattribute nnapi_ext_deny_product_prop_30_0)
+(typeattribute node_30_0)
+(typeattribute node_type)
+(typeattribute nonplat_service_contexts_file_30_0)
+(typeattribute notification_service_30_0)
+(typeattribute null_device_30_0)
+(typeattribute oem_lock_service_30_0)
+(typeattribute oemfs_30_0)
+(typeattribute ota_data_file_30_0)
+(typeattribute ota_metadata_file_30_0)
+(typeattribute ota_package_file_30_0)
+(typeattribute ota_prop_30_0)
+(typeattribute otadexopt_service_30_0)
+(typeattribute overlay_prop_30_0)
+(typeattribute overlay_service_30_0)
+(typeattribute overlayfs_file_30_0)
+(typeattribute owntty_device_30_0)
+(typeattribute package_native_service_30_0)
+(typeattribute package_service_30_0)
+(typeattribute packages_list_file_30_0)
+(typeattribute pan_result_prop_30_0)
+(typeattribute password_slot_metadata_file_30_0)
+(typeattribute pdx_bufferhub_client_channel_socket_30_0)
+(typeattribute pdx_bufferhub_client_channel_socket_type)
+(typeattribute pdx_bufferhub_client_endpoint_dir_type)
+(typeattribute pdx_bufferhub_client_endpoint_socket_30_0)
+(typeattribute pdx_bufferhub_client_endpoint_socket_type)
+(typeattribute pdx_bufferhub_client_server_type)
+(typeattribute pdx_bufferhub_dir_30_0)
+(typeattribute pdx_channel_socket_type)
+(typeattribute pdx_display_client_channel_socket_30_0)
+(typeattribute pdx_display_client_channel_socket_type)
+(typeattribute pdx_display_client_endpoint_dir_type)
+(typeattribute pdx_display_client_endpoint_socket_30_0)
+(typeattribute pdx_display_client_endpoint_socket_type)
+(typeattribute pdx_display_client_server_type)
+(typeattribute pdx_display_dir_30_0)
+(typeattribute pdx_display_manager_channel_socket_30_0)
+(typeattribute pdx_display_manager_channel_socket_type)
+(typeattribute pdx_display_manager_endpoint_dir_type)
+(typeattribute pdx_display_manager_endpoint_socket_30_0)
+(typeattribute pdx_display_manager_endpoint_socket_type)
+(typeattribute pdx_display_manager_server_type)
+(typeattribute pdx_display_screenshot_channel_socket_30_0)
+(typeattribute pdx_display_screenshot_channel_socket_type)
+(typeattribute pdx_display_screenshot_endpoint_dir_type)
+(typeattribute pdx_display_screenshot_endpoint_socket_30_0)
+(typeattribute pdx_display_screenshot_endpoint_socket_type)
+(typeattribute pdx_display_screenshot_server_type)
+(typeattribute pdx_display_vsync_channel_socket_30_0)
+(typeattribute pdx_display_vsync_channel_socket_type)
+(typeattribute pdx_display_vsync_endpoint_dir_type)
+(typeattribute pdx_display_vsync_endpoint_socket_30_0)
+(typeattribute pdx_display_vsync_endpoint_socket_type)
+(typeattribute pdx_display_vsync_server_type)
+(typeattribute pdx_endpoint_dir_type)
+(typeattribute pdx_endpoint_socket_type)
+(typeattribute pdx_performance_client_channel_socket_30_0)
+(typeattribute pdx_performance_client_channel_socket_type)
+(typeattribute pdx_performance_client_endpoint_dir_type)
+(typeattribute pdx_performance_client_endpoint_socket_30_0)
+(typeattribute pdx_performance_client_endpoint_socket_type)
+(typeattribute pdx_performance_client_server_type)
+(typeattribute pdx_performance_dir_30_0)
+(typeattribute perfetto_30_0)
+(typeattribute performanced_30_0)
+(typeattribute performanced_exec_30_0)
+(typeattribute permission_service_30_0)
+(typeattribute permissionmgr_service_30_0)
+(typeattribute persist_debug_prop_30_0)
+(typeattribute persistent_data_block_service_30_0)
+(typeattribute persistent_properties_ready_prop_30_0)
+(typeattribute pinner_service_30_0)
+(typeattribute pipefs_30_0)
+(typeattribute platform_app_30_0)
+(typeattribute platform_compat_service_30_0)
+(typeattribute pm_prop_30_0)
+(typeattribute pmsg_device_30_0)
+(typeattribute port_30_0)
+(typeattribute port_device_30_0)
+(typeattribute port_type)
+(typeattribute postinstall_30_0)
+(typeattribute postinstall_apex_mnt_dir_30_0)
+(typeattribute postinstall_file_30_0)
+(typeattribute postinstall_mnt_dir_30_0)
+(typeattribute power_service_30_0)
+(typeattribute powerctl_prop_30_0)
+(typeattribute ppp_30_0)
+(typeattribute ppp_device_30_0)
+(typeattribute ppp_exec_30_0)
+(typeattribute preloads_data_file_30_0)
+(typeattribute preloads_media_file_30_0)
+(typeattribute prereboot_data_file_30_0)
+(typeattribute print_service_30_0)
+(typeattribute priv_app_30_0)
+(typeattribute privapp_data_file_30_0)
+(typeattribute proc_30_0)
+(typeattribute proc_abi_30_0)
+(typeattribute proc_asound_30_0)
+(typeattribute proc_bluetooth_writable_30_0)
+(typeattribute proc_buddyinfo_30_0)
+(typeattribute proc_cmdline_30_0)
+(typeattribute proc_cpuinfo_30_0)
+(typeattribute proc_dirty_30_0)
+(typeattribute proc_diskstats_30_0)
+(typeattribute proc_drop_caches_30_0)
+(typeattribute proc_extra_free_kbytes_30_0)
+(typeattribute proc_filesystems_30_0)
+(typeattribute proc_fs_verity_30_0)
+(typeattribute proc_hostname_30_0)
+(typeattribute proc_hung_task_30_0)
+(typeattribute proc_interrupts_30_0)
+(typeattribute proc_iomem_30_0)
+(typeattribute proc_keys_30_0)
+(typeattribute proc_kmsg_30_0)
+(typeattribute proc_kpageflags_30_0)
+(typeattribute proc_loadavg_30_0)
+(typeattribute proc_lowmemorykiller_30_0)
+(typeattribute proc_max_map_count_30_0)
+(typeattribute proc_meminfo_30_0)
+(typeattribute proc_min_free_order_shift_30_0)
+(typeattribute proc_misc_30_0)
+(typeattribute proc_modules_30_0)
+(typeattribute proc_mounts_30_0)
+(typeattribute proc_net_30_0)
+(typeattribute proc_net_tcp_udp_30_0)
+(typeattribute proc_net_type)
+(typeattribute proc_overcommit_memory_30_0)
+(typeattribute proc_page_cluster_30_0)
+(typeattribute proc_pagetypeinfo_30_0)
+(typeattribute proc_panic_30_0)
+(typeattribute proc_perf_30_0)
+(typeattribute proc_pid_max_30_0)
+(typeattribute proc_pipe_conf_30_0)
+(typeattribute proc_pressure_cpu_30_0)
+(typeattribute proc_pressure_io_30_0)
+(typeattribute proc_pressure_mem_30_0)
+(typeattribute proc_qtaguid_ctrl_30_0)
+(typeattribute proc_qtaguid_stat_30_0)
+(typeattribute proc_random_30_0)
+(typeattribute proc_sched_30_0)
+(typeattribute proc_security_30_0)
+(typeattribute proc_slabinfo_30_0)
+(typeattribute proc_stat_30_0)
+(typeattribute proc_swaps_30_0)
+(typeattribute proc_sysrq_30_0)
+(typeattribute proc_timer_30_0)
+(typeattribute proc_tty_drivers_30_0)
+(typeattribute proc_type)
+(typeattribute proc_uid_concurrent_active_time_30_0)
+(typeattribute proc_uid_concurrent_policy_time_30_0)
+(typeattribute proc_uid_cpupower_30_0)
+(typeattribute proc_uid_cputime_removeuid_30_0)
+(typeattribute proc_uid_cputime_showstat_30_0)
+(typeattribute proc_uid_io_stats_30_0)
+(typeattribute proc_uid_procstat_set_30_0)
+(typeattribute proc_uid_time_in_state_30_0)
+(typeattribute proc_uptime_30_0)
+(typeattribute proc_version_30_0)
+(typeattribute proc_vmallocinfo_30_0)
+(typeattribute proc_vmstat_30_0)
+(typeattribute proc_zoneinfo_30_0)
+(typeattribute processinfo_service_30_0)
+(typeattribute procstats_service_30_0)
+(typeattribute profman_30_0)
+(typeattribute profman_dump_data_file_30_0)
+(typeattribute profman_exec_30_0)
+(typeattribute properties_device_30_0)
+(typeattribute properties_serial_30_0)
+(typeattribute property_contexts_file_30_0)
+(typeattribute property_data_file_30_0)
+(typeattribute property_info_30_0)
+(typeattribute property_socket_30_0)
+(typeattribute property_type)
+(typeattribute protected_hwservice)
+(typeattribute pstorefs_30_0)
+(typeattribute ptmx_device_30_0)
+(typeattribute qtaguid_device_30_0)
+(typeattribute racoon_30_0)
+(typeattribute racoon_exec_30_0)
+(typeattribute racoon_socket_30_0)
+(typeattribute radio_30_0)
+(typeattribute radio_data_file_30_0)
+(typeattribute radio_device_30_0)
+(typeattribute radio_prop_30_0)
+(typeattribute radio_service_30_0)
+(typeattribute ram_device_30_0)
+(typeattribute random_device_30_0)
+(typeattribute rebootescrow_hal_prop_30_0)
+(typeattribute recovery_30_0)
+(typeattribute recovery_block_device_30_0)
+(typeattribute recovery_data_file_30_0)
+(typeattribute recovery_persist_30_0)
+(typeattribute recovery_persist_exec_30_0)
+(typeattribute recovery_refresh_30_0)
+(typeattribute recovery_refresh_exec_30_0)
+(typeattribute recovery_service_30_0)
+(typeattribute recovery_socket_30_0)
+(typeattribute registry_service_30_0)
+(typeattribute resourcecache_data_file_30_0)
+(typeattribute restorecon_prop_30_0)
+(typeattribute restrictions_service_30_0)
+(typeattribute rild_debug_socket_30_0)
+(typeattribute rild_socket_30_0)
+(typeattribute ringtone_file_30_0)
+(typeattribute role_service_30_0)
+(typeattribute rollback_service_30_0)
+(typeattribute root_block_device_30_0)
+(typeattribute rootfs_30_0)
+(typeattribute rpmsg_device_30_0)
+(typeattribute rs_30_0)
+(typeattribute rs_exec_30_0)
+(typeattribute rss_hwm_reset_30_0)
+(typeattribute rtc_device_30_0)
+(typeattribute rttmanager_service_30_0)
+(typeattribute runas_30_0)
+(typeattribute runas_app_30_0)
+(typeattribute runas_exec_30_0)
+(typeattribute runtime_event_log_tags_file_30_0)
+(typeattribute runtime_service_30_0)
+(typeattribute safemode_prop_30_0)
+(typeattribute same_process_hal_file_30_0)
+(typeattribute same_process_hwservice)
+(typeattribute samplingprofiler_service_30_0)
+(typeattribute scheduler_service_server)
+(typeattribute scheduling_policy_service_30_0)
+(typeattribute sdcard_block_device_30_0)
+(typeattribute sdcard_type)
+(typeattribute sdcardd_30_0)
+(typeattribute sdcardd_exec_30_0)
+(typeattribute sdcardfs_30_0)
+(typeattribute seapp_contexts_file_30_0)
+(typeattribute search_service_30_0)
+(typeattribute sec_key_att_app_id_provider_service_30_0)
+(typeattribute secure_element_30_0)
+(typeattribute secure_element_device_30_0)
+(typeattribute secure_element_service_30_0)
+(typeattribute securityfs_30_0)
+(typeattribute selinuxfs_30_0)
+(typeattribute sensor_privacy_service_30_0)
+(typeattribute sensor_service_server)
+(typeattribute sensors_device_30_0)
+(typeattribute sensorservice_service_30_0)
+(typeattribute sepolicy_file_30_0)
+(typeattribute serial_device_30_0)
+(typeattribute serial_service_30_0)
+(typeattribute serialno_prop_30_0)
+(typeattribute server_configurable_flags_data_file_30_0)
+(typeattribute service_contexts_file_30_0)
+(typeattribute service_manager_service_30_0)
+(typeattribute service_manager_type)
+(typeattribute service_manager_vndservice_30_0)
+(typeattribute servicediscovery_service_30_0)
+(typeattribute servicemanager_30_0)
+(typeattribute servicemanager_exec_30_0)
+(typeattribute settings_service_30_0)
+(typeattribute sgdisk_30_0)
+(typeattribute sgdisk_exec_30_0)
+(typeattribute shared_relro_30_0)
+(typeattribute shared_relro_file_30_0)
+(typeattribute shell_30_0)
+(typeattribute shell_data_file_30_0)
+(typeattribute shell_exec_30_0)
+(typeattribute shell_prop_30_0)
+(typeattribute shm_30_0)
+(typeattribute shortcut_manager_icons_30_0)
+(typeattribute shortcut_service_30_0)
+(typeattribute simpleperf_30_0)
+(typeattribute simpleperf_app_runner_30_0)
+(typeattribute simpleperf_app_runner_exec_30_0)
+(typeattribute slice_service_30_0)
+(typeattribute slideshow_30_0)
+(typeattribute snapshotctl_log_data_file_30_0)
+(typeattribute socket_between_core_and_vendor_violators)
+(typeattribute socket_device_30_0)
+(typeattribute socket_hook_prop_30_0)
+(typeattribute sockfs_30_0)
+(typeattribute sota_prop_30_0)
+(typeattribute soundtrigger_middleware_service_30_0)
+(typeattribute staging_data_file_30_0)
+(typeattribute stats_data_file_30_0)
+(typeattribute stats_service_server)
+(typeattribute statsd_30_0)
+(typeattribute statsd_exec_30_0)
+(typeattribute statsdw_socket_30_0)
+(typeattribute statusbar_service_30_0)
+(typeattribute storage_config_prop_30_0)
+(typeattribute storage_file_30_0)
+(typeattribute storage_stub_file_30_0)
+(typeattribute storaged_service_30_0)
+(typeattribute storagestats_service_30_0)
+(typeattribute su_30_0)
+(typeattribute su_exec_30_0)
+(typeattribute super_block_device_30_0)
+(typeattribute super_block_device_type)
+(typeattribute surfaceflinger_30_0)
+(typeattribute surfaceflinger_service_30_0)
+(typeattribute surfaceflinger_tmpfs_30_0)
+(typeattribute swap_block_device_30_0)
+(typeattribute sysfs_30_0)
+(typeattribute sysfs_android_usb_30_0)
+(typeattribute sysfs_batteryinfo_30_0)
+(typeattribute sysfs_bluetooth_writable_30_0)
+(typeattribute sysfs_devices_block_30_0)
+(typeattribute sysfs_devices_system_cpu_30_0)
+(typeattribute sysfs_dm_30_0)
+(typeattribute sysfs_dm_verity_30_0)
+(typeattribute sysfs_dt_firmware_android_30_0)
+(typeattribute sysfs_extcon_30_0)
+(typeattribute sysfs_fs_ext4_features_30_0)
+(typeattribute sysfs_fs_f2fs_30_0)
+(typeattribute sysfs_hwrandom_30_0)
+(typeattribute sysfs_ion_30_0)
+(typeattribute sysfs_ipv4_30_0)
+(typeattribute sysfs_kernel_notes_30_0)
+(typeattribute sysfs_leds_30_0)
+(typeattribute sysfs_loop_30_0)
+(typeattribute sysfs_lowmemorykiller_30_0)
+(typeattribute sysfs_net_30_0)
+(typeattribute sysfs_nfc_power_writable_30_0)
+(typeattribute sysfs_power_30_0)
+(typeattribute sysfs_rtc_30_0)
+(typeattribute sysfs_suspend_stats_30_0)
+(typeattribute sysfs_switch_30_0)
+(typeattribute sysfs_thermal_30_0)
+(typeattribute sysfs_transparent_hugepage_30_0)
+(typeattribute sysfs_type)
+(typeattribute sysfs_uio_30_0)
+(typeattribute sysfs_usb_30_0)
+(typeattribute sysfs_usermodehelper_30_0)
+(typeattribute sysfs_vibrator_30_0)
+(typeattribute sysfs_wake_lock_30_0)
+(typeattribute sysfs_wakeup_30_0)
+(typeattribute sysfs_wakeup_reasons_30_0)
+(typeattribute sysfs_wlan_fwpath_30_0)
+(typeattribute sysfs_zram_30_0)
+(typeattribute sysfs_zram_uevent_30_0)
+(typeattribute system_adbd_prop_30_0)
+(typeattribute system_api_service)
+(typeattribute system_app_30_0)
+(typeattribute system_app_data_file_30_0)
+(typeattribute system_app_service_30_0)
+(typeattribute system_asan_options_file_30_0)
+(typeattribute system_block_device_30_0)
+(typeattribute system_boot_reason_prop_30_0)
+(typeattribute system_bootstrap_lib_file_30_0)
+(typeattribute system_config_service_30_0)
+(typeattribute system_data_file_30_0)
+(typeattribute system_data_root_file_30_0)
+(typeattribute system_event_log_tags_file_30_0)
+(typeattribute system_executes_vendor_violators)
+(typeattribute system_file_30_0)
+(typeattribute system_file_type)
+(typeattribute system_group_file_30_0)
+(typeattribute system_internal_property_type)
+(typeattribute system_jvmti_agent_prop_30_0)
+(typeattribute system_lib_file_30_0)
+(typeattribute system_linker_config_file_30_0)
+(typeattribute system_linker_exec_30_0)
+(typeattribute system_lmk_prop_30_0)
+(typeattribute system_ndebug_socket_30_0)
+(typeattribute system_net_netd_hwservice_30_0)
+(typeattribute system_passwd_file_30_0)
+(typeattribute system_prop_30_0)
+(typeattribute system_property_type)
+(typeattribute system_public_property_type)
+(typeattribute system_radio_prop_30_0)
+(typeattribute system_restricted_property_type)
+(typeattribute system_seccomp_policy_file_30_0)
+(typeattribute system_security_cacerts_file_30_0)
+(typeattribute system_server_30_0)
+(typeattribute system_server_service)
+(typeattribute system_server_tmpfs_30_0)
+(typeattribute system_suspend_control_service_30_0)
+(typeattribute system_suspend_hwservice_30_0)
+(typeattribute system_suspend_server)
+(typeattribute system_trace_prop_30_0)
+(typeattribute system_unsolzygote_socket_30_0)
+(typeattribute system_update_service_30_0)
+(typeattribute system_wifi_keystore_hwservice_30_0)
+(typeattribute system_wpa_socket_30_0)
+(typeattribute system_writes_mnt_vendor_violators)
+(typeattribute system_writes_vendor_properties_violators)
+(typeattribute system_zoneinfo_file_30_0)
+(typeattribute systemkeys_data_file_30_0)
+(typeattribute task_profiles_file_30_0)
+(typeattribute task_service_30_0)
+(typeattribute tcpdump_exec_30_0)
+(typeattribute tee_30_0)
+(typeattribute tee_data_file_30_0)
+(typeattribute tee_device_30_0)
+(typeattribute telecom_service_30_0)
+(typeattribute test_boot_reason_prop_30_0)
+(typeattribute test_harness_prop_30_0)
+(typeattribute testharness_service_30_0)
+(typeattribute tethering_service_30_0)
+(typeattribute textclassification_service_30_0)
+(typeattribute textclassifier_data_file_30_0)
+(typeattribute textservices_service_30_0)
+(typeattribute theme_prop_30_0)
+(typeattribute thermal_service_30_0)
+(typeattribute thermalcallback_hwservice_30_0)
+(typeattribute time_prop_30_0)
+(typeattribute timedetector_service_30_0)
+(typeattribute timezone_service_30_0)
+(typeattribute timezonedetector_service_30_0)
+(typeattribute tmpfs_30_0)
+(typeattribute tombstone_data_file_30_0)
+(typeattribute tombstone_wifi_data_file_30_0)
+(typeattribute tombstoned_30_0)
+(typeattribute tombstoned_crash_socket_30_0)
+(typeattribute tombstoned_exec_30_0)
+(typeattribute tombstoned_intercept_socket_30_0)
+(typeattribute tombstoned_java_trace_socket_30_0)
+(typeattribute toolbox_30_0)
+(typeattribute toolbox_exec_30_0)
+(typeattribute trace_data_file_30_0)
+(typeattribute traced_30_0)
+(typeattribute traced_consumer_socket_30_0)
+(typeattribute traced_enabled_prop_30_0)
+(typeattribute traced_lazy_prop_30_0)
+(typeattribute traced_perf_30_0)
+(typeattribute traced_perf_enabled_prop_30_0)
+(typeattribute traced_perf_socket_30_0)
+(typeattribute traced_probes_30_0)
+(typeattribute traced_producer_socket_30_0)
+(typeattribute traceur_app_30_0)
+(typeattribute trust_service_30_0)
+(typeattribute tty_device_30_0)
+(typeattribute tun_device_30_0)
+(typeattribute tv_input_service_30_0)
+(typeattribute tv_tuner_resource_mgr_service_30_0)
+(typeattribute tzdatacheck_30_0)
+(typeattribute tzdatacheck_exec_30_0)
+(typeattribute ueventd_30_0)
+(typeattribute ueventd_tmpfs_30_0)
+(typeattribute uhid_device_30_0)
+(typeattribute uimode_service_30_0)
+(typeattribute uio_device_30_0)
+(typeattribute uncrypt_30_0)
+(typeattribute uncrypt_exec_30_0)
+(typeattribute uncrypt_socket_30_0)
+(typeattribute unencrypted_data_file_30_0)
+(typeattribute unlabeled_30_0)
+(typeattribute untrusted_app_25_30_0)
+(typeattribute untrusted_app_27_30_0)
+(typeattribute untrusted_app_29_30_0)
+(typeattribute untrusted_app_30_0)
+(typeattribute untrusted_app_all)
+(typeattribute untrusted_app_visible_halserver_violators)
+(typeattribute untrusted_app_visible_hwservice_violators)
+(typeattribute update_engine_30_0)
+(typeattribute update_engine_common)
+(typeattribute update_engine_data_file_30_0)
+(typeattribute update_engine_exec_30_0)
+(typeattribute update_engine_log_data_file_30_0)
+(typeattribute update_engine_service_30_0)
+(typeattribute update_verifier_30_0)
+(typeattribute update_verifier_exec_30_0)
+(typeattribute updatelock_service_30_0)
+(typeattribute uri_grants_service_30_0)
+(typeattribute usagestats_service_30_0)
+(typeattribute usb_device_30_0)
+(typeattribute usb_serial_device_30_0)
+(typeattribute usb_service_30_0)
+(typeattribute usbaccessory_device_30_0)
+(typeattribute usbd_30_0)
+(typeattribute usbd_exec_30_0)
+(typeattribute usbfs_30_0)
+(typeattribute use_memfd_prop_30_0)
+(typeattribute user_profile_data_file_30_0)
+(typeattribute user_service_30_0)
+(typeattribute userdata_block_device_30_0)
+(typeattribute usermodehelper_30_0)
+(typeattribute userspace_reboot_config_prop_30_0)
+(typeattribute userspace_reboot_exported_prop_30_0)
+(typeattribute userspace_reboot_log_prop_30_0)
+(typeattribute userspace_reboot_test_prop_30_0)
+(typeattribute vdc_30_0)
+(typeattribute vdc_exec_30_0)
+(typeattribute vehicle_hal_prop_30_0)
+(typeattribute vendor_apex_file_30_0)
+(typeattribute vendor_app_file_30_0)
+(typeattribute vendor_cgroup_desc_file_30_0)
+(typeattribute vendor_configs_file_30_0)
+(typeattribute vendor_data_file_30_0)
+(typeattribute vendor_default_prop_30_0)
+(typeattribute vendor_executes_system_violators)
+(typeattribute vendor_file_30_0)
+(typeattribute vendor_file_type)
+(typeattribute vendor_framework_file_30_0)
+(typeattribute vendor_hal_file_30_0)
+(typeattribute vendor_idc_file_30_0)
+(typeattribute vendor_init_30_0)
+(typeattribute vendor_internal_property_type)
+(typeattribute vendor_keychars_file_30_0)
+(typeattribute vendor_keylayout_file_30_0)
+(typeattribute vendor_misc_writer_30_0)
+(typeattribute vendor_misc_writer_exec_30_0)
+(typeattribute vendor_overlay_file_30_0)
+(typeattribute vendor_property_type)
+(typeattribute vendor_public_lib_file_30_0)
+(typeattribute vendor_public_property_type)
+(typeattribute vendor_restricted_property_type)
+(typeattribute vendor_security_patch_level_prop_30_0)
+(typeattribute vendor_service)
+(typeattribute vendor_shell_30_0)
+(typeattribute vendor_shell_exec_30_0)
+(typeattribute vendor_socket_hook_prop_30_0)
+(typeattribute vendor_task_profiles_file_30_0)
+(typeattribute vendor_toolbox_exec_30_0)
+(typeattribute vfat_30_0)
+(typeattribute vibrator_service_30_0)
+(typeattribute video_device_30_0)
+(typeattribute virtual_ab_prop_30_0)
+(typeattribute virtual_touchpad_30_0)
+(typeattribute virtual_touchpad_exec_30_0)
+(typeattribute virtual_touchpad_service_30_0)
+(typeattribute vndbinder_device_30_0)
+(typeattribute vndk_prop_30_0)
+(typeattribute vndk_sp_file_30_0)
+(typeattribute vndservice_contexts_file_30_0)
+(typeattribute vndservice_manager_type)
+(typeattribute vndservicemanager_30_0)
+(typeattribute voiceinteraction_service_30_0)
+(typeattribute vold_30_0)
+(typeattribute vold_data_file_30_0)
+(typeattribute vold_device_30_0)
+(typeattribute vold_exec_30_0)
+(typeattribute vold_metadata_file_30_0)
+(typeattribute vold_prepare_subdirs_30_0)
+(typeattribute vold_prepare_subdirs_exec_30_0)
+(typeattribute vold_prop_30_0)
+(typeattribute vold_service_30_0)
+(typeattribute vpn_data_file_30_0)
+(typeattribute vr_hwc_30_0)
+(typeattribute vr_hwc_exec_30_0)
+(typeattribute vr_hwc_service_30_0)
+(typeattribute vr_manager_service_30_0)
+(typeattribute vrflinger_vsync_service_30_0)
+(typeattribute wallpaper_file_30_0)
+(typeattribute wallpaper_service_30_0)
+(typeattribute watchdog_device_30_0)
+(typeattribute watchdogd_30_0)
+(typeattribute watchdogd_exec_30_0)
+(typeattribute webview_zygote_30_0)
+(typeattribute webview_zygote_exec_30_0)
+(typeattribute webview_zygote_tmpfs_30_0)
+(typeattribute webviewupdate_service_30_0)
+(typeattribute wifi_data_file_30_0)
+(typeattribute wifi_keystore_service_server)
+(typeattribute wifi_log_prop_30_0)
+(typeattribute wifi_prop_30_0)
+(typeattribute wifi_service_30_0)
+(typeattribute wifiaware_service_30_0)
+(typeattribute wificond_30_0)
+(typeattribute wificond_exec_30_0)
+(typeattribute wifinl80211_service_30_0)
+(typeattribute wifip2p_service_30_0)
+(typeattribute wifiscanner_service_30_0)
+(typeattribute window_service_30_0)
+(typeattribute wpa_socket_30_0)
+(typeattribute wpantund_30_0)
+(typeattribute wpantund_exec_30_0)
+(typeattribute wpantund_service_30_0)
+(typeattribute zero_device_30_0)
+(typeattribute zoneinfo_data_file_30_0)
+(typeattribute zygote_30_0)
+(typeattribute zygote_exec_30_0)
+(typeattribute zygote_socket_30_0)
+(typeattribute zygote_tmpfs_30_0)
diff --git a/prebuilts/api/30.0/private/app.te b/prebuilts/api/30.0/private/app.te
index 9882d8f..b2ddd84 100644
--- a/prebuilts/api/30.0/private/app.te
+++ b/prebuilts/api/30.0/private/app.te
@@ -36,8 +36,5 @@
neverallow { appdomain -shell userdebug_or_eng(`-su') }
{ domain -appdomain }:process { dyntransition };
-# Don't allow regular apps access to storage configuration properties.
-neverallow { appdomain -mediaprovider_app } storage_config_prop:file no_rw_file_perms;
-
# Allow to read graphics related properties.
get_prop(appdomain, graphics_config_prop)
diff --git a/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil b/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
index 846d8c2..7e8e6db 100644
--- a/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
+++ b/prebuilts/api/30.0/private/compat/29.0/29.0.ignore.cil
@@ -44,7 +44,6 @@
device_config_configuration_prop
emergency_affordance_service
exported_camera_prop
- fastbootd_protocol_prop
file_integrity_service
fwk_automotive_display_hwservice
fusectlfs
@@ -59,7 +58,6 @@
hal_tv_tuner_hwservice
hal_vibrator_service
incremental_control_file
- incremental_prop
incremental_service
init_perf_lsm_hooks_prop
init_svc_debug_prop
@@ -78,7 +76,6 @@
mirror_data_file
light_service
linkerconfig_file
- lmkd_prop
media_variant_prop
metadata_bootstat_file
mnt_pass_through_file
diff --git a/prebuilts/api/30.0/private/lmkd.te b/prebuilts/api/30.0/private/lmkd.te
index e51cddb..a07ce87 100644
--- a/prebuilts/api/30.0/private/lmkd.te
+++ b/prebuilts/api/30.0/private/lmkd.te
@@ -1,8 +1,3 @@
typeattribute lmkd coredomain;
init_daemon_domain(lmkd)
-
-# Set lmkd.* properties.
-set_prop(lmkd, lmkd_prop)
-
-neverallow { -init -lmkd -vendor_init } lmkd_prop:property_service set;
diff --git a/prebuilts/api/30.0/private/mediaprovider_app.te b/prebuilts/api/30.0/private/mediaprovider_app.te
index 335c1b6..79d3e36 100644
--- a/prebuilts/api/30.0/private/mediaprovider_app.te
+++ b/prebuilts/api/30.0/private/mediaprovider_app.te
@@ -27,6 +27,10 @@
# Talk to the GPU service
binder_call(mediaprovider_app, gpuservice)
+# Talk to statsd
+allow mediaprovider_app statsmanager_service:service_manager find;
+binder_call(mediaprovider_app, statsd)
+
# read pipe-max-size configuration
allow mediaprovider_app proc_pipe_conf:file r_file_perms;
@@ -40,6 +44,3 @@
};
allow mediaprovider_app proc_filesystems:file r_file_perms;
-
-#Allow MediaProvider to see if sdcardfs is in use
-get_prop(mediaprovider_app, storage_config_prop)
diff --git a/prebuilts/api/30.0/private/property_contexts b/prebuilts/api/30.0/private/property_contexts
index 7908bb1..c3134f98 100644
--- a/prebuilts/api/30.0/private/property_contexts
+++ b/prebuilts/api/30.0/private/property_contexts
@@ -42,7 +42,6 @@
khungtask. u:object_r:llkd_prop:s0
ro.llk. u:object_r:llkd_prop:s0
ro.khungtask. u:object_r:llkd_prop:s0
-lmkd.reinit u:object_r:lmkd_prop:s0 exact int
log. u:object_r:log_prop:s0
log.tag u:object_r:log_tag_prop:s0
log.tag.WifiHAL u:object_r:wifi_log_prop:s0
@@ -97,9 +96,6 @@
sys.lmk. u:object_r:system_lmk_prop:s0
sys.trace. u:object_r:system_trace_prop:s0
-# Fastbootd protocol control property
-fastbootd.protocol u:object_r:fastbootd_protocol_prop:s0 exact enum usb tcp
-
# Boolean property set by system server upon boot indicating
# if device is fully owned by organization instead of being
# a personal device.
@@ -253,9 +249,6 @@
# history size.
ro.lib_gui.frame_event_history_size u:object_r:bq_config_prop:s0
-# Property to enable incremental feature
-ro.incremental.enable u:object_r:incremental_prop:s0
-
# Properties to configure userspace reboot.
init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool
init.userspace_reboot.sigkill.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
diff --git a/prebuilts/api/30.0/private/seapp_contexts b/prebuilts/api/30.0/private/seapp_contexts
index a8c61be..0a25789 100644
--- a/prebuilts/api/30.0/private/seapp_contexts
+++ b/prebuilts/api/30.0/private/seapp_contexts
@@ -160,7 +160,7 @@
user=_app isPrivApp=true name=com.google.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.google.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all
-user=_app seinfo=platform isPrivApp=true name=com.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
+user=_app isPrivApp=true name=com.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.android.vzwomatrigger domain=vzwomatrigger_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.google.android.gms domain=gmscore_app type=privapp_data_file levelFrom=user
user=_app isPrivApp=true name=com.google.android.gms.* domain=gmscore_app type=privapp_data_file levelFrom=user
diff --git a/prebuilts/api/30.0/private/shell.te b/prebuilts/api/30.0/private/shell.te
index 43e4dd5..fd78763 100644
--- a/prebuilts/api/30.0/private/shell.te
+++ b/prebuilts/api/30.0/private/shell.te
@@ -92,4 +92,4 @@
neverallow shell self:perf_event ~{ open read write kernel };
# Allow to read graphics related properties.
-get_prop(shell, graphics_config_prop)
\ No newline at end of file
+get_prop(shell, graphics_config_prop)
diff --git a/prebuilts/api/30.0/private/system_server.te b/prebuilts/api/30.0/private/system_server.te
index 66c46ed..0499ce4 100644
--- a/prebuilts/api/30.0/private/system_server.te
+++ b/prebuilts/api/30.0/private/system_server.te
@@ -679,9 +679,6 @@
# Read wifi.interface
get_prop(system_server, wifi_prop)
-# Read the vendor property that indicates if Incremental features is enabled
-get_prop(system_server, incremental_prop)
-
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;
diff --git a/prebuilts/api/30.0/public/app.te b/prebuilts/api/30.0/public/app.te
index e5b9fd6..9c635aa 100644
--- a/prebuilts/api/30.0/public/app.te
+++ b/prebuilts/api/30.0/public/app.te
@@ -566,6 +566,10 @@
-system_app
} { bluetooth_audio_hal_prop bluetooth_a2dp_offload_prop bluetooth_prop exported_bluetooth_prop }:file create_file_perms;
+
+# Don't allow apps access to storage configuration properties.
+neverallow appdomain storage_config_prop:file no_rw_file_perms;
+
# Apps cannot access proc_uid_time_in_state
neverallow appdomain proc_uid_time_in_state:file *;
diff --git a/prebuilts/api/30.0/public/bootanim.te b/prebuilts/api/30.0/public/bootanim.te
index bd2bec6..e8cb98b 100644
--- a/prebuilts/api/30.0/public/bootanim.te
+++ b/prebuilts/api/30.0/public/bootanim.te
@@ -23,7 +23,6 @@
allow bootanim audioserver_service:service_manager find;
allow bootanim surfaceflinger_service:service_manager find;
-allow bootanim surfaceflinger:unix_stream_socket { read write };
# Allow access to ion memory allocation device
allow bootanim ion_device:chr_file rw_file_perms;
diff --git a/prebuilts/api/30.0/public/dumpstate.te b/prebuilts/api/30.0/public/dumpstate.te
index 8d99a3c..1724b70 100644
--- a/prebuilts/api/30.0/public/dumpstate.te
+++ b/prebuilts/api/30.0/public/dumpstate.te
@@ -136,11 +136,12 @@
binder_call(dumpstate, binderservicedomain)
binder_call(dumpstate, { appdomain netd wificond })
-dump_hal(hal_identity)
dump_hal(hal_dumpstate)
dump_hal(hal_wifi)
dump_hal(hal_graphics_allocator)
dump_hal(hal_neuralnetworks)
+dump_hal(hal_identity)
+
# Vibrate the device after we are done collecting the bugreport
hal_client_domain(dumpstate, hal_vibrator)
diff --git a/prebuilts/api/30.0/public/fastbootd.te b/prebuilts/api/30.0/public/fastbootd.te
index 8787817..f10e649 100644
--- a/prebuilts/api/30.0/public/fastbootd.te
+++ b/prebuilts/api/30.0/public/fastbootd.te
@@ -120,14 +120,6 @@
# Determine allocation scheme (whether B partitions needs to be
# at the second half of super.
get_prop(fastbootd, virtual_ab_prop)
-
- # Needed for TCP protocol
- allow fastbootd node:tcp_socket node_bind;
- allow fastbootd port:tcp_socket name_bind;
- allow fastbootd self:tcp_socket { create_socket_perms_no_ioctl listen accept };
-
- # Get fastbootd protocol property
- get_prop(fastbootd, fastbootd_protocol_prop)
')
###
diff --git a/prebuilts/api/30.0/public/hal_neuralnetworks.te b/prebuilts/api/30.0/public/hal_neuralnetworks.te
index 228d990..f8d6ff5 100644
--- a/prebuilts/api/30.0/public/hal_neuralnetworks.te
+++ b/prebuilts/api/30.0/public/hal_neuralnetworks.te
@@ -18,9 +18,6 @@
# Allow NN HAL service to read a client-provided ION memory fd.
allow hal_neuralnetworks_server ion_device:chr_file r_file_perms;
-# Allow NN HAL service to use a client-provided fd residing in /storage
-allow hal_neuralnetworks_server storage_file:file { getattr map read };
-
# Allow NN HAL client to check the ro.nnapi.extensions.deny_on_product
# property to determine whether to deny NNAPI extensions use for apps
# on product partition (apps in GSI are not allowed to use NNAPI extensions).
diff --git a/prebuilts/api/30.0/public/lmkd.te b/prebuilts/api/30.0/public/lmkd.te
index 67e93e1..b852f44 100644
--- a/prebuilts/api/30.0/public/lmkd.te
+++ b/prebuilts/api/30.0/public/lmkd.te
@@ -60,9 +60,6 @@
# Read/Write /proc/pressure/memory
allow lmkd proc_pressure_mem:file rw_file_perms;
-# Allow lmkd to connect during reinit.
-allow lmkd lmkd_socket:sock_file write;
-
# Allow lmkd to write to statsd.
unix_socket_send(lmkd, statsdw, statsd)
diff --git a/prebuilts/api/30.0/public/modprobe.te b/prebuilts/api/30.0/public/modprobe.te
index 2c7d64b..1190409 100644
--- a/prebuilts/api/30.0/public/modprobe.te
+++ b/prebuilts/api/30.0/public/modprobe.te
@@ -1,7 +1,6 @@
type modprobe, domain;
allow modprobe proc_modules:file r_file_perms;
-allow modprobe proc_cmdline:file r_file_perms;
allow modprobe self:global_capability_class_set sys_module;
allow modprobe kernel:key search;
recovery_only(`
diff --git a/prebuilts/api/30.0/public/property.te b/prebuilts/api/30.0/public/property.te
index 9a93518..d9ac231 100644
--- a/prebuilts/api/30.0/public/property.te
+++ b/prebuilts/api/30.0/public/property.te
@@ -14,7 +14,6 @@
system_internal_prop(device_config_window_manager_native_boot_prop)
system_internal_prop(device_config_configuration_prop)
system_internal_prop(firstboot_prop)
-system_internal_prop(fastbootd_protocol_prop)
system_internal_prop(gsid_prop)
system_internal_prop(init_perf_lsm_hooks_prop)
system_internal_prop(init_svc_debug_prop)
@@ -121,7 +120,6 @@
system_vendor_config_prop(exported_default_prop)
system_vendor_config_prop(exported3_default_prop)
system_vendor_config_prop(graphics_config_prop)
-system_vendor_config_prop(incremental_prop)
system_vendor_config_prop(media_variant_prop)
system_vendor_config_prop(storage_config_prop)
system_vendor_config_prop(userspace_reboot_config_prop)
@@ -158,7 +156,6 @@
system_public_prop(exported_wifi_prop)
system_public_prop(sota_prop)
system_public_prop(hwservicemanager_prop)
-system_public_prop(lmkd_prop)
system_public_prop(logd_prop)
system_public_prop(logpersistd_logging_prop)
system_public_prop(log_prop)
diff --git a/prebuilts/api/30.0/public/property_contexts b/prebuilts/api/30.0/public/property_contexts
index f985200..40f6889 100644
--- a/prebuilts/api/30.0/public/property_contexts
+++ b/prebuilts/api/30.0/public/property_contexts
@@ -73,7 +73,6 @@
drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool
external_storage.projid.enabled u:object_r:storage_config_prop:s0 exact bool
external_storage.casefold.enabled u:object_r:storage_config_prop:s0 exact bool
-external_storage.sdcardfs.enabled u:object_r:storage_config_prop:s0 exact bool
keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool
media.recorder.show_manufacturer_and_model u:object_r:exported3_default_prop:s0 exact bool
media.stagefright.cache-params u:object_r:exported3_default_prop:s0 exact string
@@ -185,7 +184,6 @@
sys.usb.ffs.mtp.ready u:object_r:exported_ffs_prop:s0 exact bool
sys.usb.state u:object_r:exported2_system_prop:s0 exact string
telephony.lteOnCdmaDevice u:object_r:exported3_default_prop:s0 exact int
-telephony.active_modems.max_count u:object_r:exported3_default_prop:s0 exact int
tombstoned.max_tombstone_count u:object_r:exported3_default_prop:s0 exact int
vold.post_fs_data_done u:object_r:exported2_vold_prop:s0 exact int
vts.native_server.on u:object_r:exported3_default_prop:s0 exact bool
@@ -315,7 +313,6 @@
ro.bionic.cpu_variant u:object_r:cpu_variant_prop:s0 exact string
ro.board.platform u:object_r:exported_default_prop:s0 exact string
ro.boot.fake_battery u:object_r:exported_default_prop:s0 exact int
-ro.boot.fstab_suffix u:object_r:exported_default_prop:s0 exact string
ro.boot.hardware.revision u:object_r:exported_default_prop:s0 exact string
ro.boot.product.hardware.sku u:object_r:exported_default_prop:s0 exact string
ro.boot.product.vendor.sku u:object_r:exported_default_prop:s0 exact string
diff --git a/prebuilts/api/30.0/public/recovery.te b/prebuilts/api/30.0/public/recovery.te
index 63a9cea..16b670f 100644
--- a/prebuilts/api/30.0/public/recovery.te
+++ b/prebuilts/api/30.0/public/recovery.te
@@ -154,15 +154,6 @@
# Allow mounting /metadata for writing update states
allow recovery metadata_file:dir { getattr mounton };
-
- # These are needed to allow recovery to manage network
- allow recovery self:netlink_route_socket { create write read nlmsg_readpriv nlmsg_read };
- allow recovery self:global_capability_class_set net_admin;
- allow recovery self:tcp_socket { create ioctl };
- allowxperm recovery self:tcp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS };
-
- # Set fastbootd protocol property
- set_prop(recovery, fastbootd_protocol_prop)
')
###
diff --git a/prebuilts/api/30.0/public/servicemanager.te b/prebuilts/api/30.0/public/servicemanager.te
index 63fc227..cd62a21 100644
--- a/prebuilts/api/30.0/public/servicemanager.te
+++ b/prebuilts/api/30.0/public/servicemanager.te
@@ -25,8 +25,6 @@
not_full_treble(`allow servicemanager nonplat_service_contexts_file:file r_file_perms;')
add_service(servicemanager, service_manager_service)
-allow servicemanager dumpstate:fd use;
-allow servicemanager dumpstate:fifo_file write;
# Check SELinux permissions.
selinux_check_access(servicemanager)
diff --git a/prebuilts/api/30.0/public/vendor_init.te b/prebuilts/api/30.0/public/vendor_init.te
index 36bb5cb..df203be 100644
--- a/prebuilts/api/30.0/public/vendor_init.te
+++ b/prebuilts/api/30.0/public/vendor_init.te
@@ -228,8 +228,6 @@
set_prop(vendor_init, exported2_vold_prop)
set_prop(vendor_init, exported3_default_prop)
set_prop(vendor_init, exported3_radio_prop)
-set_prop(vendor_init, incremental_prop)
-set_prop(vendor_init, lmkd_prop)
set_prop(vendor_init, logd_prop)
set_prop(vendor_init, log_tag_prop)
set_prop(vendor_init, log_prop)
diff --git a/prebuilts/api/30.0/public/vold.te b/prebuilts/api/30.0/public/vold.te
index 1d125d3..a112de0 100644
--- a/prebuilts/api/30.0/public/vold.te
+++ b/prebuilts/api/30.0/public/vold.te
@@ -202,7 +202,6 @@
set_prop(vold, boottime_prop)
set_prop(vold, boottime_public_prop)
get_prop(vold, storage_config_prop)
-get_prop(vold, incremental_prop)
# ASEC
allow vold asec_image_file:file create_file_perms;
diff --git a/prebuilts/api/30.0/vendor_sepolicy.cil b/prebuilts/api/30.0/vendor_sepolicy.cil
new file mode 100644
index 0000000..4a3aac3
--- /dev/null
+++ b/prebuilts/api/30.0/vendor_sepolicy.cil
@@ -0,0 +1 @@
+;; empty stub
diff --git a/private/access_vectors b/private/access_vectors
index 4144be8..f41eadd 100644
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -138,6 +138,7 @@
wake_alarm
block_suspend
audit_read
+ perfmon
}
#
diff --git a/private/adbd.te b/private/adbd.te
index 89fa1f9..b03c62e 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -84,12 +84,15 @@
# Set service.adb.*, sys.powerctl, and sys.usb.ffs.ready properties.
set_prop(adbd, shell_prop)
set_prop(adbd, powerctl_prop)
-set_prop(adbd, ffs_prop)
-set_prop(adbd, exported_ffs_prop)
+get_prop(adbd, ffs_config_prop)
+set_prop(adbd, ffs_control_prop)
# Set service.adb.tls.port, persist.adb.wifi. properties
set_prop(adbd, adbd_prop)
+# Allow adbd start/stop mdnsd via ctl.start
+set_prop(adbd, ctl_mdnsd_prop)
+
# Access device logging gating property
get_prop(adbd, device_logging_prop)
@@ -180,6 +183,11 @@
allow adbd rootfs:dir r_dir_perms;
+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
# Allow to pull Perfetto traces.
allow adbd perfetto_traces_data_file:file r_file_perms;
allow adbd perfetto_traces_data_file:dir r_dir_perms;
diff --git a/private/apexd.te b/private/apexd.te
index 9e702dd..4d9f5ac 100644
--- a/private/apexd.te
+++ b/private/apexd.te
@@ -64,6 +64,9 @@
allow apexd apex_mnt_dir:dir mounton;
# allow apexd to create symlinks in /apex
allow apexd apex_mnt_dir:lnk_file create_file_perms;
+# allow apexd to create /apex/apex-info-list.xml and relabel to apex_info_file
+allow apexd apex_mnt_dir:file { create_file_perms relabelfrom };
+allow apexd apex_info_file:file relabelto;
# allow apexd to unlink apex files in /data/apex/active
# note that apexd won't be able to unlink files in /data/app-staging/session_XXXX,
# because it doesn't have write permission for staging_data_file object.
@@ -155,3 +158,10 @@
neverallow { domain -apexd -init -vold_prepare_subdirs } apex_rollback_data_file:dir no_w_dir_perms;
neverallow { domain -apexd -init -vold_prepare_subdirs } apex_rollback_data_file:file no_w_file_perms;
+
+# only apexd can set apexd sysprop
+set_prop(apexd, apexd_prop)
+neverallow { domain -apexd -init } apexd_prop:property_service set;
+
+# only apexd can write apex-info-list.xml
+neverallow { domain -apexd } apex_info_file:file no_w_file_perms;
diff --git a/private/app.te b/private/app.te
index 9882d8f..27ef097 100644
--- a/private/app.te
+++ b/private/app.te
@@ -2,6 +2,14 @@
# the implementation of ActivityManager.isDeviceInTestHarnessMode()
get_prop(appdomain, test_harness_prop)
+get_prop(appdomain, boot_status_prop)
+get_prop(appdomain, dalvik_config_prop)
+get_prop(appdomain, surfaceflinger_color_prop)
+get_prop(appdomain, systemsound_config_prop)
+get_prop(appdomain, telephony_config_prop)
+get_prop(appdomain, userspace_reboot_config_prop)
+get_prop(appdomain, vold_config_prop)
+
userdebug_or_eng(`perfetto_producer({ appdomain })')
# Prevent apps from causing presubmit failures.
diff --git a/private/asan_extract.te b/private/asan_extract.te
index 1c20d78..69bcd50 100644
--- a/private/asan_extract.te
+++ b/private/asan_extract.te
@@ -3,6 +3,9 @@
# Technically not a daemon but we do want the transition from init domain to
# asan_extract to occur.
with_asan(`
-typeattribute asan_extract coredomain;
-init_daemon_domain(asan_extract)
+ typeattribute asan_extract coredomain;
+ init_daemon_domain(asan_extract)
+
+ # We need to signal a reboot when done.
+ set_prop(asan_extract, powerctl_prop)
')
diff --git a/private/audioserver.te b/private/audioserver.te
index 067152f..5047e2c 100644
--- a/private/audioserver.te
+++ b/private/audioserver.te
@@ -98,3 +98,6 @@
# Allow using wake locks
wakelock_use(audioserver)
+
+# Allow reading audio config props, e.g. af.fast_track_multiplier
+get_prop(audioserver, audio_config_prop)
diff --git a/private/blank_screen.te b/private/blank_screen.te
index 51310d1..20d50cc 100644
--- a/private/blank_screen.te
+++ b/private/blank_screen.te
@@ -3,4 +3,5 @@
init_daemon_domain(blank_screen)
+# hal_light_client has access to hal_light_server
hal_client_domain(blank_screen, hal_light)
diff --git a/private/bootanim.te b/private/bootanim.te
index 4740560..41c9179 100644
--- a/private/bootanim.te
+++ b/private/bootanim.te
@@ -7,3 +7,6 @@
# Bootanim should not be reading default vendor-defined properties.
dontaudit bootanim vendor_default_prop:file read;
+
+# Read ro.boot.bootreason b/30654343
+get_prop(bootanim, bootloader_boot_reason_prop)
diff --git a/private/bootstat.te b/private/bootstat.te
index 806144c..016292e 100644
--- a/private/bootstat.te
+++ b/private/bootstat.te
@@ -1,3 +1,34 @@
typeattribute bootstat coredomain;
init_daemon_domain(bootstat)
+
+# Collect metrics on boot time created by init
+get_prop(bootstat, boottime_prop)
+
+# Read/Write [persist.]sys.boot.reason and ro.boot.bootreason (write if empty)
+set_prop(bootstat, bootloader_boot_reason_prop)
+set_prop(bootstat, system_boot_reason_prop)
+set_prop(bootstat, last_boot_reason_prop)
+
+neverallow {
+ domain
+ -bootanim
+ -bootstat
+ -dumpstate
+ userdebug_or_eng(`-incidentd')
+ -init
+ -recovery
+ -shell
+ -system_server
+} { bootloader_boot_reason_prop last_boot_reason_prop }:file r_file_perms;
+# ... and refine, as these components should not set the last boot reason
+neverallow { bootanim recovery } last_boot_reason_prop:file r_file_perms;
+
+neverallow {
+ domain
+ -bootstat
+ -init
+ -system_server
+} { bootloader_boot_reason_prop last_boot_reason_prop }:property_service set;
+# ... and refine ... for a ro propertly no less ... keep this _tight_
+neverallow system_server bootloader_boot_reason_prop:property_service set;
diff --git a/private/bpfloader.te b/private/bpfloader.te
index 74a8e25..7c88be2 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@@ -27,8 +27,8 @@
neverallow domain fs_bpf:file { rename unlink };
neverallow { domain -bpfloader } *:bpf { map_create prog_load };
-neverallow { domain -bpfloader -netd -netutils_wrapper -system_server } *:bpf prog_run;
-neverallow { domain -bpfloader -netd -system_server } *:bpf { map_read map_write };
+neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -system_server } *:bpf prog_run;
+neverallow { domain -bpfloader -gpuservice -netd -system_server } *:bpf { map_read map_write };
neverallow { domain -bpfloader -init } bpfloader_exec:file { execute execute_no_trans };
diff --git a/private/bug_map b/private/bug_map
index b2898bc..eaa1593 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -23,6 +23,7 @@
netd untrusted_app unix_stream_socket b/77870037
netd untrusted_app_25 unix_stream_socket b/77870037
netd untrusted_app_27 unix_stream_socket b/77870037
+netd untrusted_app_29 unix_stream_socket b/77870037
platform_app nfc_data_file dir b/74331887
system_server crash_dump process b/73128755
system_server overlayfs_file file b/142390309
diff --git a/private/charger.te b/private/charger.te
index 65109de..719ae3c 100644
--- a/private/charger.te
+++ b/private/charger.te
@@ -1 +1,9 @@
typeattribute charger coredomain;
+
+# charger needs to tell init to continue the boot
+# process when running in charger mode.
+set_prop(charger, system_prop)
+set_prop(charger, exported_system_prop)
+set_prop(charger, exported3_system_prop)
+
+get_prop(charger, charger_prop)
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index b395855..0138743 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -18,9 +18,11 @@
apexd_prop
apexd_tmpfs
app_zygote
+ audio_config_prop
atrace
binder_calls_stats_service
biometric_service
+ boot_status_prop
bootloader_boot_reason_prop
blank_screen
blank_screen_exec
@@ -39,6 +41,7 @@
ctl_interface_start_prop
ctl_interface_stop_prop
ctl_sigstop_prop
+ dalvik_config_prop
device_config_boot_count_prop
device_config_reset_performed_prop
device_config_netd_native_prop
@@ -109,6 +112,7 @@
llkd_exec
llkd_prop
llkd_tmpfs
+ lmkd_config_prop
looper_stats_service
lowpan_device
lowpan_prop
@@ -161,12 +165,15 @@
statscompanion_service
storaged_data_file
super_block_device
+ surfaceflinger_color_prop
+ surfaceflinger_prop
sysfs_fs_ext4_features
system_boot_reason_prop
system_bootstrap_lib_file
system_lmk_prop
system_net_netd_hwservice
system_update_service
+ systemsound_config_prop
test_boot_reason_prop
thermal_service
thermalcallback_hwservice
@@ -203,10 +210,12 @@
vendor_shell
vendor_socket_hook_prop
vndk_prop
+ vold_config_prop
vold_metadata_file
vold_prepare_subdirs
vold_prepare_subdirs_exec
vold_service
+ vold_status_prop
vrflinger_vsync_service
wait_for_keymaster
wait_for_keymaster_exec
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index cb500c9..4032646 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -5,6 +5,7 @@
(typeattribute new_objects)
(typeattributeset new_objects
( new_objects
+ aac_drc_prop
activity_task_service
adb_service
app_binding_service
@@ -17,16 +18,23 @@
apexd_prop
apexd_tmpfs
app_zygote
+ art_apex_dir
atrace
+ audio_config_prop
binder_calls_stats_service
biometric_service
blank_screen
blank_screen_exec
blank_screen_tmpfs
+ boot_status_prop
bootloader_boot_reason_prop
bluetooth_a2dp_offload_prop
bpfloader
bpfloader_exec
+ build_odm_prop
+ build_prop
+ build_vendor_prop
+ camera_config_prop
cgroup_bpf
charger_exec
color_display_service
@@ -37,10 +45,13 @@
ctl_interface_start_prop
ctl_interface_stop_prop
ctl_sigstop_prop
+ dalvik_config_prop
+ dalvik_runtime_prop
device_config_boot_count_prop
device_config_reset_performed_prop
device_config_netd_native_prop
dnsresolver_service
+ drm_service_config_prop
exfat
exported2_config_prop
exported2_default_prop
@@ -67,6 +78,8 @@
exported_vold_prop
exported_wifi_prop
fastbootd
+ ffs_config_prop
+ ffs_control_prop
flags_health_check
flags_health_check_exec
fingerprint_vendor_data_file
@@ -84,25 +97,32 @@
hal_usb_gadget_hwservice
hal_vehicle_hwservice
hal_wifi_hostapd_hwservice
+ hdmi_config_prop
heapprofd
heapprofd_exec
heapprofd_socket
incident_helper
incident_helper_exec
+ init_service_status_private_prop
+ init_service_status_prop
iorapd
iorapd_data_file
iorapd_exec
iorapd_service
iorapd_tmpfs
last_boot_reason_prop
+ libc_debug_prop
llkd
llkd_exec
llkd_prop
llkd_tmpfs
+ lmkd_config_prop
looper_stats_service
lowpan_device
lowpan_prop
lowpan_service
+ media_config_prop
+ mediadrm_config_prop
mediaextractor_update_service
mediaswcodec
mediaswcodec_exec
@@ -116,15 +136,18 @@
network_watchlist_data_file
network_watchlist_service
overlayfs_file
+ packagemanager_config_prop
perfetto
perfetto_exec
perfetto_tmpfs
perfetto_traces_data_file
property_info
+ provisioned_prop
+ recovery_config_prop
recovery_socket
+ retaildemo_prop
role_service
runas_app
- art_apex_dir
runtime_service
secure_element
secure_element_device
@@ -147,11 +170,16 @@
statsdw_socket
storaged_data_file
super_block_device
+ surfaceflinger_color_prop
+ surfaceflinger_prop
staging_data_file
system_boot_reason_prop
system_bootstrap_lib_file
system_lmk_prop
system_update_service
+ systemsound_config_prop
+ telephony_config_prop
+ telephony_status_prop
test_boot_reason_prop
time_prop
timedetector_service
@@ -171,6 +199,8 @@
untrusted_app_all_devpts
update_engine_log_data_file
uri_grants_service
+ usb_config_prop
+ usb_control_prop
usbd
usbd_exec
usbd_tmpfs
@@ -181,10 +211,12 @@
vendor_shell
vendor_socket_hook_prop
vndk_prop
+ vold_config_prop
vold_metadata_file
vold_prepare_subdirs
vold_prepare_subdirs_exec
vold_service
+ vold_status_prop
vrflinger_vsync_service
wait_for_keymaster
wait_for_keymaster_exec
@@ -194,7 +226,9 @@
wpantund
wpantund_exec
wpantund_service
- wpantund_tmpfs))
+ wpantund_tmpfs
+ zram_config_prop
+ zram_control_prop))
;; private_objects - a collection of types that were labeled differently in
;; older policy, but that should not remain accessible to vendor policy.
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index 5231498..8340c76 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1,5 +1,10 @@
;; types removed from current policy
(type ashmemd)
+(type exported_audio_prop)
+(type exported_dalvik_prop)
+(type exported_vold_prop)
+(type exported2_config_prop)
+(type exported2_vold_prop)
(type hal_wifi_offload_hwservice)
(type install_recovery)
(type install_recovery_exec)
@@ -1195,20 +1200,23 @@
(typeattributeset ephemeral_app_29_0 (ephemeral_app))
(typeattributeset ethernet_service_29_0 (ethernet_service))
(typeattributeset exfat_29_0 (exfat))
-(typeattributeset exported2_config_prop_29_0 (exported2_config_prop))
+(typeattributeset exported2_config_prop_29_0 (exported2_config_prop systemsound_config_prop))
(typeattributeset exported2_default_prop_29_0 (exported2_default_prop))
(typeattributeset exported2_radio_prop_29_0 (exported2_radio_prop))
-(typeattributeset exported2_system_prop_29_0 (exported2_system_prop))
-(typeattributeset exported2_vold_prop_29_0 (exported2_vold_prop))
-(typeattributeset exported3_default_prop_29_0 (exported3_default_prop))
+(typeattributeset exported2_system_prop_29_0
+ ( exported2_system_prop
+ surfaceflinger_color_prop))
+(typeattributeset exported2_vold_prop_29_0 (exported2_vold_prop vold_config_prop))
+(typeattributeset exported3_default_prop_29_0 (exported3_default_prop lmkd_config_prop))
(typeattributeset exported3_radio_prop_29_0 (exported3_radio_prop))
-(typeattributeset exported3_system_prop_29_0 (exported3_system_prop))
-(typeattributeset exported_audio_prop_29_0 (exported_audio_prop))
+(typeattributeset exported3_system_prop_29_0 (exported3_system_prop boot_status_prop))
+(typeattributeset exported_audio_prop_29_0 (exported_audio_prop audio_config_prop))
(typeattributeset exported_bluetooth_prop_29_0 (exported_bluetooth_prop))
(typeattributeset exported_config_prop_29_0 (exported_config_prop))
-(typeattributeset exported_dalvik_prop_29_0 (exported_dalvik_prop))
+(typeattributeset exported_dalvik_prop_29_0 (exported_dalvik_prop dalvik_config_prop))
(typeattributeset exported_default_prop_29_0
( exported_default_prop
+ surfaceflinger_prop
vndk_prop))
(typeattributeset exported_dumpstate_prop_29_0 (exported_dumpstate_prop))
(typeattributeset exported_ffs_prop_29_0 (exported_ffs_prop))
@@ -1219,7 +1227,7 @@
(typeattributeset exported_secure_prop_29_0 (exported_secure_prop))
(typeattributeset exported_system_prop_29_0 (exported_system_prop))
(typeattributeset exported_system_radio_prop_29_0 (exported_system_radio_prop))
-(typeattributeset exported_vold_prop_29_0 (exported_vold_prop))
+(typeattributeset exported_vold_prop_29_0 (exported_vold_prop vold_status_prop))
(typeattributeset exported_wifi_prop_29_0 (exported_wifi_prop))
(typeattributeset external_vibrator_service_29_0 (external_vibrator_service))
(typeattributeset face_service_29_0 (face_service))
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 846d8c2..1079046 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -49,6 +49,7 @@
fwk_automotive_display_hwservice
fusectlfs
gmscore_app
+ gnss_device
graphics_config_prop
hal_can_bus_hwservice
hal_can_controller_hwservice
diff --git a/private/compat/30.0/30.0.cil b/private/compat/30.0/30.0.cil
new file mode 100644
index 0000000..9810e2f
--- /dev/null
+++ b/private/compat/30.0/30.0.cil
@@ -0,0 +1,2216 @@
+;; types removed from current policy
+(type exported_audio_prop)
+(type exported_dalvik_prop)
+(type exported_ffs_prop)
+(type exported_fingerprint_prop)
+(type exported_system_radio_prop)
+(type exported_radio_prop)
+(type exported_vold_prop)
+(type exported2_config_prop)
+(type exported2_radio_prop)
+(type exported2_vold_prop)
+(type ffs_prop)
+(type system_radio_prop)
+
+(expandtypeattribute (DockObserver_service_30_0) true)
+(expandtypeattribute (IProxyService_service_30_0) true)
+(expandtypeattribute (accessibility_service_30_0) true)
+(expandtypeattribute (account_service_30_0) true)
+(expandtypeattribute (activity_service_30_0) true)
+(expandtypeattribute (activity_task_service_30_0) true)
+(expandtypeattribute (adb_data_file_30_0) true)
+(expandtypeattribute (adb_keys_file_30_0) true)
+(expandtypeattribute (adb_service_30_0) true)
+(expandtypeattribute (adbd_30_0) true)
+(expandtypeattribute (adbd_exec_30_0) true)
+(expandtypeattribute (adbd_prop_30_0) true)
+(expandtypeattribute (adbd_socket_30_0) true)
+(expandtypeattribute (aidl_lazy_test_server_30_0) true)
+(expandtypeattribute (aidl_lazy_test_server_exec_30_0) true)
+(expandtypeattribute (aidl_lazy_test_service_30_0) true)
+(expandtypeattribute (alarm_service_30_0) true)
+(expandtypeattribute (anr_data_file_30_0) true)
+(expandtypeattribute (apex_data_file_30_0) true)
+(expandtypeattribute (apex_metadata_file_30_0) true)
+(expandtypeattribute (apex_mnt_dir_30_0) true)
+(expandtypeattribute (apex_module_data_file_30_0) true)
+(expandtypeattribute (apex_permission_data_file_30_0) true)
+(expandtypeattribute (apex_rollback_data_file_30_0) true)
+(expandtypeattribute (apex_service_30_0) true)
+(expandtypeattribute (apex_wifi_data_file_30_0) true)
+(expandtypeattribute (apexd_30_0) true)
+(expandtypeattribute (apexd_exec_30_0) true)
+(expandtypeattribute (apexd_prop_30_0) true)
+(expandtypeattribute (apk_data_file_30_0) true)
+(expandtypeattribute (apk_private_data_file_30_0) true)
+(expandtypeattribute (apk_private_tmp_file_30_0) true)
+(expandtypeattribute (apk_tmp_file_30_0) true)
+(expandtypeattribute (apk_verity_prop_30_0) true)
+(expandtypeattribute (app_binding_service_30_0) true)
+(expandtypeattribute (app_data_file_30_0) true)
+(expandtypeattribute (app_fuse_file_30_0) true)
+(expandtypeattribute (app_fusefs_30_0) true)
+(expandtypeattribute (app_integrity_service_30_0) true)
+(expandtypeattribute (app_prediction_service_30_0) true)
+(expandtypeattribute (app_search_service_30_0) true)
+(expandtypeattribute (app_zygote_30_0) true)
+(expandtypeattribute (app_zygote_tmpfs_30_0) true)
+(expandtypeattribute (appdomain_tmpfs_30_0) true)
+(expandtypeattribute (appops_service_30_0) true)
+(expandtypeattribute (appwidget_service_30_0) true)
+(expandtypeattribute (art_apex_dir_30_0) true)
+(expandtypeattribute (asec_apk_file_30_0) true)
+(expandtypeattribute (asec_image_file_30_0) true)
+(expandtypeattribute (asec_public_file_30_0) true)
+(expandtypeattribute (ashmem_device_30_0) true)
+(expandtypeattribute (ashmem_libcutils_device_30_0) true)
+(expandtypeattribute (assetatlas_service_30_0) true)
+(expandtypeattribute (audio_data_file_30_0) true)
+(expandtypeattribute (audio_device_30_0) true)
+(expandtypeattribute (audio_prop_30_0) true)
+(expandtypeattribute (audio_service_30_0) true)
+(expandtypeattribute (audiohal_data_file_30_0) true)
+(expandtypeattribute (audioserver_30_0) true)
+(expandtypeattribute (audioserver_data_file_30_0) true)
+(expandtypeattribute (audioserver_service_30_0) true)
+(expandtypeattribute (audioserver_tmpfs_30_0) true)
+(expandtypeattribute (auth_service_30_0) true)
+(expandtypeattribute (autofill_service_30_0) true)
+(expandtypeattribute (backup_data_file_30_0) true)
+(expandtypeattribute (backup_service_30_0) true)
+(expandtypeattribute (battery_service_30_0) true)
+(expandtypeattribute (batteryproperties_service_30_0) true)
+(expandtypeattribute (batterystats_service_30_0) true)
+(expandtypeattribute (binder_cache_bluetooth_server_prop_30_0) true)
+(expandtypeattribute (binder_cache_system_server_prop_30_0) true)
+(expandtypeattribute (binder_cache_telephony_server_prop_30_0) true)
+(expandtypeattribute (binder_calls_stats_service_30_0) true)
+(expandtypeattribute (binder_device_30_0) true)
+(expandtypeattribute (binderfs_30_0) true)
+(expandtypeattribute (binderfs_logs_30_0) true)
+(expandtypeattribute (binderfs_logs_proc_30_0) true)
+(expandtypeattribute (binfmt_miscfs_30_0) true)
+(expandtypeattribute (biometric_service_30_0) true)
+(expandtypeattribute (blkid_30_0) true)
+(expandtypeattribute (blkid_untrusted_30_0) true)
+(expandtypeattribute (blob_store_service_30_0) true)
+(expandtypeattribute (block_device_30_0) true)
+(expandtypeattribute (bluetooth_30_0) true)
+(expandtypeattribute (bluetooth_a2dp_offload_prop_30_0) true)
+(expandtypeattribute (bluetooth_audio_hal_prop_30_0) true)
+(expandtypeattribute (bluetooth_data_file_30_0) true)
+(expandtypeattribute (bluetooth_efs_file_30_0) true)
+(expandtypeattribute (bluetooth_logs_data_file_30_0) true)
+(expandtypeattribute (bluetooth_manager_service_30_0) true)
+(expandtypeattribute (bluetooth_prop_30_0) true)
+(expandtypeattribute (bluetooth_service_30_0) true)
+(expandtypeattribute (bluetooth_socket_30_0) true)
+(expandtypeattribute (boot_block_device_30_0) true)
+(expandtypeattribute (bootanim_30_0) true)
+(expandtypeattribute (bootanim_exec_30_0) true)
+(expandtypeattribute (bootchart_data_file_30_0) true)
+(expandtypeattribute (bootloader_boot_reason_prop_30_0) true)
+(expandtypeattribute (bootstat_30_0) true)
+(expandtypeattribute (bootstat_data_file_30_0) true)
+(expandtypeattribute (bootstat_exec_30_0) true)
+(expandtypeattribute (boottime_prop_30_0) true)
+(expandtypeattribute (boottime_public_prop_30_0) true)
+(expandtypeattribute (boottrace_data_file_30_0) true)
+(expandtypeattribute (bpf_progs_loaded_prop_30_0) true)
+(expandtypeattribute (bq_config_prop_30_0) true)
+(expandtypeattribute (broadcastradio_service_30_0) true)
+(expandtypeattribute (bufferhubd_30_0) true)
+(expandtypeattribute (bufferhubd_exec_30_0) true)
+(expandtypeattribute (bugreport_service_30_0) true)
+(expandtypeattribute (cache_backup_file_30_0) true)
+(expandtypeattribute (cache_block_device_30_0) true)
+(expandtypeattribute (cache_file_30_0) true)
+(expandtypeattribute (cache_private_backup_file_30_0) true)
+(expandtypeattribute (cache_recovery_file_30_0) true)
+(expandtypeattribute (camera_data_file_30_0) true)
+(expandtypeattribute (camera_device_30_0) true)
+(expandtypeattribute (cameraproxy_service_30_0) true)
+(expandtypeattribute (cameraserver_30_0) true)
+(expandtypeattribute (cameraserver_exec_30_0) true)
+(expandtypeattribute (cameraserver_service_30_0) true)
+(expandtypeattribute (cameraserver_tmpfs_30_0) true)
+(expandtypeattribute (cgroup_30_0) true)
+(expandtypeattribute (cgroup_bpf_30_0) true)
+(expandtypeattribute (cgroup_desc_file_30_0) true)
+(expandtypeattribute (cgroup_rc_file_30_0) true)
+(expandtypeattribute (charger_30_0) true)
+(expandtypeattribute (charger_exec_30_0) true)
+(expandtypeattribute (charger_prop_30_0) true)
+(expandtypeattribute (clipboard_service_30_0) true)
+(expandtypeattribute (cold_boot_done_prop_30_0) true)
+(expandtypeattribute (color_display_service_30_0) true)
+(expandtypeattribute (companion_device_service_30_0) true)
+(expandtypeattribute (config_prop_30_0) true)
+(expandtypeattribute (configfs_30_0) true)
+(expandtypeattribute (connectivity_service_30_0) true)
+(expandtypeattribute (connmetrics_service_30_0) true)
+(expandtypeattribute (console_device_30_0) true)
+(expandtypeattribute (consumer_ir_service_30_0) true)
+(expandtypeattribute (content_capture_service_30_0) true)
+(expandtypeattribute (content_service_30_0) true)
+(expandtypeattribute (content_suggestions_service_30_0) true)
+(expandtypeattribute (contexthub_service_30_0) true)
+(expandtypeattribute (coredump_file_30_0) true)
+(expandtypeattribute (country_detector_service_30_0) true)
+(expandtypeattribute (coverage_service_30_0) true)
+(expandtypeattribute (cppreopt_prop_30_0) true)
+(expandtypeattribute (cpu_variant_prop_30_0) true)
+(expandtypeattribute (cpuinfo_service_30_0) true)
+(expandtypeattribute (crash_dump_30_0) true)
+(expandtypeattribute (crash_dump_exec_30_0) true)
+(expandtypeattribute (credstore_30_0) true)
+(expandtypeattribute (credstore_data_file_30_0) true)
+(expandtypeattribute (credstore_exec_30_0) true)
+(expandtypeattribute (credstore_service_30_0) true)
+(expandtypeattribute (crossprofileapps_service_30_0) true)
+(expandtypeattribute (ctl_adbd_prop_30_0) true)
+(expandtypeattribute (ctl_apexd_prop_30_0) true)
+(expandtypeattribute (ctl_bootanim_prop_30_0) true)
+(expandtypeattribute (ctl_bugreport_prop_30_0) true)
+(expandtypeattribute (ctl_console_prop_30_0) true)
+(expandtypeattribute (ctl_default_prop_30_0) true)
+(expandtypeattribute (ctl_dumpstate_prop_30_0) true)
+(expandtypeattribute (ctl_fuse_prop_30_0) true)
+(expandtypeattribute (ctl_gsid_prop_30_0) true)
+(expandtypeattribute (ctl_interface_restart_prop_30_0) true)
+(expandtypeattribute (ctl_interface_start_prop_30_0) true)
+(expandtypeattribute (ctl_interface_stop_prop_30_0) true)
+(expandtypeattribute (ctl_mdnsd_prop_30_0) true)
+(expandtypeattribute (ctl_restart_prop_30_0) true)
+(expandtypeattribute (ctl_rildaemon_prop_30_0) true)
+(expandtypeattribute (ctl_sigstop_prop_30_0) true)
+(expandtypeattribute (ctl_start_prop_30_0) true)
+(expandtypeattribute (ctl_stop_prop_30_0) true)
+(expandtypeattribute (dalvik_prop_30_0) true)
+(expandtypeattribute (dalvikcache_data_file_30_0) true)
+(expandtypeattribute (dataloader_manager_service_30_0) true)
+(expandtypeattribute (dbinfo_service_30_0) true)
+(expandtypeattribute (debug_prop_30_0) true)
+(expandtypeattribute (debugfs_30_0) true)
+(expandtypeattribute (debugfs_mmc_30_0) true)
+(expandtypeattribute (debugfs_trace_marker_30_0) true)
+(expandtypeattribute (debugfs_tracing_30_0) true)
+(expandtypeattribute (debugfs_tracing_debug_30_0) true)
+(expandtypeattribute (debugfs_tracing_instances_30_0) true)
+(expandtypeattribute (debugfs_wakeup_sources_30_0) true)
+(expandtypeattribute (debugfs_wifi_tracing_30_0) true)
+(expandtypeattribute (debuggerd_prop_30_0) true)
+(expandtypeattribute (default_android_hwservice_30_0) true)
+(expandtypeattribute (default_android_service_30_0) true)
+(expandtypeattribute (default_android_vndservice_30_0) true)
+(expandtypeattribute (default_prop_30_0) true)
+(expandtypeattribute (dev_cpu_variant_30_0) true)
+(expandtypeattribute (device_30_0) true)
+(expandtypeattribute (device_config_activity_manager_native_boot_prop_30_0) true)
+(expandtypeattribute (device_config_boot_count_prop_30_0) true)
+(expandtypeattribute (device_config_configuration_prop_30_0) true)
+(expandtypeattribute (device_config_input_native_boot_prop_30_0) true)
+(expandtypeattribute (device_config_media_native_prop_30_0) true)
+(expandtypeattribute (device_config_netd_native_prop_30_0) true)
+(expandtypeattribute (device_config_reset_performed_prop_30_0) true)
+(expandtypeattribute (device_config_runtime_native_boot_prop_30_0) true)
+(expandtypeattribute (device_config_runtime_native_prop_30_0) true)
+(expandtypeattribute (device_config_service_30_0) true)
+(expandtypeattribute (device_config_storage_native_boot_prop_30_0) true)
+(expandtypeattribute (device_config_sys_traced_prop_30_0) true)
+(expandtypeattribute (device_config_window_manager_native_boot_prop_30_0) true)
+(expandtypeattribute (device_identifiers_service_30_0) true)
+(expandtypeattribute (device_logging_prop_30_0) true)
+(expandtypeattribute (device_policy_service_30_0) true)
+(expandtypeattribute (deviceidle_service_30_0) true)
+(expandtypeattribute (devicestoragemonitor_service_30_0) true)
+(expandtypeattribute (devpts_30_0) true)
+(expandtypeattribute (dhcp_30_0) true)
+(expandtypeattribute (dhcp_data_file_30_0) true)
+(expandtypeattribute (dhcp_exec_30_0) true)
+(expandtypeattribute (dhcp_prop_30_0) true)
+(expandtypeattribute (diskstats_service_30_0) true)
+(expandtypeattribute (display_service_30_0) true)
+(expandtypeattribute (dm_device_30_0) true)
+(expandtypeattribute (dnsmasq_30_0) true)
+(expandtypeattribute (dnsmasq_exec_30_0) true)
+(expandtypeattribute (dnsproxyd_socket_30_0) true)
+(expandtypeattribute (dnsresolver_service_30_0) true)
+(expandtypeattribute (dreams_service_30_0) true)
+(expandtypeattribute (drm_data_file_30_0) true)
+(expandtypeattribute (drmserver_30_0) true)
+(expandtypeattribute (drmserver_exec_30_0) true)
+(expandtypeattribute (drmserver_service_30_0) true)
+(expandtypeattribute (drmserver_socket_30_0) true)
+(expandtypeattribute (dropbox_data_file_30_0) true)
+(expandtypeattribute (dropbox_service_30_0) true)
+(expandtypeattribute (dumpstate_30_0) true)
+(expandtypeattribute (dumpstate_exec_30_0) true)
+(expandtypeattribute (dumpstate_options_prop_30_0) true)
+(expandtypeattribute (dumpstate_prop_30_0) true)
+(expandtypeattribute (dumpstate_service_30_0) true)
+(expandtypeattribute (dumpstate_socket_30_0) true)
+(expandtypeattribute (dynamic_system_prop_30_0) true)
+(expandtypeattribute (e2fs_30_0) true)
+(expandtypeattribute (e2fs_exec_30_0) true)
+(expandtypeattribute (efs_file_30_0) true)
+(expandtypeattribute (emergency_affordance_service_30_0) true)
+(expandtypeattribute (ephemeral_app_30_0) true)
+(expandtypeattribute (ethernet_service_30_0) true)
+(expandtypeattribute (exfat_30_0) true)
+(expandtypeattribute (exported2_config_prop_30_0) true)
+(expandtypeattribute (exported2_default_prop_30_0) true)
+(expandtypeattribute (exported2_radio_prop_30_0) true)
+(expandtypeattribute (exported2_system_prop_30_0) true)
+(expandtypeattribute (exported2_vold_prop_30_0) true)
+(expandtypeattribute (exported3_default_prop_30_0) true)
+(expandtypeattribute (exported3_radio_prop_30_0) true)
+(expandtypeattribute (exported3_system_prop_30_0) true)
+(expandtypeattribute (exported_audio_prop_30_0) true)
+(expandtypeattribute (exported_bluetooth_prop_30_0) true)
+(expandtypeattribute (exported_camera_prop_30_0) true)
+(expandtypeattribute (exported_config_prop_30_0) true)
+(expandtypeattribute (exported_dalvik_prop_30_0) true)
+(expandtypeattribute (exported_default_prop_30_0) true)
+(expandtypeattribute (exported_dumpstate_prop_30_0) true)
+(expandtypeattribute (exported_ffs_prop_30_0) true)
+(expandtypeattribute (exported_fingerprint_prop_30_0) true)
+(expandtypeattribute (exported_overlay_prop_30_0) true)
+(expandtypeattribute (exported_pm_prop_30_0) true)
+(expandtypeattribute (exported_radio_prop_30_0) true)
+(expandtypeattribute (exported_secure_prop_30_0) true)
+(expandtypeattribute (exported_system_prop_30_0) true)
+(expandtypeattribute (exported_system_radio_prop_30_0) true)
+(expandtypeattribute (exported_vold_prop_30_0) true)
+(expandtypeattribute (exported_wifi_prop_30_0) true)
+(expandtypeattribute (external_vibrator_service_30_0) true)
+(expandtypeattribute (face_service_30_0) true)
+(expandtypeattribute (face_vendor_data_file_30_0) true)
+(expandtypeattribute (fastbootd_30_0) true)
+(expandtypeattribute (ffs_prop_30_0) true)
+(expandtypeattribute (file_contexts_file_30_0) true)
+(expandtypeattribute (file_integrity_service_30_0) true)
+(expandtypeattribute (fingerprint_service_30_0) true)
+(expandtypeattribute (fingerprint_vendor_data_file_30_0) true)
+(expandtypeattribute (fingerprintd_30_0) true)
+(expandtypeattribute (fingerprintd_data_file_30_0) true)
+(expandtypeattribute (fingerprintd_exec_30_0) true)
+(expandtypeattribute (fingerprintd_service_30_0) true)
+(expandtypeattribute (firstboot_prop_30_0) true)
+(expandtypeattribute (flags_health_check_30_0) true)
+(expandtypeattribute (flags_health_check_exec_30_0) true)
+(expandtypeattribute (font_service_30_0) true)
+(expandtypeattribute (frp_block_device_30_0) true)
+(expandtypeattribute (fs_bpf_30_0) true)
+(expandtypeattribute (fsck_30_0) true)
+(expandtypeattribute (fsck_exec_30_0) true)
+(expandtypeattribute (fsck_untrusted_30_0) true)
+(expandtypeattribute (fscklogs_30_0) true)
+(expandtypeattribute (functionfs_30_0) true)
+(expandtypeattribute (fuse_30_0) true)
+(expandtypeattribute (fuse_device_30_0) true)
+(expandtypeattribute (fwk_automotive_display_hwservice_30_0) true)
+(expandtypeattribute (fwk_bufferhub_hwservice_30_0) true)
+(expandtypeattribute (fwk_camera_hwservice_30_0) true)
+(expandtypeattribute (fwk_display_hwservice_30_0) true)
+(expandtypeattribute (fwk_scheduler_hwservice_30_0) true)
+(expandtypeattribute (fwk_sensor_hwservice_30_0) true)
+(expandtypeattribute (fwk_stats_hwservice_30_0) true)
+(expandtypeattribute (fwmarkd_socket_30_0) true)
+(expandtypeattribute (gatekeeper_data_file_30_0) true)
+(expandtypeattribute (gatekeeper_service_30_0) true)
+(expandtypeattribute (gatekeeperd_30_0) true)
+(expandtypeattribute (gatekeeperd_exec_30_0) true)
+(expandtypeattribute (gfxinfo_service_30_0) true)
+(expandtypeattribute (gmscore_app_30_0) true)
+(expandtypeattribute (gps_control_30_0) true)
+(expandtypeattribute (gpu_device_30_0) true)
+(expandtypeattribute (gpu_service_30_0) true)
+(expandtypeattribute (gpuservice_30_0) true)
+(expandtypeattribute (graphics_device_30_0) true)
+(expandtypeattribute (graphicsstats_service_30_0) true)
+(expandtypeattribute (gsi_data_file_30_0) true)
+(expandtypeattribute (gsi_metadata_file_30_0) true)
+(expandtypeattribute (gsid_prop_30_0) true)
+(expandtypeattribute (hal_atrace_hwservice_30_0) true)
+(expandtypeattribute (hal_audio_hwservice_30_0) true)
+(expandtypeattribute (hal_audiocontrol_hwservice_30_0) true)
+(expandtypeattribute (hal_authsecret_hwservice_30_0) true)
+(expandtypeattribute (hal_bluetooth_hwservice_30_0) true)
+(expandtypeattribute (hal_bootctl_hwservice_30_0) true)
+(expandtypeattribute (hal_broadcastradio_hwservice_30_0) true)
+(expandtypeattribute (hal_camera_hwservice_30_0) true)
+(expandtypeattribute (hal_can_bus_hwservice_30_0) true)
+(expandtypeattribute (hal_can_controller_hwservice_30_0) true)
+(expandtypeattribute (hal_cas_hwservice_30_0) true)
+(expandtypeattribute (hal_codec2_hwservice_30_0) true)
+(expandtypeattribute (hal_configstore_ISurfaceFlingerConfigs_30_0) true)
+(expandtypeattribute (hal_confirmationui_hwservice_30_0) true)
+(expandtypeattribute (hal_contexthub_hwservice_30_0) true)
+(expandtypeattribute (hal_drm_hwservice_30_0) true)
+(expandtypeattribute (hal_dumpstate_hwservice_30_0) true)
+(expandtypeattribute (hal_evs_hwservice_30_0) true)
+(expandtypeattribute (hal_face_hwservice_30_0) true)
+(expandtypeattribute (hal_fingerprint_hwservice_30_0) true)
+(expandtypeattribute (hal_fingerprint_service_30_0) true)
+(expandtypeattribute (hal_gatekeeper_hwservice_30_0) true)
+(expandtypeattribute (hal_gnss_hwservice_30_0) true)
+(expandtypeattribute (hal_graphics_allocator_hwservice_30_0) true)
+(expandtypeattribute (hal_graphics_composer_hwservice_30_0) true)
+(expandtypeattribute (hal_graphics_composer_server_tmpfs_30_0) true)
+(expandtypeattribute (hal_graphics_mapper_hwservice_30_0) true)
+(expandtypeattribute (hal_health_hwservice_30_0) true)
+(expandtypeattribute (hal_health_storage_hwservice_30_0) true)
+(expandtypeattribute (hal_identity_service_30_0) true)
+(expandtypeattribute (hal_input_classifier_hwservice_30_0) true)
+(expandtypeattribute (hal_ir_hwservice_30_0) true)
+(expandtypeattribute (hal_keymaster_hwservice_30_0) true)
+(expandtypeattribute (hal_light_hwservice_30_0) true)
+(expandtypeattribute (hal_light_service_30_0) true)
+(expandtypeattribute (hal_lowpan_hwservice_30_0) true)
+(expandtypeattribute (hal_memtrack_hwservice_30_0) true)
+(expandtypeattribute (hal_neuralnetworks_hwservice_30_0) true)
+(expandtypeattribute (hal_nfc_hwservice_30_0) true)
+(expandtypeattribute (hal_oemlock_hwservice_30_0) true)
+(expandtypeattribute (hal_omx_hwservice_30_0) true)
+(expandtypeattribute (hal_power_hwservice_30_0) true)
+(expandtypeattribute (hal_power_service_30_0) true)
+(expandtypeattribute (hal_power_stats_hwservice_30_0) true)
+(expandtypeattribute (hal_rebootescrow_service_30_0) true)
+(expandtypeattribute (hal_renderscript_hwservice_30_0) true)
+(expandtypeattribute (hal_secure_element_hwservice_30_0) true)
+(expandtypeattribute (hal_sensors_hwservice_30_0) true)
+(expandtypeattribute (hal_telephony_hwservice_30_0) true)
+(expandtypeattribute (hal_tetheroffload_hwservice_30_0) true)
+(expandtypeattribute (hal_thermal_hwservice_30_0) true)
+(expandtypeattribute (hal_tv_cec_hwservice_30_0) true)
+(expandtypeattribute (hal_tv_input_hwservice_30_0) true)
+(expandtypeattribute (hal_tv_tuner_hwservice_30_0) true)
+(expandtypeattribute (hal_usb_gadget_hwservice_30_0) true)
+(expandtypeattribute (hal_usb_hwservice_30_0) true)
+(expandtypeattribute (hal_vehicle_hwservice_30_0) true)
+(expandtypeattribute (hal_vibrator_hwservice_30_0) true)
+(expandtypeattribute (hal_vibrator_service_30_0) true)
+(expandtypeattribute (hal_vr_hwservice_30_0) true)
+(expandtypeattribute (hal_weaver_hwservice_30_0) true)
+(expandtypeattribute (hal_wifi_hostapd_hwservice_30_0) true)
+(expandtypeattribute (hal_wifi_hwservice_30_0) true)
+(expandtypeattribute (hal_wifi_supplicant_hwservice_30_0) true)
+(expandtypeattribute (hardware_properties_service_30_0) true)
+(expandtypeattribute (hardware_service_30_0) true)
+(expandtypeattribute (hci_attach_dev_30_0) true)
+(expandtypeattribute (hdmi_control_service_30_0) true)
+(expandtypeattribute (healthd_30_0) true)
+(expandtypeattribute (healthd_exec_30_0) true)
+(expandtypeattribute (heapdump_data_file_30_0) true)
+(expandtypeattribute (heapprofd_30_0) true)
+(expandtypeattribute (heapprofd_enabled_prop_30_0) true)
+(expandtypeattribute (heapprofd_prop_30_0) true)
+(expandtypeattribute (heapprofd_socket_30_0) true)
+(expandtypeattribute (hidl_allocator_hwservice_30_0) true)
+(expandtypeattribute (hidl_base_hwservice_30_0) true)
+(expandtypeattribute (hidl_manager_hwservice_30_0) true)
+(expandtypeattribute (hidl_memory_hwservice_30_0) true)
+(expandtypeattribute (hidl_token_hwservice_30_0) true)
+(expandtypeattribute (hw_random_device_30_0) true)
+(expandtypeattribute (hwbinder_device_30_0) true)
+(expandtypeattribute (hwservice_contexts_file_30_0) true)
+(expandtypeattribute (hwservicemanager_30_0) true)
+(expandtypeattribute (hwservicemanager_exec_30_0) true)
+(expandtypeattribute (hwservicemanager_prop_30_0) true)
+(expandtypeattribute (icon_file_30_0) true)
+(expandtypeattribute (idmap_30_0) true)
+(expandtypeattribute (idmap_exec_30_0) true)
+(expandtypeattribute (idmap_service_30_0) true)
+(expandtypeattribute (iio_device_30_0) true)
+(expandtypeattribute (imms_service_30_0) true)
+(expandtypeattribute (incident_30_0) true)
+(expandtypeattribute (incident_data_file_30_0) true)
+(expandtypeattribute (incident_helper_30_0) true)
+(expandtypeattribute (incident_service_30_0) true)
+(expandtypeattribute (incidentd_30_0) true)
+(expandtypeattribute (incremental_control_file_30_0) true)
+(expandtypeattribute (incremental_prop_30_0) true)
+(expandtypeattribute (incremental_service_30_0) true)
+(expandtypeattribute (init_30_0) true)
+(expandtypeattribute (init_exec_30_0) true)
+(expandtypeattribute (init_perf_lsm_hooks_prop_30_0) true)
+(expandtypeattribute (init_svc_debug_prop_30_0) true)
+(expandtypeattribute (init_tmpfs_30_0) true)
+(expandtypeattribute (inotify_30_0) true)
+(expandtypeattribute (input_device_30_0) true)
+(expandtypeattribute (input_method_service_30_0) true)
+(expandtypeattribute (input_service_30_0) true)
+(expandtypeattribute (inputflinger_30_0) true)
+(expandtypeattribute (inputflinger_exec_30_0) true)
+(expandtypeattribute (inputflinger_service_30_0) true)
+(expandtypeattribute (install_data_file_30_0) true)
+(expandtypeattribute (installd_30_0) true)
+(expandtypeattribute (installd_exec_30_0) true)
+(expandtypeattribute (installd_service_30_0) true)
+(expandtypeattribute (ion_device_30_0) true)
+(expandtypeattribute (iorap_inode2filename_30_0) true)
+(expandtypeattribute (iorap_inode2filename_exec_30_0) true)
+(expandtypeattribute (iorap_inode2filename_tmpfs_30_0) true)
+(expandtypeattribute (iorap_prefetcherd_30_0) true)
+(expandtypeattribute (iorap_prefetcherd_exec_30_0) true)
+(expandtypeattribute (iorap_prefetcherd_tmpfs_30_0) true)
+(expandtypeattribute (iorapd_30_0) true)
+(expandtypeattribute (iorapd_data_file_30_0) true)
+(expandtypeattribute (iorapd_exec_30_0) true)
+(expandtypeattribute (iorapd_service_30_0) true)
+(expandtypeattribute (iorapd_tmpfs_30_0) true)
+(expandtypeattribute (ipsec_service_30_0) true)
+(expandtypeattribute (iris_service_30_0) true)
+(expandtypeattribute (iris_vendor_data_file_30_0) true)
+(expandtypeattribute (isolated_app_30_0) true)
+(expandtypeattribute (jobscheduler_service_30_0) true)
+(expandtypeattribute (kernel_30_0) true)
+(expandtypeattribute (keychain_data_file_30_0) true)
+(expandtypeattribute (keychord_device_30_0) true)
+(expandtypeattribute (keystore_30_0) true)
+(expandtypeattribute (keystore_data_file_30_0) true)
+(expandtypeattribute (keystore_exec_30_0) true)
+(expandtypeattribute (keystore_service_30_0) true)
+(expandtypeattribute (kmsg_debug_device_30_0) true)
+(expandtypeattribute (kmsg_device_30_0) true)
+(expandtypeattribute (labeledfs_30_0) true)
+(expandtypeattribute (last_boot_reason_prop_30_0) true)
+(expandtypeattribute (launcherapps_service_30_0) true)
+(expandtypeattribute (light_service_30_0) true)
+(expandtypeattribute (linkerconfig_file_30_0) true)
+(expandtypeattribute (llkd_30_0) true)
+(expandtypeattribute (llkd_exec_30_0) true)
+(expandtypeattribute (llkd_prop_30_0) true)
+(expandtypeattribute (lmkd_30_0) true)
+(expandtypeattribute (lmkd_exec_30_0) true)
+(expandtypeattribute (lmkd_prop_30_0) true)
+(expandtypeattribute (lmkd_socket_30_0) true)
+(expandtypeattribute (location_service_30_0) true)
+(expandtypeattribute (lock_settings_service_30_0) true)
+(expandtypeattribute (log_prop_30_0) true)
+(expandtypeattribute (log_tag_prop_30_0) true)
+(expandtypeattribute (logcat_exec_30_0) true)
+(expandtypeattribute (logd_30_0) true)
+(expandtypeattribute (logd_exec_30_0) true)
+(expandtypeattribute (logd_prop_30_0) true)
+(expandtypeattribute (logd_socket_30_0) true)
+(expandtypeattribute (logdr_socket_30_0) true)
+(expandtypeattribute (logdw_socket_30_0) true)
+(expandtypeattribute (logpersist_30_0) true)
+(expandtypeattribute (logpersistd_logging_prop_30_0) true)
+(expandtypeattribute (loop_control_device_30_0) true)
+(expandtypeattribute (loop_device_30_0) true)
+(expandtypeattribute (looper_stats_service_30_0) true)
+(expandtypeattribute (lowpan_device_30_0) true)
+(expandtypeattribute (lowpan_prop_30_0) true)
+(expandtypeattribute (lowpan_service_30_0) true)
+(expandtypeattribute (lpdump_service_30_0) true)
+(expandtypeattribute (lpdumpd_prop_30_0) true)
+(expandtypeattribute (mac_perms_file_30_0) true)
+(expandtypeattribute (mdns_socket_30_0) true)
+(expandtypeattribute (mdnsd_30_0) true)
+(expandtypeattribute (mdnsd_socket_30_0) true)
+(expandtypeattribute (media_data_file_30_0) true)
+(expandtypeattribute (media_projection_service_30_0) true)
+(expandtypeattribute (media_router_service_30_0) true)
+(expandtypeattribute (media_rw_data_file_30_0) true)
+(expandtypeattribute (media_session_service_30_0) true)
+(expandtypeattribute (media_variant_prop_30_0) true)
+(expandtypeattribute (mediadrmserver_30_0) true)
+(expandtypeattribute (mediadrmserver_exec_30_0) true)
+(expandtypeattribute (mediadrmserver_service_30_0) true)
+(expandtypeattribute (mediaextractor_30_0) true)
+(expandtypeattribute (mediaextractor_exec_30_0) true)
+(expandtypeattribute (mediaextractor_service_30_0) true)
+(expandtypeattribute (mediaextractor_tmpfs_30_0) true)
+(expandtypeattribute (mediametrics_30_0) true)
+(expandtypeattribute (mediametrics_exec_30_0) true)
+(expandtypeattribute (mediametrics_service_30_0) true)
+(expandtypeattribute (mediaprovider_30_0) true)
+(expandtypeattribute (mediaserver_30_0) true)
+(expandtypeattribute (mediaserver_exec_30_0) true)
+(expandtypeattribute (mediaserver_service_30_0) true)
+(expandtypeattribute (mediaserver_tmpfs_30_0) true)
+(expandtypeattribute (mediaswcodec_30_0) true)
+(expandtypeattribute (mediaswcodec_exec_30_0) true)
+(expandtypeattribute (mediatranscoding_30_0) true)
+(expandtypeattribute (mediatranscoding_exec_30_0) true)
+(expandtypeattribute (mediatranscoding_service_30_0) true)
+(expandtypeattribute (meminfo_service_30_0) true)
+(expandtypeattribute (metadata_block_device_30_0) true)
+(expandtypeattribute (metadata_bootstat_file_30_0) true)
+(expandtypeattribute (metadata_file_30_0) true)
+(expandtypeattribute (method_trace_data_file_30_0) true)
+(expandtypeattribute (midi_service_30_0) true)
+(expandtypeattribute (mirror_data_file_30_0) true)
+(expandtypeattribute (misc_block_device_30_0) true)
+(expandtypeattribute (misc_logd_file_30_0) true)
+(expandtypeattribute (misc_user_data_file_30_0) true)
+(expandtypeattribute (mmc_prop_30_0) true)
+(expandtypeattribute (mnt_expand_file_30_0) true)
+(expandtypeattribute (mnt_media_rw_file_30_0) true)
+(expandtypeattribute (mnt_media_rw_stub_file_30_0) true)
+(expandtypeattribute (mnt_pass_through_file_30_0) true)
+(expandtypeattribute (mnt_product_file_30_0) true)
+(expandtypeattribute (mnt_sdcard_file_30_0) true)
+(expandtypeattribute (mnt_user_file_30_0) true)
+(expandtypeattribute (mnt_vendor_file_30_0) true)
+(expandtypeattribute (mock_ota_prop_30_0) true)
+(expandtypeattribute (modprobe_30_0) true)
+(expandtypeattribute (module_sdkextensions_prop_30_0) true)
+(expandtypeattribute (mount_service_30_0) true)
+(expandtypeattribute (mqueue_30_0) true)
+(expandtypeattribute (mtp_30_0) true)
+(expandtypeattribute (mtp_device_30_0) true)
+(expandtypeattribute (mtp_exec_30_0) true)
+(expandtypeattribute (mtpd_socket_30_0) true)
+(expandtypeattribute (nativetest_data_file_30_0) true)
+(expandtypeattribute (net_data_file_30_0) true)
+(expandtypeattribute (net_dns_prop_30_0) true)
+(expandtypeattribute (net_radio_prop_30_0) true)
+(expandtypeattribute (netd_30_0) true)
+(expandtypeattribute (netd_exec_30_0) true)
+(expandtypeattribute (netd_listener_service_30_0) true)
+(expandtypeattribute (netd_service_30_0) true)
+(expandtypeattribute (netd_stable_secret_prop_30_0) true)
+(expandtypeattribute (netif_30_0) true)
+(expandtypeattribute (netpolicy_service_30_0) true)
+(expandtypeattribute (netstats_service_30_0) true)
+(expandtypeattribute (netutils_wrapper_30_0) true)
+(expandtypeattribute (netutils_wrapper_exec_30_0) true)
+(expandtypeattribute (network_management_service_30_0) true)
+(expandtypeattribute (network_score_service_30_0) true)
+(expandtypeattribute (network_stack_30_0) true)
+(expandtypeattribute (network_stack_service_30_0) true)
+(expandtypeattribute (network_time_update_service_30_0) true)
+(expandtypeattribute (network_watchlist_data_file_30_0) true)
+(expandtypeattribute (network_watchlist_service_30_0) true)
+(expandtypeattribute (nfc_30_0) true)
+(expandtypeattribute (nfc_data_file_30_0) true)
+(expandtypeattribute (nfc_device_30_0) true)
+(expandtypeattribute (nfc_prop_30_0) true)
+(expandtypeattribute (nfc_service_30_0) true)
+(expandtypeattribute (nnapi_ext_deny_product_prop_30_0) true)
+(expandtypeattribute (node_30_0) true)
+(expandtypeattribute (nonplat_service_contexts_file_30_0) true)
+(expandtypeattribute (notification_service_30_0) true)
+(expandtypeattribute (null_device_30_0) true)
+(expandtypeattribute (oem_lock_service_30_0) true)
+(expandtypeattribute (oemfs_30_0) true)
+(expandtypeattribute (ota_data_file_30_0) true)
+(expandtypeattribute (ota_metadata_file_30_0) true)
+(expandtypeattribute (ota_package_file_30_0) true)
+(expandtypeattribute (ota_prop_30_0) true)
+(expandtypeattribute (otadexopt_service_30_0) true)
+(expandtypeattribute (overlay_prop_30_0) true)
+(expandtypeattribute (overlay_service_30_0) true)
+(expandtypeattribute (overlayfs_file_30_0) true)
+(expandtypeattribute (owntty_device_30_0) true)
+(expandtypeattribute (package_native_service_30_0) true)
+(expandtypeattribute (package_service_30_0) true)
+(expandtypeattribute (packages_list_file_30_0) true)
+(expandtypeattribute (pan_result_prop_30_0) true)
+(expandtypeattribute (password_slot_metadata_file_30_0) true)
+(expandtypeattribute (pdx_bufferhub_client_channel_socket_30_0) true)
+(expandtypeattribute (pdx_bufferhub_client_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_bufferhub_dir_30_0) true)
+(expandtypeattribute (pdx_display_client_channel_socket_30_0) true)
+(expandtypeattribute (pdx_display_client_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_display_dir_30_0) true)
+(expandtypeattribute (pdx_display_manager_channel_socket_30_0) true)
+(expandtypeattribute (pdx_display_manager_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_display_screenshot_channel_socket_30_0) true)
+(expandtypeattribute (pdx_display_screenshot_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_display_vsync_channel_socket_30_0) true)
+(expandtypeattribute (pdx_display_vsync_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_performance_client_channel_socket_30_0) true)
+(expandtypeattribute (pdx_performance_client_endpoint_socket_30_0) true)
+(expandtypeattribute (pdx_performance_dir_30_0) true)
+(expandtypeattribute (perfetto_30_0) true)
+(expandtypeattribute (performanced_30_0) true)
+(expandtypeattribute (performanced_exec_30_0) true)
+(expandtypeattribute (permission_service_30_0) true)
+(expandtypeattribute (permissionmgr_service_30_0) true)
+(expandtypeattribute (persist_debug_prop_30_0) true)
+(expandtypeattribute (persistent_data_block_service_30_0) true)
+(expandtypeattribute (persistent_properties_ready_prop_30_0) true)
+(expandtypeattribute (pinner_service_30_0) true)
+(expandtypeattribute (pipefs_30_0) true)
+(expandtypeattribute (platform_app_30_0) true)
+(expandtypeattribute (platform_compat_service_30_0) true)
+(expandtypeattribute (pm_prop_30_0) true)
+(expandtypeattribute (pmsg_device_30_0) true)
+(expandtypeattribute (port_30_0) true)
+(expandtypeattribute (port_device_30_0) true)
+(expandtypeattribute (postinstall_30_0) true)
+(expandtypeattribute (postinstall_apex_mnt_dir_30_0) true)
+(expandtypeattribute (postinstall_file_30_0) true)
+(expandtypeattribute (postinstall_mnt_dir_30_0) true)
+(expandtypeattribute (power_service_30_0) true)
+(expandtypeattribute (powerctl_prop_30_0) true)
+(expandtypeattribute (ppp_30_0) true)
+(expandtypeattribute (ppp_device_30_0) true)
+(expandtypeattribute (ppp_exec_30_0) true)
+(expandtypeattribute (preloads_data_file_30_0) true)
+(expandtypeattribute (preloads_media_file_30_0) true)
+(expandtypeattribute (prereboot_data_file_30_0) true)
+(expandtypeattribute (print_service_30_0) true)
+(expandtypeattribute (priv_app_30_0) true)
+(expandtypeattribute (privapp_data_file_30_0) true)
+(expandtypeattribute (proc_30_0) true)
+(expandtypeattribute (proc_abi_30_0) true)
+(expandtypeattribute (proc_asound_30_0) true)
+(expandtypeattribute (proc_bluetooth_writable_30_0) true)
+(expandtypeattribute (proc_buddyinfo_30_0) true)
+(expandtypeattribute (proc_cmdline_30_0) true)
+(expandtypeattribute (proc_cpuinfo_30_0) true)
+(expandtypeattribute (proc_dirty_30_0) true)
+(expandtypeattribute (proc_diskstats_30_0) true)
+(expandtypeattribute (proc_drop_caches_30_0) true)
+(expandtypeattribute (proc_extra_free_kbytes_30_0) true)
+(expandtypeattribute (proc_filesystems_30_0) true)
+(expandtypeattribute (proc_fs_verity_30_0) true)
+(expandtypeattribute (proc_hostname_30_0) true)
+(expandtypeattribute (proc_hung_task_30_0) true)
+(expandtypeattribute (proc_interrupts_30_0) true)
+(expandtypeattribute (proc_iomem_30_0) true)
+(expandtypeattribute (proc_keys_30_0) true)
+(expandtypeattribute (proc_kmsg_30_0) true)
+(expandtypeattribute (proc_kpageflags_30_0) true)
+(expandtypeattribute (proc_loadavg_30_0) true)
+(expandtypeattribute (proc_lowmemorykiller_30_0) true)
+(expandtypeattribute (proc_max_map_count_30_0) true)
+(expandtypeattribute (proc_meminfo_30_0) true)
+(expandtypeattribute (proc_min_free_order_shift_30_0) true)
+(expandtypeattribute (proc_misc_30_0) true)
+(expandtypeattribute (proc_modules_30_0) true)
+(expandtypeattribute (proc_mounts_30_0) true)
+(expandtypeattribute (proc_net_30_0) true)
+(expandtypeattribute (proc_net_tcp_udp_30_0) true)
+(expandtypeattribute (proc_overcommit_memory_30_0) true)
+(expandtypeattribute (proc_page_cluster_30_0) true)
+(expandtypeattribute (proc_pagetypeinfo_30_0) true)
+(expandtypeattribute (proc_panic_30_0) true)
+(expandtypeattribute (proc_perf_30_0) true)
+(expandtypeattribute (proc_pid_max_30_0) true)
+(expandtypeattribute (proc_pipe_conf_30_0) true)
+(expandtypeattribute (proc_pressure_cpu_30_0) true)
+(expandtypeattribute (proc_pressure_io_30_0) true)
+(expandtypeattribute (proc_pressure_mem_30_0) true)
+(expandtypeattribute (proc_qtaguid_ctrl_30_0) true)
+(expandtypeattribute (proc_qtaguid_stat_30_0) true)
+(expandtypeattribute (proc_random_30_0) true)
+(expandtypeattribute (proc_sched_30_0) true)
+(expandtypeattribute (proc_security_30_0) true)
+(expandtypeattribute (proc_slabinfo_30_0) true)
+(expandtypeattribute (proc_stat_30_0) true)
+(expandtypeattribute (proc_swaps_30_0) true)
+(expandtypeattribute (proc_sysrq_30_0) true)
+(expandtypeattribute (proc_timer_30_0) true)
+(expandtypeattribute (proc_tty_drivers_30_0) true)
+(expandtypeattribute (proc_uid_concurrent_active_time_30_0) true)
+(expandtypeattribute (proc_uid_concurrent_policy_time_30_0) true)
+(expandtypeattribute (proc_uid_cpupower_30_0) true)
+(expandtypeattribute (proc_uid_cputime_removeuid_30_0) true)
+(expandtypeattribute (proc_uid_cputime_showstat_30_0) true)
+(expandtypeattribute (proc_uid_io_stats_30_0) true)
+(expandtypeattribute (proc_uid_procstat_set_30_0) true)
+(expandtypeattribute (proc_uid_time_in_state_30_0) true)
+(expandtypeattribute (proc_uptime_30_0) true)
+(expandtypeattribute (proc_version_30_0) true)
+(expandtypeattribute (proc_vmallocinfo_30_0) true)
+(expandtypeattribute (proc_vmstat_30_0) true)
+(expandtypeattribute (proc_zoneinfo_30_0) true)
+(expandtypeattribute (processinfo_service_30_0) true)
+(expandtypeattribute (procstats_service_30_0) true)
+(expandtypeattribute (profman_30_0) true)
+(expandtypeattribute (profman_dump_data_file_30_0) true)
+(expandtypeattribute (profman_exec_30_0) true)
+(expandtypeattribute (properties_device_30_0) true)
+(expandtypeattribute (properties_serial_30_0) true)
+(expandtypeattribute (property_contexts_file_30_0) true)
+(expandtypeattribute (property_data_file_30_0) true)
+(expandtypeattribute (property_info_30_0) true)
+(expandtypeattribute (property_socket_30_0) true)
+(expandtypeattribute (pstorefs_30_0) true)
+(expandtypeattribute (ptmx_device_30_0) true)
+(expandtypeattribute (qtaguid_device_30_0) true)
+(expandtypeattribute (racoon_30_0) true)
+(expandtypeattribute (racoon_exec_30_0) true)
+(expandtypeattribute (racoon_socket_30_0) true)
+(expandtypeattribute (radio_30_0) true)
+(expandtypeattribute (radio_data_file_30_0) true)
+(expandtypeattribute (radio_device_30_0) true)
+(expandtypeattribute (radio_prop_30_0) true)
+(expandtypeattribute (radio_service_30_0) true)
+(expandtypeattribute (ram_device_30_0) true)
+(expandtypeattribute (random_device_30_0) true)
+(expandtypeattribute (rebootescrow_hal_prop_30_0) true)
+(expandtypeattribute (recovery_30_0) true)
+(expandtypeattribute (recovery_block_device_30_0) true)
+(expandtypeattribute (recovery_data_file_30_0) true)
+(expandtypeattribute (recovery_persist_30_0) true)
+(expandtypeattribute (recovery_persist_exec_30_0) true)
+(expandtypeattribute (recovery_refresh_30_0) true)
+(expandtypeattribute (recovery_refresh_exec_30_0) true)
+(expandtypeattribute (recovery_service_30_0) true)
+(expandtypeattribute (recovery_socket_30_0) true)
+(expandtypeattribute (registry_service_30_0) true)
+(expandtypeattribute (resourcecache_data_file_30_0) true)
+(expandtypeattribute (restorecon_prop_30_0) true)
+(expandtypeattribute (restrictions_service_30_0) true)
+(expandtypeattribute (rild_debug_socket_30_0) true)
+(expandtypeattribute (rild_socket_30_0) true)
+(expandtypeattribute (ringtone_file_30_0) true)
+(expandtypeattribute (role_service_30_0) true)
+(expandtypeattribute (rollback_service_30_0) true)
+(expandtypeattribute (root_block_device_30_0) true)
+(expandtypeattribute (rootfs_30_0) true)
+(expandtypeattribute (rpmsg_device_30_0) true)
+(expandtypeattribute (rs_30_0) true)
+(expandtypeattribute (rs_exec_30_0) true)
+(expandtypeattribute (rss_hwm_reset_30_0) true)
+(expandtypeattribute (rtc_device_30_0) true)
+(expandtypeattribute (rttmanager_service_30_0) true)
+(expandtypeattribute (runas_30_0) true)
+(expandtypeattribute (runas_app_30_0) true)
+(expandtypeattribute (runas_exec_30_0) true)
+(expandtypeattribute (runtime_event_log_tags_file_30_0) true)
+(expandtypeattribute (runtime_service_30_0) true)
+(expandtypeattribute (safemode_prop_30_0) true)
+(expandtypeattribute (same_process_hal_file_30_0) true)
+(expandtypeattribute (samplingprofiler_service_30_0) true)
+(expandtypeattribute (scheduling_policy_service_30_0) true)
+(expandtypeattribute (sdcard_block_device_30_0) true)
+(expandtypeattribute (sdcardd_30_0) true)
+(expandtypeattribute (sdcardd_exec_30_0) true)
+(expandtypeattribute (sdcardfs_30_0) true)
+(expandtypeattribute (seapp_contexts_file_30_0) true)
+(expandtypeattribute (search_service_30_0) true)
+(expandtypeattribute (sec_key_att_app_id_provider_service_30_0) true)
+(expandtypeattribute (secure_element_30_0) true)
+(expandtypeattribute (secure_element_device_30_0) true)
+(expandtypeattribute (secure_element_service_30_0) true)
+(expandtypeattribute (securityfs_30_0) true)
+(expandtypeattribute (selinuxfs_30_0) true)
+(expandtypeattribute (sensor_privacy_service_30_0) true)
+(expandtypeattribute (sensors_device_30_0) true)
+(expandtypeattribute (sensorservice_service_30_0) true)
+(expandtypeattribute (sepolicy_file_30_0) true)
+(expandtypeattribute (serial_device_30_0) true)
+(expandtypeattribute (serial_service_30_0) true)
+(expandtypeattribute (serialno_prop_30_0) true)
+(expandtypeattribute (server_configurable_flags_data_file_30_0) true)
+(expandtypeattribute (service_contexts_file_30_0) true)
+(expandtypeattribute (service_manager_service_30_0) true)
+(expandtypeattribute (service_manager_vndservice_30_0) true)
+(expandtypeattribute (servicediscovery_service_30_0) true)
+(expandtypeattribute (servicemanager_30_0) true)
+(expandtypeattribute (servicemanager_exec_30_0) true)
+(expandtypeattribute (settings_service_30_0) true)
+(expandtypeattribute (sgdisk_30_0) true)
+(expandtypeattribute (sgdisk_exec_30_0) true)
+(expandtypeattribute (shared_relro_30_0) true)
+(expandtypeattribute (shared_relro_file_30_0) true)
+(expandtypeattribute (shell_30_0) true)
+(expandtypeattribute (shell_data_file_30_0) true)
+(expandtypeattribute (shell_exec_30_0) true)
+(expandtypeattribute (shell_prop_30_0) true)
+(expandtypeattribute (shm_30_0) true)
+(expandtypeattribute (shortcut_manager_icons_30_0) true)
+(expandtypeattribute (shortcut_service_30_0) true)
+(expandtypeattribute (simpleperf_30_0) true)
+(expandtypeattribute (simpleperf_app_runner_30_0) true)
+(expandtypeattribute (simpleperf_app_runner_exec_30_0) true)
+(expandtypeattribute (slice_service_30_0) true)
+(expandtypeattribute (slideshow_30_0) true)
+(expandtypeattribute (snapshotctl_log_data_file_30_0) true)
+(expandtypeattribute (socket_device_30_0) true)
+(expandtypeattribute (socket_hook_prop_30_0) true)
+(expandtypeattribute (sockfs_30_0) true)
+(expandtypeattribute (sota_prop_30_0) true)
+(expandtypeattribute (soundtrigger_middleware_service_30_0) true)
+(expandtypeattribute (staging_data_file_30_0) true)
+(expandtypeattribute (stats_data_file_30_0) true)
+(expandtypeattribute (statsd_30_0) true)
+(expandtypeattribute (statsd_exec_30_0) true)
+(expandtypeattribute (statsdw_socket_30_0) true)
+(expandtypeattribute (statusbar_service_30_0) true)
+(expandtypeattribute (storage_config_prop_30_0) true)
+(expandtypeattribute (storage_file_30_0) true)
+(expandtypeattribute (storage_stub_file_30_0) true)
+(expandtypeattribute (storaged_service_30_0) true)
+(expandtypeattribute (storagestats_service_30_0) true)
+(expandtypeattribute (su_30_0) true)
+(expandtypeattribute (su_exec_30_0) true)
+(expandtypeattribute (super_block_device_30_0) true)
+(expandtypeattribute (surfaceflinger_30_0) true)
+(expandtypeattribute (surfaceflinger_service_30_0) true)
+(expandtypeattribute (surfaceflinger_tmpfs_30_0) true)
+(expandtypeattribute (swap_block_device_30_0) true)
+(expandtypeattribute (sysfs_30_0) true)
+(expandtypeattribute (sysfs_android_usb_30_0) true)
+(expandtypeattribute (sysfs_batteryinfo_30_0) true)
+(expandtypeattribute (sysfs_bluetooth_writable_30_0) true)
+(expandtypeattribute (sysfs_devices_block_30_0) true)
+(expandtypeattribute (sysfs_devices_system_cpu_30_0) true)
+(expandtypeattribute (sysfs_dm_30_0) true)
+(expandtypeattribute (sysfs_dm_verity_30_0) true)
+(expandtypeattribute (sysfs_dt_firmware_android_30_0) true)
+(expandtypeattribute (sysfs_extcon_30_0) true)
+(expandtypeattribute (sysfs_fs_ext4_features_30_0) true)
+(expandtypeattribute (sysfs_fs_f2fs_30_0) true)
+(expandtypeattribute (sysfs_hwrandom_30_0) true)
+(expandtypeattribute (sysfs_ion_30_0) true)
+(expandtypeattribute (sysfs_ipv4_30_0) true)
+(expandtypeattribute (sysfs_kernel_notes_30_0) true)
+(expandtypeattribute (sysfs_leds_30_0) true)
+(expandtypeattribute (sysfs_loop_30_0) true)
+(expandtypeattribute (sysfs_lowmemorykiller_30_0) true)
+(expandtypeattribute (sysfs_net_30_0) true)
+(expandtypeattribute (sysfs_nfc_power_writable_30_0) true)
+(expandtypeattribute (sysfs_power_30_0) true)
+(expandtypeattribute (sysfs_rtc_30_0) true)
+(expandtypeattribute (sysfs_suspend_stats_30_0) true)
+(expandtypeattribute (sysfs_switch_30_0) true)
+(expandtypeattribute (sysfs_thermal_30_0) true)
+(expandtypeattribute (sysfs_transparent_hugepage_30_0) true)
+(expandtypeattribute (sysfs_uio_30_0) true)
+(expandtypeattribute (sysfs_usb_30_0) true)
+(expandtypeattribute (sysfs_usermodehelper_30_0) true)
+(expandtypeattribute (sysfs_vibrator_30_0) true)
+(expandtypeattribute (sysfs_wake_lock_30_0) true)
+(expandtypeattribute (sysfs_wakeup_30_0) true)
+(expandtypeattribute (sysfs_wakeup_reasons_30_0) true)
+(expandtypeattribute (sysfs_wlan_fwpath_30_0) true)
+(expandtypeattribute (sysfs_zram_30_0) true)
+(expandtypeattribute (sysfs_zram_uevent_30_0) true)
+(expandtypeattribute (system_adbd_prop_30_0) true)
+(expandtypeattribute (system_app_30_0) true)
+(expandtypeattribute (system_app_data_file_30_0) true)
+(expandtypeattribute (system_app_service_30_0) true)
+(expandtypeattribute (system_asan_options_file_30_0) true)
+(expandtypeattribute (system_block_device_30_0) true)
+(expandtypeattribute (system_boot_reason_prop_30_0) true)
+(expandtypeattribute (system_bootstrap_lib_file_30_0) true)
+(expandtypeattribute (system_config_service_30_0) true)
+(expandtypeattribute (system_data_file_30_0) true)
+(expandtypeattribute (system_data_root_file_30_0) true)
+(expandtypeattribute (system_event_log_tags_file_30_0) true)
+(expandtypeattribute (system_file_30_0) true)
+(expandtypeattribute (system_group_file_30_0) true)
+(expandtypeattribute (system_jvmti_agent_prop_30_0) true)
+(expandtypeattribute (system_lib_file_30_0) true)
+(expandtypeattribute (system_linker_config_file_30_0) true)
+(expandtypeattribute (system_linker_exec_30_0) true)
+(expandtypeattribute (system_lmk_prop_30_0) true)
+(expandtypeattribute (system_ndebug_socket_30_0) true)
+(expandtypeattribute (system_net_netd_hwservice_30_0) true)
+(expandtypeattribute (system_passwd_file_30_0) true)
+(expandtypeattribute (system_prop_30_0) true)
+(expandtypeattribute (system_radio_prop_30_0) true)
+(expandtypeattribute (system_seccomp_policy_file_30_0) true)
+(expandtypeattribute (system_security_cacerts_file_30_0) true)
+(expandtypeattribute (system_server_30_0) true)
+(expandtypeattribute (system_server_tmpfs_30_0) true)
+(expandtypeattribute (system_suspend_control_service_30_0) true)
+(expandtypeattribute (system_suspend_hwservice_30_0) true)
+(expandtypeattribute (system_trace_prop_30_0) true)
+(expandtypeattribute (system_unsolzygote_socket_30_0) true)
+(expandtypeattribute (system_update_service_30_0) true)
+(expandtypeattribute (system_wifi_keystore_hwservice_30_0) true)
+(expandtypeattribute (system_wpa_socket_30_0) true)
+(expandtypeattribute (system_zoneinfo_file_30_0) true)
+(expandtypeattribute (systemkeys_data_file_30_0) true)
+(expandtypeattribute (task_profiles_file_30_0) true)
+(expandtypeattribute (task_service_30_0) true)
+(expandtypeattribute (tcpdump_exec_30_0) true)
+(expandtypeattribute (tee_30_0) true)
+(expandtypeattribute (tee_data_file_30_0) true)
+(expandtypeattribute (tee_device_30_0) true)
+(expandtypeattribute (telecom_service_30_0) true)
+(expandtypeattribute (test_boot_reason_prop_30_0) true)
+(expandtypeattribute (test_harness_prop_30_0) true)
+(expandtypeattribute (testharness_service_30_0) true)
+(expandtypeattribute (tethering_service_30_0) true)
+(expandtypeattribute (textclassification_service_30_0) true)
+(expandtypeattribute (textclassifier_data_file_30_0) true)
+(expandtypeattribute (textservices_service_30_0) true)
+(expandtypeattribute (theme_prop_30_0) true)
+(expandtypeattribute (thermal_service_30_0) true)
+(expandtypeattribute (thermalcallback_hwservice_30_0) true)
+(expandtypeattribute (time_prop_30_0) true)
+(expandtypeattribute (timedetector_service_30_0) true)
+(expandtypeattribute (timezone_service_30_0) true)
+(expandtypeattribute (timezonedetector_service_30_0) true)
+(expandtypeattribute (tmpfs_30_0) true)
+(expandtypeattribute (tombstone_data_file_30_0) true)
+(expandtypeattribute (tombstone_wifi_data_file_30_0) true)
+(expandtypeattribute (tombstoned_30_0) true)
+(expandtypeattribute (tombstoned_crash_socket_30_0) true)
+(expandtypeattribute (tombstoned_exec_30_0) true)
+(expandtypeattribute (tombstoned_intercept_socket_30_0) true)
+(expandtypeattribute (tombstoned_java_trace_socket_30_0) true)
+(expandtypeattribute (toolbox_30_0) true)
+(expandtypeattribute (toolbox_exec_30_0) true)
+(expandtypeattribute (trace_data_file_30_0) true)
+(expandtypeattribute (traced_30_0) true)
+(expandtypeattribute (traced_consumer_socket_30_0) true)
+(expandtypeattribute (traced_enabled_prop_30_0) true)
+(expandtypeattribute (traced_lazy_prop_30_0) true)
+(expandtypeattribute (traced_perf_30_0) true)
+(expandtypeattribute (traced_perf_enabled_prop_30_0) true)
+(expandtypeattribute (traced_perf_socket_30_0) true)
+(expandtypeattribute (traced_probes_30_0) true)
+(expandtypeattribute (traced_producer_socket_30_0) true)
+(expandtypeattribute (traceur_app_30_0) true)
+(expandtypeattribute (trust_service_30_0) true)
+(expandtypeattribute (tty_device_30_0) true)
+(expandtypeattribute (tun_device_30_0) true)
+(expandtypeattribute (tv_input_service_30_0) true)
+(expandtypeattribute (tv_tuner_resource_mgr_service_30_0) true)
+(expandtypeattribute (tzdatacheck_30_0) true)
+(expandtypeattribute (tzdatacheck_exec_30_0) true)
+(expandtypeattribute (ueventd_30_0) true)
+(expandtypeattribute (ueventd_tmpfs_30_0) true)
+(expandtypeattribute (uhid_device_30_0) true)
+(expandtypeattribute (uimode_service_30_0) true)
+(expandtypeattribute (uio_device_30_0) true)
+(expandtypeattribute (uncrypt_30_0) true)
+(expandtypeattribute (uncrypt_exec_30_0) true)
+(expandtypeattribute (uncrypt_socket_30_0) true)
+(expandtypeattribute (unencrypted_data_file_30_0) true)
+(expandtypeattribute (unlabeled_30_0) true)
+(expandtypeattribute (untrusted_app_25_30_0) true)
+(expandtypeattribute (untrusted_app_27_30_0) true)
+(expandtypeattribute (untrusted_app_29_30_0) true)
+(expandtypeattribute (untrusted_app_30_0) true)
+(expandtypeattribute (update_engine_30_0) true)
+(expandtypeattribute (update_engine_data_file_30_0) true)
+(expandtypeattribute (update_engine_exec_30_0) true)
+(expandtypeattribute (update_engine_log_data_file_30_0) true)
+(expandtypeattribute (update_engine_service_30_0) true)
+(expandtypeattribute (update_verifier_30_0) true)
+(expandtypeattribute (update_verifier_exec_30_0) true)
+(expandtypeattribute (updatelock_service_30_0) true)
+(expandtypeattribute (uri_grants_service_30_0) true)
+(expandtypeattribute (usagestats_service_30_0) true)
+(expandtypeattribute (usb_device_30_0) true)
+(expandtypeattribute (usb_serial_device_30_0) true)
+(expandtypeattribute (usb_service_30_0) true)
+(expandtypeattribute (usbaccessory_device_30_0) true)
+(expandtypeattribute (usbd_30_0) true)
+(expandtypeattribute (usbd_exec_30_0) true)
+(expandtypeattribute (usbfs_30_0) true)
+(expandtypeattribute (use_memfd_prop_30_0) true)
+(expandtypeattribute (user_profile_data_file_30_0) true)
+(expandtypeattribute (user_service_30_0) true)
+(expandtypeattribute (userdata_block_device_30_0) true)
+(expandtypeattribute (usermodehelper_30_0) true)
+(expandtypeattribute (userspace_reboot_config_prop_30_0) true)
+(expandtypeattribute (userspace_reboot_exported_prop_30_0) true)
+(expandtypeattribute (userspace_reboot_log_prop_30_0) true)
+(expandtypeattribute (userspace_reboot_test_prop_30_0) true)
+(expandtypeattribute (vdc_30_0) true)
+(expandtypeattribute (vdc_exec_30_0) true)
+(expandtypeattribute (vehicle_hal_prop_30_0) true)
+(expandtypeattribute (vendor_apex_file_30_0) true)
+(expandtypeattribute (vendor_app_file_30_0) true)
+(expandtypeattribute (vendor_cgroup_desc_file_30_0) true)
+(expandtypeattribute (vendor_configs_file_30_0) true)
+(expandtypeattribute (vendor_data_file_30_0) true)
+(expandtypeattribute (vendor_default_prop_30_0) true)
+(expandtypeattribute (vendor_file_30_0) true)
+(expandtypeattribute (vendor_framework_file_30_0) true)
+(expandtypeattribute (vendor_hal_file_30_0) true)
+(expandtypeattribute (vendor_idc_file_30_0) true)
+(expandtypeattribute (vendor_init_30_0) true)
+(expandtypeattribute (vendor_keychars_file_30_0) true)
+(expandtypeattribute (vendor_keylayout_file_30_0) true)
+(expandtypeattribute (vendor_misc_writer_30_0) true)
+(expandtypeattribute (vendor_misc_writer_exec_30_0) true)
+(expandtypeattribute (vendor_overlay_file_30_0) true)
+(expandtypeattribute (vendor_public_lib_file_30_0) true)
+(expandtypeattribute (vendor_security_patch_level_prop_30_0) true)
+(expandtypeattribute (vendor_shell_30_0) true)
+(expandtypeattribute (vendor_shell_exec_30_0) true)
+(expandtypeattribute (vendor_socket_hook_prop_30_0) true)
+(expandtypeattribute (vendor_task_profiles_file_30_0) true)
+(expandtypeattribute (vendor_toolbox_exec_30_0) true)
+(expandtypeattribute (vfat_30_0) true)
+(expandtypeattribute (vibrator_service_30_0) true)
+(expandtypeattribute (video_device_30_0) true)
+(expandtypeattribute (virtual_ab_prop_30_0) true)
+(expandtypeattribute (virtual_touchpad_30_0) true)
+(expandtypeattribute (virtual_touchpad_exec_30_0) true)
+(expandtypeattribute (virtual_touchpad_service_30_0) true)
+(expandtypeattribute (vndbinder_device_30_0) true)
+(expandtypeattribute (vndk_prop_30_0) true)
+(expandtypeattribute (vndk_sp_file_30_0) true)
+(expandtypeattribute (vndservice_contexts_file_30_0) true)
+(expandtypeattribute (vndservicemanager_30_0) true)
+(expandtypeattribute (voiceinteraction_service_30_0) true)
+(expandtypeattribute (vold_30_0) true)
+(expandtypeattribute (vold_data_file_30_0) true)
+(expandtypeattribute (vold_device_30_0) true)
+(expandtypeattribute (vold_exec_30_0) true)
+(expandtypeattribute (vold_metadata_file_30_0) true)
+(expandtypeattribute (vold_prepare_subdirs_30_0) true)
+(expandtypeattribute (vold_prepare_subdirs_exec_30_0) true)
+(expandtypeattribute (vold_prop_30_0) true)
+(expandtypeattribute (vold_service_30_0) true)
+(expandtypeattribute (vpn_data_file_30_0) true)
+(expandtypeattribute (vr_hwc_30_0) true)
+(expandtypeattribute (vr_hwc_exec_30_0) true)
+(expandtypeattribute (vr_hwc_service_30_0) true)
+(expandtypeattribute (vr_manager_service_30_0) true)
+(expandtypeattribute (vrflinger_vsync_service_30_0) true)
+(expandtypeattribute (wallpaper_file_30_0) true)
+(expandtypeattribute (wallpaper_service_30_0) true)
+(expandtypeattribute (watchdog_device_30_0) true)
+(expandtypeattribute (watchdogd_30_0) true)
+(expandtypeattribute (watchdogd_exec_30_0) true)
+(expandtypeattribute (webview_zygote_30_0) true)
+(expandtypeattribute (webview_zygote_exec_30_0) true)
+(expandtypeattribute (webview_zygote_tmpfs_30_0) true)
+(expandtypeattribute (webviewupdate_service_30_0) true)
+(expandtypeattribute (wifi_data_file_30_0) true)
+(expandtypeattribute (wifi_log_prop_30_0) true)
+(expandtypeattribute (wifi_prop_30_0) true)
+(expandtypeattribute (wifi_service_30_0) true)
+(expandtypeattribute (wifiaware_service_30_0) true)
+(expandtypeattribute (wificond_30_0) true)
+(expandtypeattribute (wificond_exec_30_0) true)
+(expandtypeattribute (wifinl80211_service_30_0) true)
+(expandtypeattribute (wifip2p_service_30_0) true)
+(expandtypeattribute (wifiscanner_service_30_0) true)
+(expandtypeattribute (window_service_30_0) true)
+(expandtypeattribute (wpa_socket_30_0) true)
+(expandtypeattribute (wpantund_30_0) true)
+(expandtypeattribute (wpantund_exec_30_0) true)
+(expandtypeattribute (wpantund_service_30_0) true)
+(expandtypeattribute (zero_device_30_0) true)
+(expandtypeattribute (zoneinfo_data_file_30_0) true)
+(expandtypeattribute (zygote_30_0) true)
+(expandtypeattribute (zygote_exec_30_0) true)
+(expandtypeattribute (zygote_socket_30_0) true)
+(expandtypeattribute (zygote_tmpfs_30_0) true)
+(typeattributeset DockObserver_service_30_0 (DockObserver_service))
+(typeattributeset IProxyService_service_30_0 (IProxyService_service))
+(typeattributeset accessibility_service_30_0 (accessibility_service))
+(typeattributeset account_service_30_0 (account_service))
+(typeattributeset activity_service_30_0 (activity_service))
+(typeattributeset activity_task_service_30_0 (activity_task_service))
+(typeattributeset adb_data_file_30_0 (adb_data_file))
+(typeattributeset adb_keys_file_30_0 (adb_keys_file))
+(typeattributeset adb_service_30_0 (adb_service))
+(typeattributeset adbd_30_0 (adbd))
+(typeattributeset adbd_exec_30_0 (adbd_exec))
+(typeattributeset adbd_prop_30_0 (adbd_prop))
+(typeattributeset adbd_socket_30_0 (adbd_socket))
+(typeattributeset aidl_lazy_test_server_30_0 (aidl_lazy_test_server))
+(typeattributeset aidl_lazy_test_server_exec_30_0 (aidl_lazy_test_server_exec))
+(typeattributeset aidl_lazy_test_service_30_0 (aidl_lazy_test_service))
+(typeattributeset alarm_service_30_0 (alarm_service))
+(typeattributeset anr_data_file_30_0 (anr_data_file))
+(typeattributeset apex_data_file_30_0 (apex_data_file))
+(typeattributeset apex_metadata_file_30_0 (apex_metadata_file))
+(typeattributeset apex_mnt_dir_30_0 (apex_mnt_dir))
+(typeattributeset apex_module_data_file_30_0 (apex_module_data_file))
+(typeattributeset apex_permission_data_file_30_0 (apex_permission_data_file))
+(typeattributeset apex_rollback_data_file_30_0 (apex_rollback_data_file))
+(typeattributeset apex_service_30_0 (apex_service))
+(typeattributeset apex_wifi_data_file_30_0 (apex_wifi_data_file))
+(typeattributeset apexd_30_0 (apexd))
+(typeattributeset apexd_exec_30_0 (apexd_exec))
+(typeattributeset apexd_prop_30_0 (apexd_prop))
+(typeattributeset apk_data_file_30_0 (apk_data_file))
+(typeattributeset apk_private_data_file_30_0 (apk_private_data_file))
+(typeattributeset apk_private_tmp_file_30_0 (apk_private_tmp_file))
+(typeattributeset apk_tmp_file_30_0 (apk_tmp_file))
+(typeattributeset apk_verity_prop_30_0 (apk_verity_prop))
+(typeattributeset app_binding_service_30_0 (app_binding_service))
+(typeattributeset app_data_file_30_0 (app_data_file))
+(typeattributeset app_fuse_file_30_0 (app_fuse_file))
+(typeattributeset app_fusefs_30_0 (app_fusefs))
+(typeattributeset app_integrity_service_30_0 (app_integrity_service))
+(typeattributeset app_prediction_service_30_0 (app_prediction_service))
+(typeattributeset app_search_service_30_0 (app_search_service))
+(typeattributeset app_zygote_30_0 (app_zygote))
+(typeattributeset app_zygote_tmpfs_30_0 (app_zygote_tmpfs))
+(typeattributeset appdomain_tmpfs_30_0 (appdomain_tmpfs))
+(typeattributeset appops_service_30_0 (appops_service))
+(typeattributeset appwidget_service_30_0 (appwidget_service))
+(typeattributeset art_apex_dir_30_0 (art_apex_dir))
+(typeattributeset asec_apk_file_30_0 (asec_apk_file))
+(typeattributeset asec_image_file_30_0 (asec_image_file))
+(typeattributeset asec_public_file_30_0 (asec_public_file))
+(typeattributeset ashmem_device_30_0 (ashmem_device))
+(typeattributeset ashmem_libcutils_device_30_0 (ashmem_libcutils_device))
+(typeattributeset assetatlas_service_30_0 (assetatlas_service))
+(typeattributeset audio_data_file_30_0 (audio_data_file))
+(typeattributeset audio_device_30_0 (audio_device))
+(typeattributeset audio_prop_30_0 (audio_prop))
+(typeattributeset audio_service_30_0 (audio_service))
+(typeattributeset audiohal_data_file_30_0 (audiohal_data_file))
+(typeattributeset audioserver_30_0 (audioserver))
+(typeattributeset audioserver_data_file_30_0 (audioserver_data_file))
+(typeattributeset audioserver_service_30_0 (audioserver_service))
+(typeattributeset audioserver_tmpfs_30_0 (audioserver_tmpfs))
+(typeattributeset auth_service_30_0 (auth_service))
+(typeattributeset autofill_service_30_0 (autofill_service))
+(typeattributeset backup_data_file_30_0 (backup_data_file))
+(typeattributeset backup_service_30_0 (backup_service))
+(typeattributeset battery_service_30_0 (battery_service))
+(typeattributeset batteryproperties_service_30_0 (batteryproperties_service))
+(typeattributeset batterystats_service_30_0 (batterystats_service))
+(typeattributeset binder_cache_bluetooth_server_prop_30_0 (binder_cache_bluetooth_server_prop))
+(typeattributeset binder_cache_system_server_prop_30_0 (binder_cache_system_server_prop))
+(typeattributeset binder_cache_telephony_server_prop_30_0 (binder_cache_telephony_server_prop))
+(typeattributeset binder_calls_stats_service_30_0 (binder_calls_stats_service))
+(typeattributeset binder_device_30_0 (binder_device))
+(typeattributeset binderfs_30_0 (binderfs))
+(typeattributeset binderfs_logs_30_0 (binderfs_logs))
+(typeattributeset binderfs_logs_proc_30_0 (binderfs_logs_proc))
+(typeattributeset binfmt_miscfs_30_0 (binfmt_miscfs))
+(typeattributeset biometric_service_30_0 (biometric_service))
+(typeattributeset blkid_30_0 (blkid))
+(typeattributeset blkid_untrusted_30_0 (blkid_untrusted))
+(typeattributeset blob_store_service_30_0 (blob_store_service))
+(typeattributeset block_device_30_0 (block_device))
+(typeattributeset bluetooth_30_0 (bluetooth))
+(typeattributeset bluetooth_a2dp_offload_prop_30_0 (bluetooth_a2dp_offload_prop))
+(typeattributeset bluetooth_audio_hal_prop_30_0 (bluetooth_audio_hal_prop))
+(typeattributeset bluetooth_data_file_30_0 (bluetooth_data_file))
+(typeattributeset bluetooth_efs_file_30_0 (bluetooth_efs_file))
+(typeattributeset bluetooth_logs_data_file_30_0 (bluetooth_logs_data_file))
+(typeattributeset bluetooth_manager_service_30_0 (bluetooth_manager_service))
+(typeattributeset bluetooth_prop_30_0 (bluetooth_prop))
+(typeattributeset bluetooth_service_30_0 (bluetooth_service))
+(typeattributeset bluetooth_socket_30_0 (bluetooth_socket))
+(typeattributeset boot_block_device_30_0 (boot_block_device))
+(typeattributeset bootanim_30_0 (bootanim))
+(typeattributeset bootanim_exec_30_0 (bootanim_exec))
+(typeattributeset bootchart_data_file_30_0 (bootchart_data_file))
+(typeattributeset bootloader_boot_reason_prop_30_0 (bootloader_boot_reason_prop))
+(typeattributeset bootstat_30_0 (bootstat))
+(typeattributeset bootstat_data_file_30_0 (bootstat_data_file))
+(typeattributeset bootstat_exec_30_0 (bootstat_exec))
+(typeattributeset boottime_prop_30_0 (boottime_prop))
+(typeattributeset boottime_public_prop_30_0 (boottime_public_prop))
+(typeattributeset boottrace_data_file_30_0 (boottrace_data_file))
+(typeattributeset bpf_progs_loaded_prop_30_0 (bpf_progs_loaded_prop))
+(typeattributeset bq_config_prop_30_0 (bq_config_prop))
+(typeattributeset broadcastradio_service_30_0 (broadcastradio_service))
+(typeattributeset bufferhubd_30_0 (bufferhubd))
+(typeattributeset bufferhubd_exec_30_0 (bufferhubd_exec))
+(typeattributeset bugreport_service_30_0 (bugreport_service))
+(typeattributeset cache_backup_file_30_0 (cache_backup_file))
+(typeattributeset cache_block_device_30_0 (cache_block_device))
+(typeattributeset cache_file_30_0 (cache_file))
+(typeattributeset cache_private_backup_file_30_0 (cache_private_backup_file))
+(typeattributeset cache_recovery_file_30_0 (cache_recovery_file))
+(typeattributeset camera_data_file_30_0 (camera_data_file))
+(typeattributeset camera_device_30_0 (camera_device))
+(typeattributeset cameraproxy_service_30_0 (cameraproxy_service))
+(typeattributeset cameraserver_30_0 (cameraserver))
+(typeattributeset cameraserver_exec_30_0 (cameraserver_exec))
+(typeattributeset cameraserver_service_30_0 (cameraserver_service))
+(typeattributeset cameraserver_tmpfs_30_0 (cameraserver_tmpfs))
+(typeattributeset cgroup_30_0 (cgroup))
+(typeattributeset cgroup_bpf_30_0 (cgroup_bpf))
+(typeattributeset cgroup_desc_file_30_0 (cgroup_desc_file))
+(typeattributeset cgroup_rc_file_30_0 (cgroup_rc_file))
+(typeattributeset charger_30_0 (charger))
+(typeattributeset charger_exec_30_0 (charger_exec))
+(typeattributeset charger_prop_30_0 (charger_prop))
+(typeattributeset clipboard_service_30_0 (clipboard_service))
+(typeattributeset cold_boot_done_prop_30_0 (cold_boot_done_prop))
+(typeattributeset color_display_service_30_0 (color_display_service))
+(typeattributeset companion_device_service_30_0 (companion_device_service))
+(typeattributeset config_prop_30_0 (config_prop))
+(typeattributeset configfs_30_0 (configfs))
+(typeattributeset connectivity_service_30_0 (connectivity_service))
+(typeattributeset connmetrics_service_30_0 (connmetrics_service))
+(typeattributeset console_device_30_0 (console_device))
+(typeattributeset consumer_ir_service_30_0 (consumer_ir_service))
+(typeattributeset content_capture_service_30_0 (content_capture_service))
+(typeattributeset content_service_30_0 (content_service))
+(typeattributeset content_suggestions_service_30_0 (content_suggestions_service))
+(typeattributeset contexthub_service_30_0 (contexthub_service))
+(typeattributeset coredump_file_30_0 (coredump_file))
+(typeattributeset country_detector_service_30_0 (country_detector_service))
+(typeattributeset coverage_service_30_0 (coverage_service))
+(typeattributeset cppreopt_prop_30_0 (cppreopt_prop))
+(typeattributeset cpu_variant_prop_30_0 (cpu_variant_prop))
+(typeattributeset cpuinfo_service_30_0 (cpuinfo_service))
+(typeattributeset crash_dump_30_0 (crash_dump))
+(typeattributeset crash_dump_exec_30_0 (crash_dump_exec))
+(typeattributeset credstore_30_0 (credstore))
+(typeattributeset credstore_data_file_30_0 (credstore_data_file))
+(typeattributeset credstore_exec_30_0 (credstore_exec))
+(typeattributeset credstore_service_30_0 (credstore_service))
+(typeattributeset crossprofileapps_service_30_0 (crossprofileapps_service))
+(typeattributeset ctl_adbd_prop_30_0 (ctl_adbd_prop))
+(typeattributeset ctl_apexd_prop_30_0 (ctl_apexd_prop))
+(typeattributeset ctl_bootanim_prop_30_0 (ctl_bootanim_prop))
+(typeattributeset ctl_bugreport_prop_30_0 (ctl_bugreport_prop))
+(typeattributeset ctl_console_prop_30_0 (ctl_console_prop))
+(typeattributeset ctl_default_prop_30_0 (ctl_default_prop))
+(typeattributeset ctl_dumpstate_prop_30_0 (ctl_dumpstate_prop))
+(typeattributeset ctl_fuse_prop_30_0 (ctl_fuse_prop))
+(typeattributeset ctl_gsid_prop_30_0 (ctl_gsid_prop))
+(typeattributeset ctl_interface_restart_prop_30_0 (ctl_interface_restart_prop))
+(typeattributeset ctl_interface_start_prop_30_0 (ctl_interface_start_prop))
+(typeattributeset ctl_interface_stop_prop_30_0 (ctl_interface_stop_prop))
+(typeattributeset ctl_mdnsd_prop_30_0 (ctl_mdnsd_prop))
+(typeattributeset ctl_restart_prop_30_0 (ctl_restart_prop))
+(typeattributeset ctl_rildaemon_prop_30_0 (ctl_rildaemon_prop))
+(typeattributeset ctl_sigstop_prop_30_0 (ctl_sigstop_prop))
+(typeattributeset ctl_start_prop_30_0 (ctl_start_prop))
+(typeattributeset ctl_stop_prop_30_0 (ctl_stop_prop))
+(typeattributeset dalvik_prop_30_0 (dalvik_prop))
+(typeattributeset dalvikcache_data_file_30_0 (dalvikcache_data_file))
+(typeattributeset dataloader_manager_service_30_0 (dataloader_manager_service))
+(typeattributeset dbinfo_service_30_0 (dbinfo_service))
+(typeattributeset debug_prop_30_0 (debug_prop))
+(typeattributeset debugfs_30_0 (debugfs))
+(typeattributeset debugfs_mmc_30_0 (debugfs_mmc))
+(typeattributeset debugfs_trace_marker_30_0 (debugfs_trace_marker))
+(typeattributeset debugfs_tracing_30_0 (debugfs_tracing))
+(typeattributeset debugfs_tracing_debug_30_0 (debugfs_tracing_debug))
+(typeattributeset debugfs_tracing_instances_30_0 (debugfs_tracing_instances))
+(typeattributeset debugfs_wakeup_sources_30_0 (debugfs_wakeup_sources))
+(typeattributeset debugfs_wifi_tracing_30_0 (debugfs_wifi_tracing))
+(typeattributeset debuggerd_prop_30_0 (debuggerd_prop))
+(typeattributeset default_android_hwservice_30_0 (default_android_hwservice))
+(typeattributeset default_android_service_30_0 (default_android_service))
+(typeattributeset default_android_vndservice_30_0 (default_android_vndservice))
+(typeattributeset default_prop_30_0 (default_prop init_service_status_private_prop))
+(typeattributeset dev_cpu_variant_30_0 (dev_cpu_variant))
+(typeattributeset device_30_0 (device))
+(typeattributeset device_config_activity_manager_native_boot_prop_30_0 (device_config_activity_manager_native_boot_prop))
+(typeattributeset device_config_boot_count_prop_30_0 (device_config_boot_count_prop))
+(typeattributeset device_config_configuration_prop_30_0 (device_config_configuration_prop))
+(typeattributeset device_config_input_native_boot_prop_30_0 (device_config_input_native_boot_prop))
+(typeattributeset device_config_media_native_prop_30_0 (device_config_media_native_prop))
+(typeattributeset device_config_netd_native_prop_30_0 (device_config_netd_native_prop))
+(typeattributeset device_config_reset_performed_prop_30_0 (device_config_reset_performed_prop))
+(typeattributeset device_config_runtime_native_boot_prop_30_0 (device_config_runtime_native_boot_prop))
+(typeattributeset device_config_runtime_native_prop_30_0 (device_config_runtime_native_prop))
+(typeattributeset device_config_service_30_0 (device_config_service))
+(typeattributeset device_config_storage_native_boot_prop_30_0 (device_config_storage_native_boot_prop))
+(typeattributeset device_config_sys_traced_prop_30_0 (device_config_sys_traced_prop))
+(typeattributeset device_config_window_manager_native_boot_prop_30_0 (device_config_window_manager_native_boot_prop))
+(typeattributeset device_identifiers_service_30_0 (device_identifiers_service))
+(typeattributeset device_logging_prop_30_0 (device_logging_prop))
+(typeattributeset device_policy_service_30_0 (device_policy_service))
+(typeattributeset deviceidle_service_30_0 (deviceidle_service))
+(typeattributeset devicestoragemonitor_service_30_0 (devicestoragemonitor_service))
+(typeattributeset devpts_30_0 (devpts))
+(typeattributeset dhcp_30_0 (dhcp))
+(typeattributeset dhcp_data_file_30_0 (dhcp_data_file))
+(typeattributeset dhcp_exec_30_0 (dhcp_exec))
+(typeattributeset dhcp_prop_30_0 (dhcp_prop))
+(typeattributeset diskstats_service_30_0 (diskstats_service))
+(typeattributeset display_service_30_0 (display_service))
+(typeattributeset dm_device_30_0 (dm_device))
+(typeattributeset dnsmasq_30_0 (dnsmasq))
+(typeattributeset dnsmasq_exec_30_0 (dnsmasq_exec))
+(typeattributeset dnsproxyd_socket_30_0 (dnsproxyd_socket))
+(typeattributeset dnsresolver_service_30_0 (dnsresolver_service))
+(typeattributeset dreams_service_30_0 (dreams_service))
+(typeattributeset drm_data_file_30_0 (drm_data_file))
+(typeattributeset drmserver_30_0 (drmserver))
+(typeattributeset drmserver_exec_30_0 (drmserver_exec))
+(typeattributeset drmserver_service_30_0 (drmserver_service))
+(typeattributeset drmserver_socket_30_0 (drmserver_socket))
+(typeattributeset dropbox_data_file_30_0 (dropbox_data_file))
+(typeattributeset dropbox_service_30_0 (dropbox_service))
+(typeattributeset dumpstate_30_0 (dumpstate))
+(typeattributeset dumpstate_exec_30_0 (dumpstate_exec))
+(typeattributeset dumpstate_options_prop_30_0 (dumpstate_options_prop))
+(typeattributeset dumpstate_prop_30_0 (dumpstate_prop))
+(typeattributeset dumpstate_service_30_0 (dumpstate_service))
+(typeattributeset dumpstate_socket_30_0 (dumpstate_socket))
+(typeattributeset dynamic_system_prop_30_0 (dynamic_system_prop))
+(typeattributeset e2fs_30_0 (e2fs))
+(typeattributeset e2fs_exec_30_0 (e2fs_exec))
+(typeattributeset efs_file_30_0 (efs_file))
+(typeattributeset emergency_affordance_service_30_0 (emergency_affordance_service))
+(typeattributeset ephemeral_app_30_0 (ephemeral_app))
+(typeattributeset ethernet_service_30_0 (ethernet_service))
+(typeattributeset exfat_30_0 (exfat))
+(typeattributeset exported2_config_prop_30_0 (exported2_config_prop systemsound_config_prop))
+(typeattributeset exported2_default_prop_30_0
+ ( exported2_default_prop
+ aac_drc_prop
+ build_prop
+ init_service_status_prop
+ libc_debug_prop))
+(typeattributeset exported2_radio_prop_30_0 (exported2_radio_prop))
+(typeattributeset exported2_system_prop_30_0
+ ( exported2_system_prop
+ dalvik_runtime_prop
+ surfaceflinger_color_prop
+ zram_control_prop))
+(typeattributeset exported2_vold_prop_30_0 (exported2_vold_prop vold_config_prop))
+(typeattributeset exported3_default_prop_30_0
+ ( exported3_default_prop
+ camera_config_prop
+ drm_service_config_prop
+ hdmi_config_prop
+ lmkd_config_prop
+ media_config_prop
+ mediadrm_config_prop
+ packagemanager_config_prop
+ recovery_config_prop
+ telephony_config_prop
+ zram_config_prop))
+(typeattributeset exported3_radio_prop_30_0 (exported3_radio_prop))
+(typeattributeset exported3_system_prop_30_0
+ ( exported3_system_prop
+ boot_status_prop
+ provisioned_prop
+ retaildemo_prop))
+(typeattributeset exported_audio_prop_30_0 (exported_audio_prop audio_config_prop))
+(typeattributeset exported_bluetooth_prop_30_0 (exported_bluetooth_prop))
+(typeattributeset exported_camera_prop_30_0 (exported_camera_prop))
+(typeattributeset exported_config_prop_30_0 (exported_config_prop))
+(typeattributeset exported_dalvik_prop_30_0 (exported_dalvik_prop dalvik_config_prop))
+(typeattributeset exported_default_prop_30_0
+ ( exported_default_prop
+ build_odm_prop
+ build_vendor_prop
+ surfaceflinger_prop))
+(typeattributeset exported_dumpstate_prop_30_0 (exported_dumpstate_prop))
+(typeattributeset exported_ffs_prop_30_0
+ ( exported_ffs_prop
+ ffs_config_prop
+ ffs_control_prop))
+(typeattributeset exported_fingerprint_prop_30_0 (exported_fingerprint_prop fingerprint_prop))
+(typeattributeset exported_overlay_prop_30_0 (exported_overlay_prop))
+(typeattributeset exported_pm_prop_30_0 (exported_pm_prop))
+(typeattributeset exported_radio_prop_30_0 (exported_radio_prop telephony_status_prop))
+(typeattributeset exported_secure_prop_30_0 (exported_secure_prop))
+(typeattributeset exported_system_prop_30_0 (exported_system_prop))
+(typeattributeset exported_system_radio_prop_30_0
+ ( exported_system_radio_prop
+ usb_config_prop
+ usb_control_prop))
+(typeattributeset exported_vold_prop_30_0 (exported_vold_prop vold_status_prop))
+(typeattributeset exported_wifi_prop_30_0 (exported_wifi_prop))
+(typeattributeset external_vibrator_service_30_0 (external_vibrator_service))
+(typeattributeset face_service_30_0 (face_service))
+(typeattributeset face_vendor_data_file_30_0 (face_vendor_data_file))
+(typeattributeset fastbootd_30_0 (fastbootd))
+(typeattributeset ffs_prop_30_0 (ffs_prop))
+(typeattributeset file_contexts_file_30_0 (file_contexts_file))
+(typeattributeset file_integrity_service_30_0 (file_integrity_service))
+(typeattributeset fingerprint_service_30_0 (fingerprint_service))
+(typeattributeset fingerprint_vendor_data_file_30_0 (fingerprint_vendor_data_file))
+(typeattributeset fingerprintd_30_0 (fingerprintd))
+(typeattributeset fingerprintd_data_file_30_0 (fingerprintd_data_file))
+(typeattributeset fingerprintd_exec_30_0 (fingerprintd_exec))
+(typeattributeset fingerprintd_service_30_0 (fingerprintd_service))
+(typeattributeset firstboot_prop_30_0 (firstboot_prop))
+(typeattributeset flags_health_check_30_0 (flags_health_check))
+(typeattributeset flags_health_check_exec_30_0 (flags_health_check_exec))
+(typeattributeset font_service_30_0 (font_service))
+(typeattributeset frp_block_device_30_0 (frp_block_device))
+(typeattributeset fs_bpf_30_0 (fs_bpf))
+(typeattributeset fsck_30_0 (fsck))
+(typeattributeset fsck_exec_30_0 (fsck_exec))
+(typeattributeset fsck_untrusted_30_0 (fsck_untrusted))
+(typeattributeset fscklogs_30_0 (fscklogs))
+(typeattributeset functionfs_30_0 (functionfs))
+(typeattributeset fuse_30_0 (fuse))
+(typeattributeset fuse_device_30_0 (fuse_device))
+(typeattributeset fwk_automotive_display_hwservice_30_0 (fwk_automotive_display_hwservice))
+(typeattributeset fwk_bufferhub_hwservice_30_0 (fwk_bufferhub_hwservice))
+(typeattributeset fwk_camera_hwservice_30_0 (fwk_camera_hwservice))
+(typeattributeset fwk_display_hwservice_30_0 (fwk_display_hwservice))
+(typeattributeset fwk_scheduler_hwservice_30_0 (fwk_scheduler_hwservice))
+(typeattributeset fwk_sensor_hwservice_30_0 (fwk_sensor_hwservice))
+(typeattributeset fwk_stats_hwservice_30_0 (fwk_stats_hwservice))
+(typeattributeset fwmarkd_socket_30_0 (fwmarkd_socket))
+(typeattributeset gatekeeper_data_file_30_0 (gatekeeper_data_file))
+(typeattributeset gatekeeper_service_30_0 (gatekeeper_service))
+(typeattributeset gatekeeperd_30_0 (gatekeeperd))
+(typeattributeset gatekeeperd_exec_30_0 (gatekeeperd_exec))
+(typeattributeset gfxinfo_service_30_0 (gfxinfo_service))
+(typeattributeset gmscore_app_30_0 (gmscore_app))
+(typeattributeset gps_control_30_0 (gps_control))
+(typeattributeset gpu_device_30_0 (gpu_device))
+(typeattributeset gpu_service_30_0 (gpu_service))
+(typeattributeset gpuservice_30_0 (gpuservice))
+(typeattributeset graphics_device_30_0 (graphics_device))
+(typeattributeset graphicsstats_service_30_0 (graphicsstats_service))
+(typeattributeset gsi_data_file_30_0 (gsi_data_file))
+(typeattributeset gsi_metadata_file_30_0 (gsi_metadata_file))
+(typeattributeset gsid_prop_30_0 (gsid_prop))
+(typeattributeset hal_atrace_hwservice_30_0 (hal_atrace_hwservice))
+(typeattributeset hal_audio_hwservice_30_0 (hal_audio_hwservice))
+(typeattributeset hal_audiocontrol_hwservice_30_0 (hal_audiocontrol_hwservice))
+(typeattributeset hal_authsecret_hwservice_30_0 (hal_authsecret_hwservice))
+(typeattributeset hal_bluetooth_hwservice_30_0 (hal_bluetooth_hwservice))
+(typeattributeset hal_bootctl_hwservice_30_0 (hal_bootctl_hwservice))
+(typeattributeset hal_broadcastradio_hwservice_30_0 (hal_broadcastradio_hwservice))
+(typeattributeset hal_camera_hwservice_30_0 (hal_camera_hwservice))
+(typeattributeset hal_can_bus_hwservice_30_0 (hal_can_bus_hwservice))
+(typeattributeset hal_can_controller_hwservice_30_0 (hal_can_controller_hwservice))
+(typeattributeset hal_cas_hwservice_30_0 (hal_cas_hwservice))
+(typeattributeset hal_codec2_hwservice_30_0 (hal_codec2_hwservice))
+(typeattributeset hal_configstore_ISurfaceFlingerConfigs_30_0 (hal_configstore_ISurfaceFlingerConfigs))
+(typeattributeset hal_confirmationui_hwservice_30_0 (hal_confirmationui_hwservice))
+(typeattributeset hal_contexthub_hwservice_30_0 (hal_contexthub_hwservice))
+(typeattributeset hal_drm_hwservice_30_0 (hal_drm_hwservice))
+(typeattributeset hal_dumpstate_hwservice_30_0 (hal_dumpstate_hwservice))
+(typeattributeset hal_evs_hwservice_30_0 (hal_evs_hwservice))
+(typeattributeset hal_face_hwservice_30_0 (hal_face_hwservice))
+(typeattributeset hal_fingerprint_hwservice_30_0 (hal_fingerprint_hwservice))
+(typeattributeset hal_fingerprint_service_30_0 (hal_fingerprint_service))
+(typeattributeset hal_gatekeeper_hwservice_30_0 (hal_gatekeeper_hwservice))
+(typeattributeset hal_gnss_hwservice_30_0 (hal_gnss_hwservice))
+(typeattributeset hal_graphics_allocator_hwservice_30_0 (hal_graphics_allocator_hwservice))
+(typeattributeset hal_graphics_composer_hwservice_30_0 (hal_graphics_composer_hwservice))
+(typeattributeset hal_graphics_composer_server_tmpfs_30_0 (hal_graphics_composer_server_tmpfs))
+(typeattributeset hal_graphics_mapper_hwservice_30_0 (hal_graphics_mapper_hwservice))
+(typeattributeset hal_health_hwservice_30_0 (hal_health_hwservice))
+(typeattributeset hal_health_storage_hwservice_30_0 (hal_health_storage_hwservice))
+(typeattributeset hal_identity_service_30_0 (hal_identity_service))
+(typeattributeset hal_input_classifier_hwservice_30_0 (hal_input_classifier_hwservice))
+(typeattributeset hal_ir_hwservice_30_0 (hal_ir_hwservice))
+(typeattributeset hal_keymaster_hwservice_30_0 (hal_keymaster_hwservice))
+(typeattributeset hal_light_hwservice_30_0 (hal_light_hwservice))
+(typeattributeset hal_light_service_30_0 (hal_light_service))
+(typeattributeset hal_lowpan_hwservice_30_0 (hal_lowpan_hwservice))
+(typeattributeset hal_memtrack_hwservice_30_0 (hal_memtrack_hwservice))
+(typeattributeset hal_neuralnetworks_hwservice_30_0 (hal_neuralnetworks_hwservice))
+(typeattributeset hal_nfc_hwservice_30_0 (hal_nfc_hwservice))
+(typeattributeset hal_oemlock_hwservice_30_0 (hal_oemlock_hwservice))
+(typeattributeset hal_omx_hwservice_30_0 (hal_omx_hwservice))
+(typeattributeset hal_power_hwservice_30_0 (hal_power_hwservice))
+(typeattributeset hal_power_service_30_0 (hal_power_service))
+(typeattributeset hal_power_stats_hwservice_30_0 (hal_power_stats_hwservice))
+(typeattributeset hal_rebootescrow_service_30_0 (hal_rebootescrow_service))
+(typeattributeset hal_renderscript_hwservice_30_0 (hal_renderscript_hwservice))
+(typeattributeset hal_secure_element_hwservice_30_0 (hal_secure_element_hwservice))
+(typeattributeset hal_sensors_hwservice_30_0 (hal_sensors_hwservice))
+(typeattributeset hal_telephony_hwservice_30_0 (hal_telephony_hwservice))
+(typeattributeset hal_tetheroffload_hwservice_30_0 (hal_tetheroffload_hwservice))
+(typeattributeset hal_thermal_hwservice_30_0 (hal_thermal_hwservice))
+(typeattributeset hal_tv_cec_hwservice_30_0 (hal_tv_cec_hwservice))
+(typeattributeset hal_tv_input_hwservice_30_0 (hal_tv_input_hwservice))
+(typeattributeset hal_tv_tuner_hwservice_30_0 (hal_tv_tuner_hwservice))
+(typeattributeset hal_usb_gadget_hwservice_30_0 (hal_usb_gadget_hwservice))
+(typeattributeset hal_usb_hwservice_30_0 (hal_usb_hwservice))
+(typeattributeset hal_vehicle_hwservice_30_0 (hal_vehicle_hwservice))
+(typeattributeset hal_vibrator_hwservice_30_0 (hal_vibrator_hwservice))
+(typeattributeset hal_vibrator_service_30_0 (hal_vibrator_service))
+(typeattributeset hal_vr_hwservice_30_0 (hal_vr_hwservice))
+(typeattributeset hal_weaver_hwservice_30_0 (hal_weaver_hwservice))
+(typeattributeset hal_wifi_hostapd_hwservice_30_0 (hal_wifi_hostapd_hwservice))
+(typeattributeset hal_wifi_hwservice_30_0 (hal_wifi_hwservice))
+(typeattributeset hal_wifi_supplicant_hwservice_30_0 (hal_wifi_supplicant_hwservice))
+(typeattributeset hardware_properties_service_30_0 (hardware_properties_service))
+(typeattributeset hardware_service_30_0 (hardware_service))
+(typeattributeset hci_attach_dev_30_0 (hci_attach_dev))
+(typeattributeset hdmi_control_service_30_0 (hdmi_control_service))
+(typeattributeset healthd_30_0 (healthd))
+(typeattributeset healthd_exec_30_0 (healthd_exec))
+(typeattributeset heapdump_data_file_30_0 (heapdump_data_file))
+(typeattributeset heapprofd_30_0 (heapprofd))
+(typeattributeset heapprofd_enabled_prop_30_0 (heapprofd_enabled_prop))
+(typeattributeset heapprofd_prop_30_0 (heapprofd_prop))
+(typeattributeset heapprofd_socket_30_0 (heapprofd_socket))
+(typeattributeset hidl_allocator_hwservice_30_0 (hidl_allocator_hwservice))
+(typeattributeset hidl_base_hwservice_30_0 (hidl_base_hwservice))
+(typeattributeset hidl_manager_hwservice_30_0 (hidl_manager_hwservice))
+(typeattributeset hidl_memory_hwservice_30_0 (hidl_memory_hwservice))
+(typeattributeset hidl_token_hwservice_30_0 (hidl_token_hwservice))
+(typeattributeset hw_random_device_30_0 (hw_random_device))
+(typeattributeset hwbinder_device_30_0 (hwbinder_device))
+(typeattributeset hwservice_contexts_file_30_0 (hwservice_contexts_file))
+(typeattributeset hwservicemanager_30_0 (hwservicemanager))
+(typeattributeset hwservicemanager_exec_30_0 (hwservicemanager_exec))
+(typeattributeset hwservicemanager_prop_30_0 (hwservicemanager_prop))
+(typeattributeset icon_file_30_0 (icon_file))
+(typeattributeset idmap_30_0 (idmap))
+(typeattributeset idmap_exec_30_0 (idmap_exec))
+(typeattributeset idmap_service_30_0 (idmap_service))
+(typeattributeset iio_device_30_0 (iio_device))
+(typeattributeset imms_service_30_0 (imms_service))
+(typeattributeset incident_30_0 (incident))
+(typeattributeset incident_data_file_30_0 (incident_data_file))
+(typeattributeset incident_helper_30_0 (incident_helper))
+(typeattributeset incident_service_30_0 (incident_service))
+(typeattributeset incidentd_30_0 (incidentd))
+(typeattributeset incremental_control_file_30_0 (incremental_control_file))
+(typeattributeset incremental_prop_30_0 (incremental_prop))
+(typeattributeset incremental_service_30_0 (incremental_service))
+(typeattributeset init_30_0 (init))
+(typeattributeset init_exec_30_0 (init_exec))
+(typeattributeset init_perf_lsm_hooks_prop_30_0 (init_perf_lsm_hooks_prop))
+(typeattributeset init_svc_debug_prop_30_0 (init_svc_debug_prop))
+(typeattributeset init_tmpfs_30_0 (init_tmpfs))
+(typeattributeset inotify_30_0 (inotify))
+(typeattributeset input_device_30_0 (input_device))
+(typeattributeset input_method_service_30_0 (input_method_service))
+(typeattributeset input_service_30_0 (input_service))
+(typeattributeset inputflinger_30_0 (inputflinger))
+(typeattributeset inputflinger_exec_30_0 (inputflinger_exec))
+(typeattributeset inputflinger_service_30_0 (inputflinger_service))
+(typeattributeset install_data_file_30_0 (install_data_file))
+(typeattributeset installd_30_0 (installd))
+(typeattributeset installd_exec_30_0 (installd_exec))
+(typeattributeset installd_service_30_0 (installd_service))
+(typeattributeset ion_device_30_0 (ion_device))
+(typeattributeset iorap_inode2filename_30_0 (iorap_inode2filename))
+(typeattributeset iorap_inode2filename_exec_30_0 (iorap_inode2filename_exec))
+(typeattributeset iorap_inode2filename_tmpfs_30_0 (iorap_inode2filename_tmpfs))
+(typeattributeset iorap_prefetcherd_30_0 (iorap_prefetcherd))
+(typeattributeset iorap_prefetcherd_exec_30_0 (iorap_prefetcherd_exec))
+(typeattributeset iorap_prefetcherd_tmpfs_30_0 (iorap_prefetcherd_tmpfs))
+(typeattributeset iorapd_30_0 (iorapd))
+(typeattributeset iorapd_data_file_30_0 (iorapd_data_file))
+(typeattributeset iorapd_exec_30_0 (iorapd_exec))
+(typeattributeset iorapd_service_30_0 (iorapd_service))
+(typeattributeset iorapd_tmpfs_30_0 (iorapd_tmpfs))
+(typeattributeset ipsec_service_30_0 (ipsec_service))
+(typeattributeset iris_service_30_0 (iris_service))
+(typeattributeset iris_vendor_data_file_30_0 (iris_vendor_data_file))
+(typeattributeset isolated_app_30_0 (isolated_app))
+(typeattributeset jobscheduler_service_30_0 (jobscheduler_service))
+(typeattributeset kernel_30_0 (kernel))
+(typeattributeset keychain_data_file_30_0 (keychain_data_file))
+(typeattributeset keychord_device_30_0 (keychord_device))
+(typeattributeset keystore_30_0 (keystore))
+(typeattributeset keystore_data_file_30_0 (keystore_data_file))
+(typeattributeset keystore_exec_30_0 (keystore_exec))
+(typeattributeset keystore_service_30_0 (keystore_service))
+(typeattributeset kmsg_debug_device_30_0 (kmsg_debug_device))
+(typeattributeset kmsg_device_30_0 (kmsg_device))
+(typeattributeset labeledfs_30_0 (labeledfs))
+(typeattributeset last_boot_reason_prop_30_0 (last_boot_reason_prop))
+(typeattributeset launcherapps_service_30_0 (launcherapps_service))
+(typeattributeset light_service_30_0 (light_service))
+(typeattributeset linkerconfig_file_30_0 (linkerconfig_file))
+(typeattributeset llkd_30_0 (llkd))
+(typeattributeset llkd_exec_30_0 (llkd_exec))
+(typeattributeset llkd_prop_30_0 (llkd_prop))
+(typeattributeset lmkd_30_0 (lmkd))
+(typeattributeset lmkd_exec_30_0 (lmkd_exec))
+(typeattributeset lmkd_prop_30_0 (lmkd_prop))
+(typeattributeset lmkd_socket_30_0 (lmkd_socket))
+(typeattributeset location_service_30_0 (location_service))
+(typeattributeset lock_settings_service_30_0 (lock_settings_service))
+(typeattributeset log_prop_30_0 (log_prop))
+(typeattributeset log_tag_prop_30_0 (log_tag_prop))
+(typeattributeset logcat_exec_30_0 (logcat_exec))
+(typeattributeset logd_30_0 (logd))
+(typeattributeset logd_exec_30_0 (logd_exec))
+(typeattributeset logd_prop_30_0 (logd_prop))
+(typeattributeset logd_socket_30_0 (logd_socket))
+(typeattributeset logdr_socket_30_0 (logdr_socket))
+(typeattributeset logdw_socket_30_0 (logdw_socket))
+(typeattributeset logpersist_30_0 (logpersist))
+(typeattributeset logpersistd_logging_prop_30_0 (logpersistd_logging_prop))
+(typeattributeset loop_control_device_30_0 (loop_control_device))
+(typeattributeset loop_device_30_0 (loop_device))
+(typeattributeset looper_stats_service_30_0 (looper_stats_service))
+(typeattributeset lowpan_device_30_0 (lowpan_device))
+(typeattributeset lowpan_prop_30_0 (lowpan_prop))
+(typeattributeset lowpan_service_30_0 (lowpan_service))
+(typeattributeset lpdump_service_30_0 (lpdump_service))
+(typeattributeset lpdumpd_prop_30_0 (lpdumpd_prop))
+(typeattributeset mac_perms_file_30_0 (mac_perms_file))
+(typeattributeset mdns_socket_30_0 (mdns_socket))
+(typeattributeset mdnsd_30_0 (mdnsd))
+(typeattributeset mdnsd_socket_30_0 (mdnsd_socket))
+(typeattributeset media_data_file_30_0 (media_data_file))
+(typeattributeset media_projection_service_30_0 (media_projection_service))
+(typeattributeset media_router_service_30_0 (media_router_service))
+(typeattributeset media_rw_data_file_30_0 (media_rw_data_file))
+(typeattributeset media_session_service_30_0 (media_session_service))
+(typeattributeset media_variant_prop_30_0 (media_variant_prop))
+(typeattributeset mediadrmserver_30_0 (mediadrmserver))
+(typeattributeset mediadrmserver_exec_30_0 (mediadrmserver_exec))
+(typeattributeset mediadrmserver_service_30_0 (mediadrmserver_service))
+(typeattributeset mediaextractor_30_0 (mediaextractor))
+(typeattributeset mediaextractor_exec_30_0 (mediaextractor_exec))
+(typeattributeset mediaextractor_service_30_0 (mediaextractor_service))
+(typeattributeset mediaextractor_tmpfs_30_0 (mediaextractor_tmpfs))
+(typeattributeset mediametrics_30_0 (mediametrics))
+(typeattributeset mediametrics_exec_30_0 (mediametrics_exec))
+(typeattributeset mediametrics_service_30_0 (mediametrics_service))
+(typeattributeset mediaprovider_30_0 (mediaprovider))
+(typeattributeset mediaserver_30_0 (mediaserver))
+(typeattributeset mediaserver_exec_30_0 (mediaserver_exec))
+(typeattributeset mediaserver_service_30_0 (mediaserver_service))
+(typeattributeset mediaserver_tmpfs_30_0 (mediaserver_tmpfs))
+(typeattributeset mediaswcodec_30_0 (mediaswcodec))
+(typeattributeset mediaswcodec_exec_30_0 (mediaswcodec_exec))
+(typeattributeset mediatranscoding_30_0 (mediatranscoding))
+(typeattributeset mediatranscoding_exec_30_0 (mediatranscoding_exec))
+(typeattributeset mediatranscoding_service_30_0 (mediatranscoding_service))
+(typeattributeset meminfo_service_30_0 (meminfo_service))
+(typeattributeset metadata_block_device_30_0 (metadata_block_device))
+(typeattributeset metadata_bootstat_file_30_0 (metadata_bootstat_file))
+(typeattributeset metadata_file_30_0 (metadata_file))
+(typeattributeset method_trace_data_file_30_0 (method_trace_data_file))
+(typeattributeset midi_service_30_0 (midi_service))
+(typeattributeset mirror_data_file_30_0 (mirror_data_file))
+(typeattributeset misc_block_device_30_0 (misc_block_device))
+(typeattributeset misc_logd_file_30_0 (misc_logd_file))
+(typeattributeset misc_user_data_file_30_0 (misc_user_data_file))
+(typeattributeset mmc_prop_30_0 (mmc_prop))
+(typeattributeset mnt_expand_file_30_0 (mnt_expand_file))
+(typeattributeset mnt_media_rw_file_30_0 (mnt_media_rw_file))
+(typeattributeset mnt_media_rw_stub_file_30_0 (mnt_media_rw_stub_file))
+(typeattributeset mnt_pass_through_file_30_0 (mnt_pass_through_file))
+(typeattributeset mnt_product_file_30_0 (mnt_product_file))
+(typeattributeset mnt_sdcard_file_30_0 (mnt_sdcard_file))
+(typeattributeset mnt_user_file_30_0 (mnt_user_file))
+(typeattributeset mnt_vendor_file_30_0 (mnt_vendor_file))
+(typeattributeset mock_ota_prop_30_0 (mock_ota_prop))
+(typeattributeset modprobe_30_0 (modprobe))
+(typeattributeset module_sdkextensions_prop_30_0 (module_sdkextensions_prop))
+(typeattributeset mount_service_30_0 (mount_service))
+(typeattributeset mqueue_30_0 (mqueue))
+(typeattributeset mtp_30_0 (mtp))
+(typeattributeset mtp_device_30_0 (mtp_device))
+(typeattributeset mtp_exec_30_0 (mtp_exec))
+(typeattributeset mtpd_socket_30_0 (mtpd_socket))
+(typeattributeset nativetest_data_file_30_0 (nativetest_data_file))
+(typeattributeset net_data_file_30_0 (net_data_file))
+(typeattributeset net_dns_prop_30_0 (net_dns_prop))
+(typeattributeset net_radio_prop_30_0 (net_radio_prop))
+(typeattributeset netd_30_0 (netd))
+(typeattributeset netd_exec_30_0 (netd_exec))
+(typeattributeset netd_listener_service_30_0 (netd_listener_service))
+(typeattributeset netd_service_30_0 (netd_service))
+(typeattributeset netd_stable_secret_prop_30_0 (netd_stable_secret_prop))
+(typeattributeset netif_30_0 (netif))
+(typeattributeset netpolicy_service_30_0 (netpolicy_service))
+(typeattributeset netstats_service_30_0 (netstats_service))
+(typeattributeset netutils_wrapper_30_0 (netutils_wrapper))
+(typeattributeset netutils_wrapper_exec_30_0 (netutils_wrapper_exec))
+(typeattributeset network_management_service_30_0 (network_management_service))
+(typeattributeset network_score_service_30_0 (network_score_service))
+(typeattributeset network_stack_30_0 (network_stack))
+(typeattributeset network_stack_service_30_0 (network_stack_service))
+(typeattributeset network_time_update_service_30_0 (network_time_update_service))
+(typeattributeset network_watchlist_data_file_30_0 (network_watchlist_data_file))
+(typeattributeset network_watchlist_service_30_0 (network_watchlist_service))
+(typeattributeset nfc_30_0 (nfc))
+(typeattributeset nfc_data_file_30_0 (nfc_data_file))
+(typeattributeset nfc_device_30_0 (nfc_device))
+(typeattributeset nfc_prop_30_0 (nfc_prop))
+(typeattributeset nfc_service_30_0 (nfc_service))
+(typeattributeset nnapi_ext_deny_product_prop_30_0 (nnapi_ext_deny_product_prop))
+(typeattributeset node_30_0 (node))
+(typeattributeset nonplat_service_contexts_file_30_0 (nonplat_service_contexts_file))
+(typeattributeset notification_service_30_0 (notification_service))
+(typeattributeset null_device_30_0 (null_device))
+(typeattributeset oem_lock_service_30_0 (oem_lock_service))
+(typeattributeset oemfs_30_0 (oemfs))
+(typeattributeset ota_data_file_30_0 (ota_data_file))
+(typeattributeset ota_metadata_file_30_0 (ota_metadata_file))
+(typeattributeset ota_package_file_30_0 (ota_package_file))
+(typeattributeset ota_prop_30_0 (ota_prop))
+(typeattributeset otadexopt_service_30_0 (otadexopt_service))
+(typeattributeset overlay_prop_30_0 (overlay_prop))
+(typeattributeset overlay_service_30_0 (overlay_service))
+(typeattributeset overlayfs_file_30_0 (overlayfs_file))
+(typeattributeset owntty_device_30_0 (owntty_device))
+(typeattributeset package_native_service_30_0 (package_native_service))
+(typeattributeset package_service_30_0 (package_service))
+(typeattributeset packages_list_file_30_0 (packages_list_file))
+(typeattributeset pan_result_prop_30_0 (pan_result_prop))
+(typeattributeset password_slot_metadata_file_30_0 (password_slot_metadata_file))
+(typeattributeset pdx_bufferhub_client_channel_socket_30_0 (pdx_bufferhub_client_channel_socket))
+(typeattributeset pdx_bufferhub_client_endpoint_socket_30_0 (pdx_bufferhub_client_endpoint_socket))
+(typeattributeset pdx_bufferhub_dir_30_0 (pdx_bufferhub_dir))
+(typeattributeset pdx_display_client_channel_socket_30_0 (pdx_display_client_channel_socket))
+(typeattributeset pdx_display_client_endpoint_socket_30_0 (pdx_display_client_endpoint_socket))
+(typeattributeset pdx_display_dir_30_0 (pdx_display_dir))
+(typeattributeset pdx_display_manager_channel_socket_30_0 (pdx_display_manager_channel_socket))
+(typeattributeset pdx_display_manager_endpoint_socket_30_0 (pdx_display_manager_endpoint_socket))
+(typeattributeset pdx_display_screenshot_channel_socket_30_0 (pdx_display_screenshot_channel_socket))
+(typeattributeset pdx_display_screenshot_endpoint_socket_30_0 (pdx_display_screenshot_endpoint_socket))
+(typeattributeset pdx_display_vsync_channel_socket_30_0 (pdx_display_vsync_channel_socket))
+(typeattributeset pdx_display_vsync_endpoint_socket_30_0 (pdx_display_vsync_endpoint_socket))
+(typeattributeset pdx_performance_client_channel_socket_30_0 (pdx_performance_client_channel_socket))
+(typeattributeset pdx_performance_client_endpoint_socket_30_0 (pdx_performance_client_endpoint_socket))
+(typeattributeset pdx_performance_dir_30_0 (pdx_performance_dir))
+(typeattributeset perfetto_30_0 (perfetto))
+(typeattributeset performanced_30_0 (performanced))
+(typeattributeset performanced_exec_30_0 (performanced_exec))
+(typeattributeset permission_service_30_0 (permission_service))
+(typeattributeset permissionmgr_service_30_0 (permissionmgr_service))
+(typeattributeset persist_debug_prop_30_0 (persist_debug_prop))
+(typeattributeset persistent_data_block_service_30_0 (persistent_data_block_service))
+(typeattributeset persistent_properties_ready_prop_30_0 (persistent_properties_ready_prop))
+(typeattributeset pinner_service_30_0 (pinner_service))
+(typeattributeset pipefs_30_0 (pipefs))
+(typeattributeset platform_app_30_0 (platform_app))
+(typeattributeset platform_compat_service_30_0 (platform_compat_service))
+(typeattributeset pm_prop_30_0 (pm_prop))
+(typeattributeset pmsg_device_30_0 (pmsg_device))
+(typeattributeset port_30_0 (port))
+(typeattributeset port_device_30_0 (port_device))
+(typeattributeset postinstall_30_0 (postinstall))
+(typeattributeset postinstall_apex_mnt_dir_30_0 (postinstall_apex_mnt_dir))
+(typeattributeset postinstall_file_30_0 (postinstall_file))
+(typeattributeset postinstall_mnt_dir_30_0 (postinstall_mnt_dir))
+(typeattributeset power_service_30_0 (power_service))
+(typeattributeset powerctl_prop_30_0 (powerctl_prop))
+(typeattributeset ppp_30_0 (ppp))
+(typeattributeset ppp_device_30_0 (ppp_device))
+(typeattributeset ppp_exec_30_0 (ppp_exec))
+(typeattributeset preloads_data_file_30_0 (preloads_data_file))
+(typeattributeset preloads_media_file_30_0 (preloads_media_file))
+(typeattributeset prereboot_data_file_30_0 (prereboot_data_file))
+(typeattributeset print_service_30_0 (print_service))
+(typeattributeset priv_app_30_0 (priv_app))
+(typeattributeset privapp_data_file_30_0 (privapp_data_file))
+(typeattributeset proc_30_0 (proc))
+(typeattributeset proc_abi_30_0 (proc_abi))
+(typeattributeset proc_asound_30_0 (proc_asound))
+(typeattributeset proc_bluetooth_writable_30_0 (proc_bluetooth_writable))
+(typeattributeset proc_buddyinfo_30_0 (proc_buddyinfo))
+(typeattributeset proc_cmdline_30_0 (proc_cmdline))
+(typeattributeset proc_cpuinfo_30_0 (proc_cpuinfo))
+(typeattributeset proc_dirty_30_0 (proc_dirty))
+(typeattributeset proc_diskstats_30_0 (proc_diskstats))
+(typeattributeset proc_drop_caches_30_0 (proc_drop_caches))
+(typeattributeset proc_extra_free_kbytes_30_0 (proc_extra_free_kbytes))
+(typeattributeset proc_filesystems_30_0 (proc_filesystems))
+(typeattributeset proc_fs_verity_30_0 (proc_fs_verity))
+(typeattributeset proc_hostname_30_0 (proc_hostname))
+(typeattributeset proc_hung_task_30_0 (proc_hung_task))
+(typeattributeset proc_interrupts_30_0 (proc_interrupts))
+(typeattributeset proc_iomem_30_0 (proc_iomem))
+(typeattributeset proc_keys_30_0 (proc_keys))
+(typeattributeset proc_kmsg_30_0 (proc_kmsg))
+(typeattributeset proc_kpageflags_30_0 (proc_kpageflags))
+(typeattributeset proc_loadavg_30_0 (proc_loadavg))
+(typeattributeset proc_lowmemorykiller_30_0 (proc_lowmemorykiller))
+(typeattributeset proc_max_map_count_30_0 (proc_max_map_count))
+(typeattributeset proc_meminfo_30_0 (proc_meminfo))
+(typeattributeset proc_min_free_order_shift_30_0 (proc_min_free_order_shift))
+(typeattributeset proc_misc_30_0 (proc_misc))
+(typeattributeset proc_modules_30_0 (proc_modules))
+(typeattributeset proc_mounts_30_0 (proc_mounts))
+(typeattributeset proc_net_30_0 (proc_net))
+(typeattributeset proc_net_tcp_udp_30_0 (proc_net_tcp_udp))
+(typeattributeset proc_overcommit_memory_30_0 (proc_overcommit_memory))
+(typeattributeset proc_page_cluster_30_0 (proc_page_cluster))
+(typeattributeset proc_pagetypeinfo_30_0 (proc_pagetypeinfo))
+(typeattributeset proc_panic_30_0 (proc_panic))
+(typeattributeset proc_perf_30_0 (proc_perf))
+(typeattributeset proc_pid_max_30_0 (proc_pid_max))
+(typeattributeset proc_pipe_conf_30_0 (proc_pipe_conf))
+(typeattributeset proc_pressure_cpu_30_0 (proc_pressure_cpu))
+(typeattributeset proc_pressure_io_30_0 (proc_pressure_io))
+(typeattributeset proc_pressure_mem_30_0 (proc_pressure_mem))
+(typeattributeset proc_qtaguid_ctrl_30_0 (proc_qtaguid_ctrl))
+(typeattributeset proc_qtaguid_stat_30_0 (proc_qtaguid_stat))
+(typeattributeset proc_random_30_0 (proc_random))
+(typeattributeset proc_sched_30_0 (proc_sched))
+(typeattributeset proc_security_30_0 (proc_security))
+(typeattributeset proc_slabinfo_30_0 (proc_slabinfo))
+(typeattributeset proc_stat_30_0 (proc_stat))
+(typeattributeset proc_swaps_30_0 (proc_swaps))
+(typeattributeset proc_sysrq_30_0 (proc_sysrq))
+(typeattributeset proc_timer_30_0 (proc_timer))
+(typeattributeset proc_tty_drivers_30_0 (proc_tty_drivers))
+(typeattributeset proc_uid_concurrent_active_time_30_0 (proc_uid_concurrent_active_time))
+(typeattributeset proc_uid_concurrent_policy_time_30_0 (proc_uid_concurrent_policy_time))
+(typeattributeset proc_uid_cpupower_30_0 (proc_uid_cpupower))
+(typeattributeset proc_uid_cputime_removeuid_30_0 (proc_uid_cputime_removeuid))
+(typeattributeset proc_uid_cputime_showstat_30_0 (proc_uid_cputime_showstat))
+(typeattributeset proc_uid_io_stats_30_0 (proc_uid_io_stats))
+(typeattributeset proc_uid_procstat_set_30_0 (proc_uid_procstat_set))
+(typeattributeset proc_uid_time_in_state_30_0 (proc_uid_time_in_state))
+(typeattributeset proc_uptime_30_0 (proc_uptime))
+(typeattributeset proc_version_30_0 (proc_version))
+(typeattributeset proc_vmallocinfo_30_0 (proc_vmallocinfo))
+(typeattributeset proc_vmstat_30_0 (proc_vmstat))
+(typeattributeset proc_zoneinfo_30_0 (proc_zoneinfo))
+(typeattributeset processinfo_service_30_0 (processinfo_service))
+(typeattributeset procstats_service_30_0 (procstats_service))
+(typeattributeset profman_30_0 (profman))
+(typeattributeset profman_dump_data_file_30_0 (profman_dump_data_file))
+(typeattributeset profman_exec_30_0 (profman_exec))
+(typeattributeset properties_device_30_0 (properties_device))
+(typeattributeset properties_serial_30_0 (properties_serial))
+(typeattributeset property_contexts_file_30_0 (property_contexts_file))
+(typeattributeset property_data_file_30_0 (property_data_file))
+(typeattributeset property_info_30_0 (property_info))
+(typeattributeset property_socket_30_0 (property_socket))
+(typeattributeset pstorefs_30_0 (pstorefs))
+(typeattributeset ptmx_device_30_0 (ptmx_device))
+(typeattributeset qtaguid_device_30_0 (qtaguid_device))
+(typeattributeset racoon_30_0 (racoon))
+(typeattributeset racoon_exec_30_0 (racoon_exec))
+(typeattributeset racoon_socket_30_0 (racoon_socket))
+(typeattributeset radio_30_0 (radio))
+(typeattributeset radio_data_file_30_0 (radio_data_file))
+(typeattributeset radio_device_30_0 (radio_device))
+(typeattributeset radio_prop_30_0 (radio_prop))
+(typeattributeset radio_service_30_0 (radio_service))
+(typeattributeset ram_device_30_0 (ram_device))
+(typeattributeset random_device_30_0 (random_device))
+(typeattributeset rebootescrow_hal_prop_30_0 (rebootescrow_hal_prop))
+(typeattributeset recovery_30_0 (recovery))
+(typeattributeset recovery_block_device_30_0 (recovery_block_device))
+(typeattributeset recovery_data_file_30_0 (recovery_data_file))
+(typeattributeset recovery_persist_30_0 (recovery_persist))
+(typeattributeset recovery_persist_exec_30_0 (recovery_persist_exec))
+(typeattributeset recovery_refresh_30_0 (recovery_refresh))
+(typeattributeset recovery_refresh_exec_30_0 (recovery_refresh_exec))
+(typeattributeset recovery_service_30_0 (recovery_service))
+(typeattributeset recovery_socket_30_0 (recovery_socket))
+(typeattributeset registry_service_30_0 (registry_service))
+(typeattributeset resourcecache_data_file_30_0 (resourcecache_data_file))
+(typeattributeset restorecon_prop_30_0 (restorecon_prop))
+(typeattributeset restrictions_service_30_0 (restrictions_service))
+(typeattributeset rild_debug_socket_30_0 (rild_debug_socket))
+(typeattributeset rild_socket_30_0 (rild_socket))
+(typeattributeset ringtone_file_30_0 (ringtone_file))
+(typeattributeset role_service_30_0 (role_service))
+(typeattributeset rollback_service_30_0 (rollback_service))
+(typeattributeset root_block_device_30_0 (root_block_device))
+(typeattributeset rootfs_30_0 (rootfs))
+(typeattributeset rpmsg_device_30_0 (rpmsg_device))
+(typeattributeset rs_30_0 (rs))
+(typeattributeset rs_exec_30_0 (rs_exec))
+(typeattributeset rss_hwm_reset_30_0 (rss_hwm_reset))
+(typeattributeset rtc_device_30_0 (rtc_device))
+(typeattributeset rttmanager_service_30_0 (rttmanager_service))
+(typeattributeset runas_30_0 (runas))
+(typeattributeset runas_app_30_0 (runas_app))
+(typeattributeset runas_exec_30_0 (runas_exec))
+(typeattributeset runtime_event_log_tags_file_30_0 (runtime_event_log_tags_file))
+(typeattributeset runtime_service_30_0 (runtime_service))
+(typeattributeset safemode_prop_30_0 (safemode_prop))
+(typeattributeset same_process_hal_file_30_0 (same_process_hal_file))
+(typeattributeset samplingprofiler_service_30_0 (samplingprofiler_service))
+(typeattributeset scheduling_policy_service_30_0 (scheduling_policy_service))
+(typeattributeset sdcard_block_device_30_0 (sdcard_block_device))
+(typeattributeset sdcardd_30_0 (sdcardd))
+(typeattributeset sdcardd_exec_30_0 (sdcardd_exec))
+(typeattributeset sdcardfs_30_0 (sdcardfs))
+(typeattributeset seapp_contexts_file_30_0 (seapp_contexts_file))
+(typeattributeset search_service_30_0 (search_service))
+(typeattributeset sec_key_att_app_id_provider_service_30_0 (sec_key_att_app_id_provider_service))
+(typeattributeset secure_element_30_0 (secure_element))
+(typeattributeset secure_element_device_30_0 (secure_element_device))
+(typeattributeset secure_element_service_30_0 (secure_element_service))
+(typeattributeset securityfs_30_0 (securityfs))
+(typeattributeset selinuxfs_30_0 (selinuxfs))
+(typeattributeset sensor_privacy_service_30_0 (sensor_privacy_service))
+(typeattributeset sensors_device_30_0 (sensors_device))
+(typeattributeset sensorservice_service_30_0 (sensorservice_service))
+(typeattributeset sepolicy_file_30_0 (sepolicy_file))
+(typeattributeset serial_device_30_0 (serial_device))
+(typeattributeset serial_service_30_0 (serial_service))
+(typeattributeset serialno_prop_30_0 (serialno_prop))
+(typeattributeset server_configurable_flags_data_file_30_0 (server_configurable_flags_data_file))
+(typeattributeset service_contexts_file_30_0 (service_contexts_file))
+(typeattributeset service_manager_service_30_0 (service_manager_service))
+(typeattributeset service_manager_vndservice_30_0 (service_manager_vndservice))
+(typeattributeset servicediscovery_service_30_0 (servicediscovery_service))
+(typeattributeset servicemanager_30_0 (servicemanager))
+(typeattributeset servicemanager_exec_30_0 (servicemanager_exec))
+(typeattributeset settings_service_30_0 (settings_service))
+(typeattributeset sgdisk_30_0 (sgdisk))
+(typeattributeset sgdisk_exec_30_0 (sgdisk_exec))
+(typeattributeset shared_relro_30_0 (shared_relro))
+(typeattributeset shared_relro_file_30_0 (shared_relro_file))
+(typeattributeset shell_30_0 (shell))
+(typeattributeset shell_data_file_30_0 (shell_data_file))
+(typeattributeset shell_exec_30_0 (shell_exec))
+(typeattributeset shell_prop_30_0 (shell_prop))
+(typeattributeset shm_30_0 (shm))
+(typeattributeset shortcut_manager_icons_30_0 (shortcut_manager_icons))
+(typeattributeset shortcut_service_30_0 (shortcut_service))
+(typeattributeset simpleperf_30_0 (simpleperf))
+(typeattributeset simpleperf_app_runner_30_0 (simpleperf_app_runner))
+(typeattributeset simpleperf_app_runner_exec_30_0 (simpleperf_app_runner_exec))
+(typeattributeset slice_service_30_0 (slice_service))
+(typeattributeset slideshow_30_0 (slideshow))
+(typeattributeset snapshotctl_log_data_file_30_0 (snapshotctl_log_data_file))
+(typeattributeset socket_device_30_0 (socket_device))
+(typeattributeset socket_hook_prop_30_0 (socket_hook_prop))
+(typeattributeset sockfs_30_0 (sockfs))
+(typeattributeset sota_prop_30_0 (sota_prop))
+(typeattributeset soundtrigger_middleware_service_30_0 (soundtrigger_middleware_service))
+(typeattributeset staging_data_file_30_0 (staging_data_file))
+(typeattributeset stats_data_file_30_0 (stats_data_file))
+(typeattributeset statsd_30_0 (statsd))
+(typeattributeset statsd_exec_30_0 (statsd_exec))
+(typeattributeset statsdw_socket_30_0 (statsdw_socket))
+(typeattributeset statusbar_service_30_0 (statusbar_service))
+(typeattributeset storage_config_prop_30_0 (storage_config_prop))
+(typeattributeset storage_file_30_0 (storage_file))
+(typeattributeset storage_stub_file_30_0 (storage_stub_file))
+(typeattributeset storaged_service_30_0 (storaged_service))
+(typeattributeset storagestats_service_30_0 (storagestats_service))
+(typeattributeset su_30_0 (su))
+(typeattributeset su_exec_30_0 (su_exec))
+(typeattributeset super_block_device_30_0 (super_block_device))
+(typeattributeset surfaceflinger_30_0 (surfaceflinger))
+(typeattributeset surfaceflinger_service_30_0 (surfaceflinger_service))
+(typeattributeset surfaceflinger_tmpfs_30_0 (surfaceflinger_tmpfs))
+(typeattributeset swap_block_device_30_0 (swap_block_device))
+(typeattributeset sysfs_30_0 (sysfs))
+(typeattributeset sysfs_android_usb_30_0 (sysfs_android_usb))
+(typeattributeset sysfs_batteryinfo_30_0 (sysfs_batteryinfo))
+(typeattributeset sysfs_bluetooth_writable_30_0 (sysfs_bluetooth_writable))
+(typeattributeset sysfs_devices_block_30_0 (sysfs_devices_block))
+(typeattributeset sysfs_devices_system_cpu_30_0 (sysfs_devices_system_cpu))
+(typeattributeset sysfs_dm_30_0 (sysfs_dm))
+(typeattributeset sysfs_dm_verity_30_0 (sysfs_dm_verity))
+(typeattributeset sysfs_dt_firmware_android_30_0 (sysfs_dt_firmware_android))
+(typeattributeset sysfs_extcon_30_0 (sysfs_extcon))
+(typeattributeset sysfs_fs_ext4_features_30_0 (sysfs_fs_ext4_features))
+(typeattributeset sysfs_fs_f2fs_30_0 (sysfs_fs_f2fs))
+(typeattributeset sysfs_hwrandom_30_0 (sysfs_hwrandom))
+(typeattributeset sysfs_ion_30_0 (sysfs_ion))
+(typeattributeset sysfs_ipv4_30_0 (sysfs_ipv4))
+(typeattributeset sysfs_kernel_notes_30_0 (sysfs_kernel_notes))
+(typeattributeset sysfs_leds_30_0 (sysfs_leds))
+(typeattributeset sysfs_loop_30_0 (sysfs_loop))
+(typeattributeset sysfs_lowmemorykiller_30_0 (sysfs_lowmemorykiller))
+(typeattributeset sysfs_net_30_0 (sysfs_net))
+(typeattributeset sysfs_nfc_power_writable_30_0 (sysfs_nfc_power_writable))
+(typeattributeset sysfs_power_30_0 (sysfs_power))
+(typeattributeset sysfs_rtc_30_0 (sysfs_rtc))
+(typeattributeset sysfs_suspend_stats_30_0 (sysfs_suspend_stats))
+(typeattributeset sysfs_switch_30_0 (sysfs_switch))
+(typeattributeset sysfs_thermal_30_0 (sysfs_thermal))
+(typeattributeset sysfs_transparent_hugepage_30_0 (sysfs_transparent_hugepage))
+(typeattributeset sysfs_uio_30_0 (sysfs_uio))
+(typeattributeset sysfs_usb_30_0 (sysfs_usb))
+(typeattributeset sysfs_usermodehelper_30_0 (sysfs_usermodehelper))
+(typeattributeset sysfs_vibrator_30_0 (sysfs_vibrator))
+(typeattributeset sysfs_wake_lock_30_0 (sysfs_wake_lock))
+(typeattributeset sysfs_wakeup_30_0 (sysfs_wakeup))
+(typeattributeset sysfs_wakeup_reasons_30_0 (sysfs_wakeup_reasons))
+(typeattributeset sysfs_wlan_fwpath_30_0 (sysfs_wlan_fwpath))
+(typeattributeset sysfs_zram_30_0 (sysfs_zram))
+(typeattributeset sysfs_zram_uevent_30_0 (sysfs_zram_uevent))
+(typeattributeset system_adbd_prop_30_0 (system_adbd_prop))
+(typeattributeset system_app_30_0 (system_app))
+(typeattributeset system_app_data_file_30_0 (system_app_data_file))
+(typeattributeset system_app_service_30_0 (system_app_service))
+(typeattributeset system_asan_options_file_30_0 (system_asan_options_file))
+(typeattributeset system_block_device_30_0 (system_block_device))
+(typeattributeset system_boot_reason_prop_30_0 (system_boot_reason_prop))
+(typeattributeset system_bootstrap_lib_file_30_0 (system_bootstrap_lib_file))
+(typeattributeset system_config_service_30_0 (system_config_service))
+(typeattributeset system_data_file_30_0 (system_data_file))
+(typeattributeset system_data_root_file_30_0 (system_data_root_file))
+(typeattributeset system_event_log_tags_file_30_0 (system_event_log_tags_file))
+(typeattributeset system_file_30_0 (system_file))
+(typeattributeset system_group_file_30_0 (system_group_file))
+(typeattributeset system_jvmti_agent_prop_30_0 (system_jvmti_agent_prop))
+(typeattributeset system_lib_file_30_0 (system_lib_file))
+(typeattributeset system_linker_config_file_30_0 (system_linker_config_file))
+(typeattributeset system_linker_exec_30_0 (system_linker_exec))
+(typeattributeset system_lmk_prop_30_0 (system_lmk_prop))
+(typeattributeset system_ndebug_socket_30_0 (system_ndebug_socket))
+(typeattributeset system_net_netd_hwservice_30_0 (system_net_netd_hwservice))
+(typeattributeset system_passwd_file_30_0 (system_passwd_file))
+(typeattributeset system_prop_30_0 (system_prop))
+(typeattributeset system_radio_prop_30_0 (system_radio_prop usb_prop))
+(typeattributeset system_seccomp_policy_file_30_0 (system_seccomp_policy_file))
+(typeattributeset system_security_cacerts_file_30_0 (system_security_cacerts_file))
+(typeattributeset system_server_30_0 (system_server))
+(typeattributeset system_server_tmpfs_30_0 (system_server_tmpfs))
+(typeattributeset system_suspend_control_service_30_0 (system_suspend_control_service))
+(typeattributeset system_suspend_hwservice_30_0 (system_suspend_hwservice))
+(typeattributeset system_trace_prop_30_0 (system_trace_prop))
+(typeattributeset system_unsolzygote_socket_30_0 (system_unsolzygote_socket))
+(typeattributeset system_update_service_30_0 (system_update_service))
+(typeattributeset system_wifi_keystore_hwservice_30_0 (system_wifi_keystore_hwservice))
+(typeattributeset system_wpa_socket_30_0 (system_wpa_socket))
+(typeattributeset system_zoneinfo_file_30_0 (system_zoneinfo_file))
+(typeattributeset systemkeys_data_file_30_0 (systemkeys_data_file))
+(typeattributeset task_profiles_file_30_0 (task_profiles_file))
+(typeattributeset task_service_30_0 (task_service))
+(typeattributeset tcpdump_exec_30_0 (tcpdump_exec))
+(typeattributeset tee_30_0 (tee))
+(typeattributeset tee_data_file_30_0 (tee_data_file))
+(typeattributeset tee_device_30_0 (tee_device))
+(typeattributeset telecom_service_30_0 (telecom_service))
+(typeattributeset test_boot_reason_prop_30_0 (test_boot_reason_prop))
+(typeattributeset test_harness_prop_30_0 (test_harness_prop))
+(typeattributeset testharness_service_30_0 (testharness_service))
+(typeattributeset tethering_service_30_0 (tethering_service))
+(typeattributeset textclassification_service_30_0 (textclassification_service))
+(typeattributeset textclassifier_data_file_30_0 (textclassifier_data_file))
+(typeattributeset textservices_service_30_0 (textservices_service))
+(typeattributeset theme_prop_30_0 (theme_prop))
+(typeattributeset thermal_service_30_0 (thermal_service))
+(typeattributeset thermalcallback_hwservice_30_0 (thermalcallback_hwservice))
+(typeattributeset time_prop_30_0 (time_prop))
+(typeattributeset timedetector_service_30_0 (timedetector_service))
+(typeattributeset timezone_service_30_0 (timezone_service))
+(typeattributeset timezonedetector_service_30_0 (timezonedetector_service))
+(typeattributeset tmpfs_30_0 (tmpfs))
+(typeattributeset tombstone_data_file_30_0 (tombstone_data_file))
+(typeattributeset tombstone_wifi_data_file_30_0 (tombstone_wifi_data_file))
+(typeattributeset tombstoned_30_0 (tombstoned))
+(typeattributeset tombstoned_crash_socket_30_0 (tombstoned_crash_socket))
+(typeattributeset tombstoned_exec_30_0 (tombstoned_exec))
+(typeattributeset tombstoned_intercept_socket_30_0 (tombstoned_intercept_socket))
+(typeattributeset tombstoned_java_trace_socket_30_0 (tombstoned_java_trace_socket))
+(typeattributeset toolbox_30_0 (toolbox))
+(typeattributeset toolbox_exec_30_0 (toolbox_exec))
+(typeattributeset trace_data_file_30_0 (trace_data_file))
+(typeattributeset traced_30_0 (traced))
+(typeattributeset traced_consumer_socket_30_0 (traced_consumer_socket))
+(typeattributeset traced_enabled_prop_30_0 (traced_enabled_prop))
+(typeattributeset traced_lazy_prop_30_0 (traced_lazy_prop))
+(typeattributeset traced_perf_30_0 (traced_perf))
+(typeattributeset traced_perf_enabled_prop_30_0 (traced_perf_enabled_prop))
+(typeattributeset traced_perf_socket_30_0 (traced_perf_socket))
+(typeattributeset traced_probes_30_0 (traced_probes))
+(typeattributeset traced_producer_socket_30_0 (traced_producer_socket))
+(typeattributeset traceur_app_30_0 (traceur_app))
+(typeattributeset trust_service_30_0 (trust_service))
+(typeattributeset tty_device_30_0 (tty_device))
+(typeattributeset tun_device_30_0 (tun_device))
+(typeattributeset tv_input_service_30_0 (tv_input_service))
+(typeattributeset tv_tuner_resource_mgr_service_30_0 (tv_tuner_resource_mgr_service))
+(typeattributeset tzdatacheck_30_0 (tzdatacheck))
+(typeattributeset tzdatacheck_exec_30_0 (tzdatacheck_exec))
+(typeattributeset ueventd_30_0 (ueventd))
+(typeattributeset ueventd_tmpfs_30_0 (ueventd_tmpfs))
+(typeattributeset uhid_device_30_0 (uhid_device))
+(typeattributeset uimode_service_30_0 (uimode_service))
+(typeattributeset uio_device_30_0 (uio_device))
+(typeattributeset uncrypt_30_0 (uncrypt))
+(typeattributeset uncrypt_exec_30_0 (uncrypt_exec))
+(typeattributeset uncrypt_socket_30_0 (uncrypt_socket))
+(typeattributeset unencrypted_data_file_30_0 (unencrypted_data_file))
+(typeattributeset unlabeled_30_0 (unlabeled))
+(typeattributeset untrusted_app_25_30_0 (untrusted_app_25))
+(typeattributeset untrusted_app_27_30_0 (untrusted_app_27))
+(typeattributeset untrusted_app_29_30_0 (untrusted_app_29))
+(typeattributeset untrusted_app_30_0 (untrusted_app))
+(typeattributeset update_engine_30_0 (update_engine))
+(typeattributeset update_engine_data_file_30_0 (update_engine_data_file))
+(typeattributeset update_engine_exec_30_0 (update_engine_exec))
+(typeattributeset update_engine_log_data_file_30_0 (update_engine_log_data_file))
+(typeattributeset update_engine_service_30_0 (update_engine_service))
+(typeattributeset update_verifier_30_0 (update_verifier))
+(typeattributeset update_verifier_exec_30_0 (update_verifier_exec))
+(typeattributeset updatelock_service_30_0 (updatelock_service))
+(typeattributeset uri_grants_service_30_0 (uri_grants_service))
+(typeattributeset usagestats_service_30_0 (usagestats_service))
+(typeattributeset usb_device_30_0 (usb_device))
+(typeattributeset usb_serial_device_30_0 (usb_serial_device))
+(typeattributeset usb_service_30_0 (usb_service))
+(typeattributeset usbaccessory_device_30_0 (usbaccessory_device))
+(typeattributeset usbd_30_0 (usbd))
+(typeattributeset usbd_exec_30_0 (usbd_exec))
+(typeattributeset usbfs_30_0 (usbfs))
+(typeattributeset use_memfd_prop_30_0 (use_memfd_prop))
+(typeattributeset user_profile_data_file_30_0 (user_profile_data_file))
+(typeattributeset user_service_30_0 (user_service))
+(typeattributeset userdata_block_device_30_0 (userdata_block_device))
+(typeattributeset usermodehelper_30_0 (usermodehelper))
+(typeattributeset userspace_reboot_config_prop_30_0 (userspace_reboot_config_prop))
+(typeattributeset userspace_reboot_exported_prop_30_0 (userspace_reboot_exported_prop))
+(typeattributeset userspace_reboot_log_prop_30_0 (userspace_reboot_log_prop))
+(typeattributeset userspace_reboot_test_prop_30_0 (userspace_reboot_test_prop))
+(typeattributeset vdc_30_0 (vdc))
+(typeattributeset vdc_exec_30_0 (vdc_exec))
+(typeattributeset vehicle_hal_prop_30_0 (vehicle_hal_prop))
+(typeattributeset vendor_apex_file_30_0 (vendor_apex_file))
+(typeattributeset vendor_app_file_30_0 (vendor_app_file))
+(typeattributeset vendor_cgroup_desc_file_30_0 (vendor_cgroup_desc_file))
+(typeattributeset vendor_configs_file_30_0 (vendor_configs_file))
+(typeattributeset vendor_data_file_30_0 (vendor_data_file))
+(typeattributeset vendor_default_prop_30_0 (vendor_default_prop))
+(typeattributeset vendor_file_30_0 (vendor_file))
+(typeattributeset vendor_framework_file_30_0 (vendor_framework_file))
+(typeattributeset vendor_hal_file_30_0 (vendor_hal_file))
+(typeattributeset vendor_idc_file_30_0 (vendor_idc_file))
+(typeattributeset vendor_init_30_0 (vendor_init))
+(typeattributeset vendor_keychars_file_30_0 (vendor_keychars_file))
+(typeattributeset vendor_keylayout_file_30_0 (vendor_keylayout_file))
+(typeattributeset vendor_misc_writer_30_0 (vendor_misc_writer))
+(typeattributeset vendor_misc_writer_exec_30_0 (vendor_misc_writer_exec))
+(typeattributeset vendor_overlay_file_30_0 (vendor_overlay_file))
+(typeattributeset vendor_public_lib_file_30_0 (vendor_public_lib_file))
+(typeattributeset vendor_security_patch_level_prop_30_0 (vendor_security_patch_level_prop))
+(typeattributeset vendor_shell_30_0 (vendor_shell))
+(typeattributeset vendor_shell_exec_30_0 (vendor_shell_exec))
+(typeattributeset vendor_socket_hook_prop_30_0 (vendor_socket_hook_prop))
+(typeattributeset vendor_task_profiles_file_30_0 (vendor_task_profiles_file))
+(typeattributeset vendor_toolbox_exec_30_0 (vendor_toolbox_exec))
+(typeattributeset vfat_30_0 (vfat))
+(typeattributeset vibrator_service_30_0 (vibrator_service))
+(typeattributeset video_device_30_0 (video_device))
+(typeattributeset virtual_ab_prop_30_0 (virtual_ab_prop))
+(typeattributeset virtual_touchpad_30_0 (virtual_touchpad))
+(typeattributeset virtual_touchpad_exec_30_0 (virtual_touchpad_exec))
+(typeattributeset virtual_touchpad_service_30_0 (virtual_touchpad_service))
+(typeattributeset vndbinder_device_30_0 (vndbinder_device))
+(typeattributeset vndk_prop_30_0 (vndk_prop))
+(typeattributeset vndk_sp_file_30_0 (vndk_sp_file))
+(typeattributeset vndservice_contexts_file_30_0 (vndservice_contexts_file))
+(typeattributeset vndservicemanager_30_0 (vndservicemanager))
+(typeattributeset voiceinteraction_service_30_0 (voiceinteraction_service))
+(typeattributeset vold_30_0 (vold))
+(typeattributeset vold_data_file_30_0 (vold_data_file))
+(typeattributeset vold_device_30_0 (vold_device))
+(typeattributeset vold_exec_30_0 (vold_exec))
+(typeattributeset vold_metadata_file_30_0 (vold_metadata_file))
+(typeattributeset vold_prepare_subdirs_30_0 (vold_prepare_subdirs))
+(typeattributeset vold_prepare_subdirs_exec_30_0 (vold_prepare_subdirs_exec))
+(typeattributeset vold_prop_30_0 (vold_prop))
+(typeattributeset vold_service_30_0 (vold_service))
+(typeattributeset vpn_data_file_30_0 (vpn_data_file))
+(typeattributeset vr_hwc_30_0 (vr_hwc))
+(typeattributeset vr_hwc_exec_30_0 (vr_hwc_exec))
+(typeattributeset vr_hwc_service_30_0 (vr_hwc_service))
+(typeattributeset vr_manager_service_30_0 (vr_manager_service))
+(typeattributeset vrflinger_vsync_service_30_0 (vrflinger_vsync_service))
+(typeattributeset wallpaper_file_30_0 (wallpaper_file))
+(typeattributeset wallpaper_service_30_0 (wallpaper_service))
+(typeattributeset watchdog_device_30_0 (watchdog_device))
+(typeattributeset watchdogd_30_0 (watchdogd))
+(typeattributeset watchdogd_exec_30_0 (watchdogd_exec))
+(typeattributeset webview_zygote_30_0 (webview_zygote))
+(typeattributeset webview_zygote_exec_30_0 (webview_zygote_exec))
+(typeattributeset webview_zygote_tmpfs_30_0 (webview_zygote_tmpfs))
+(typeattributeset webviewupdate_service_30_0 (webviewupdate_service))
+(typeattributeset wifi_data_file_30_0 (wifi_data_file))
+(typeattributeset wifi_log_prop_30_0 (wifi_log_prop))
+(typeattributeset wifi_prop_30_0 (wifi_prop))
+(typeattributeset wifi_service_30_0 (wifi_service))
+(typeattributeset wifiaware_service_30_0 (wifiaware_service))
+(typeattributeset wificond_30_0 (wificond))
+(typeattributeset wificond_exec_30_0 (wificond_exec))
+(typeattributeset wifinl80211_service_30_0 (wifinl80211_service))
+(typeattributeset wifip2p_service_30_0 (wifip2p_service))
+(typeattributeset wifiscanner_service_30_0 (wifiscanner_service))
+(typeattributeset window_service_30_0 (window_service))
+(typeattributeset wpa_socket_30_0 (wpa_socket))
+(typeattributeset wpantund_30_0 (wpantund))
+(typeattributeset wpantund_exec_30_0 (wpantund_exec))
+(typeattributeset wpantund_service_30_0 (wpantund_service))
+(typeattributeset zero_device_30_0 (zero_device))
+(typeattributeset zoneinfo_data_file_30_0 (zoneinfo_data_file))
+(typeattributeset zygote_30_0 (zygote))
+(typeattributeset zygote_exec_30_0 (zygote_exec))
+(typeattributeset zygote_socket_30_0 (zygote_socket))
+(typeattributeset zygote_tmpfs_30_0 (zygote_tmpfs))
diff --git a/private/compat/30.0/30.0.compat.cil b/private/compat/30.0/30.0.compat.cil
new file mode 100644
index 0000000..628abfc
--- /dev/null
+++ b/private/compat/30.0/30.0.compat.cil
@@ -0,0 +1 @@
+;; This file can't be empty.
diff --git a/private/compat/30.0/30.0.ignore.cil b/private/compat/30.0/30.0.ignore.cil
new file mode 100644
index 0000000..2c4dce1
--- /dev/null
+++ b/private/compat/30.0/30.0.ignore.cil
@@ -0,0 +1,12 @@
+;; new_objects - a collection of types that have been introduced that have no
+;; analogue in older policy. Thus, we do not need to map these types to
+;; previous ones. Add here to pass checkapi tests.
+(type new_objects)
+(typeattribute new_objects)
+(typeattributeset new_objects
+ ( new_objects
+ apex_info_file
+ debugfs_kprobes
+ gnss_device
+ mediatranscoding_tmpfs))
+
diff --git a/private/coredomain.te b/private/coredomain.te
index ab731f1..92efa47 100644
--- a/private/coredomain.te
+++ b/private/coredomain.te
@@ -1,5 +1,21 @@
-get_prop(coredomain, pm_prop)
+get_prop(coredomain, boot_status_prop)
+get_prop(coredomain, camera_config_prop)
+get_prop(coredomain, dalvik_config_prop)
+get_prop(coredomain, dalvik_runtime_prop)
get_prop(coredomain, exported_pm_prop)
+get_prop(coredomain, ffs_config_prop)
+get_prop(coredomain, hdmi_config_prop)
+get_prop(coredomain, init_service_status_private_prop)
+get_prop(coredomain, lmkd_config_prop)
+get_prop(coredomain, pm_prop)
+get_prop(coredomain, surfaceflinger_color_prop)
+get_prop(coredomain, systemsound_config_prop)
+get_prop(coredomain, telephony_config_prop)
+
+get_prop(coredomain, usb_config_prop)
+get_prop(coredomain, usb_control_prop)
+get_prop(coredomain, userspace_reboot_config_prop)
+get_prop(coredomain, vold_config_prop)
full_treble_only(`
neverallow {
@@ -131,6 +147,7 @@
coredomain
-atrace
-dumpstate
+ -gpuservice
-init
-traced_probes
-shell
diff --git a/private/dex2oat.te b/private/dex2oat.te
index 7907f6c..c257f1a 100644
--- a/private/dex2oat.te
+++ b/private/dex2oat.te
@@ -13,9 +13,6 @@
r_dir_file(dex2oat, dalvikcache_data_file)
allow dex2oat dalvikcache_data_file:file write;
-# Read symlinks in /data/dalvik-cache. This is required for PIC mode boot images, where
-# the oat file is symlinked to the original file in /system.
-allow dex2oat dalvikcache_data_file:lnk_file read;
allow dex2oat installd:fd use;
# Acquire advisory lock on /system/framework/arm/*
diff --git a/private/dhcp.te b/private/dhcp.te
index b2f8ac7..8ec9111 100644
--- a/private/dhcp.te
+++ b/private/dhcp.te
@@ -2,3 +2,6 @@
init_daemon_domain(dhcp)
type_transition dhcp system_data_file:{ dir file } dhcp_data_file;
+
+set_prop(dhcp, dhcp_prop)
+set_prop(dhcp, pan_result_prop)
diff --git a/private/domain.te b/private/domain.te
index 1a8ce50..9cd064a 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -72,33 +72,22 @@
# For now, everyone can access core property files
# Device specific properties are not granted by default
not_compatible_property(`
+ # DO NOT ADD ANY PROPERTIES HERE
get_prop(domain, core_property_type)
- get_prop(domain, exported_dalvik_prop)
- get_prop(domain, exported_ffs_prop)
- get_prop(domain, exported_system_radio_prop)
- get_prop(domain, exported2_config_prop)
- get_prop(domain, exported2_radio_prop)
get_prop(domain, exported2_system_prop)
- get_prop(domain, exported2_vold_prop)
get_prop(domain, exported3_default_prop)
get_prop(domain, exported3_radio_prop)
get_prop(domain, exported3_system_prop)
get_prop(domain, vendor_default_prop)
')
compatible_property_only(`
+ # DO NOT ADD ANY PROPERTIES HERE
get_prop({coredomain appdomain shell}, core_property_type)
- get_prop({coredomain appdomain shell}, exported_dalvik_prop)
- get_prop({coredomain appdomain shell}, exported_ffs_prop)
- get_prop({coredomain appdomain shell}, exported_system_radio_prop)
- get_prop({coredomain appdomain shell}, exported2_config_prop)
- get_prop({coredomain appdomain shell}, exported2_radio_prop)
get_prop({coredomain appdomain shell}, exported2_system_prop)
- get_prop({coredomain appdomain shell}, exported2_vold_prop)
get_prop({coredomain appdomain shell}, exported3_default_prop)
get_prop({coredomain appdomain shell}, exported3_radio_prop)
get_prop({coredomain appdomain shell}, exported3_system_prop)
get_prop({coredomain appdomain shell}, exported_camera_prop)
- get_prop({coredomain appdomain shell}, userspace_reboot_config_prop)
get_prop({coredomain shell}, userspace_reboot_exported_prop)
get_prop({coredomain shell}, userspace_reboot_log_prop)
get_prop({coredomain shell}, userspace_reboot_test_prop)
@@ -369,3 +358,13 @@
# This property is being removed. Remove remaining access.
neverallow { domain -init -system_server -vendor_init } net_dns_prop:property_service set;
neverallow { domain -dumpstate -init -system_server -vendor_init } net_dns_prop:file read;
+
+# Only core domains are allowed to access package_manager properties
+neverallow { domain -init -system_server } pm_prop:property_service set;
+neverallow { domain -coredomain } pm_prop:file no_rw_file_perms;
+
+# Do not allow reading the last boot timestamp from system properties
+neverallow { domain -init -system_server -dumpstate } firstboot_prop:file r_file_perms;
+
+# Kprobes should only be used by adb root
+neverallow { domain -init -vendor_init } debugfs_kprobes:file *;
diff --git a/private/drmserver.te b/private/drmserver.te
index afe4f0a..8449c3e 100644
--- a/private/drmserver.te
+++ b/private/drmserver.te
@@ -5,3 +5,5 @@
type_transition drmserver apk_data_file:sock_file drmserver_socket;
typeattribute drmserver_socket coredomain_socket;
+
+get_prop(drmserver, drm_service_config_prop)
diff --git a/private/dumpstate.te b/private/dumpstate.te
index 72e508e..0eff540 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -50,6 +50,17 @@
# For comminucating with the system process to do confirmation ui.
binder_call(dumpstate, incidentcompanion_service)
+# Set properties.
+# dumpstate_prop is used to share state with the Shell app.
+set_prop(dumpstate, dumpstate_prop)
+set_prop(dumpstate, exported_dumpstate_prop)
+
+# dumpstate_options_prop is used to pass extra command-line args.
+set_prop(dumpstate, dumpstate_options_prop)
+
+# Allow dumpstate to kill vendor dumpstate service by init
+set_prop(dumpstate, ctl_dumpstate_prop)
+
# For dumping dynamic partition information.
set_prop(dumpstate, lpdumpd_prop)
binder_call(dumpstate, lpdumpd)
diff --git a/private/ephemeral_app.te b/private/ephemeral_app.te
index 56d4747..e004891 100644
--- a/private/ephemeral_app.te
+++ b/private/ephemeral_app.te
@@ -44,10 +44,6 @@
allow ephemeral_app drmserver_service:service_manager find;
allow ephemeral_app radio_service:service_manager find;
allow ephemeral_app ephemeral_app_api_service:service_manager find;
-allow ephemeral_app gpu_service:service_manager find;
-
-# Allow ephemeral apps to interact with gpuservice
-binder_call(ephemeral_app, gpuservice)
# Write app-specific trace data to the Perfetto traced damon. This requires
# connecting to its producer socket and obtaining a (per-process) tmpfs fd.
diff --git a/private/fastbootd.te b/private/fastbootd.te
index 29a9157..f0ba02c 100644
--- a/private/fastbootd.te
+++ b/private/fastbootd.te
@@ -1 +1,33 @@
typeattribute fastbootd coredomain;
+
+# The allow rules are only included in the recovery policy.
+# Otherwise fastbootd is only allowed the domain rules.
+recovery_only(`
+ # Reboot the device
+ set_prop(fastbootd, powerctl_prop)
+
+ # Read serial number of the device from system properties
+ get_prop(fastbootd, serialno_prop)
+
+ # Set sys.usb.ffs.ready.
+ get_prop(fastbootd, ffs_config_prop)
+ set_prop(fastbootd, ffs_control_prop)
+
+ userdebug_or_eng(`
+ get_prop(fastbootd, persistent_properties_ready_prop)
+ ')
+
+ set_prop(fastbootd, gsid_prop)
+
+ # Determine allocation scheme (whether B partitions needs to be
+ # at the second half of super.
+ get_prop(fastbootd, virtual_ab_prop)
+
+ # Needed for TCP protocol
+ allow fastbootd node:tcp_socket node_bind;
+ allow fastbootd port:tcp_socket name_bind;
+ allow fastbootd self:tcp_socket { create_socket_perms_no_ioctl listen accept };
+
+ # Get fastbootd protocol property
+ get_prop(fastbootd, fastbootd_protocol_prop)
+')
diff --git a/private/file_contexts b/private/file_contexts
index 4b0cab7..75bca42 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -33,6 +33,8 @@
/sys u:object_r:sysfs:s0
/apex u:object_r:apex_mnt_dir:s0
+/apex/apex-info-list.xml u:object_r:apex_info_file:s0
+
# Symlinks
/bin u:object_r:rootfs:s0
/bugreports u:object_r:rootfs:s0
@@ -95,6 +97,7 @@
/dev/cgroup_info(/.*)? u:object_r:cgroup_rc_file:s0
/dev/fscklogs(/.*)? u:object_r:fscklogs:s0
/dev/fuse u:object_r:fuse_device:s0
+/dev/gnss[0-9]+ u:object_r:gnss_device:s0
/dev/graphics(/.*)? u:object_r:graphics_device:s0
/dev/hw_random u:object_r:hw_random_device:s0
/dev/hwbinder u:object_r:hwbinder_device:s0
@@ -212,6 +215,7 @@
/system/bin/fsck_msdos -- u:object_r:fsck_exec:s0
/system/bin/tcpdump -- u:object_r:tcpdump_exec:s0
/system/bin/tune2fs -- u:object_r:fsck_exec:s0
+/system/bin/resize2fs -- u:object_r:fsck_exec:s0
/system/bin/toolbox -- u:object_r:toolbox_exec:s0
/system/bin/toybox -- u:object_r:toolbox_exec:s0
/system/bin/ld\.mc u:object_r:rs_exec:s0
@@ -256,8 +260,6 @@
/system/bin/keystore u:object_r:keystore_exec:s0
/system/bin/fingerprintd u:object_r:fingerprintd_exec:s0
/system/bin/gatekeeperd u:object_r:gatekeeperd_exec:s0
-/system/bin/crash_dump32 u:object_r:crash_dump_exec:s0
-/system/bin/crash_dump64 u:object_r:crash_dump_exec:s0
/system/bin/tombstoned u:object_r:tombstoned_exec:s0
/system/bin/recovery-persist u:object_r:recovery_persist_exec:s0
/system/bin/recovery-refresh u:object_r:recovery_refresh_exec:s0
@@ -517,7 +519,7 @@
# Misc data
/data/misc/adb(/.*)? u:object_r:adb_keys_file:s0
/data/misc/apexdata(/.*)? u:object_r:apex_module_data_file:s0
-/data/misc/apexdata/com.android.permission(/.*)? u:object_r:apex_permission_data_file:s0
+/data/misc/apexdata/com\.android\.permission(/.*)? u:object_r:apex_permission_data_file:s0
/data/misc/apexdata/com\.android\.wifi(/.*)? u:object_r:apex_wifi_data_file:s0
/data/misc/apexrollback(/.*)? u:object_r:apex_rollback_data_file:s0
/data/misc/apns(/.*)? u:object_r:radio_data_file:s0
@@ -610,8 +612,8 @@
# Apex data directories
/data/misc_de/[0-9]+/apexdata(/.*)? u:object_r:apex_module_data_file:s0
/data/misc_ce/[0-9]+/apexdata(/.*)? u:object_r:apex_module_data_file:s0
-/data/misc_de/[0-9]+/apexdata/com.android.permission(/.*)? u:object_r:apex_permission_data_file:s0
-/data/misc_ce/[0-9]+/apexdata/com.android.permission(/.*)? u:object_r:apex_permission_data_file:s0
+/data/misc_de/[0-9]+/apexdata/com\.android\.permission(/.*)? u:object_r:apex_permission_data_file:s0
+/data/misc_ce/[0-9]+/apexdata/com\.android\.permission(/.*)? u:object_r:apex_permission_data_file:s0
/data/misc_de/[0-9]+/apexdata/com\.android\.wifi(/.*)? u:object_r:apex_wifi_data_file:s0
/data/misc_ce/[0-9]+/apexdata/com\.android\.wifi(/.*)? u:object_r:apex_wifi_data_file:s0
diff --git a/private/file_contexts_asan b/private/file_contexts_asan
index b37f086..fd083c2 100644
--- a/private/file_contexts_asan
+++ b/private/file_contexts_asan
@@ -6,6 +6,8 @@
/data/asan/odm/lib64(/.*)? u:object_r:system_lib_file:s0
/data/asan/product/lib(/.*)? u:object_r:system_lib_file:s0
/data/asan/product/lib64(/.*)? u:object_r:system_lib_file:s0
+/data/asan/system/system_ext/lib(/.*)? u:object_r:system_lib_file:s0
+/data/asan/system/system_ext/lib64(/.*)? u:object_r:system_lib_file:s0
/system/asan.options u:object_r:system_asan_options_file:s0
/system/bin/asan_extract u:object_r:asan_extract_exec:s0
/system/bin/asanwrapper u:object_r:asanwrapper_exec:s0
diff --git a/private/flags_health_check.te b/private/flags_health_check.te
index fb41aff..18dde09 100644
--- a/private/flags_health_check.te
+++ b/private/flags_health_check.te
@@ -1,3 +1,27 @@
typeattribute flags_health_check coredomain;
init_daemon_domain(flags_health_check)
+
+set_prop(flags_health_check, device_config_boot_count_prop)
+set_prop(flags_health_check, device_config_reset_performed_prop)
+set_prop(flags_health_check, device_config_runtime_native_boot_prop)
+set_prop(flags_health_check, device_config_runtime_native_prop)
+set_prop(flags_health_check, device_config_input_native_boot_prop)
+set_prop(flags_health_check, device_config_netd_native_prop)
+set_prop(flags_health_check, device_config_activity_manager_native_boot_prop)
+set_prop(flags_health_check, device_config_media_native_prop)
+set_prop(flags_health_check, device_config_storage_native_boot_prop)
+set_prop(flags_health_check, device_config_sys_traced_prop)
+set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
+set_prop(flags_health_check, device_config_configuration_prop)
+
+# system property device_config_boot_count_prop is used for deciding when to perform server
+# configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a
+# wrong timing, trigger server configurable flag related disaster recovery, which will override
+# server configured values of all flags with default values.
+neverallow { domain -init -flags_health_check } device_config_boot_count_prop:property_service set;
+
+# system property device_config_reset_performed_prop is used for indicating whether server
+# configurable flags have been reset during booting. Mistakenly modified by unrelated components can
+# cause bad server configurable flags synced back to device.
+neverallow { domain -init -flags_health_check } device_config_reset_performed_prop:property_service set;
diff --git a/private/fs_use b/private/fs_use
index 6fcc2cc..93d7f1b 100644
--- a/private/fs_use
+++ b/private/fs_use
@@ -11,6 +11,7 @@
fs_use_xattr overlay u:object_r:labeledfs:s0;
fs_use_xattr erofs u:object_r:labeledfs:s0;
fs_use_xattr incremental-fs u:object_r:labeledfs:s0;
+fs_use_xattr virtiofs u:object_r:labeledfs:s0;
# Label inodes from task label.
fs_use_task pipefs u:object_r:pipefs:s0;
diff --git a/private/gatekeeperd.te b/private/gatekeeperd.te
index 5e4d0a2..2fb88a3 100644
--- a/private/gatekeeperd.te
+++ b/private/gatekeeperd.te
@@ -1,3 +1,6 @@
typeattribute gatekeeperd coredomain;
init_daemon_domain(gatekeeperd)
+
+# For checking whether GSI is running
+get_prop(gatekeeperd, gsid_prop)
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 51f2ce7..d0fe0d0 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -153,6 +153,7 @@
genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0
genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0
+genfscon debugfs /kprobes u:object_r:debugfs_kprobes:s0
genfscon debugfs /mmc0 u:object_r:debugfs_mmc:s0
genfscon debugfs /tracing u:object_r:debugfs_tracing_debug:s0
genfscon tracefs / u:object_r:debugfs_tracing_debug:s0
@@ -249,6 +250,7 @@
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_newtask/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/ftrace/print/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/gpu_mem/gpu_mem_total u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/trace_clock u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/buffer_size_kb u:object_r:debugfs_tracing:s0
diff --git a/private/gpuservice.te b/private/gpuservice.te
index a4d84ea..c467383 100644
--- a/private/gpuservice.te
+++ b/private/gpuservice.te
@@ -26,6 +26,9 @@
# Needed for dumpsys pipes.
allow gpuservice shell:fifo_file write;
+# Needed for perfetto producer.
+perfetto_producer(gpuservice)
+
# Use socket supplied by adbd, for cmd gpu vkjson etc.
allow gpuservice adbd:unix_stream_socket { read write getattr };
@@ -42,7 +45,24 @@
# TODO(b/146461633): remove this once native pullers talk to StatsManagerService
binder_call(gpuservice, statsd);
+# Needed for reading tracepoint ids in order to attach bpf programs.
+allow gpuservice debugfs_tracing:file r_file_perms;
+allow gpuservice self:perf_event { cpu kernel open write };
+neverallow gpuservice self:perf_event ~{ cpu kernel open write };
+
+# Needed for interact with bpf fs.
+allow gpuservice fs_bpf:dir search;
+allow gpuservice fs_bpf:file read;
+
+# Needed for enable the bpf program and read the map.
+allow gpuservice bpfloader:bpf { map_read prog_run };
+
+# Needed for getting a prop to ensure bpf programs loaded.
+get_prop(gpuservice, bpf_progs_loaded_prop)
+
add_service(gpuservice, gpu_service)
# Only uncomment below line when in development
# userdebug_or_eng(`permissive gpuservice;')
+
+get_prop(gpuservice, graphics_config_prop)
diff --git a/private/healthd.te b/private/healthd.te
index 20d0791..921d33f 100644
--- a/private/healthd.te
+++ b/private/healthd.te
@@ -4,3 +4,10 @@
# Allow healthd to serve health HAL
hal_server_domain(healthd, hal_health)
+
+# Healthd needs to tell init to continue the boot
+# process when running in charger mode.
+set_prop(healthd, system_prop)
+set_prop(healthd, exported_system_prop)
+set_prop(healthd, exported2_system_prop)
+set_prop(healthd, exported3_system_prop)
diff --git a/private/hwservicemanager.te b/private/hwservicemanager.te
index 0705cc7..e1fde43 100644
--- a/private/hwservicemanager.te
+++ b/private/hwservicemanager.te
@@ -6,3 +6,4 @@
add_hwservice(hwservicemanager, hidl_token_hwservice)
set_prop(hwservicemanager, ctl_interface_start_prop)
+set_prop(hwservicemanager, hwservicemanager_prop)
diff --git a/private/init.te b/private/init.te
index b0e7f80..7a2e0b3 100644
--- a/private/init.te
+++ b/private/init.te
@@ -51,6 +51,7 @@
# kernels that precede the perf_event_open hooks (Android common kernels 4.4
# and 4.9).
allow init self:perf_event { open cpu };
+allow init self:global_capability2_class_set perfmon;
neverallow init self:perf_event { kernel tracepoint read write };
dontaudit init self:perf_event { kernel tracepoint read write };
diff --git a/private/isolated_app.te b/private/isolated_app.te
index 4c6c5aa..33b5219 100644
--- a/private/isolated_app.te
+++ b/private/isolated_app.te
@@ -74,6 +74,9 @@
# Isolated apps should not directly open app data files themselves.
neverallow isolated_app { app_data_file privapp_data_file }:file open;
+# Isolated aps should not be directly accessing system directories
+neverallow isolated_app system_data_file:dir search;
+
# Only allow appending to /data/anr/traces.txt (b/27853304, b/18340553)
# TODO: are there situations where isolated_apps write to this file?
# TODO: should we tighten these restrictions further?
diff --git a/private/lmkd.te b/private/lmkd.te
index e51cddb..1e7bbde 100644
--- a/private/lmkd.te
+++ b/private/lmkd.te
@@ -2,6 +2,9 @@
init_daemon_domain(lmkd)
+# Set sys.lmk.* properties.
+set_prop(lmkd, system_lmk_prop)
+
# Set lmkd.* properties.
set_prop(lmkd, lmkd_prop)
diff --git a/private/logd.te b/private/logd.te
index ca92e20..7112c4f 100644
--- a/private/logd.te
+++ b/private/logd.te
@@ -2,6 +2,9 @@
init_daemon_domain(logd)
+# Access device logging gating property
+get_prop(logd, device_logging_prop)
+
# logd is not allowed to write anywhere other than /data/misc/logd, and then
# only on userdebug or eng builds
neverallow logd {
diff --git a/private/mediaextractor.te b/private/mediaextractor.te
index 2e654d68..7f626c4 100644
--- a/private/mediaextractor.te
+++ b/private/mediaextractor.te
@@ -5,3 +5,5 @@
allow mediaextractor appdomain_tmpfs:file { getattr map read write };
allow mediaextractor mediaserver_tmpfs:file { getattr map read write };
allow mediaextractor system_server_tmpfs:file { getattr map read write };
+
+get_prop(mediaextractor, device_config_media_native_prop)
diff --git a/private/mediaprovider.te b/private/mediaprovider.te
index 249fee1..9991725 100644
--- a/private/mediaprovider.te
+++ b/private/mediaprovider.te
@@ -40,5 +40,5 @@
allowxperm mediaprovider functionfs:file ioctl FUNCTIONFS_ENDPOINT_DESC;
# MtpServer sets sys.usb.ffs.mtp.ready
-set_prop(mediaprovider, ffs_prop)
-set_prop(mediaprovider, exported_ffs_prop)
+get_prop(mediaprovider, ffs_config_prop)
+set_prop(mediaprovider, ffs_control_prop)
diff --git a/private/mediaprovider_app.te b/private/mediaprovider_app.te
index 335c1b6..fcc8734 100644
--- a/private/mediaprovider_app.te
+++ b/private/mediaprovider_app.te
@@ -6,7 +6,7 @@
app_domain(mediaprovider_app)
# Access to /mnt/pass_through.
-allow mediaprovider_app mnt_pass_through_file:dir r_dir_perms;
+r_dir_file(mediaprovider_app, mnt_pass_through_file)
# Allow MediaProvider to host a FUSE daemon for external storage
allow mediaprovider_app fuse_device:chr_file { read write ioctl getattr };
@@ -27,6 +27,10 @@
# Talk to the GPU service
binder_call(mediaprovider_app, gpuservice)
+# Talk to statsd
+allow mediaprovider_app statsmanager_service:service_manager find;
+binder_call(mediaprovider_app, statsd)
+
# read pipe-max-size configuration
allow mediaprovider_app proc_pipe_conf:file r_file_perms;
@@ -39,7 +43,12 @@
FS_IOC_SETFLAGS
};
+# Access external sdcards through /mnt/media_rw
+allow mediaprovider_app { mnt_media_rw_file }:dir search;
+
allow mediaprovider_app proc_filesystems:file r_file_perms;
#Allow MediaProvider to see if sdcardfs is in use
get_prop(mediaprovider_app, storage_config_prop)
+
+get_prop(mediaprovider_app, drm_service_config_prop)
diff --git a/private/mediaserver.te b/private/mediaserver.te
index c55e54a..7fb8029 100644
--- a/private/mediaserver.te
+++ b/private/mediaserver.te
@@ -11,4 +11,7 @@
hal_client_domain(mediaserver, hal_omx)
hal_client_domain(mediaserver, hal_codec2)
-allow mediaserver mediatranscoding_service:service_manager find;
+set_prop(mediaserver, audio_prop)
+
+get_prop(mediaserver, drm_service_config_prop)
+get_prop(mediaserver, media_config_prop)
diff --git a/private/mediaswcodec.te b/private/mediaswcodec.te
index 50f5698..cef802d 100644
--- a/private/mediaswcodec.te
+++ b/private/mediaswcodec.te
@@ -2,3 +2,4 @@
init_daemon_domain(mediaswcodec)
+get_prop(mediaswcodec, device_config_media_native_prop)
diff --git a/private/mediatranscoding.te b/private/mediatranscoding.te
index e0ad84c..3534dfa 100644
--- a/private/mediatranscoding.te
+++ b/private/mediatranscoding.te
@@ -1,3 +1,51 @@
+# mediatranscoding - daemon for transcoding video and image.
+type mediatranscoding, domain;
+type mediatranscoding_exec, system_file_type, exec_type, file_type;
+type mediatranscoding_tmpfs, file_type;
typeattribute mediatranscoding coredomain;
init_daemon_domain(mediatranscoding)
+tmpfs_domain(mediatranscoding)
+allow mediatranscoding appdomain_tmpfs:file { getattr map read write };
+
+binder_use(mediatranscoding)
+binder_call(mediatranscoding, binderservicedomain)
+binder_call(mediatranscoding, appdomain)
+binder_service(mediatranscoding)
+
+add_service(mediatranscoding, mediatranscoding_service)
+
+hal_client_domain(mediatranscoding, hal_graphics_allocator)
+hal_client_domain(mediatranscoding, hal_configstore)
+hal_client_domain(mediatranscoding, hal_omx)
+hal_client_domain(mediatranscoding, hal_codec2)
+
+allow mediatranscoding mediaserver_service:service_manager find;
+allow mediatranscoding mediametrics_service:service_manager find;
+allow mediatranscoding mediaextractor_service:service_manager find;
+
+allow mediatranscoding system_server:fd use;
+allow mediatranscoding activity_service:service_manager find;
+
+# allow mediatranscoding service read/write permissions for file sources
+allow mediatranscoding sdcardfs:file { getattr read write };
+allow mediatranscoding media_rw_data_file:file { getattr read write };
+allow mediatranscoding apk_data_file:file { getattr read };
+allow mediatranscoding app_data_file:file { getattr read write };
+allow mediatranscoding shell_data_file:file { getattr read write };
+
+# mediatranscoding should never execute any executable without a
+# domain transition
+neverallow mediatranscoding { file_type fs_type }:file execute_no_trans;
+
+# The goal of the mediaserver split is to place media processing code into
+# restrictive sandboxes with limited responsibilities and thus limited
+# permissions. Example: Audioserver is only responsible for controlling audio
+# hardware and processing audio content. Cameraserver does the same for camera
+# hardware/content. Etc.
+#
+# Media processing code is inherently risky and thus should have limited
+# permissions and be isolated from the rest of the system and network.
+# Lengthier explanation here:
+# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
+neverallow mediatranscoding domain:{ tcp_socket udp_socket rawip_socket } *;
diff --git a/private/netd.te b/private/netd.te
index 41473b7..27663d3 100644
--- a/private/netd.te
+++ b/private/netd.te
@@ -17,7 +17,12 @@
# TODO: Remove this permission when 4.9 kernel is deprecated.
allow netd self:key_socket create;
+set_prop(netd, ctl_mdnsd_prop)
+set_prop(netd, netd_stable_secret_prop)
+
get_prop(netd, bpf_progs_loaded_prop)
+get_prop(netd, hwservicemanager_prop)
+get_prop(netd, device_config_netd_native_prop)
# Allow netd to write to statsd.
unix_socket_send(netd, statsdw, statsd)
@@ -28,3 +33,11 @@
# Allow netd to send dump info to dumpstate
allow netd dumpstate:fd use;
allow netd dumpstate:fifo_file { getattr write };
+
+# persist.netd.stable_secret contains RFC 7217 secret key which should never be
+# leaked to other processes. Make sure it never leaks.
+neverallow { domain -netd -init -dumpstate } netd_stable_secret_prop:file r_file_perms;
+
+# We want to ensure that no other process ever tries tampering with persist.netd.stable_secret,
+# the RFC 7217 secret key managed by netd. Doing so could compromise user privacy.
+neverallow { domain -netd -init } netd_stable_secret_prop:property_service set;
diff --git a/private/perfetto.te b/private/perfetto.te
index 06e4ed1..25c70d2 100644
--- a/private/perfetto.te
+++ b/private/perfetto.te
@@ -47,6 +47,14 @@
allow perfetto incident_service:service_manager find;
binder_call(perfetto, incidentd)
+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
+
###
### Neverallow rules
###
diff --git a/private/platform_app.te b/private/platform_app.te
index 3beec38..ba6de5b 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -66,12 +66,8 @@
allow platform_app app_api_service:service_manager find;
allow platform_app system_api_service:service_manager find;
allow platform_app vr_manager_service:service_manager find;
-allow platform_app gpu_service:service_manager find;
allow platform_app stats_service:service_manager find;
-# Allow platform apps to interact with gpuservice
-binder_call(platform_app, gpuservice)
-
# Allow platform apps to log via statsd.
binder_call(platform_app, statsd)
diff --git a/private/priv_app.te b/private/priv_app.te
index 44c81ee..d5b8d3f 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -46,10 +46,6 @@
allow priv_app recovery_service:service_manager find;
allow priv_app stats_service:service_manager find;
-# Allow privileged apps to interact with gpuservice
-binder_call(priv_app, gpuservice)
-allow priv_app gpu_service:service_manager find;
-
# Write to /cache.
allow priv_app { cache_file cache_recovery_file }:dir create_dir_perms;
allow priv_app { cache_file cache_recovery_file }:file create_file_perms;
@@ -161,6 +157,9 @@
allow priv_app apex_data_file:dir search;
allow priv_app staging_data_file:file r_file_perms;
+# allow priv app to access the system app data files for ContentProvider case.
+allow priv_app system_app_data_file:file { read getattr };
+
###
### neverallow rules
###
diff --git a/private/property.te b/private/property.te
new file mode 100644
index 0000000..6591a9c
--- /dev/null
+++ b/private/property.te
@@ -0,0 +1,423 @@
+# Properties used only in /system
+system_internal_prop(adbd_prop)
+system_internal_prop(device_config_storage_native_boot_prop)
+system_internal_prop(device_config_sys_traced_prop)
+system_internal_prop(device_config_window_manager_native_boot_prop)
+system_internal_prop(device_config_configuration_prop)
+system_internal_prop(fastbootd_protocol_prop)
+system_internal_prop(gsid_prop)
+system_internal_prop(init_perf_lsm_hooks_prop)
+system_internal_prop(init_service_status_private_prop)
+system_internal_prop(init_svc_debug_prop)
+system_internal_prop(last_boot_reason_prop)
+system_internal_prop(netd_stable_secret_prop)
+system_internal_prop(pm_prop)
+system_internal_prop(system_adbd_prop)
+system_internal_prop(traced_perf_enabled_prop)
+system_internal_prop(userspace_reboot_log_prop)
+system_internal_prop(userspace_reboot_test_prop)
+
+###
+### Neverallow rules
+###
+
+treble_sysprop_neverallow(`
+
+# TODO(b/131162102): uncomment these after assigning ownership attributes to all properties
+# neverallow domain {
+# property_type
+# -system_property_type
+# -product_property_type
+# -vendor_property_type
+# }:file no_rw_file_perms;
+
+neverallow { domain -coredomain } {
+ system_property_type
+ system_internal_property_type
+ -system_restricted_property_type
+ -system_public_property_type
+}:file no_rw_file_perms;
+
+neverallow { domain -coredomain } {
+ system_property_type
+ -system_public_property_type
+}:property_service set;
+
+# init is in coredomain, but should be able to read/write all props.
+# dumpstate is also in coredomain, but should be able to read all props.
+neverallow { coredomain -init -dumpstate } {
+ vendor_property_type
+ vendor_internal_property_type
+ -vendor_restricted_property_type
+ -vendor_public_property_type
+}:file no_rw_file_perms;
+
+neverallow { coredomain -init } {
+ vendor_property_type
+ -vendor_public_property_type
+}:property_service set;
+
+')
+
+# There is no need to perform ioctl or advisory locking operations on
+# property files. If this neverallow is being triggered, it is
+# likely that the policy is using r_file_perms directly instead of
+# the get_prop() macro.
+neverallow domain property_type:file { ioctl lock };
+
+neverallow * {
+ core_property_type
+ -audio_prop
+ -config_prop
+ -cppreopt_prop
+ -dalvik_prop
+ -debuggerd_prop
+ -debug_prop
+ -default_prop
+ -dhcp_prop
+ -dumpstate_prop
+ -fingerprint_prop
+ -logd_prop
+ -net_radio_prop
+ -nfc_prop
+ -ota_prop
+ -pan_result_prop
+ -persist_debug_prop
+ -powerctl_prop
+ -radio_prop
+ -restorecon_prop
+ -shell_prop
+ -system_prop
+ -usb_prop
+ -vold_prop
+}:file no_rw_file_perms;
+
+# sigstop property is only used for debugging; should only be set by su which is permissive
+# for userdebug/eng
+neverallow {
+ domain
+ -init
+ -vendor_init
+} ctl_sigstop_prop:property_service set;
+
+# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
+# in the audit log
+dontaudit domain {
+ ctl_bootanim_prop
+ ctl_bugreport_prop
+ ctl_console_prop
+ ctl_default_prop
+ ctl_dumpstate_prop
+ ctl_fuse_prop
+ ctl_mdnsd_prop
+ ctl_rildaemon_prop
+}:property_service set;
+
+neverallow {
+ domain
+ -init
+} init_svc_debug_prop:property_service set;
+
+neverallow {
+ domain
+ -init
+ -dumpstate
+ userdebug_or_eng(`-su')
+} init_svc_debug_prop:file no_rw_file_perms;
+
+compatible_property_only(`
+# Prevent properties from being set
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -vendor_init
+ } {
+ core_property_type
+ extended_core_property_type
+ exported_config_prop
+ exported_default_prop
+ exported_dumpstate_prop
+ exported_system_prop
+ exported2_default_prop
+ exported2_system_prop
+ exported3_default_prop
+ exported3_system_prop
+ usb_control_prop
+ -nfc_prop
+ -powerctl_prop
+ -radio_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -hal_nfc_server
+ } {
+ nfc_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -hal_telephony_server
+ -vendor_init
+ } {
+ exported3_radio_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -hal_telephony_server
+ } {
+ radio_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -bluetooth
+ -hal_bluetooth_server
+ } {
+ bluetooth_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -bluetooth
+ -hal_bluetooth_server
+ -vendor_init
+ } {
+ exported_bluetooth_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -hal_camera_server
+ -cameraserver
+ -vendor_init
+ } {
+ exported_camera_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -hal_wifi_server
+ -wificond
+ } {
+ wifi_prop
+ }:property_service set;
+
+ neverallow {
+ domain
+ -coredomain
+ -hal_wifi_server
+ -wificond
+ -vendor_init
+ } {
+ exported_wifi_prop
+ }:property_service set;
+
+# Prevent properties from being read
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -vendor_init
+ } {
+ core_property_type
+ dalvik_config_prop
+ extended_core_property_type
+ exported2_system_prop
+ exported3_default_prop
+ exported3_system_prop
+ systemsound_config_prop
+ -debug_prop
+ -logd_prop
+ -nfc_prop
+ -powerctl_prop
+ -radio_prop
+ }:file no_rw_file_perms;
+
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -hal_nfc_server
+ } {
+ nfc_prop
+ }:file no_rw_file_perms;
+
+ neverallow {
+ domain
+ -coredomain
+ -appdomain
+ -hal_telephony_server
+ } {
+ radio_prop
+ }:file no_rw_file_perms;
+
+ neverallow {
+ domain
+ -coredomain
+ -bluetooth
+ -hal_bluetooth_server
+ } {
+ bluetooth_prop
+ }:file no_rw_file_perms;
+
+ neverallow {
+ domain
+ -coredomain
+ -hal_wifi_server
+ -wificond
+ } {
+ wifi_prop
+ }:file no_rw_file_perms;
+')
+
+compatible_property_only(`
+ # Neverallow coredomain to set vendor properties
+ neverallow {
+ coredomain
+ -init
+ -system_writes_vendor_properties_violators
+ } {
+ property_type
+ -system_property_type
+ -extended_core_property_type
+ }:property_service set;
+')
+
+neverallow {
+ -coredomain
+ -vendor_init
+} {
+ ffs_config_prop
+ ffs_control_prop
+}:file no_rw_file_perms;
+
+neverallow {
+ -init
+ -system_server
+} {
+ userspace_reboot_log_prop
+}:property_service set;
+
+neverallow {
+ # Only allow init and system_server to set system_adbd_prop
+ -init
+ -system_server
+} {
+ system_adbd_prop
+}:property_service set;
+
+neverallow {
+ # Only allow init and adbd to set adbd_prop
+ -init
+ -adbd
+} {
+ adbd_prop
+}:property_service set;
+
+neverallow {
+ # Only allow init and shell to set userspace_reboot_test_prop
+ -init
+ -shell
+} {
+ userspace_reboot_test_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -system_server
+ -vendor_init
+} {
+ surfaceflinger_color_prop
+}:property_service set;
+
+neverallow {
+ -init
+} {
+ libc_debug_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -system_server
+ -vendor_init
+} zram_control_prop:property_service set;
+
+neverallow {
+ -init
+ -system_server
+ -vendor_init
+} dalvik_runtime_prop:property_service set;
+
+neverallow {
+ -coredomain
+ -vendor_init
+} {
+ usb_config_prop
+ usb_control_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -system_server
+} {
+ provisioned_prop
+ retaildemo_prop
+}:property_service set;
+
+neverallow {
+ -coredomain
+ -vendor_init
+} {
+ provisioned_prop
+ retaildemo_prop
+}:file no_rw_file_perms;
+
+neverallow {
+ -init
+} {
+ init_service_status_private_prop
+ init_service_status_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -radio
+ -appdomain
+ -hal_telephony_server
+ not_compatible_property(`-vendor_init')
+} telephony_status_prop:property_service set;
+
+neverallow {
+ -init
+ -vendor_init
+} {
+ graphics_config_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -surfaceflinger
+} {
+ surfaceflinger_display_prop
+}:property_service set;
+
+neverallow {
+ -init
+ -dumpstate
+ -system_server
+ -vendor_init
+ -zygote
+} packagemanager_config_prop:file no_rw_file_perms;
diff --git a/private/property_contexts b/private/property_contexts
index 7908bb1..6788fb4 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -9,7 +9,6 @@
net.lte u:object_r:net_radio_prop:s0
net.cdma u:object_r:net_radio_prop:s0
net.dns u:object_r:net_dns_prop:s0
-sys.usb.config u:object_r:system_radio_prop:s0
ril. u:object_r:radio_prop:s0
ro.ril. u:object_r:radio_prop:s0
gsm. u:object_r:radio_prop:s0
@@ -27,7 +26,6 @@
sys.cppreopt u:object_r:cppreopt_prop:s0
sys.lpdumpd u:object_r:lpdumpd_prop:s0
sys.powerctl u:object_r:powerctl_prop:s0
-sys.usb.ffs. u:object_r:ffs_prop:s0
service. u:object_r:system_prop:s0
dhcp. u:object_r:dhcp_prop:s0
dhcp.bt-pan.result u:object_r:pan_result_prop:s0
@@ -42,7 +40,6 @@
khungtask. u:object_r:llkd_prop:s0
ro.llk. u:object_r:llkd_prop:s0
ro.khungtask. u:object_r:llkd_prop:s0
-lmkd.reinit u:object_r:lmkd_prop:s0 exact int
log. u:object_r:log_prop:s0
log.tag u:object_r:log_tag_prop:s0
log.tag.WifiHAL u:object_r:wifi_log_prop:s0
@@ -117,7 +114,7 @@
# ro.build.fingerprint is either set in /system/build.prop, or is
# set at runtime by system_server.
-ro.build.fingerprint u:object_r:fingerprint_prop:s0
+ro.build.fingerprint u:object_r:fingerprint_prop:s0 exact string
ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0
@@ -253,6 +250,512 @@
# history size.
ro.lib_gui.frame_event_history_size u:object_r:bq_config_prop:s0
+af.fast_track_multiplier u:object_r:audio_config_prop:s0 exact int
+ro.af.client_heap_size_kbyte u:object_r:audio_config_prop:s0 exact int
+
+audio.camerasound.force u:object_r:audio_config_prop:s0 exact bool
+audio.deep_buffer.media u:object_r:audio_config_prop:s0 exact bool
+audio.offload.video u:object_r:audio_config_prop:s0 exact bool
+audio.offload.min.duration.secs u:object_r:audio_config_prop:s0 exact int
+
+config.disable_cameraservice u:object_r:camera_config_prop:s0 exact bool
+
+camera.disable_zsl_mode u:object_r:camera_config_prop:s0 exact bool
+camera.fifo.disable u:object_r:camera_config_prop:s0 exact bool
+ro.camera.notify_nfc u:object_r:camera_config_prop:s0 exact bool
+ro.camera.enableLazyHal u:object_r:camera_config_prop:s0 exact bool
+
+# Should always_debuggable be bool? It's checked against the string "1".
+dalvik.vm.always_debuggable u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.appimageformat u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.backgroundgctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.boot-image u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.checkjni u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-max-image-block-size u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-minidebuginfo u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-resolve-startup-strings u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-updatable-bcp-packages-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-very-large u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-swap u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat64.enabled u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dexopt.secondary u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.execution-mode u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.extra-opts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.foreground-heap-growth-multiplier u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.gctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapgrowthlimit u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapmaxfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapminfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapstartsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heaptargetutilization u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.hot-startup-method-samples u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.image-dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.isa.arm.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitinitialsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitmaxsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitprithreadweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jitthreshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jittransitionweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jniopts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.lockprof.threshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.method-trace-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.method-trace-file-siz u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace-stream u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilesystemserver u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilebootclasspath u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.restore-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.restore-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.usejit u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.usejitprofiles u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.zygote.max-boot-retry u:object_r:dalvik_config_prop:s0 exact int
+
+persist.sys.dalvik.vm.lib.2 u:object_r:dalvik_runtime_prop:s0 exact string
+
+keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool
+
+media.recorder.show_manufacturer_and_model u:object_r:exported3_default_prop:s0 exact bool
+
+media.stagefright.cache-params u:object_r:media_config_prop:s0 exact string
+media.stagefright.thumbnail.prefer_hw_codecs u:object_r:media_config_prop:s0 exact bool
+persist.sys.media.avsync u:object_r:media_config_prop:s0 exact bool
+
+persist.bluetooth.a2dp_offload.cap u:object_r:bluetooth_a2dp_offload_prop:s0 exact string
+persist.bluetooth.a2dp_offload.disabled u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
+persist.bluetooth.bluetooth_audio_hal.disabled u:object_r:bluetooth_audio_hal_prop:s0 exact bool
+persist.bluetooth.btsnoopenable u:object_r:exported_bluetooth_prop:s0 exact bool
+
+persist.config.calibration_fac u:object_r:exported3_default_prop:s0 exact string
+
+persist.radio.multisim.config u:object_r:exported3_radio_prop:s0 exact string
+
+persist.sys.hdmi.keep_awake u:object_r:hdmi_config_prop:s0 exact bool
+ro.hdmi.device_type u:object_r:hdmi_config_prop:s0 exact string
+ro.hdmi.wake_on_hotplug u:object_r:hdmi_config_prop:s0 exact bool
+
+pm.dexopt.ab-ota u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.bg-dexopt u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.boot u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.disable_bg_dexopt u:object_r:exported_pm_prop:s0 exact bool
+pm.dexopt.downgrade_after_inactive_days u:object_r:exported_pm_prop:s0 exact int
+pm.dexopt.first-boot u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.inactive u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.install u:object_r:exported_pm_prop:s0 exact string
+pm.dexopt.shared u:object_r:exported_pm_prop:s0 exact string
+
+ro.apk_verity.mode u:object_r:apk_verity_prop:s0 exact int
+
+ro.audio.monitorRotation u:object_r:exported3_default_prop:s0 exact bool
+
+ro.bluetooth.a2dp_offload.supported u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
+
+ro.boot.vendor.overlay.theme u:object_r:exported_overlay_prop:s0 exact string
+ro.boot.wificountrycode u:object_r:exported3_default_prop:s0 exact string
+
+ro.bt.bdaddr_path u:object_r:exported_bluetooth_prop:s0 exact string
+
+ro.config.alarm_alert u:object_r:systemsound_config_prop:s0 exact string
+ro.config.alarm_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.alarm_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.media_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.media_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.notification_sound u:object_r:systemsound_config_prop:s0 exact string
+ro.config.ringtone u:object_r:systemsound_config_prop:s0 exact string
+ro.config.system_vol_default u:object_r:systemsound_config_prop:s0 exact int
+ro.config.system_vol_steps u:object_r:systemsound_config_prop:s0 exact int
+ro.config.vc_call_vol_default u:object_r:systemsound_config_prop:s0 exact int
+
+ro.config.per_app_memcg u:object_r:exported3_default_prop:s0 exact bool
+
+ro.control_privapp_permissions u:object_r:packagemanager_config_prop:s0 exact enum disable enforce log
+ro.cp_system_other_odex u:object_r:packagemanager_config_prop:s0 exact bool
+
+ro.crypto.allow_encrypt_override u:object_r:vold_config_prop:s0 exact bool
+ro.crypto.dm_default_key.options_format.version u:object_r:vold_config_prop:s0 exact int
+ro.crypto.fde_algorithm u:object_r:vold_config_prop:s0 exact string
+ro.crypto.fde_sector_size u:object_r:vold_config_prop:s0 exact int
+ro.crypto.scrypt_params u:object_r:vold_config_prop:s0 exact string
+ro.crypto.set_dun u:object_r:vold_config_prop:s0 exact bool
+ro.crypto.volume.contents_mode u:object_r:vold_config_prop:s0 exact string
+ro.crypto.volume.filenames_mode u:object_r:vold_config_prop:s0 exact string
+ro.crypto.volume.metadata.encryption u:object_r:vold_config_prop:s0 exact string
+ro.crypto.volume.metadata.method u:object_r:vold_config_prop:s0 exact string
+ro.crypto.volume.options u:object_r:vold_config_prop:s0 exact string
+
+ro.dalvik.vm.native.bridge u:object_r:dalvik_config_prop:s0 exact string
+
+external_storage.projid.enabled u:object_r:storage_config_prop:s0 exact bool
+external_storage.casefold.enabled u:object_r:storage_config_prop:s0 exact bool
+external_storage.sdcardfs.enabled u:object_r:storage_config_prop:s0 exact bool
+
+ro.enable_boot_charger_mode u:object_r:exported3_default_prop:s0 exact bool
+
+ro.lmk.critical u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.critical_upgrade u:object_r:lmkd_config_prop:s0 exact bool
+ro.lmk.debug u:object_r:lmkd_config_prop:s0 exact bool
+ro.lmk.downgrade_pressure u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.kill_heaviest_task u:object_r:lmkd_config_prop:s0 exact bool
+ro.lmk.kill_timeout_ms u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.low u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.medium u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.psi_partial_stall_ms u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.psi_complete_stall_ms u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.swap_free_low_percentage u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.swap_util_max u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.thrashing_limit u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.thrashing_limit_decay u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.use_minfree_levels u:object_r:lmkd_config_prop:s0 exact bool
+ro.lmk.upgrade_pressure u:object_r:lmkd_config_prop:s0 exact int
+lmkd.reinit u:object_r:lmkd_prop:s0 exact int
+
+ro.media.xml_variant.codecs u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.codecs_performance u:object_r:media_variant_prop:s0 exact string
+ro.media.xml_variant.profiles u:object_r:media_variant_prop:s0 exact string
+
+ro.minui.default_rotation u:object_r:recovery_config_prop:s0 exact string
+ro.minui.overscan_percent u:object_r:recovery_config_prop:s0 exact int
+ro.minui.pixel_format u:object_r:recovery_config_prop:s0 exact string
+
+ro.oem_unlock_supported u:object_r:exported3_default_prop:s0 exact int
+
+ro.opengles.version u:object_r:exported3_default_prop:s0 exact int
+
+ro.rebootescrow.device u:object_r:rebootescrow_hal_prop:s0 exact string
+
+ro.storage_manager.enabled u:object_r:exported3_default_prop:s0 exact bool
+
+ro.vehicle.hal u:object_r:vehicle_hal_prop:s0 exact string
+
+ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
+
+ro.zram.mark_idle_delay_mins u:object_r:zram_config_prop:s0 exact int
+ro.zram.first_wb_delay_mins u:object_r:zram_config_prop:s0 exact int
+ro.zram.periodic_wb_delay_hours u:object_r:zram_config_prop:s0 exact int
+zram.force_writeback u:object_r:zram_config_prop:s0 exact bool
+persist.sys.zram_enabled u:object_r:zram_control_prop:s0 exact bool
+
+ro.zygote u:object_r:exported3_default_prop:s0 exact string
+
+sendbug.preferred.domain u:object_r:exported3_default_prop:s0 exact string
+
+persist.sys.usb.usbradio.config u:object_r:usb_control_prop:s0 exact string
+
+sys.usb.config u:object_r:usb_control_prop:s0 exact string
+sys.usb.configfs u:object_r:usb_control_prop:s0 exact int
+sys.usb.controller u:object_r:usb_control_prop:s0 exact string
+sys.usb.state u:object_r:usb_control_prop:s0 exact string
+
+sys.usb.mtp.device_type u:object_r:usb_config_prop:s0 exact int
+
+sys.usb.config. u:object_r:usb_prop:s0
+
+sys.usb.ffs.aio_compat u:object_r:ffs_config_prop:s0 exact bool
+sys.usb.ffs.max_read u:object_r:ffs_config_prop:s0 exact int
+sys.usb.ffs.max_write u:object_r:ffs_config_prop:s0 exact int
+
+sys.usb.ffs.ready u:object_r:ffs_control_prop:s0 exact bool
+sys.usb.ffs.mtp.ready u:object_r:ffs_control_prop:s0 exact bool
+
+tombstoned.max_tombstone_count u:object_r:exported3_default_prop:s0 exact int
+
+vold.post_fs_data_done u:object_r:vold_config_prop:s0 exact int
+
+vts.native_server.on u:object_r:exported3_default_prop:s0 exact bool
+
+wlan.driver.status u:object_r:exported_wifi_prop:s0 exact enum ok unloaded
+
+apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
+
+dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
+sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
+
+persist.sys.device_provisioned u:object_r:provisioned_prop:s0 exact string
+
+persist.sys.theme u:object_r:theme_prop:s0 exact string
+
+sys.retaildemo.enabled u:object_r:retaildemo_prop:s0 exact int
+
+sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool
+
+aac_drc_boost u:object_r:aac_drc_prop:s0 exact int
+aac_drc_cut u:object_r:aac_drc_prop:s0 exact int
+aac_drc_enc_target_level u:object_r:aac_drc_prop:s0 exact int
+aac_drc_heavy u:object_r:aac_drc_prop:s0 exact int
+aac_drc_reference_level u:object_r:aac_drc_prop:s0 exact int
+ro.aac_drc_effect_type u:object_r:aac_drc_prop:s0 exact int
+
+build.version.extensions. u:object_r:module_sdkextensions_prop:s0 prefix int
+
+drm.64bit.enabled u:object_r:mediadrm_config_prop:s0 exact bool
+media.mediadrmservice.enable u:object_r:mediadrm_config_prop:s0 exact bool
+
+drm.service.enabled u:object_r:drm_service_config_prop:s0 exact bool
+
+dumpstate.dry_run u:object_r:exported_dumpstate_prop:s0 exact bool
+dumpstate.unroot u:object_r:exported_dumpstate_prop:s0 exact bool
+
+hal.instrumentation.enable u:object_r:exported2_default_prop:s0 exact bool
+
+# default contexts only accessible by coredomain
+init.svc. u:object_r:init_service_status_private_prop:s0 exact string
+
+# vendor-init-readable init service props
+init.svc.bugreport u:object_r:init_service_status_prop:s0 exact string
+init.svc.console u:object_r:init_service_status_prop:s0 exact string
+init.svc.dumpstatez u:object_r:init_service_status_prop:s0 exact string
+init.svc.mediadrm u:object_r:init_service_status_prop:s0 exact string
+init.svc.surfaceflinger u:object_r:init_service_status_prop:s0 exact string
+init.svc.tombstoned u:object_r:init_service_status_prop:s0 exact string
+init.svc.zygote u:object_r:init_service_status_prop:s0 exact string
+
+libc.debug.malloc.options u:object_r:libc_debug_prop:s0 exact string
+libc.debug.malloc.program u:object_r:libc_debug_prop:s0 exact string
+libc.debug.hooks.enable u:object_r:libc_debug_prop:s0 exact string
+
+net.redirect_socket_calls.hooked u:object_r:socket_hook_prop:s0 exact bool
+
+persist.sys.locale u:object_r:exported_system_prop:s0 exact string
+persist.sys.timezone u:object_r:exported_system_prop:s0 exact string
+persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
+
+ro.arch u:object_r:exported2_default_prop:s0 exact string
+
+ro.audio.ignore_effects u:object_r:exported2_default_prop:s0 exact bool
+
+ro.baseband u:object_r:exported2_default_prop:s0 exact string
+
+ro.boot.avb_version u:object_r:exported2_default_prop:s0 exact string
+ro.boot.baseband u:object_r:exported2_default_prop:s0 exact string
+ro.boot.bootdevice u:object_r:exported2_default_prop:s0 exact string
+ro.boot.bootloader u:object_r:exported2_default_prop:s0 exact string
+ro.boot.boottime u:object_r:exported2_default_prop:s0 exact string
+ro.boot.console u:object_r:exported2_default_prop:s0 exact string
+ro.boot.hardware u:object_r:exported2_default_prop:s0 exact string
+ro.boot.hardware.color u:object_r:exported2_default_prop:s0 exact string
+ro.boot.hardware.sku u:object_r:exported2_default_prop:s0 exact string
+ro.boot.keymaster u:object_r:exported2_default_prop:s0 exact string
+ro.boot.mode u:object_r:exported2_default_prop:s0 exact string
+ro.boot.vbmeta.avb_version u:object_r:exported2_default_prop:s0 exact string
+ro.boot.verifiedbootstate u:object_r:exported2_default_prop:s0 exact string
+ro.boot.veritymode u:object_r:exported2_default_prop:s0 exact string
+ro.boot.dynamic_partitions u:object_r:exported_default_prop:s0 exact string
+ro.boot.dynamic_partitions_retrofit u:object_r:exported_default_prop:s0 exact string
+
+ro.bootloader u:object_r:exported2_default_prop:s0 exact string
+
+ro.boottime.init.mount.data u:object_r:boottime_public_prop:s0 exact string
+ro.boottime.init.fsck.data u:object_r:boottime_public_prop:s0 exact string
+
+ro.build.date u:object_r:build_prop:s0 exact string
+ro.build.date.utc u:object_r:build_prop:s0 exact int
+ro.build.description u:object_r:build_prop:s0 exact string
+ro.build.display.id u:object_r:build_prop:s0 exact string
+ro.build.host u:object_r:build_prop:s0 exact string
+ro.build.id u:object_r:build_prop:s0 exact string
+ro.build.product u:object_r:build_prop:s0 exact string
+ro.build.system_root_image u:object_r:build_prop:s0 exact bool
+ro.build.tags u:object_r:build_prop:s0 exact string
+ro.build.type u:object_r:build_prop:s0 exact string
+ro.build.user u:object_r:build_prop:s0 exact string
+ro.build.version.base_os u:object_r:build_prop:s0 exact string
+ro.build.version.codename u:object_r:build_prop:s0 exact string
+ro.build.version.incremental u:object_r:build_prop:s0 exact string
+ro.build.version.preview_sdk u:object_r:build_prop:s0 exact int
+ro.build.version.release u:object_r:build_prop:s0 exact string
+ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string
+ro.build.version.sdk u:object_r:build_prop:s0 exact int
+ro.build.version.security_patch u:object_r:build_prop:s0 exact string
+
+ro.debuggable u:object_r:build_prop:s0 exact bool
+
+ro.product.cpu.abi u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist32 u:object_r:build_prop:s0 exact string
+ro.product.cpu.abilist64 u:object_r:build_prop:s0 exact string
+
+ro.adb.secure u:object_r:build_prop:s0 exact bool
+ro.secure u:object_r:build_prop:s0 exact int
+
+# These 5 properties are set by property_service
+ro.product.brand u:object_r:build_prop:s0 exact string
+ro.product.device u:object_r:build_prop:s0 exact string
+ro.product.manufacturer u:object_r:build_prop:s0 exact string
+ro.product.model u:object_r:build_prop:s0 exact string
+ro.product.name u:object_r:build_prop:s0 exact string
+
+# All odm build props are set by /odm/build.prop
+ro.odm.build.date u:object_r:build_odm_prop:s0 exact string
+ro.odm.build.date.utc u:object_r:build_odm_prop:s0 exact int
+ro.odm.build.fingerprint u:object_r:build_odm_prop:s0 exact string
+ro.odm.build.version.incremental u:object_r:build_odm_prop:s0 exact string
+
+ro.product.odm.brand u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.device u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.manufacturer u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.model u:object_r:build_odm_prop:s0 exact string
+ro.product.odm.name u:object_r:build_odm_prop:s0 exact string
+
+# All vendor build props are set by /vendor/build.prop
+ro.vendor.build.date u:object_r:build_vendor_prop:s0 exact string
+ro.vendor.build.date.utc u:object_r:build_vendor_prop:s0 exact int
+ro.vendor.build.fingerprint u:object_r:build_vendor_prop:s0 exact string
+ro.vendor.build.version.incremental u:object_r:build_vendor_prop:s0 exact string
+
+ro.product.board u:object_r:build_vendor_prop:s0 exact string
+ro.product.first_api_level u:object_r:build_vendor_prop:s0 exact int
+ro.product.vendor.brand u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.device u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.manufacturer u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.model u:object_r:build_vendor_prop:s0 exact string
+ro.product.vendor.name u:object_r:build_vendor_prop:s0 exact string
+
+ro.crypto.state u:object_r:vold_status_prop:s0 exact enum encrypted unencrypted unsupported
+ro.crypto.type u:object_r:vold_status_prop:s0 exact enum block file none
+
+ro.hardware u:object_r:exported2_default_prop:s0 exact string
+
+ro.property_service.version u:object_r:exported2_default_prop:s0 exact int
+
+ro.revision u:object_r:exported2_default_prop:s0 exact string
+
+ro.vendor.redirect_socket_calls u:object_r:vendor_socket_hook_prop:s0 exact bool
+
+service.bootanim.exit u:object_r:exported_system_prop:s0 exact int
+
+sys.boot_from_charger_mode u:object_r:exported_system_prop:s0 exact int
+sys.init.userspace_reboot.in_progress u:object_r:userspace_reboot_exported_prop:s0 exact bool
+sys.use_memfd u:object_r:use_memfd_prop:s0 exact bool
+
+vold.decrypt u:object_r:vold_status_prop:s0 exact string
+
+aaudio.hw_burst_min_usec u:object_r:exported_default_prop:s0 exact int
+aaudio.minimum_sleep_usec u:object_r:exported_default_prop:s0 exact int
+aaudio.mixer_bursts u:object_r:exported_default_prop:s0 exact int
+aaudio.mmap_exclusive_policy u:object_r:exported_default_prop:s0 exact int
+aaudio.mmap_policy u:object_r:exported_default_prop:s0 exact int
+aaudio.wakeup_delay_usec u:object_r:exported_default_prop:s0 exact int
+
+persist.rcs.supported u:object_r:exported_default_prop:s0 exact int
+
+ro.bionic.2nd_arch u:object_r:cpu_variant_prop:s0 exact string
+ro.bionic.2nd_cpu_variant u:object_r:cpu_variant_prop:s0 exact string
+ro.bionic.arch u:object_r:cpu_variant_prop:s0 exact string
+ro.bionic.cpu_variant u:object_r:cpu_variant_prop:s0 exact string
+
+ro.board.platform u:object_r:exported_default_prop:s0 exact string
+
+ro.boot.fake_battery u:object_r:exported_default_prop:s0 exact int
+ro.boot.fstab_suffix u:object_r:exported_default_prop:s0 exact string
+ro.boot.hardware.revision u:object_r:exported_default_prop:s0 exact string
+ro.boot.product.hardware.sku u:object_r:exported_default_prop:s0 exact string
+ro.boot.product.vendor.sku u:object_r:exported_default_prop:s0 exact string
+ro.boot.slot_suffix u:object_r:exported_default_prop:s0 exact string
+
+ro.boringcrypto.hwrand u:object_r:exported_default_prop:s0 exact bool
+
+ro.build.ab_update u:object_r:exported_default_prop:s0 exact string
+ro.build.expect.baseband u:object_r:exported_default_prop:s0 exact string
+ro.build.expect.bootloader u:object_r:exported_default_prop:s0 exact string
+
+ro.carrier u:object_r:exported_default_prop:s0 exact string
+
+ro.config.low_ram u:object_r:exported_config_prop:s0 exact bool
+ro.config.vc_call_vol_steps u:object_r:exported_config_prop:s0 exact int
+
+ro.frp.pst u:object_r:exported_default_prop:s0 exact string
+
+ro.hardware.activity_recognition u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio.a2dp u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio.hearing_aid u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio.primary u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio.usb u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio_policy u:object_r:exported_default_prop:s0 exact string
+ro.hardware.bootctrl u:object_r:exported_default_prop:s0 exact string
+ro.hardware.camera u:object_r:exported_default_prop:s0 exact string
+ro.hardware.consumerir u:object_r:exported_default_prop:s0 exact string
+ro.hardware.context_hub u:object_r:exported_default_prop:s0 exact string
+ro.hardware.egl u:object_r:exported_default_prop:s0 exact string
+ro.hardware.fingerprint u:object_r:exported_default_prop:s0 exact string
+ro.hardware.flp u:object_r:exported_default_prop:s0 exact string
+ro.hardware.gatekeeper u:object_r:exported_default_prop:s0 exact string
+ro.hardware.gps u:object_r:exported_default_prop:s0 exact string
+ro.hardware.gralloc u:object_r:exported_default_prop:s0 exact string
+ro.hardware.hdmi_cec u:object_r:exported_default_prop:s0 exact string
+ro.hardware.hwcomposer u:object_r:exported_default_prop:s0 exact string
+ro.hardware.input u:object_r:exported_default_prop:s0 exact string
+ro.hardware.keystore u:object_r:exported_default_prop:s0 exact string
+ro.hardware.keystore_desede u:object_r:exported_default_prop:s0 exact string
+ro.hardware.lights u:object_r:exported_default_prop:s0 exact string
+ro.hardware.local_time u:object_r:exported_default_prop:s0 exact string
+ro.hardware.memtrack u:object_r:exported_default_prop:s0 exact string
+ro.hardware.nfc u:object_r:exported_default_prop:s0 exact string
+ro.hardware.nfc_nci u:object_r:exported_default_prop:s0 exact string
+ro.hardware.nfc_tag u:object_r:exported_default_prop:s0 exact string
+ro.hardware.nvram u:object_r:exported_default_prop:s0 exact string
+ro.hardware.power u:object_r:exported_default_prop:s0 exact string
+ro.hardware.radio u:object_r:exported_default_prop:s0 exact string
+ro.hardware.sensors u:object_r:exported_default_prop:s0 exact string
+ro.hardware.sound_trigger u:object_r:exported_default_prop:s0 exact string
+ro.hardware.thermal u:object_r:exported_default_prop:s0 exact string
+ro.hardware.tv_input u:object_r:exported_default_prop:s0 exact string
+ro.hardware.type u:object_r:exported_default_prop:s0 exact string
+ro.hardware.vehicle u:object_r:exported_default_prop:s0 exact string
+ro.hardware.vibrator u:object_r:exported_default_prop:s0 exact string
+ro.hardware.virtual_device u:object_r:exported_default_prop:s0 exact string
+ro.hardware.vulkan u:object_r:exported_default_prop:s0 exact string
+
+ro.hwui.use_vulkan u:object_r:exported_default_prop:s0 exact bool
+
+ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool
+ro.kernel.qemu. u:object_r:exported_default_prop:s0
+ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
+ro.kernel.ebpf.supported u:object_r:exported_default_prop:s0 exact bool
+
+ro.oem.key1 u:object_r:exported_default_prop:s0 exact string
+
+ro.product.vndk.version u:object_r:vndk_prop:s0 exact string
+
+ro.vndk.lite u:object_r:vndk_prop:s0 exact bool
+ro.vndk.version u:object_r:vndk_prop:s0 exact string
+
+ro.vts.coverage u:object_r:exported_default_prop:s0 exact int
+
+wifi.active.interface u:object_r:exported_wifi_prop:s0 exact string
+wifi.aware.interface u:object_r:exported_wifi_prop:s0 exact string
+wifi.concurrent.interface u:object_r:exported_default_prop:s0 exact string
+wifi.direct.interface u:object_r:exported_default_prop:s0 exact string
+wifi.interface u:object_r:exported_default_prop:s0 exact string
+
+ro.apex.updatable u:object_r:exported_default_prop:s0 exact bool
+
# Property to enable incremental feature
ro.incremental.enable u:object_r:incremental_prop:s0
@@ -264,5 +767,95 @@
init.userspace_reboot.userdata_remount.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
init.userspace_reboot.watchdog.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
+ro.boot.revision u:object_r:exported2_default_prop:s0 exact string
+
+ro.bootmode u:object_r:exported2_default_prop:s0 exact string
+
+sys.shutdown.requested u:object_r:exported_system_prop:s0 exact string
+
+# surfaceflinger properties
+ro.surface_flinger.default_composition_dataspace u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.default_composition_pixel_format u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.force_hwc_copy_for_virtual_displays u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.has_HDR_display u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.has_wide_color_display u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.max_frame_buffer_acquired_buffers u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.max_graphics_height u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.max_graphics_width u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.max_virtual_display_dimension u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.primary_display_orientation u:object_r:surfaceflinger_prop:s0 exact enum ORIENTATION_0 ORIENTATION_180 ORIENTATION_270 ORIENTATION_90
+ro.surface_flinger.present_time_offset_from_vsync_ns u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.running_without_sync_framework u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.start_graphics_allocator_service u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.use_color_management u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.use_context_priority u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.use_vr_flinger u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.vsync_event_phase_offset_ns u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.vsync_sf_event_phase_offset_ns u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.wcg_composition_dataspace u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.wcg_composition_pixel_format u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.display_primary_red u:object_r:surfaceflinger_prop:s0 exact string
+ro.surface_flinger.display_primary_green u:object_r:surfaceflinger_prop:s0 exact string
+ro.surface_flinger.display_primary_blue u:object_r:surfaceflinger_prop:s0 exact string
+ro.surface_flinger.display_primary_white u:object_r:surfaceflinger_prop:s0 exact string
+ro.surface_flinger.protected_contents u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.set_idle_timer_ms u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.set_touch_timer_ms u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.set_display_power_timer_ms u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.support_kernel_idle_timer u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.use_smart_90_for_video u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.use_content_detection_for_refresh_rate u:object_r:surfaceflinger_prop:s0 exact bool
+ro.surface_flinger.color_space_agnostic_dataspace u:object_r:surfaceflinger_prop:s0 exact int
+ro.surface_flinger.refresh_rate_switching u:object_r:surfaceflinger_prop:s0 exact bool
+
+ro.sf.disable_triple_buffer u:object_r:surfaceflinger_prop:s0 exact bool
+ro.sf.lcd_density u:object_r:surfaceflinger_prop:s0 exact int
+
+persist.sys.sf.color_mode u:object_r:surfaceflinger_color_prop:s0 exact int
+persist.sys.sf.color_saturation u:object_r:surfaceflinger_color_prop:s0 exact string
+persist.sys.sf.native_mode u:object_r:surfaceflinger_color_prop:s0 exact int
+
+# Binder cache properties. These are world-readable
+cache_key.app_inactive u:object_r:binder_cache_system_server_prop:s0
+cache_key.is_compat_change_enabled u:object_r:binder_cache_system_server_prop:s0
+cache_key.get_packages_for_uid u:object_r:binder_cache_system_server_prop:s0
+cache_key.has_system_feature u:object_r:binder_cache_system_server_prop:s0
+cache_key.is_interactive u:object_r:binder_cache_system_server_prop:s0
+cache_key.is_power_save_mode u:object_r:binder_cache_system_server_prop:s0
+cache_key.is_user_unlocked u:object_r:binder_cache_system_server_prop:s0
+cache_key.volume_list u:object_r:binder_cache_system_server_prop:s0
+cache_key.display_info u:object_r:binder_cache_system_server_prop:s0
+cache_key.location_enabled u:object_r:binder_cache_system_server_prop:s0
+cache_key.package_info u:object_r:binder_cache_system_server_prop:s0
+
+cache_key.bluetooth. u:object_r:binder_cache_bluetooth_server_prop:s0 prefix string
+cache_key.system_server. u:object_r:binder_cache_system_server_prop:s0 prefix string
+cache_key.telephony. u:object_r:binder_cache_telephony_server_prop:s0 prefix string
+
+gsm.sim.operator.numeric u:object_r:telephony_status_prop:s0 exact string
+persist.radio.airplane_mode_on u:object_r:telephony_status_prop:s0 exact bool
+
+ro.com.android.dataroaming u:object_r:telephony_config_prop:s0 exact bool
+ro.com.android.prov_mobiledata u:object_r:telephony_config_prop:s0 exact bool
+ro.radio.noril u:object_r:telephony_config_prop:s0 exact string
+ro.telephony.call_ring.multiple u:object_r:telephony_config_prop:s0 exact bool
+ro.telephony.default_cdma_sub u:object_r:telephony_config_prop:s0 exact int
+ro.telephony.default_network u:object_r:telephony_config_prop:s0 exact string
+ro.telephony.iwlan_operation_mode u:object_r:telephony_config_prop:s0 exact enum default legacy AP-assisted
+telephony.active_modems.max_count u:object_r:telephony_config_prop:s0 exact int
+telephony.lteOnCdmaDevice u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.volte_avail_ovr u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.vt_avail_ovr u:object_r:telephony_config_prop:s0 exact int
+persist.dbg.wfc_avail_ovr u:object_r:telephony_config_prop:s0 exact int
+
+# Graphics related properties
+ro.gfx.driver.0 u:object_r:graphics_config_prop:s0 exact string
+ro.gfx.driver.1 u:object_r:graphics_config_prop:s0 exact string
+ro.gfx.angle.supported u:object_r:graphics_config_prop:s0 exact bool
+
+graphics.gpu.profiler.support u:object_r:graphics_config_prop:s0 exact bool
+graphics.gpu.profiler.vulkan_layer_apk u:object_r:graphics_config_prop:s0 exact string
+
# surfaceflinger-settable
graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool
+
diff --git a/private/radio.te b/private/radio.te
index 00a5cda..fad6174 100644
--- a/private/radio.te
+++ b/private/radio.te
@@ -4,6 +4,15 @@
read_runtime_log_tags(radio)
+# Property service
+set_prop(radio, radio_prop)
+set_prop(radio, exported3_radio_prop)
+set_prop(radio, net_radio_prop)
+set_prop(radio, telephony_status_prop)
+
+# ctl interface
+set_prop(radio, ctl_rildaemon_prop)
+
# Telephony code contains time / time zone detection logic so it reads the associated properties.
get_prop(radio, time_prop)
@@ -16,10 +25,11 @@
allow radio emergency_data_file:dir r_dir_perms;
allow radio emergency_data_file:file r_file_perms;
-# allow sending pulled atoms to statsd
-binder_call(radio, statsd)
-
# allow telephony to access related cache properties
set_prop(radio, binder_cache_telephony_server_prop);
neverallow { domain -radio -init }
binder_cache_telephony_server_prop:property_service set;
+
+# allow sending pulled atoms to statsd
+binder_call(radio, statsd)
+
diff --git a/private/recovery.te b/private/recovery.te
index 2a7fdc7..207dfb6 100644
--- a/private/recovery.te
+++ b/private/recovery.te
@@ -1 +1,38 @@
typeattribute recovery coredomain;
+
+# The allow rules are only included in the recovery policy.
+# Otherwise recovery is only allowed the domain rules.
+recovery_only(`
+ # Reboot the device
+ set_prop(recovery, powerctl_prop)
+
+ # Read serial number of the device from system properties
+ get_prop(recovery, serialno_prop)
+
+ # Set sys.usb.ffs.ready when starting minadbd for sideload.
+ get_prop(recovery, ffs_config_prop)
+ set_prop(recovery, ffs_control_prop)
+
+ # Set sys.usb.config when switching into fastboot.
+ set_prop(recovery, usb_control_prop)
+ set_prop(recovery, usb_prop)
+
+ # Read ro.boot.bootreason
+ get_prop(recovery, bootloader_boot_reason_prop)
+
+ # Read storage properties (for correctly formatting filesystems)
+ get_prop(recovery, storage_config_prop)
+
+ set_prop(recovery, gsid_prop)
+
+ # These are needed to allow recovery to manage network
+ allow recovery self:netlink_route_socket { create write read nlmsg_readpriv nlmsg_read };
+ allow recovery self:global_capability_class_set net_admin;
+ allow recovery self:tcp_socket { create ioctl };
+ allowxperm recovery self:tcp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS };
+
+ # Set fastbootd protocol property
+ set_prop(recovery, fastbootd_protocol_prop)
+
+ get_prop(recovery, recovery_config_prop)
+')
diff --git a/private/seapp_contexts b/private/seapp_contexts
index a8c61be..4b23e89 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -153,12 +153,13 @@
user=webview_zygote seinfo=webview_zygote domain=webview_zygote
user=_isolated domain=isolated_app levelFrom=user
user=_app seinfo=app_zygote domain=app_zygote levelFrom=user
-user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user
+user=_app seinfo=media domain=mediaprovider type=app_data_file levelFrom=user
user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
user=_app isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all
+user=_app minTargetSdkVersion=31 isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user
user=_app isPrivApp=true name=com.google.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
-user=_app isPrivApp=true name=com.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all
+user=_app seinfo=media isPrivApp=true name=com.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.google.android.providers.media.module domain=mediaprovider_app type=privapp_data_file levelFrom=all
user=_app seinfo=platform isPrivApp=true name=com.android.permissioncontroller domain=permissioncontroller_app type=privapp_data_file levelFrom=all
user=_app isPrivApp=true name=com.android.vzwomatrigger domain=vzwomatrigger_app type=privapp_data_file levelFrom=all
diff --git a/private/shell.te b/private/shell.te
index 43e4dd5..2a2af0f 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -1,3 +1,4 @@
+
typeattribute shell coredomain;
# allow shell input injection
@@ -91,5 +92,54 @@
allow shell self:perf_event { open read write kernel };
neverallow shell self:perf_event ~{ open read write kernel };
+# Set properties.
+set_prop(shell, shell_prop)
+set_prop(shell, ctl_bugreport_prop)
+set_prop(shell, ctl_dumpstate_prop)
+set_prop(shell, dumpstate_prop)
+set_prop(shell, exported_dumpstate_prop)
+set_prop(shell, debug_prop)
+set_prop(shell, powerctl_prop)
+set_prop(shell, log_tag_prop)
+set_prop(shell, wifi_log_prop)
+# Allow shell to start/stop traced via the persist.traced.enable
+# property (which also takes care of /data/misc initialization).
+set_prop(shell, traced_enabled_prop)
+# adjust is_loggable properties
+userdebug_or_eng(`set_prop(shell, log_prop)')
+# logpersist script
+userdebug_or_eng(`set_prop(shell, logpersistd_logging_prop)')
+# Allow shell to start/stop heapprofd via the persist.heapprofd.enable
+# property.
+set_prop(shell, heapprofd_enabled_prop)
+# Allow shell to start/stop traced_perf via the persist.traced_perf.enable
+# property.
+set_prop(shell, traced_perf_enabled_prop)
+# Allow shell to start/stop gsid via ctl.start|stop|restart gsid.
+set_prop(shell, ctl_gsid_prop)
+# Allow shell to enable Dynamic System Update
+set_prop(shell, dynamic_system_prop)
+# Allow shell to mock an OTA using persist.pm.mock-upgrade
+set_prop(shell, mock_ota_prop)
+
+# Read device's serial number from system properties
+get_prop(shell, serialno_prop)
+
+# Allow shell to read the vendor security patch level for CTS
+get_prop(shell, vendor_security_patch_level_prop)
+
+# Read state of logging-related properties
+get_prop(shell, device_logging_prop)
+
+# Read state of boot reason properties
+get_prop(shell, bootloader_boot_reason_prop)
+get_prop(shell, last_boot_reason_prop)
+get_prop(shell, system_boot_reason_prop)
+
+# Allow reading the outcome of perf_event_open LSM support test for CTS.
+get_prop(shell, init_perf_lsm_hooks_prop)
+
+userdebug_or_eng(`set_prop(shell, persist_debug_prop)')
+
# Allow to read graphics related properties.
-get_prop(shell, graphics_config_prop)
\ No newline at end of file
+get_prop(shell, graphics_config_prop)
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 2e9ce19..37601b9 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -54,7 +54,6 @@
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, exported_system_prop)
-set_prop(surfaceflinger, exported2_system_prop)
set_prop(surfaceflinger, exported3_system_prop)
set_prop(surfaceflinger, ctl_bootanim_prop)
set_prop(surfaceflinger, surfaceflinger_display_prop)
diff --git a/private/system_app.te b/private/system_app.te
index 0b77bb3..e160ff4 100644
--- a/private/system_app.te
+++ b/private/system_app.te
@@ -48,13 +48,13 @@
set_prop(system_app, exported3_system_prop)
set_prop(system_app, logd_prop)
set_prop(system_app, net_radio_prop)
-set_prop(system_app, system_radio_prop)
-set_prop(system_app, exported_system_radio_prop)
+set_prop(system_app, usb_control_prop)
+set_prop(system_app, usb_prop)
set_prop(system_app, log_tag_prop)
userdebug_or_eng(`set_prop(system_app, logpersistd_logging_prop)')
auditallow system_app net_radio_prop:property_service set;
-auditallow system_app system_radio_prop:property_service set;
-auditallow system_app exported_system_radio_prop:property_service set;
+auditallow system_app usb_control_prop:property_service set;
+auditallow system_app usb_prop:property_service set;
# Allow Settings to enable Dynamic System Update
set_prop(system_app, dynamic_system_prop)
@@ -84,9 +84,6 @@
# Allow system apps to interact with incidentd
binder_call(system_app, incidentd)
-# Allow system apps to interact with gpuservice
-binder_call(system_app, gpuservice)
-
# Allow system app to interact with Dumpstate HAL
hal_client_domain(system_app, hal_dumpstate)
diff --git a/private/system_server.te b/private/system_server.te
index 66c46ed..c2b4234 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -606,12 +606,11 @@
set_prop(system_server, dhcp_prop)
set_prop(system_server, net_radio_prop)
set_prop(system_server, net_dns_prop)
-set_prop(system_server, system_radio_prop)
-set_prop(system_server, exported_system_radio_prop)
+set_prop(system_server, usb_control_prop)
+set_prop(system_server, usb_prop)
set_prop(system_server, debug_prop)
set_prop(system_server, powerctl_prop)
set_prop(system_server, fingerprint_prop)
-set_prop(system_server, exported_fingerprint_prop)
set_prop(system_server, device_logging_prop)
set_prop(system_server, dumpstate_options_prop)
set_prop(system_server, overlay_prop)
@@ -620,6 +619,10 @@
set_prop(system_server, exported_pm_prop)
set_prop(system_server, socket_hook_prop)
set_prop(system_server, audio_prop)
+set_prop(system_server, boot_status_prop)
+set_prop(system_server, surfaceflinger_color_prop)
+set_prop(system_server, provisioned_prop)
+set_prop(system_server, retaildemo_prop)
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
# ctl interface
@@ -656,9 +659,9 @@
# Read/write the property which keeps track of whether this is the first start of system_server
set_prop(system_server, firstboot_prop)
-# Audio service in system server can read exported audio properties,
+# Audio service in system server can read audio config properties,
# such as camera shutter enforcement
-get_prop(system_server, exported_audio_prop)
+get_prop(system_server, audio_config_prop)
# system server reads this property to keep track of whether server configurable flags have been
# reset during current boot.
@@ -682,6 +685,18 @@
# Read the vendor property that indicates if Incremental features is enabled
get_prop(system_server, incremental_prop)
+# Read ro.zram. properties
+get_prop(system_server, zram_config_prop)
+
+# Read/write persist.sys.zram_enabled
+set_prop(system_server, zram_control_prop)
+
+# Read/write persist.sys.dalvik.vm.lib.2
+set_prop(system_server, dalvik_runtime_prop)
+
+# Read ro.control_privapp_permissions and ro.cp_system_other_odex
+get_prop(system_server, packagemanager_config_prop)
+
# Create a socket for connections from debuggerd.
allow system_server system_ndebug_socket:sock_file create_file_perms;
@@ -868,6 +883,9 @@
# Set persist.adb.tls_server.enable property
set_prop(system_server, system_adbd_prop)
+# Read ro.gfx.* properties
+get_prop(system_server, graphics_config_prop)
+
# Allow invoking tools like "timeout"
allow system_server toolbox_exec:file rx_file_perms;
@@ -1083,6 +1101,9 @@
# Allow system server to scan /apex for flattened APEXes
allow system_server apex_mnt_dir:dir r_dir_perms;
+# Allow system server to read /apex/apex-info-list.xml
+allow system_server apex_info_file:file r_file_perms;
+
# Allow system server to communicate to system-suspend's control interface
allow system_server system_suspend_control_service:service_manager find;
binder_call(system_server, system_suspend)
@@ -1170,3 +1191,5 @@
# Do not allow any domain other than init or system server to set the property
neverallow { domain -init -system_server } socket_hook_prop:property_service set;
+
+neverallow { domain -init -system_server } boot_status_prop:property_service set;
diff --git a/private/traceur_app.te b/private/traceur_app.te
index 94841df..b7e58ba 100644
--- a/private/traceur_app.te
+++ b/private/traceur_app.te
@@ -20,3 +20,8 @@
unix_socket_connect(traceur_app, traced_consumer, traced)
dontaudit traceur_app debugfs_tracing_debug:file audit_access;
+
+# Allow Traceur to enable traced if necessary.
+set_prop(traceur_app, traced_enabled_prop)
+
+set_prop(traceur_app, debug_prop)
diff --git a/private/ueventd.te b/private/ueventd.te
index 1bd6773..8bcdbf9 100644
--- a/private/ueventd.te
+++ b/private/ueventd.te
@@ -1,3 +1,7 @@
typeattribute ueventd coredomain;
tmpfs_domain(ueventd)
+
+# ueventd can set properties, particularly it sets ro.cold_boot_done to signal
+# to init that cold boot has completed.
+set_prop(ueventd, cold_boot_done_prop)
diff --git a/private/uncrypt.te b/private/uncrypt.te
index e4e9224..1a94cd1 100644
--- a/private/uncrypt.te
+++ b/private/uncrypt.te
@@ -1,3 +1,6 @@
typeattribute uncrypt coredomain;
init_daemon_domain(uncrypt)
+
+# Set a property to reboot the device.
+set_prop(uncrypt, powerctl_prop)
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index d9fd5a1..4acc0e8 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -98,10 +98,6 @@
allow untrusted_app_all radio_service:service_manager find;
allow untrusted_app_all app_api_service:service_manager find;
allow untrusted_app_all vr_manager_service:service_manager find;
-allow untrusted_app_all gpu_service:service_manager find;
-
-# Allow untrusted apps to interact with gpuservice
-binder_call(untrusted_app_all, gpuservice)
# gdbserver for ndk-gdb ptrace attaches to app process.
allow untrusted_app_all self:process ptrace;
diff --git a/private/update_engine.te b/private/update_engine.te
index e4e7009..539399e 100644
--- a/private/update_engine.te
+++ b/private/update_engine.te
@@ -5,3 +5,12 @@
# Allow to talk to gsid.
allow update_engine gsi_service:service_manager find;
binder_call(update_engine, gsid)
+
+# Allow to start gsid service.
+set_prop(update_engine, ctl_gsid_prop)
+
+# Allow to set the OTA related properties, e.g. ota.warm_reset.
+set_prop(update_engine, ota_prop)
+
+# Allow to get the DSU status
+get_prop(update_engine, gsid_prop)
diff --git a/private/update_verifier.te b/private/update_verifier.te
index 1b934d9..5e1b27b 100644
--- a/private/update_verifier.te
+++ b/private/update_verifier.te
@@ -1,3 +1,9 @@
typeattribute update_verifier coredomain;
init_daemon_domain(update_verifier)
+
+# Allow update_verifier to reboot the device.
+set_prop(update_verifier, powerctl_prop)
+
+# Allow to set the OTA related properties e.g. ota.warm_reset.
+set_prop(update_verifier, ota_prop)
diff --git a/private/usbd.te b/private/usbd.te
index 13a0ad7..42f2324 100644
--- a/private/usbd.te
+++ b/private/usbd.te
@@ -10,3 +10,6 @@
# start adbd during boot if adb is enabled
set_prop(usbd, ctl_default_prop)
+
+# Start/stop adbd via ctl.start adbd
+set_prop(usbd, ctl_adbd_prop)
diff --git a/private/vold.te b/private/vold.te
index dea24a5..580dabd 100644
--- a/private/vold.te
+++ b/private/vold.te
@@ -17,3 +17,17 @@
# from accidentally writing when the mount point isn't present.
type_transition vold storage_file:dir storage_stub_file;
type_transition vold mnt_media_rw_file:dir mnt_media_rw_stub_file;
+
+# Property Service
+get_prop(vold, vold_config_prop)
+get_prop(vold, storage_config_prop);
+get_prop(vold, incremental_prop);
+
+set_prop(vold, vold_prop)
+set_prop(vold, vold_status_prop)
+set_prop(vold, powerctl_prop)
+set_prop(vold, ctl_fuse_prop)
+set_prop(vold, restorecon_prop)
+set_prop(vold, ota_prop)
+set_prop(vold, boottime_prop)
+set_prop(vold, boottime_public_prop)
diff --git a/private/wificond.te b/private/wificond.te
index 5476e33..1912256 100644
--- a/private/wificond.te
+++ b/private/wificond.te
@@ -1,3 +1,9 @@
typeattribute wificond coredomain;
+set_prop(wificond, exported_wifi_prop)
+set_prop(wificond, wifi_prop)
+set_prop(wificond, ctl_default_prop)
+
+get_prop(wificond, hwservicemanager_prop)
+
init_daemon_domain(wificond)
diff --git a/private/zygote.te b/private/zygote.te
index 5f08f8d..07154b0 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -200,6 +200,12 @@
# Allow zygote to access media_variant_prop for static initialization
get_prop(zygote, media_variant_prop)
+# Allow zygote to read ro.control_privapp_permissions and ro.cp_system_other_odex
+get_prop(zygote, packagemanager_config_prop)
+
+# Allow zygote to read /apex/apex-info-list.xml
+allow zygote apex_info_file:file r_file_perms;
+
###
### neverallow rules
###
diff --git a/public/adbd.te b/public/adbd.te
index 4a1f633..68a176c 100644
--- a/public/adbd.te
+++ b/public/adbd.te
@@ -6,6 +6,3 @@
# Only init is allowed to enter the adbd domain via exec()
neverallow { domain -init } adbd:process transition;
neverallow * adbd:process dyntransition;
-
-# Allow adbd start/stop mdnsd via ctl.start
-set_prop(adbd, ctl_mdnsd_prop)
diff --git a/public/apexd.te b/public/apexd.te
index 93c257f..429791f 100644
--- a/public/apexd.te
+++ b/public/apexd.te
@@ -4,12 +4,8 @@
binder_use(apexd)
add_service(apexd, apex_service)
-set_prop(apexd, apexd_prop)
neverallow { domain -init -apexd -system_server } apex_service:service_manager find;
neverallow { domain -init -apexd -system_server -servicemanager } apexd:binder call;
neverallow { domain userdebug_or_eng(`-crash_dump') } apexd:process ptrace;
-
-# only apexd can set apexd sysprop
-neverallow { domain -apexd -init } apexd_prop:property_service set;
diff --git a/public/app.te b/public/app.te
index e5b9fd6..433bb7d 100644
--- a/public/app.te
+++ b/public/app.te
@@ -219,6 +219,8 @@
binder_call(appdomain, appdomain)
# Perform binder IPC to ephemeral apps.
binder_call(appdomain, ephemeral_app)
+# Perform binder IPC to gpuservice.
+binder_call({ appdomain -isolated_app }, gpuservice)
# Talk with graphics composer fences
allow appdomain hal_graphics_composer:fd use;
diff --git a/public/asan_extract.te b/public/asan_extract.te
index 15c5a09..d8a1b73 100644
--- a/public/asan_extract.te
+++ b/public/asan_extract.te
@@ -5,7 +5,7 @@
with_asan(`
type asan_extract, domain, coredomain;
- type asan_extract_exec, exec_type, file_type;
+ type asan_extract_exec, exec_type, file_type, system_file_type;
# Allow asan_extract to execute itself using #!/system/bin/sh
allow asan_extract shell_exec:file rx_file_perms;
@@ -30,7 +30,4 @@
# Restorecon will actually already try to run with sanitized libraries (libpackagelistparser).
allow asan_extract system_data_file:file execute;
-
- # We need to signal a reboot when done.
- set_prop(asan_extract, powerctl_prop)
')
diff --git a/public/bootanim.te b/public/bootanim.te
index bd2bec6..acef6da 100644
--- a/public/bootanim.te
+++ b/public/bootanim.te
@@ -37,7 +37,3 @@
# System file accesses.
allow bootanim system_file:dir r_dir_perms;
-
-# Read ro.boot.bootreason b/30654343
-get_prop(bootanim, bootloader_boot_reason_prop)
-
diff --git a/public/bootstat.te b/public/bootstat.te
index e91f2a5..5079c28 100644
--- a/public/bootstat.te
+++ b/public/bootstat.te
@@ -8,13 +8,6 @@
allow bootstat bootstat_data_file:dir rw_dir_perms;
allow bootstat bootstat_data_file:file create_file_perms;
-# Collect metrics on boot time created by init
-get_prop(bootstat, boottime_prop)
-
-# Read/Write [persist.]sys.boot.reason and ro.boot.bootreason (write if empty)
-set_prop(bootstat, bootloader_boot_reason_prop)
-set_prop(bootstat, system_boot_reason_prop)
-set_prop(bootstat, last_boot_reason_prop)
allow bootstat metadata_file:dir search;
allow bootstat metadata_bootstat_file:dir rw_dir_perms;
allow bootstat metadata_bootstat_file:file create_file_perms;
@@ -32,31 +25,6 @@
# Allow bootstat write to statsd.
unix_socket_send(bootstat, statsdw, statsd)
-# ToDo: end
-
-neverallow {
- domain
- -bootanim
- -bootstat
- -dumpstate
- userdebug_or_eng(`-incidentd')
- -init
- -recovery
- -shell
- -system_server
-} { bootloader_boot_reason_prop last_boot_reason_prop }:file r_file_perms;
-# ... and refine, as these components should not set the last boot reason
-neverallow { bootanim recovery } last_boot_reason_prop:file r_file_perms;
-
-neverallow {
- domain
- -bootstat
- -init
- -system_server
-} { bootloader_boot_reason_prop last_boot_reason_prop }:property_service set;
-# ... and refine ... for a ro propertly no less ... keep this _tight_
-neverallow system_server bootloader_boot_reason_prop:property_service set;
-
neverallow {
domain
-bootstat
diff --git a/public/charger.te b/public/charger.te
index 4b341ea..f57853a 100644
--- a/public/charger.te
+++ b/public/charger.te
@@ -36,13 +36,4 @@
allow charger tty_device:chr_file rw_file_perms;
allow charger proc_sysrq:file rw_file_perms;
-# charger needs to tell init to continue the boot
-# process when running in charger mode.
-set_prop(charger, system_prop)
-set_prop(charger, exported_system_prop)
-set_prop(charger, exported2_system_prop)
-set_prop(charger, exported3_system_prop)
-
-get_prop(charger, charger_prop)
-
hal_client_domain(charger, hal_health)
diff --git a/public/device.te b/public/device.te
index 32563d6..43d6322 100644
--- a/public/device.te
+++ b/public/device.te
@@ -52,6 +52,7 @@
type usbaccessory_device, dev_type, mlstrustedobject;
type usb_device, dev_type, mlstrustedobject;
type usb_serial_device, dev_type;
+type gnss_device, dev_type;
type properties_device, dev_type;
type properties_serial, dev_type;
type property_info, dev_type;
diff --git a/public/dhcp.te b/public/dhcp.te
index 4f2369d..67fd038 100644
--- a/public/dhcp.te
+++ b/public/dhcp.te
@@ -17,9 +17,6 @@
# For /proc/sys/net/ipv4/conf/*/promote_secondaries
allow dhcp proc_net_type:file write;
-set_prop(dhcp, dhcp_prop)
-set_prop(dhcp, pan_result_prop)
-
allow dhcp dhcp_data_file:dir create_dir_perms;
allow dhcp dhcp_data_file:file create_file_perms;
diff --git a/public/domain.te b/public/domain.te
index 8cb4950..d4fbc62 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -94,20 +94,27 @@
allow domain property_info:file r_file_perms;
# Public readable properties
+get_prop(domain, build_odm_prop)
+get_prop(domain, build_prop)
+get_prop(domain, build_vendor_prop)
get_prop(domain, debug_prop)
get_prop(domain, exported_config_prop)
get_prop(domain, exported_default_prop)
get_prop(domain, exported_dumpstate_prop)
-get_prop(domain, exported_fingerprint_prop)
-get_prop(domain, exported_radio_prop)
get_prop(domain, exported_secure_prop)
get_prop(domain, exported_system_prop)
-get_prop(domain, exported_vold_prop)
get_prop(domain, exported2_default_prop)
+get_prop(domain, fingerprint_prop)
+get_prop(domain, init_service_status_prop)
+get_prop(domain, libc_debug_prop)
get_prop(domain, logd_prop)
+get_prop(domain, mediadrm_config_prop)
get_prop(domain, socket_hook_prop)
+get_prop(domain, surfaceflinger_prop)
+get_prop(domain, telephony_status_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
+get_prop(domain, vold_status_prop)
# Binder cache properties are world-readable
get_prop(domain, binder_cache_bluetooth_server_prop)
@@ -223,10 +230,12 @@
allow domain system_data_file:dir getattr;
')
allow { coredomain appdomain } system_data_file:dir getattr;
-# /data has the label system_data_root_file. Vendor components need the search
-# permission on system_data_root_file for path traversal to /data/vendor.
+# /data has the label system_data_root_file. Many components need search
+# permission on system_data_root_file for path traversal.
allow domain system_data_root_file:dir { search getattr } ;
-allow domain system_data_file:dir search;
+# Isolated apps have no need to traverse system_data_file dirs
+allow { domain -isolated_app } system_data_file:dir search;
+# Vendor components need access to /dara/vendor
# TODO restrict this to non-coredomain
allow domain vendor_data_file:dir { getattr search };
@@ -534,15 +543,14 @@
neverallow { domain -init -vendor_init } storage_config_prop:property_service set;
')
-# Only core domains are allowed to access package_manager properties
-neverallow { domain -init -system_server } pm_prop:property_service set;
-neverallow { domain -coredomain } pm_prop:file no_rw_file_perms;
-
compatible_property_only(`
neverallow { domain -init -system_server -vendor_init } exported_pm_prop:property_service set;
neverallow { domain -coredomain -vendor_init } exported_pm_prop:file no_rw_file_perms;
')
+neverallow { domain -init } aac_drc_prop:property_service set;
+neverallow { domain -init } build_prop:property_service set;
+
# Do not allow reading device's serial number from system properties except form
# a few whitelisted domains.
neverallow {
@@ -563,9 +571,6 @@
-vendor_init
} serialno_prop:file r_file_perms;
-# Do not allow reading the last boot timestamp from system properties
-neverallow { domain -init -system_server -dumpstate } firstboot_prop:file r_file_perms;
-
neverallow {
domain
-init
@@ -954,6 +959,23 @@
')
full_treble_only(`
+ # Do not allow coredomain to access entrypoint for files other
+ # than system_file_type and postinstall_file
+ neverallow coredomain {
+ file_type
+ -system_file_type
+ -postinstall_file
+ }:file entrypoint;
+ # Do not allow domains other than coredomain to access entrypoint
+ # for anything but vendor_file_type and init_exec for vendor_init.
+ neverallow { domain -coredomain } {
+ file_type
+ -vendor_file_type
+ -init_exec
+ }:file entrypoint;
+')
+
+full_treble_only(`
# Do not allow system components to execute files from vendor
# except for the ones whitelisted here.
neverallow {
diff --git a/public/dumpstate.te b/public/dumpstate.te
index 8d99a3c..63eb1e9 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -136,11 +136,15 @@
binder_call(dumpstate, binderservicedomain)
binder_call(dumpstate, { appdomain netd wificond })
-dump_hal(hal_identity)
dump_hal(hal_dumpstate)
dump_hal(hal_wifi)
dump_hal(hal_graphics_allocator)
dump_hal(hal_neuralnetworks)
+dump_hal(hal_thermal)
+dump_hal(hal_power)
+dump_hal(hal_power_stats)
+dump_hal(hal_identity)
+
# Vibrate the device after we are done collecting the bugreport
hal_client_domain(dumpstate, hal_vibrator)
@@ -257,13 +261,6 @@
allow dumpstate devpts:chr_file rw_file_perms;
-# Set properties.
-# dumpstate_prop is used to share state with the Shell app.
-set_prop(dumpstate, dumpstate_prop)
-set_prop(dumpstate, exported_dumpstate_prop)
-# dumpstate_options_prop is used to pass extra command-line args.
-set_prop(dumpstate, dumpstate_options_prop)
-
# Read any system properties
get_prop(dumpstate, property_type)
@@ -331,9 +328,6 @@
allow hal_rebootescrow_server dumpstate:fifo_file write;
allow hal_rebootescrow_server dumpstate:fd use;
-# Allow dumpstate to kill vendor dumpstate service by init
-set_prop(dumpstate, ctl_dumpstate_prop)
-
#Access /data/misc/snapshotctl_log
allow dumpstate snapshotctl_log_data_file:dir r_dir_perms;
allow dumpstate snapshotctl_log_data_file:file r_file_perms;
diff --git a/public/fastbootd.te b/public/fastbootd.te
index 8787817..fb3e953 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -23,22 +23,12 @@
allow fastbootd device:dir r_dir_perms;
- # Reboot the device
- set_prop(fastbootd, powerctl_prop)
-
- # Read serial number of the device from system properties
- get_prop(fastbootd, serialno_prop)
-
# For dev/block/by-name dir
allow fastbootd block_device:dir r_dir_perms;
# Needed for DM_DEV_CREATE ioctl call
allow fastbootd self:capability sys_admin;
- # Set sys.usb.ffs.ready.
- set_prop(fastbootd, ffs_prop)
- set_prop(fastbootd, exported_ffs_prop)
-
unix_socket_connect(fastbootd, recovery, recovery)
# Required for flashing
@@ -108,26 +98,12 @@
}:{ file lnk_file } unlink;
allow fastbootd tmpfs:dir rw_dir_perms;
allow fastbootd labeledfs:filesystem { mount unmount };
- get_prop(fastbootd, persistent_properties_ready_prop)
')
# Allow using libfiemap/gsid directly (no binder in recovery).
- set_prop(fastbootd, gsid_prop)
allow fastbootd gsi_metadata_file:dir search;
allow fastbootd ota_metadata_file:dir rw_dir_perms;
allow fastbootd ota_metadata_file:file create_file_perms;
-
- # Determine allocation scheme (whether B partitions needs to be
- # at the second half of super.
- get_prop(fastbootd, virtual_ab_prop)
-
- # Needed for TCP protocol
- allow fastbootd node:tcp_socket node_bind;
- allow fastbootd port:tcp_socket name_bind;
- allow fastbootd self:tcp_socket { create_socket_perms_no_ioctl listen accept };
-
- # Get fastbootd protocol property
- get_prop(fastbootd, fastbootd_protocol_prop)
')
###
diff --git a/public/file.te b/public/file.te
index e7b3050..4c5b541 100644
--- a/public/file.te
+++ b/public/file.te
@@ -131,6 +131,7 @@
type vfat, sdcard_type, fs_type, mlstrustedobject;
type exfat, sdcard_type, fs_type, mlstrustedobject;
type debugfs, fs_type, debugfs_type;
+type debugfs_kprobes, fs_type, debugfs_type;
type debugfs_mmc, fs_type, debugfs_type;
type debugfs_trace_marker, fs_type, debugfs_type, mlstrustedobject;
type debugfs_tracing, fs_type, debugfs_type, mlstrustedobject;
@@ -339,6 +340,9 @@
# Mount point used for APEX images
type apex_mnt_dir, file_type;
+# /apex/apex-info-list.xml created by apexd
+type apex_info_file, file_type;
+
# /postinstall: Mount point used by update_engine to run postinstall.
type postinstall_mnt_dir, file_type;
# Files inside the /postinstall mountpoint are all labeled as postinstall_file.
diff --git a/public/flags_health_check.te b/public/flags_health_check.te
index 6315d44..25a7768 100644
--- a/public/flags_health_check.te
+++ b/public/flags_health_check.te
@@ -2,33 +2,9 @@
type flags_health_check, domain, coredomain;
type flags_health_check_exec, system_file_type, exec_type, file_type;
-set_prop(flags_health_check, device_config_boot_count_prop)
-set_prop(flags_health_check, device_config_reset_performed_prop)
-set_prop(flags_health_check, device_config_runtime_native_boot_prop)
-set_prop(flags_health_check, device_config_runtime_native_prop)
-set_prop(flags_health_check, device_config_input_native_boot_prop)
-set_prop(flags_health_check, device_config_netd_native_prop)
-set_prop(flags_health_check, device_config_activity_manager_native_boot_prop)
-set_prop(flags_health_check, device_config_media_native_prop)
-set_prop(flags_health_check, device_config_storage_native_boot_prop)
-set_prop(flags_health_check, device_config_sys_traced_prop)
-set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
-set_prop(flags_health_check, device_config_configuration_prop)
-
allow flags_health_check server_configurable_flags_data_file:dir rw_dir_perms;
allow flags_health_check server_configurable_flags_data_file:file create_file_perms;
-# system property device_config_boot_count_prop is used for deciding when to perform server
-# configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a
-# wrong timing, trigger server configurable flag related disaster recovery, which will override
-# server configured values of all flags with default values.
-neverallow { domain -init -flags_health_check } device_config_boot_count_prop:property_service set;
-
-# system property device_config_reset_performed_prop is used for indicating whether server
-# configurable flags have been reset during booting. Mistakenly modified by unrelated components can
-# cause bad server configurable flags synced back to device.
-neverallow { domain -init -flags_health_check } device_config_reset_performed_prop:property_service set;
-
# server_configurable_flags_data_file is used for storing whether server configurable flags which
# have been reset during current booting. Mistakenly modified by unrelated components can
# cause bad server configurable flags synced back to device.
diff --git a/public/gatekeeperd.te b/public/gatekeeperd.te
index dc46d07..e1739c2 100644
--- a/public/gatekeeperd.te
+++ b/public/gatekeeperd.te
@@ -35,7 +35,4 @@
# For hardware properties retrieval
allow gatekeeperd hardware_properties_service:service_manager find;
-# For checking whether GSI is running
-get_prop(gatekeeperd, gsid_prop)
-
r_dir_file(gatekeeperd, cgroup)
diff --git a/public/hal_light.te b/public/hal_light.te
index 7054d7b..4aa824a 100644
--- a/public/hal_light.te
+++ b/public/hal_light.te
@@ -4,14 +4,14 @@
hal_attribute_hwservice(hal_light, hal_light_hwservice)
-# client finds and uses server via service_manager
-allow hal_light_client hal_light_service:service_manager find;
-binder_use(hal_light_client)
-
# server adds itself via service_manager
add_service(hal_light_server, hal_light_service)
binder_call(hal_light_server, servicemanager)
+# client finds and uses server via service_manager
+allow hal_light_client hal_light_service:service_manager find;
+binder_use(hal_light_client)
+
allow hal_light_server dumpstate:fifo_file write;
allow hal_light sysfs_leds:lnk_file read;
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index 3e4b65d..7966271 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -20,10 +20,10 @@
allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms;
# property service
+get_prop(hal_telephony_server, telephony_config_prop)
set_prop(hal_telephony_server, radio_prop)
-set_prop(hal_telephony_server, exported_radio_prop)
-set_prop(hal_telephony_server, exported2_radio_prop)
set_prop(hal_telephony_server, exported3_radio_prop)
+set_prop(hal_telephony_server, telephony_status_prop)
allow hal_telephony_server tty_device:chr_file rw_file_perms;
diff --git a/public/healthd.te b/public/healthd.te
index 7ea23e1..8673846 100644
--- a/public/healthd.te
+++ b/public/healthd.te
@@ -47,10 +47,3 @@
allow healthd tty_device:chr_file rw_file_perms;
allow healthd ashmem_device:chr_file execute;
allow healthd proc_sysrq:file rw_file_perms;
-
-# Healthd needs to tell init to continue the boot
-# process when running in charger mode.
-set_prop(healthd, system_prop)
-set_prop(healthd, exported_system_prop)
-set_prop(healthd, exported2_system_prop)
-set_prop(healthd, exported3_system_prop)
diff --git a/public/hwservicemanager.te b/public/hwservicemanager.te
index 7f03815..7ec1872 100644
--- a/public/hwservicemanager.te
+++ b/public/hwservicemanager.te
@@ -10,8 +10,6 @@
# to do this is granted in the hwbinder_use macro.
allow hwservicemanager self:binder set_context_mgr;
-set_prop(hwservicemanager, hwservicemanager_prop)
-
# Scan through /system/lib64/hw looking for installed HALs
allow hwservicemanager system_file:dir r_dir_perms;
diff --git a/public/init.te b/public/init.te
index 403b4c5..7dc522a 100644
--- a/public/init.te
+++ b/public/init.te
@@ -203,6 +203,7 @@
allow init {
file_type
+ -apex_info_file
-app_data_file
-exec_type
-gsi_data_file
@@ -375,6 +376,7 @@
proc_cmdline
proc_kmsg
proc_net
+ proc_pagetypeinfo
proc_qtaguid_stat
proc_slabinfo
proc_sysrq
diff --git a/public/kernel.te b/public/kernel.te
index 42fe2c4..35018e9 100644
--- a/public/kernel.te
+++ b/public/kernel.te
@@ -65,10 +65,10 @@
allow kernel { app_data_file privapp_data_file }:file read;
allow kernel asec_image_file:file read;
-# Allow reading loop device in update_engine_unittests. (b/28319454)
+# Allow mounting loop device in update_engine_unittests. (b/28319454)
# and for LTP kernel tests (b/73220071)
userdebug_or_eng(`
- allow kernel update_engine_data_file:file read;
+ allow kernel update_engine_data_file:file { read write };
allow kernel nativetest_data_file:file { read write };
')
diff --git a/public/lmkd.te b/public/lmkd.te
index 67e93e1..c9f2e64 100644
--- a/public/lmkd.te
+++ b/public/lmkd.te
@@ -36,9 +36,6 @@
allow lmkd proc_zoneinfo:file r_file_perms;
allow lmkd proc_vmstat:file r_file_perms;
-# Set sys.lmk.* properties.
-set_prop(lmkd, system_lmk_prop)
-
# live lock watchdog process allowed to look through /proc/
allow lmkd domain:dir { search open read };
allow lmkd domain:file { open read };
diff --git a/public/logd.te b/public/logd.te
index 57e29d9..f8dd164 100644
--- a/public/logd.te
+++ b/public/logd.te
@@ -23,9 +23,6 @@
')
allow logd runtime_event_log_tags_file:file rw_file_perms;
-# Access device logging gating property
-get_prop(logd, device_logging_prop)
-
r_dir_file(logd, domain)
allow logd kernel:system syslog_mod;
diff --git a/public/mediaextractor.te b/public/mediaextractor.te
index 859ec9c..1f34030 100644
--- a/public/mediaextractor.te
+++ b/public/mediaextractor.te
@@ -40,8 +40,6 @@
# scan extractor library directory to dynamically load extractors
allow mediaextractor system_file:dir { read open };
-get_prop(mediaextractor, device_config_media_native_prop)
-
###
### neverallow rules
###
diff --git a/public/mediaserver.te b/public/mediaserver.te
index 52d3581..86db99c 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -34,8 +34,6 @@
allow mediaserver video_device:dir r_dir_perms;
allow mediaserver video_device:chr_file rw_file_perms;
-set_prop(mediaserver, audio_prop)
-
# Read resources from open apk files passed over Binder.
allow mediaserver apk_data_file:file { read getattr };
allow mediaserver asec_apk_file:file { read getattr };
diff --git a/public/mediaswcodec.te b/public/mediaswcodec.te
index 2acdeea..992baab 100644
--- a/public/mediaswcodec.te
+++ b/public/mediaswcodec.te
@@ -11,8 +11,6 @@
hal_client_domain(mediaswcodec, hal_allocator)
hal_client_domain(mediaswcodec, hal_graphics_allocator)
-get_prop(mediaswcodec, device_config_media_native_prop)
-
crash_dump_fallback(mediaswcodec)
# mediaswcodec_server should never execute any executable without a
diff --git a/public/mediatranscoding.te b/public/mediatranscoding.te
deleted file mode 100644
index 386535b..0000000
--- a/public/mediatranscoding.te
+++ /dev/null
@@ -1,26 +0,0 @@
-# mediatranscoding - daemon for transcoding video and image.
-type mediatranscoding, domain;
-type mediatranscoding_exec, system_file_type, exec_type, file_type;
-
-binder_use(mediatranscoding)
-binder_service(mediatranscoding)
-
-add_service(mediatranscoding, mediatranscoding_service)
-
-allow mediatranscoding system_server:fd use;
-
-# mediatranscoding should never execute any executable without a
-# domain transition
-neverallow mediatranscoding { file_type fs_type }:file execute_no_trans;
-
-# The goal of the mediaserver split is to place media processing code into
-# restrictive sandboxes with limited responsibilities and thus limited
-# permissions. Example: Audioserver is only responsible for controlling audio
-# hardware and processing audio content. Cameraserver does the same for camera
-# hardware/content. Etc.
-#
-# Media processing code is inherently risky and thus should have limited
-# permissions and be isolated from the rest of the system and network.
-# Lengthier explanation here:
-# https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
-neverallow mediatranscoding domain:{ tcp_socket udp_socket rawip_socket } *;
diff --git a/public/netd.te b/public/netd.te
index 8005406..a020a57 100644
--- a/public/netd.te
+++ b/public/netd.te
@@ -81,9 +81,6 @@
# Allow netd to spawn dnsmasq in it's own domain
allow netd dnsmasq:process signal;
-set_prop(netd, ctl_mdnsd_prop)
-set_prop(netd, netd_stable_secret_prop)
-
# Allow netd to publish a binder service and make binder calls.
binder_use(netd)
add_service(netd, netd_service)
@@ -113,8 +110,6 @@
# Allow netd to register as hal server.
add_hwservice(netd, system_net_netd_hwservice)
hwbinder_use(netd)
-get_prop(netd, hwservicemanager_prop)
-get_prop(netd, device_config_netd_native_prop)
###
### Neverallow rules
@@ -157,14 +152,6 @@
neverallow { appdomain -network_stack } netd:binder call;
neverallow netd { appdomain -network_stack userdebug_or_eng(`-su') }:binder call;
-# persist.netd.stable_secret contains RFC 7217 secret key which should never be
-# leaked to other processes. Make sure it never leaks.
-neverallow { domain -netd -init -dumpstate } netd_stable_secret_prop:file r_file_perms;
-
-# We want to ensure that no other process ever tries tampering with persist.netd.stable_secret,
-# the RFC 7217 secret key managed by netd. Doing so could compromise user privacy.
-neverallow { domain -netd -init } netd_stable_secret_prop:property_service set;
-
# If an already existing file is opened with O_CREATE, the kernel might generate
# a false report of a create denial. Silence these denials and make sure that
# inappropriate permissions are not granted.
diff --git a/public/property.te b/public/property.te
index 9a93518..cdeee92 100644
--- a/public/property.te
+++ b/public/property.te
@@ -1,4 +1,8 @@
# Properties used only in /system
+#
+# DO NOT ADD system_internal_prop here.
+# Instead, add to private/property.te.
+# TODO(b/150331497): move these to private/property.te
system_internal_prop(apexd_prop)
system_internal_prop(bootloader_boot_reason_prop)
system_internal_prop(device_config_activity_manager_native_boot_prop)
@@ -9,23 +13,7 @@
system_internal_prop(device_config_reset_performed_prop)
system_internal_prop(device_config_runtime_native_boot_prop)
system_internal_prop(device_config_runtime_native_prop)
-system_internal_prop(device_config_storage_native_boot_prop)
-system_internal_prop(device_config_sys_traced_prop)
-system_internal_prop(device_config_window_manager_native_boot_prop)
-system_internal_prop(device_config_configuration_prop)
system_internal_prop(firstboot_prop)
-system_internal_prop(fastbootd_protocol_prop)
-system_internal_prop(gsid_prop)
-system_internal_prop(init_perf_lsm_hooks_prop)
-system_internal_prop(init_svc_debug_prop)
-system_internal_prop(last_boot_reason_prop)
-system_internal_prop(netd_stable_secret_prop)
-system_internal_prop(pm_prop)
-system_internal_prop(userspace_reboot_log_prop)
-system_internal_prop(userspace_reboot_test_prop)
-system_internal_prop(system_adbd_prop)
-system_internal_prop(adbd_prop)
-system_internal_prop(traced_perf_enabled_prop)
compatible_property_only(`
# DO NOT ADD ANY PROPERTIES HERE
@@ -66,21 +54,29 @@
')
# Properties which can't be written outside system
-
-# Properties used by binder caches
+system_restricted_prop(aac_drc_prop)
system_restricted_prop(binder_cache_bluetooth_server_prop)
system_restricted_prop(binder_cache_system_server_prop)
system_restricted_prop(binder_cache_telephony_server_prop)
+system_restricted_prop(boot_status_prop)
system_restricted_prop(boottime_public_prop)
system_restricted_prop(bq_config_prop)
+system_restricted_prop(build_prop)
+system_restricted_prop(fingerprint_prop)
+system_restricted_prop(init_service_status_prop)
+system_restricted_prop(libc_debug_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
+system_restricted_prop(provisioned_prop)
system_restricted_prop(restorecon_prop)
+system_restricted_prop(retaildemo_prop)
system_restricted_prop(socket_hook_prop)
system_restricted_prop(surfaceflinger_display_prop)
system_restricted_prop(system_boot_reason_prop)
system_restricted_prop(system_jvmti_agent_prop)
+system_restricted_prop(usb_prop)
system_restricted_prop(userspace_reboot_exported_prop)
+system_restricted_prop(vold_status_prop)
compatible_property_only(`
# DO NOT ADD ANY PROPERTIES HERE
@@ -95,17 +91,12 @@
system_restricted_prop(exported2_default_prop)
system_restricted_prop(exported3_system_prop)
system_restricted_prop(exported_dumpstate_prop)
- system_restricted_prop(exported_fingerprint_prop)
system_restricted_prop(exported_secure_prop)
- system_restricted_prop(exported_vold_prop)
- system_restricted_prop(ffs_prop)
- system_restricted_prop(fingerprint_prop)
system_restricted_prop(heapprofd_prop)
system_restricted_prop(net_radio_prop)
system_restricted_prop(pan_result_prop)
system_restricted_prop(persist_debug_prop)
system_restricted_prop(shell_prop)
- system_restricted_prop(system_radio_prop)
system_restricted_prop(test_harness_prop)
system_restricted_prop(theme_prop)
system_restricted_prop(use_memfd_prop)
@@ -114,22 +105,40 @@
# Properties which can be written only by vendor_init
system_vendor_config_prop(apk_verity_prop)
+system_vendor_config_prop(audio_config_prop)
+system_vendor_config_prop(build_odm_prop)
+system_vendor_config_prop(build_vendor_prop)
+system_vendor_config_prop(camera_config_prop)
system_vendor_config_prop(cpu_variant_prop)
-system_vendor_config_prop(exported_audio_prop)
+system_vendor_config_prop(dalvik_config_prop)
+system_vendor_config_prop(drm_service_config_prop)
system_vendor_config_prop(exported_camera_prop)
system_vendor_config_prop(exported_config_prop)
system_vendor_config_prop(exported_default_prop)
system_vendor_config_prop(exported3_default_prop)
+system_vendor_config_prop(ffs_config_prop)
system_vendor_config_prop(graphics_config_prop)
+system_vendor_config_prop(hdmi_config_prop)
system_vendor_config_prop(incremental_prop)
+system_vendor_config_prop(lmkd_config_prop)
+system_vendor_config_prop(media_config_prop)
system_vendor_config_prop(media_variant_prop)
+system_vendor_config_prop(mediadrm_config_prop)
+system_vendor_config_prop(packagemanager_config_prop)
+system_vendor_config_prop(recovery_config_prop)
system_vendor_config_prop(storage_config_prop)
+system_vendor_config_prop(surfaceflinger_prop)
+system_vendor_config_prop(systemsound_config_prop)
+system_vendor_config_prop(telephony_config_prop)
+system_vendor_config_prop(usb_config_prop)
system_vendor_config_prop(userspace_reboot_config_prop)
system_vendor_config_prop(vehicle_hal_prop)
system_vendor_config_prop(vendor_security_patch_level_prop)
system_vendor_config_prop(vendor_socket_hook_prop)
-system_vendor_config_prop(vndk_prop)
system_vendor_config_prop(virtual_ab_prop)
+system_vendor_config_prop(vndk_prop)
+system_vendor_config_prop(vold_config_prop)
+system_vendor_config_prop(zram_config_prop)
# Properties with no restrictions
system_public_prop(audio_prop)
@@ -140,22 +149,17 @@
system_public_prop(ctl_interface_start_prop)
system_public_prop(ctl_start_prop)
system_public_prop(ctl_stop_prop)
+system_public_prop(dalvik_runtime_prop)
system_public_prop(debug_prop)
system_public_prop(dumpstate_options_prop)
system_public_prop(exported_system_prop)
-system_public_prop(exported2_config_prop)
-system_public_prop(exported2_radio_prop)
system_public_prop(exported2_system_prop)
-system_public_prop(exported2_vold_prop)
system_public_prop(exported3_radio_prop)
system_public_prop(exported_bluetooth_prop)
-system_public_prop(exported_dalvik_prop)
-system_public_prop(exported_ffs_prop)
system_public_prop(exported_overlay_prop)
system_public_prop(exported_pm_prop)
-system_public_prop(exported_radio_prop)
-system_public_prop(exported_system_radio_prop)
system_public_prop(exported_wifi_prop)
+system_public_prop(ffs_control_prop)
system_public_prop(sota_prop)
system_public_prop(hwservicemanager_prop)
system_public_prop(lmkd_prop)
@@ -169,9 +173,13 @@
system_public_prop(powerctl_prop)
system_public_prop(radio_prop)
system_public_prop(serialno_prop)
+system_public_prop(surfaceflinger_color_prop)
system_public_prop(system_prop)
+system_public_prop(telephony_status_prop)
+system_public_prop(usb_control_prop)
system_public_prop(wifi_log_prop)
system_public_prop(wifi_prop)
+system_public_prop(zram_control_prop)
# Properties used in default HAL implementations
vendor_internal_prop(rebootescrow_hal_prop)
@@ -226,17 +234,12 @@
system_public_prop(exported2_default_prop)
system_public_prop(exported3_system_prop)
system_public_prop(exported_dumpstate_prop)
- system_public_prop(exported_fingerprint_prop)
system_public_prop(exported_secure_prop)
- system_public_prop(exported_vold_prop)
- system_public_prop(ffs_prop)
- system_public_prop(fingerprint_prop)
system_public_prop(heapprofd_prop)
system_public_prop(net_radio_prop)
system_public_prop(pan_result_prop)
system_public_prop(persist_debug_prop)
system_public_prop(shell_prop)
- system_public_prop(system_radio_prop)
system_public_prop(test_harness_prop)
system_public_prop(theme_prop)
system_public_prop(use_memfd_prop)
@@ -251,54 +254,6 @@
allow property_type tmpfs:filesystem associate;
-###
-### Neverallow rules
-###
-
-treble_sysprop_neverallow(`
-
-# TODO(b/131162102): uncomment these after assigning ownership attributes to all properties
-# neverallow domain {
-# property_type
-# -system_property_type
-# -product_property_type
-# -vendor_property_type
-# }:file no_rw_file_perms;
-
-neverallow { domain -coredomain } {
- system_property_type
- system_internal_property_type
- -system_restricted_property_type
- -system_public_property_type
-}:file no_rw_file_perms;
-
-neverallow { domain -coredomain } {
- system_property_type
- -system_public_property_type
-}:property_service set;
-
-# init is in coredomain, but should be able to read/write all props.
-# dumpstate is also in coredomain, but should be able to read all props.
-neverallow { coredomain -init -dumpstate } {
- vendor_property_type
- vendor_internal_property_type
- -vendor_restricted_property_type
- -vendor_public_property_type
-}:file no_rw_file_perms;
-
-neverallow { coredomain -init } {
- vendor_property_type
- -vendor_public_property_type
-}:property_service set;
-
-')
-
-# There is no need to perform ioctl or advisory locking operations on
-# property files. If this neverallow is being triggered, it is
-# likely that the policy is using r_file_perms directly instead of
-# the get_prop() macro.
-neverallow domain property_type:file { ioctl lock };
-
# core_property_type should not be used for new properties or
# device specific properties. Properties with this attribute
# are readable to everyone, which is overly broad and should
@@ -315,8 +270,6 @@
typeattribute default_prop core_property_type;
typeattribute dhcp_prop core_property_type;
typeattribute dumpstate_prop core_property_type;
-typeattribute ffs_prop core_property_type;
-typeattribute fingerprint_prop core_property_type;
typeattribute logd_prop core_property_type;
typeattribute net_radio_prop core_property_type;
typeattribute nfc_prop core_property_type;
@@ -328,293 +281,6 @@
typeattribute restorecon_prop core_property_type;
typeattribute shell_prop core_property_type;
typeattribute system_prop core_property_type;
-typeattribute system_radio_prop core_property_type;
+typeattribute usb_prop core_property_type;
typeattribute vold_prop core_property_type;
-neverallow * {
- core_property_type
- -audio_prop
- -config_prop
- -cppreopt_prop
- -dalvik_prop
- -debuggerd_prop
- -debug_prop
- -default_prop
- -dhcp_prop
- -dumpstate_prop
- -ffs_prop
- -fingerprint_prop
- -logd_prop
- -net_radio_prop
- -nfc_prop
- -ota_prop
- -pan_result_prop
- -persist_debug_prop
- -powerctl_prop
- -radio_prop
- -restorecon_prop
- -shell_prop
- -system_prop
- -system_radio_prop
- -vold_prop
-}:file no_rw_file_perms;
-
-# sigstop property is only used for debugging; should only be set by su which is permissive
-# for userdebug/eng
-neverallow {
- domain
- -init
- -vendor_init
-} ctl_sigstop_prop:property_service set;
-
-# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
-# in the audit log
-dontaudit domain {
- ctl_bootanim_prop
- ctl_bugreport_prop
- ctl_console_prop
- ctl_default_prop
- ctl_dumpstate_prop
- ctl_fuse_prop
- ctl_mdnsd_prop
- ctl_rildaemon_prop
-}:property_service set;
-
-neverallow {
- domain
- -init
-} init_svc_debug_prop:property_service set;
-
-neverallow {
- domain
- -init
- -dumpstate
- userdebug_or_eng(`-su')
-} init_svc_debug_prop:file no_rw_file_perms;
-
-compatible_property_only(`
-# Prevent properties from being set
- neverallow {
- domain
- -coredomain
- -appdomain
- -vendor_init
- } {
- core_property_type
- extended_core_property_type
- exported_config_prop
- exported_dalvik_prop
- exported_default_prop
- exported_dumpstate_prop
- exported_ffs_prop
- exported_fingerprint_prop
- exported_system_prop
- exported_system_radio_prop
- exported_vold_prop
- exported2_config_prop
- exported2_default_prop
- exported2_system_prop
- exported2_vold_prop
- exported3_default_prop
- exported3_system_prop
- -nfc_prop
- -powerctl_prop
- -radio_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -appdomain
- -hal_nfc_server
- } {
- nfc_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -appdomain
- -hal_telephony_server
- -vendor_init
- } {
- exported_radio_prop
- exported3_radio_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -appdomain
- -hal_telephony_server
- } {
- exported2_radio_prop
- radio_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -bluetooth
- -hal_bluetooth_server
- } {
- bluetooth_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -bluetooth
- -hal_bluetooth_server
- -vendor_init
- } {
- exported_bluetooth_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -hal_camera_server
- -cameraserver
- -vendor_init
- } {
- exported_camera_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -hal_wifi_server
- -wificond
- } {
- wifi_prop
- }:property_service set;
-
- neverallow {
- domain
- -coredomain
- -hal_wifi_server
- -wificond
- -vendor_init
- } {
- exported_wifi_prop
- }:property_service set;
-
-# Prevent properties from being read
- neverallow {
- domain
- -coredomain
- -appdomain
- -vendor_init
- } {
- core_property_type
- extended_core_property_type
- exported_dalvik_prop
- exported_ffs_prop
- exported_system_radio_prop
- exported2_config_prop
- exported2_system_prop
- exported2_vold_prop
- exported3_default_prop
- exported3_system_prop
- -debug_prop
- -logd_prop
- -nfc_prop
- -powerctl_prop
- -radio_prop
- }:file no_rw_file_perms;
-
- neverallow {
- domain
- -coredomain
- -appdomain
- -hal_nfc_server
- } {
- nfc_prop
- }:file no_rw_file_perms;
-
- neverallow {
- domain
- -coredomain
- -appdomain
- -hal_telephony_server
- } {
- radio_prop
- }:file no_rw_file_perms;
-
- neverallow {
- domain
- -coredomain
- -bluetooth
- -hal_bluetooth_server
- } {
- bluetooth_prop
- }:file no_rw_file_perms;
-
- neverallow {
- domain
- -coredomain
- -hal_wifi_server
- -wificond
- } {
- wifi_prop
- }:file no_rw_file_perms;
-')
-
-compatible_property_only(`
- # Neverallow coredomain to set vendor properties
- neverallow {
- coredomain
- -init
- -system_writes_vendor_properties_violators
- } {
- property_type
- -system_property_type
- -extended_core_property_type
- }:property_service set;
-')
-
-neverallow {
- -init
- -system_server
-} {
- userspace_reboot_log_prop
-}:property_service set;
-
-neverallow {
- # Only allow init and system_server to set system_adbd_prop
- -init
- -system_server
-} {
- system_adbd_prop
-}:property_service set;
-
-neverallow {
- # Only allow init and adbd to set adbd_prop
- -init
- -adbd
-} {
- adbd_prop
-}:property_service set;
-
-neverallow {
- # Only allow init and shell to set userspace_reboot_test_prop
- -init
- -shell
-} {
- userspace_reboot_test_prop
-}:property_service set;
-
-neverallow {
- -init
- -vendor_init
-} {
- graphics_config_prop
-}:property_service set;
-
-neverallow {
- -init
- -surfaceflinger
-} {
- surfaceflinger_display_prop
-}:property_service set;
diff --git a/public/property_contexts b/public/property_contexts
deleted file mode 100644
index f985200..0000000
--- a/public/property_contexts
+++ /dev/null
@@ -1,475 +0,0 @@
-# vendor-init-readable
-persist.radio.airplane_mode_on u:object_r:exported2_radio_prop:s0 exact bool
-
-# vendor-init-settable
-af.fast_track_multiplier u:object_r:exported3_default_prop:s0 exact int
-audio.camerasound.force u:object_r:exported_audio_prop:s0 exact bool
-audio.deep_buffer.media u:object_r:exported3_default_prop:s0 exact bool
-audio.offload.video u:object_r:exported3_default_prop:s0 exact bool
-audio.offload.min.duration.secs u:object_r:exported3_default_prop:s0 exact int
-camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool
-camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
-dalvik.vm.appimageformat u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.backgroundgctype u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.boot-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.boot-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.boot-image u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.checkjni u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.dex2oat64.enabled u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.dexopt.secondary u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.execution-mode u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.extra-opts u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.foreground-heap-growth-multiplier u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.gctype u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapgrowthlimit u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapmaxfree u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapminfree u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heapstartsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.heaptargetutilization u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.hot-startup-method-samples u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.image-dex2oat-Xms u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-Xmx u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-cpu-set u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-filter u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-flags u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.image-dex2oat-threads u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.isa.arm.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.arm64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.mips64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.unknown.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.unknown.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86_64.features u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.isa.x86_64.variant u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitinitialsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitmaxsize u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.jitprithreadweight u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jitthreshold u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jittransitionweight u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.jniopts u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.lockprof.threshold u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.method-trace u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.method-trace-file u:object_r:exported_dalvik_prop:s0 exact string
-dalvik.vm.method-trace-file-siz u:object_r:exported_dalvik_prop:s0 exact int
-dalvik.vm.method-trace-stream u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.profilesystemserver u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.profilebootclasspath u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.usejit u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.usejitprofiles u:object_r:exported_dalvik_prop:s0 exact bool
-dalvik.vm.zygote.max-boot-retry u:object_r:exported_dalvik_prop:s0 exact int
-drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool
-external_storage.projid.enabled u:object_r:storage_config_prop:s0 exact bool
-external_storage.casefold.enabled u:object_r:storage_config_prop:s0 exact bool
-external_storage.sdcardfs.enabled u:object_r:storage_config_prop:s0 exact bool
-keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool
-media.recorder.show_manufacturer_and_model u:object_r:exported3_default_prop:s0 exact bool
-media.stagefright.cache-params u:object_r:exported3_default_prop:s0 exact string
-media.stagefright.thumbnail.prefer_hw_codecs u:object_r:exported3_default_prop:s0 exact bool
-persist.bluetooth.a2dp_offload.cap u:object_r:bluetooth_a2dp_offload_prop:s0 exact string
-persist.bluetooth.a2dp_offload.disabled u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
-persist.bluetooth.bluetooth_audio_hal.disabled u:object_r:bluetooth_audio_hal_prop:s0 exact bool
-persist.bluetooth.btsnoopenable u:object_r:exported_bluetooth_prop:s0 exact bool
-persist.config.calibration_fac u:object_r:exported3_default_prop:s0 exact string
-persist.dbg.volte_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-persist.dbg.vt_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-persist.dbg.wfc_avail_ovr u:object_r:exported3_default_prop:s0 exact int
-persist.radio.multisim.config u:object_r:exported3_radio_prop:s0 exact string
-persist.sys.dalvik.vm.lib.2 u:object_r:exported2_system_prop:s0 exact string
-persist.sys.media.avsync u:object_r:exported2_system_prop:s0 exact bool
-persist.sys.hdmi.keep_awake u:object_r:exported2_system_prop:s0 exact bool
-persist.sys.sf.color_mode u:object_r:exported2_system_prop:s0 exact int
-persist.sys.sf.color_saturation u:object_r:exported2_system_prop:s0 exact string
-persist.sys.sf.native_mode u:object_r:exported2_system_prop:s0 exact int
-pm.dexopt.ab-ota u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.bg-dexopt u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.boot u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.disable_bg_dexopt u:object_r:exported_pm_prop:s0 exact bool
-pm.dexopt.downgrade_after_inactive_days u:object_r:exported_pm_prop:s0 exact int
-pm.dexopt.first-boot u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.inactive u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.install u:object_r:exported_pm_prop:s0 exact string
-pm.dexopt.shared u:object_r:exported_pm_prop:s0 exact string
-ro.af.client_heap_size_kbyte u:object_r:exported3_default_prop:s0 exact int
-ro.apk_verity.mode u:object_r:apk_verity_prop:s0 exact int
-ro.audio.monitorRotation u:object_r:exported3_default_prop:s0 exact bool
-ro.bluetooth.a2dp_offload.supported u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
-ro.boot.vendor.overlay.theme u:object_r:exported_overlay_prop:s0 exact string
-ro.boot.wificountrycode u:object_r:exported3_default_prop:s0 exact string
-ro.bt.bdaddr_path u:object_r:exported_bluetooth_prop:s0 exact string
-ro.camera.notify_nfc u:object_r:exported3_default_prop:s0 exact int
-ro.camera.enableLazyHal u:object_r:exported3_default_prop:s0 exact bool
-ro.com.android.dataroaming u:object_r:exported3_default_prop:s0 exact bool
-ro.com.android.prov_mobiledata u:object_r:exported3_default_prop:s0 exact bool
-ro.config.alarm_alert u:object_r:exported2_config_prop:s0 exact string
-ro.config.media_vol_steps u:object_r:exported2_config_prop:s0 exact int
-ro.config.notification_sound u:object_r:exported2_config_prop:s0 exact string
-ro.config.per_app_memcg u:object_r:exported3_default_prop:s0 exact bool
-ro.config.ringtone u:object_r:exported2_config_prop:s0 exact string
-ro.control_privapp_permissions u:object_r:exported3_default_prop:s0 exact string
-ro.cp_system_other_odex u:object_r:exported3_default_prop:s0 exact int
-ro.crypto.allow_encrypt_override u:object_r:exported2_vold_prop:s0 exact bool
-ro.crypto.dm_default_key.options_format.version u:object_r:exported2_vold_prop:s0 exact int
-ro.crypto.fde_algorithm u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.fde_sector_size u:object_r:exported2_vold_prop:s0 exact int
-ro.crypto.scrypt_params u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.set_dun u:object_r:exported2_vold_prop:s0 exact bool
-ro.crypto.volume.contents_mode u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.volume.filenames_mode u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.volume.metadata.encryption u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.volume.metadata.method u:object_r:exported2_vold_prop:s0 exact string
-ro.crypto.volume.options u:object_r:exported2_vold_prop:s0 exact string
-ro.dalvik.vm.native.bridge u:object_r:exported_dalvik_prop:s0 exact string
-ro.enable_boot_charger_mode u:object_r:exported3_default_prop:s0 exact bool
-ro.gfx.driver.0 u:object_r:exported3_default_prop:s0 exact string
-ro.gfx.angle.supported u:object_r:exported3_default_prop:s0 exact bool
-ro.hdmi.device_type u:object_r:exported3_default_prop:s0 exact string
-ro.hdmi.wake_on_hotplug u:object_r:exported3_default_prop:s0 exact bool
-ro.lmk.critical u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.critical_upgrade u:object_r:exported3_default_prop:s0 exact bool
-ro.lmk.debug u:object_r:exported3_default_prop:s0 exact bool
-ro.lmk.downgrade_pressure u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.kill_heaviest_task u:object_r:exported3_default_prop:s0 exact bool
-ro.lmk.kill_timeout_ms u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.low u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.medium u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.psi_partial_stall_ms u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.psi_complete_stall_ms u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.swap_free_low_percentage u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.thrashing_limit u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.thrashing_limit_decay u:object_r:exported3_default_prop:s0 exact int
-ro.lmk.use_minfree_levels u:object_r:exported3_default_prop:s0 exact bool
-ro.lmk.upgrade_pressure u:object_r:exported3_default_prop:s0 exact int
-ro.minui.default_rotation u:object_r:exported3_default_prop:s0 exact string
-ro.minui.overscan_percent u:object_r:exported3_default_prop:s0 exact int
-ro.minui.pixel_format u:object_r:exported3_default_prop:s0 exact string
-ro.oem_unlock_supported u:object_r:exported3_default_prop:s0 exact int
-ro.opengles.version u:object_r:exported3_default_prop:s0 exact int
-ro.radio.noril u:object_r:exported3_default_prop:s0 exact string
-ro.rebootescrow.device u:object_r:rebootescrow_hal_prop:s0 exact string
-ro.retaildemo.video_path u:object_r:exported3_default_prop:s0 exact string
-ro.statsd.enable u:object_r:exported3_default_prop:s0 exact bool
-ro.sf.disable_triple_buffer u:object_r:exported3_default_prop:s0 exact bool
-ro.sf.lcd_density u:object_r:exported3_default_prop:s0 exact int
-ro.storage_manager.enabled u:object_r:exported3_default_prop:s0 exact bool
-ro.telephony.call_ring.multiple u:object_r:exported3_default_prop:s0 exact bool
-ro.telephony.default_cdma_sub u:object_r:exported3_default_prop:s0 exact int
-ro.telephony.default_network u:object_r:exported3_default_prop:s0 exact string
-ro.vehicle.hal u:object_r:vehicle_hal_prop:s0 exact string
-ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
-ro.media.xml_variant.codecs u:object_r:media_variant_prop:s0 exact string
-ro.media.xml_variant.codecs_performance u:object_r:media_variant_prop:s0 exact string
-ro.media.xml_variant.profiles u:object_r:media_variant_prop:s0 exact string
-ro.zram.mark_idle_delay_mins u:object_r:exported3_default_prop:s0 exact int
-ro.zram.first_wb_delay_mins u:object_r:exported3_default_prop:s0 exact int
-ro.zram.periodic_wb_delay_hours u:object_r:exported3_default_prop:s0 exact int
-ro.zygote u:object_r:exported3_default_prop:s0 exact string
-sendbug.preferred.domain u:object_r:exported3_default_prop:s0 exact string
-sys.usb.controller u:object_r:exported2_system_prop:s0 exact string
-sys.usb.ffs.max_read u:object_r:exported_ffs_prop:s0 exact int
-sys.usb.ffs.max_write u:object_r:exported_ffs_prop:s0 exact int
-sys.usb.ffs.ready u:object_r:exported_ffs_prop:s0 exact bool
-sys.usb.mtp.device_type u:object_r:exported2_system_prop:s0 exact int
-sys.usb.ffs.mtp.ready u:object_r:exported_ffs_prop:s0 exact bool
-sys.usb.state u:object_r:exported2_system_prop:s0 exact string
-telephony.lteOnCdmaDevice u:object_r:exported3_default_prop:s0 exact int
-telephony.active_modems.max_count u:object_r:exported3_default_prop:s0 exact int
-tombstoned.max_tombstone_count u:object_r:exported3_default_prop:s0 exact int
-vold.post_fs_data_done u:object_r:exported2_vold_prop:s0 exact int
-vts.native_server.on u:object_r:exported3_default_prop:s0 exact bool
-wlan.driver.status u:object_r:exported_wifi_prop:s0 exact enum ok unloaded
-zram.force_writeback u:object_r:exported3_default_prop:s0 exact bool
-
-# vendor-init-readable
-apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
-dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool
-persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string
-persist.sys.theme u:object_r:theme_prop:s0 exact string
-persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string
-sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool
-sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int
-sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool
-sys.vdso u:object_r:exported3_system_prop:s0 exact string
-
-# vendor-init-settable
-persist.sys.zram_enabled u:object_r:exported2_system_prop:s0 exact bool
-sys.usb.config u:object_r:exported_system_radio_prop:s0 exact string
-sys.usb.configfs u:object_r:exported_system_radio_prop:s0 exact int
-
-# public-readable
-aac_drc_boost u:object_r:exported2_default_prop:s0 exact int
-aac_drc_cut u:object_r:exported2_default_prop:s0 exact int
-aac_drc_enc_target_level u:object_r:exported2_default_prop:s0 exact int
-aac_drc_heavy u:object_r:exported2_default_prop:s0 exact int
-aac_drc_reference_level u:object_r:exported2_default_prop:s0 exact int
-build.version.extensions. u:object_r:module_sdkextensions_prop:s0 prefix int
-ro.aac_drc_effect_type u:object_r:exported2_default_prop:s0 exact int
-drm.64bit.enabled u:object_r:exported2_default_prop:s0 exact bool
-dumpstate.dry_run u:object_r:exported_dumpstate_prop:s0 exact bool
-dumpstate.unroot u:object_r:exported_dumpstate_prop:s0 exact bool
-hal.instrumentation.enable u:object_r:exported2_default_prop:s0 exact bool
-init.svc.bugreport u:object_r:exported2_default_prop:s0 exact string
-init.svc.console u:object_r:exported2_default_prop:s0 exact string
-init.svc.dumpstatez u:object_r:exported2_default_prop:s0 exact string
-init.svc.mediadrm u:object_r:exported2_default_prop:s0 exact string
-init.svc.surfaceflinger u:object_r:exported2_default_prop:s0 exact string
-init.svc.tombstoned u:object_r:exported2_default_prop:s0 exact string
-init.svc.zygote u:object_r:exported2_default_prop:s0 exact string
-libc.debug.malloc.options u:object_r:exported2_default_prop:s0 exact string
-libc.debug.malloc.program u:object_r:exported2_default_prop:s0 exact string
-libc.debug.hooks.enable u:object_r:exported2_default_prop:s0 exact string
-net.redirect_socket_calls.hooked u:object_r:socket_hook_prop:s0 exact bool
-persist.sys.locale u:object_r:exported_system_prop:s0 exact string
-persist.sys.timezone u:object_r:exported_system_prop:s0 exact string
-persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
-ro.adb.secure u:object_r:exported_secure_prop:s0 exact bool
-ro.arch u:object_r:exported2_default_prop:s0 exact string
-ro.audio.ignore_effects u:object_r:exported2_default_prop:s0 exact bool
-ro.baseband u:object_r:exported2_default_prop:s0 exact string
-ro.boot.avb_version u:object_r:exported2_default_prop:s0 exact string
-ro.boot.baseband u:object_r:exported2_default_prop:s0 exact string
-ro.boot.bootdevice u:object_r:exported2_default_prop:s0 exact string
-ro.boot.bootloader u:object_r:exported2_default_prop:s0 exact string
-ro.boot.boottime u:object_r:exported2_default_prop:s0 exact string
-ro.boottime.init.mount.data u:object_r:boottime_public_prop:s0 exact string
-ro.boottime.init.fsck.data u:object_r:boottime_public_prop:s0 exact string
-ro.boot.console u:object_r:exported2_default_prop:s0 exact string
-ro.boot.hardware u:object_r:exported2_default_prop:s0 exact string
-ro.boot.hardware.color u:object_r:exported2_default_prop:s0 exact string
-ro.boot.hardware.sku u:object_r:exported2_default_prop:s0 exact string
-ro.boot.keymaster u:object_r:exported2_default_prop:s0 exact string
-ro.boot.mode u:object_r:exported2_default_prop:s0 exact string
-ro.boot.vbmeta.avb_version u:object_r:exported2_default_prop:s0 exact string
-ro.boot.verifiedbootstate u:object_r:exported2_default_prop:s0 exact string
-ro.boot.veritymode u:object_r:exported2_default_prop:s0 exact string
-ro.boot.dynamic_partitions u:object_r:exported_default_prop:s0 exact string
-ro.boot.dynamic_partitions_retrofit u:object_r:exported_default_prop:s0 exact string
-ro.bootloader u:object_r:exported2_default_prop:s0 exact string
-ro.build.date u:object_r:exported2_default_prop:s0 exact string
-ro.build.date.utc u:object_r:exported2_default_prop:s0 exact int
-ro.build.description u:object_r:exported2_default_prop:s0 exact string
-ro.build.display.id u:object_r:exported2_default_prop:s0 exact string
-ro.build.fingerprint u:object_r:exported_fingerprint_prop:s0 exact string
-ro.build.host u:object_r:exported2_default_prop:s0 exact string
-ro.build.id u:object_r:exported2_default_prop:s0 exact string
-ro.build.product u:object_r:exported2_default_prop:s0 exact string
-ro.build.system_root_image u:object_r:exported2_default_prop:s0 exact bool
-ro.build.tags u:object_r:exported2_default_prop:s0 exact string
-ro.build.user u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.base_os u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.codename u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.incremental u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.preview_sdk u:object_r:exported2_default_prop:s0 exact int
-ro.build.version.release u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.release_or_codename u:object_r:exported2_default_prop:s0 exact string
-ro.build.version.sdk u:object_r:exported2_default_prop:s0 exact int
-ro.build.version.security_patch u:object_r:exported2_default_prop:s0 exact string
-ro.crypto.state u:object_r:exported_vold_prop:s0 exact enum encrypted unencrypted unsupported
-ro.crypto.type u:object_r:exported_vold_prop:s0 exact enum block file none
-ro.debuggable u:object_r:exported2_default_prop:s0 exact int
-ro.hardware u:object_r:exported2_default_prop:s0 exact string
-ro.product.brand u:object_r:exported2_default_prop:s0 exact string
-ro.product.cpu.abi u:object_r:exported2_default_prop:s0 exact string
-ro.product.cpu.abilist u:object_r:exported2_default_prop:s0 exact string
-ro.product.device u:object_r:exported2_default_prop:s0 exact string
-ro.product.manufacturer u:object_r:exported2_default_prop:s0 exact string
-ro.product.model u:object_r:exported2_default_prop:s0 exact string
-ro.product.name u:object_r:exported2_default_prop:s0 exact string
-ro.property_service.version u:object_r:exported2_default_prop:s0 exact int
-ro.revision u:object_r:exported2_default_prop:s0 exact string
-ro.secure u:object_r:exported_secure_prop:s0 exact int
-ro.vendor.redirect_socket_calls u:object_r:vendor_socket_hook_prop:s0 exact bool
-service.bootanim.exit u:object_r:exported_system_prop:s0 exact int
-sys.boot_from_charger_mode u:object_r:exported_system_prop:s0 exact int
-sys.init.userspace_reboot.in_progress u:object_r:userspace_reboot_exported_prop:s0 exact bool
-sys.use_memfd u:object_r:use_memfd_prop:s0 exact bool
-vold.decrypt u:object_r:exported_vold_prop:s0 exact string
-
-# vendor-init-settable|public-readable
-aaudio.hw_burst_min_usec u:object_r:exported_default_prop:s0 exact int
-aaudio.minimum_sleep_usec u:object_r:exported_default_prop:s0 exact int
-aaudio.mixer_bursts u:object_r:exported_default_prop:s0 exact int
-aaudio.mmap_exclusive_policy u:object_r:exported_default_prop:s0 exact int
-aaudio.mmap_policy u:object_r:exported_default_prop:s0 exact int
-aaudio.wakeup_delay_usec u:object_r:exported_default_prop:s0 exact int
-config.disable_cameraservice u:object_r:exported_camera_prop:s0 exact bool
-gsm.sim.operator.numeric u:object_r:exported_radio_prop:s0 exact string
-media.mediadrmservice.enable u:object_r:exported_default_prop:s0 exact bool
-persist.rcs.supported u:object_r:exported_default_prop:s0 exact int
-rcs.publish.status u:object_r:exported_radio_prop:s0 exact string
-ro.bionic.2nd_arch u:object_r:cpu_variant_prop:s0 exact string
-ro.bionic.2nd_cpu_variant u:object_r:cpu_variant_prop:s0 exact string
-ro.bionic.arch u:object_r:cpu_variant_prop:s0 exact string
-ro.bionic.cpu_variant u:object_r:cpu_variant_prop:s0 exact string
-ro.board.platform u:object_r:exported_default_prop:s0 exact string
-ro.boot.fake_battery u:object_r:exported_default_prop:s0 exact int
-ro.boot.fstab_suffix u:object_r:exported_default_prop:s0 exact string
-ro.boot.hardware.revision u:object_r:exported_default_prop:s0 exact string
-ro.boot.product.hardware.sku u:object_r:exported_default_prop:s0 exact string
-ro.boot.product.vendor.sku u:object_r:exported_default_prop:s0 exact string
-ro.boot.slot_suffix u:object_r:exported_default_prop:s0 exact string
-ro.bootimage.build.date u:object_r:exported_default_prop:s0 exact string
-ro.bootimage.build.date.utc u:object_r:exported_default_prop:s0 exact int
-ro.bootimage.build.fingerprint u:object_r:exported_default_prop:s0 exact string
-ro.boringcrypto.hwrand u:object_r:exported_default_prop:s0 exact bool
-ro.build.ab_update u:object_r:exported_default_prop:s0 exact string
-ro.build.expect.baseband u:object_r:exported_default_prop:s0 exact string
-ro.build.expect.bootloader u:object_r:exported_default_prop:s0 exact string
-ro.carrier u:object_r:exported_default_prop:s0 exact string
-ro.config.low_ram u:object_r:exported_config_prop:s0 exact bool
-ro.config.vc_call_vol_steps u:object_r:exported_config_prop:s0 exact int
-ro.frp.pst u:object_r:exported_default_prop:s0 exact string
-ro.hardware.activity_recognition u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio.a2dp u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio.hearing_aid u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio.primary u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio.usb u:object_r:exported_default_prop:s0 exact string
-ro.hardware.audio_policy u:object_r:exported_default_prop:s0 exact string
-ro.hardware.bootctrl u:object_r:exported_default_prop:s0 exact string
-ro.hardware.camera u:object_r:exported_default_prop:s0 exact string
-ro.hardware.consumerir u:object_r:exported_default_prop:s0 exact string
-ro.hardware.context_hub u:object_r:exported_default_prop:s0 exact string
-ro.hardware.egl u:object_r:exported_default_prop:s0 exact string
-ro.hardware.fingerprint u:object_r:exported_default_prop:s0 exact string
-ro.hardware.flp u:object_r:exported_default_prop:s0 exact string
-ro.hardware.gatekeeper u:object_r:exported_default_prop:s0 exact string
-ro.hardware.gps u:object_r:exported_default_prop:s0 exact string
-ro.hardware.gralloc u:object_r:exported_default_prop:s0 exact string
-ro.hardware.hdmi_cec u:object_r:exported_default_prop:s0 exact string
-ro.hardware.hwcomposer u:object_r:exported_default_prop:s0 exact string
-ro.hardware.input u:object_r:exported_default_prop:s0 exact string
-ro.hardware.keystore u:object_r:exported_default_prop:s0 exact string
-ro.hardware.keystore_desede u:object_r:exported_default_prop:s0 exact string
-ro.hardware.lights u:object_r:exported_default_prop:s0 exact string
-ro.hardware.local_time u:object_r:exported_default_prop:s0 exact string
-ro.hardware.memtrack u:object_r:exported_default_prop:s0 exact string
-ro.hardware.nfc u:object_r:exported_default_prop:s0 exact string
-ro.hardware.nfc_nci u:object_r:exported_default_prop:s0 exact string
-ro.hardware.nfc_tag u:object_r:exported_default_prop:s0 exact string
-ro.hardware.nvram u:object_r:exported_default_prop:s0 exact string
-ro.hardware.power u:object_r:exported_default_prop:s0 exact string
-ro.hardware.radio u:object_r:exported_default_prop:s0 exact string
-ro.hardware.sensors u:object_r:exported_default_prop:s0 exact string
-ro.hardware.sound_trigger u:object_r:exported_default_prop:s0 exact string
-ro.hardware.thermal u:object_r:exported_default_prop:s0 exact string
-ro.hardware.tv_input u:object_r:exported_default_prop:s0 exact string
-ro.hardware.type u:object_r:exported_default_prop:s0 exact string
-ro.hardware.vehicle u:object_r:exported_default_prop:s0 exact string
-ro.hardware.vibrator u:object_r:exported_default_prop:s0 exact string
-ro.hardware.virtual_device u:object_r:exported_default_prop:s0 exact string
-ro.hardware.vulkan u:object_r:exported_default_prop:s0 exact string
-ro.hwui.use_vulkan u:object_r:exported_default_prop:s0 exact bool
-ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool
-ro.kernel.qemu. u:object_r:exported_default_prop:s0
-ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
-ro.kernel.ebpf.supported u:object_r:exported_default_prop:s0 exact bool
-ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
-ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
-ro.odm.build.fingerprint u:object_r:exported_default_prop:s0 exact string
-ro.odm.build.version.incremental u:object_r:exported_default_prop:s0 exact string
-ro.oem.key1 u:object_r:exported_default_prop:s0 exact string
-ro.product.board u:object_r:exported_default_prop:s0 exact string
-ro.product.cpu.abilist32 u:object_r:exported_default_prop:s0 exact string
-ro.product.cpu.abilist64 u:object_r:exported_default_prop:s0 exact string
-ro.product.first_api_level u:object_r:exported_default_prop:s0 exact int
-ro.product.odm.brand u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.device u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.manufacturer u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.model u:object_r:exported_default_prop:s0 exact string
-ro.product.odm.name u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.brand u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.device u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.manufacturer u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.model u:object_r:exported_default_prop:s0 exact string
-ro.product.vendor.name u:object_r:exported_default_prop:s0 exact string
-ro.product.vndk.version u:object_r:vndk_prop:s0 exact string
-ro.telephony.iwlan_operation_mode u:object_r:exported_radio_prop:s0 exact enum default legacy AP-assisted
-ro.vendor.build.date u:object_r:exported_default_prop:s0 exact string
-ro.vendor.build.date.utc u:object_r:exported_default_prop:s0 exact int
-ro.vendor.build.fingerprint u:object_r:exported_default_prop:s0 exact string
-ro.vendor.build.version.incremental u:object_r:exported_default_prop:s0 exact string
-ro.vndk.lite u:object_r:vndk_prop:s0 exact bool
-ro.vndk.version u:object_r:vndk_prop:s0 exact string
-ro.vts.coverage u:object_r:exported_default_prop:s0 exact int
-wifi.active.interface u:object_r:exported_wifi_prop:s0 exact string
-wifi.aware.interface u:object_r:exported_wifi_prop:s0 exact string
-wifi.concurrent.interface u:object_r:exported_default_prop:s0 exact string
-wifi.direct.interface u:object_r:exported_default_prop:s0 exact string
-wifi.interface u:object_r:exported_default_prop:s0 exact string
-ro.apex.updatable u:object_r:exported_default_prop:s0 exact bool
-ro.init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool
-
-# public-readable
-ro.boot.revision u:object_r:exported2_default_prop:s0 exact string
-ro.bootmode u:object_r:exported2_default_prop:s0 exact string
-ro.build.type u:object_r:exported2_default_prop:s0 exact string
-sys.shutdown.requested u:object_r:exported_system_prop:s0 exact string
-
-# Using Sysprop as API. So the ro.surface_flinger.* are guaranteed to be API-stable
-ro.surface_flinger.default_composition_dataspace u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.default_composition_pixel_format u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.force_hwc_copy_for_virtual_displays u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.has_HDR_display u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.has_wide_color_display u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.max_frame_buffer_acquired_buffers u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.max_graphics_height u:object_r:exported3_default_prop:s0 exact int
-ro.surface_flinger.max_graphics_width u:object_r:exported3_default_prop:s0 exact int
-ro.surface_flinger.max_virtual_display_dimension u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.primary_display_orientation u:object_r:exported_default_prop:s0 exact enum ORIENTATION_0 ORIENTATION_180 ORIENTATION_270 ORIENTATION_90
-ro.surface_flinger.present_time_offset_from_vsync_ns u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.running_without_sync_framework u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.start_graphics_allocator_service u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.use_color_management u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.use_context_priority u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.use_vr_flinger u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.vsync_event_phase_offset_ns u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.vsync_sf_event_phase_offset_ns u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.wcg_composition_dataspace u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.wcg_composition_pixel_format u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.display_primary_red u:object_r:exported_default_prop:s0 exact string
-ro.surface_flinger.display_primary_green u:object_r:exported_default_prop:s0 exact string
-ro.surface_flinger.display_primary_blue u:object_r:exported_default_prop:s0 exact string
-ro.surface_flinger.display_primary_white u:object_r:exported_default_prop:s0 exact string
-ro.surface_flinger.protected_contents u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.set_idle_timer_ms u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.set_touch_timer_ms u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.set_display_power_timer_ms u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.support_kernel_idle_timer u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.use_smart_90_for_video u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.use_content_detection_for_refresh_rate u:object_r:exported_default_prop:s0 exact bool
-ro.surface_flinger.color_space_agnostic_dataspace u:object_r:exported_default_prop:s0 exact int
-ro.surface_flinger.refresh_rate_switching u:object_r:exported_default_prop:s0 exact bool
-
-# Binder cache properties. These are world-readable
-cache_key.app_inactive u:object_r:binder_cache_system_server_prop:s0
-cache_key.is_compat_change_enabled u:object_r:binder_cache_system_server_prop:s0
-cache_key.get_packages_for_uid u:object_r:binder_cache_system_server_prop:s0
-cache_key.has_system_feature u:object_r:binder_cache_system_server_prop:s0
-cache_key.is_interactive u:object_r:binder_cache_system_server_prop:s0
-cache_key.is_power_save_mode u:object_r:binder_cache_system_server_prop:s0
-cache_key.is_user_unlocked u:object_r:binder_cache_system_server_prop:s0
-cache_key.volume_list u:object_r:binder_cache_system_server_prop:s0
-cache_key.display_info u:object_r:binder_cache_system_server_prop:s0
-cache_key.location_enabled u:object_r:binder_cache_system_server_prop:s0
-cache_key.package_info u:object_r:binder_cache_system_server_prop:s0
-
-cache_key.bluetooth. u:object_r:binder_cache_bluetooth_server_prop:s0 prefix string
-cache_key.system_server. u:object_r:binder_cache_system_server_prop:s0 prefix string
-cache_key.telephony. u:object_r:binder_cache_telephony_server_prop:s0 prefix string
-
-# Graphics related properties
-graphics.gpu.profiler.support u:object_r:graphics_config_prop:s0 exact bool
-graphics.gpu.profiler.vulkan_layer_apk u:object_r:graphics_config_prop:s0 exact string
diff --git a/public/radio.te b/public/radio.te
index 34eaf83..6ec0086 100644
--- a/public/radio.te
+++ b/public/radio.te
@@ -16,16 +16,6 @@
allow radio net_data_file:dir search;
allow radio net_data_file:file r_file_perms;
-# Property service
-set_prop(radio, radio_prop)
-set_prop(radio, exported_radio_prop)
-set_prop(radio, exported2_radio_prop)
-set_prop(radio, exported3_radio_prop)
-set_prop(radio, net_radio_prop)
-
-# ctl interface
-set_prop(radio, ctl_rildaemon_prop)
-
add_service(radio, radio_service)
allow radio audioserver_service:service_manager find;
allow radio cameraserver_service:service_manager find;
diff --git a/public/recovery.te b/public/recovery.te
index 63a9cea..fd3c82a 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -108,26 +108,6 @@
# Read files on /oem.
r_dir_file(recovery, oemfs);
- # Reboot the device
- set_prop(recovery, powerctl_prop)
-
- # Read serial number of the device from system properties
- get_prop(recovery, serialno_prop)
-
- # Set sys.usb.ffs.ready when starting minadbd for sideload.
- set_prop(recovery, ffs_prop)
- set_prop(recovery, exported_ffs_prop)
-
- # Set sys.usb.config when switching into fastboot.
- set_prop(recovery, system_radio_prop)
- set_prop(recovery, exported_system_radio_prop)
-
- # Read ro.boot.bootreason
- get_prop(recovery, bootloader_boot_reason_prop)
-
- # Read storage properties (for correctly formatting filesystems)
- get_prop(recovery, storage_config_prop)
-
# Use setfscreatecon() to label files for OTA updates.
allow recovery self:process setfscreate;
@@ -147,22 +127,12 @@
allowxperm recovery super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
# Allow using libfiemap/gsid directly (no binder in recovery).
- set_prop(recovery, gsid_prop)
allow recovery gsi_metadata_file:dir search;
allow recovery ota_metadata_file:dir rw_dir_perms;
allow recovery ota_metadata_file:file create_file_perms;
# Allow mounting /metadata for writing update states
allow recovery metadata_file:dir { getattr mounton };
-
- # These are needed to allow recovery to manage network
- allow recovery self:netlink_route_socket { create write read nlmsg_readpriv nlmsg_read };
- allow recovery self:global_capability_class_set net_admin;
- allow recovery self:tcp_socket { create ioctl };
- allowxperm recovery self:tcp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS };
-
- # Set fastbootd protocol property
- set_prop(recovery, fastbootd_protocol_prop)
')
###
diff --git a/public/service.te b/public/service.te
index f27772e..7a65f96 100644
--- a/public/service.te
+++ b/public/service.te
@@ -11,7 +11,7 @@
type fingerprintd_service, service_manager_type;
type hal_fingerprint_service, service_manager_type;
type gatekeeper_service, app_api_service, service_manager_type;
-type gpu_service, app_api_service, service_manager_type;
+type gpu_service, app_api_service, ephemeral_app_api_service, service_manager_type;
type idmap_service, service_manager_type;
type iorapd_service, service_manager_type;
type incident_service, service_manager_type;
diff --git a/public/shell.te b/public/shell.te
index c0412eb..822f4ca 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -58,60 +58,12 @@
r_dir_file(shell, apk_data_file)
-# Set properties.
-set_prop(shell, shell_prop)
-set_prop(shell, ctl_bugreport_prop)
-set_prop(shell, ctl_dumpstate_prop)
-set_prop(shell, dumpstate_prop)
-set_prop(shell, exported_dumpstate_prop)
-set_prop(shell, debug_prop)
-set_prop(shell, powerctl_prop)
-set_prop(shell, log_tag_prop)
-set_prop(shell, wifi_log_prop)
-# Allow shell to start/stop traced via the persist.traced.enable
-# property (which also takes care of /data/misc initialization).
-set_prop(shell, traced_enabled_prop)
-# adjust is_loggable properties
-userdebug_or_eng(`set_prop(shell, log_prop)')
-# logpersist script
-userdebug_or_eng(`set_prop(shell, logpersistd_logging_prop)')
-# Allow shell to start/stop heapprofd via the persist.heapprofd.enable
-# property.
-set_prop(shell, heapprofd_enabled_prop)
-# Allow shell to start/stop traced_perf via the persist.traced_perf.enable
-# property.
-set_prop(shell, traced_perf_enabled_prop)
-# Allow shell to start/stop gsid via ctl.start|stop|restart gsid.
-set_prop(shell, ctl_gsid_prop)
-# Allow shell to enable Dynamic System Update
-set_prop(shell, dynamic_system_prop)
-# Allow shell to mock an OTA using persist.pm.mock-upgrade
-set_prop(shell, mock_ota_prop)
-
userdebug_or_eng(`
# "systrace --boot" support - allow boottrace service to run
allow shell boottrace_data_file:dir rw_dir_perms;
allow shell boottrace_data_file:file create_file_perms;
- set_prop(shell, persist_debug_prop)
')
-# Read device's serial number from system properties
-get_prop(shell, serialno_prop)
-
-# Allow shell to read the vendor security patch level for CTS
-get_prop(shell, vendor_security_patch_level_prop)
-
-# Read state of logging-related properties
-get_prop(shell, device_logging_prop)
-
-# Read state of boot reason properties
-get_prop(shell, bootloader_boot_reason_prop)
-get_prop(shell, last_boot_reason_prop)
-get_prop(shell, system_boot_reason_prop)
-
-# Allow reading the outcome of perf_event_open LSM support test for CTS.
-get_prop(shell, init_perf_lsm_hooks_prop)
-
# allow shell access to services
allow shell servicemanager:service_manager list;
# don't allow shell to access GateKeeper service
diff --git a/public/traceur_app.te b/public/traceur_app.te
index 7e2cc84..ce9b844 100644
--- a/public/traceur_app.te
+++ b/public/traceur_app.te
@@ -3,11 +3,6 @@
allow traceur_app servicemanager:service_manager list;
allow traceur_app hwservicemanager:hwservice_manager list;
-# Allow Traceur to enable traced if necessary.
-set_prop(traceur_app, traced_enabled_prop)
-
-set_prop(traceur_app, debug_prop)
-
allow traceur_app {
service_manager_type
-apex_service
diff --git a/public/ueventd.te b/public/ueventd.te
index fc503b8..1d75080 100644
--- a/public/ueventd.te
+++ b/public/ueventd.te
@@ -59,10 +59,6 @@
allow ueventd system_bootstrap_lib_file:dir r_dir_perms;
allow ueventd system_bootstrap_lib_file:file { execute read open getattr map };
-# ueventd can set properties, particularly it sets ro.cold_boot_done to signal
-# to init that cold boot has completed.
-set_prop(ueventd, cold_boot_done_prop)
-
# Allow ueventd to run shell scripts from vendor
allow ueventd vendor_shell_exec:file execute;
diff --git a/public/uncrypt.te b/public/uncrypt.te
index 28dc3f2..75765f3 100644
--- a/public/uncrypt.te
+++ b/public/uncrypt.te
@@ -22,9 +22,6 @@
# Write to /dev/socket/uncrypt
unix_socket_connect(uncrypt, uncrypt, uncrypt)
-# Set a property to reboot the device.
-set_prop(uncrypt, powerctl_prop)
-
# Raw writes to block device
allow uncrypt self:global_capability_class_set sys_rawio;
allow uncrypt misc_block_device:blk_file w_file_perms;
diff --git a/public/update_engine.te b/public/update_engine.te
index 8b767be..ba2f3cf 100644
--- a/public/update_engine.te
+++ b/public/update_engine.te
@@ -63,15 +63,6 @@
# read directories on /system and /vendor
allow update_engine system_file:dir r_dir_perms;
-# Allow to start gsid service.
-set_prop(update_engine, ctl_gsid_prop)
-
-# Allow to set the OTA related properties, e.g. ota.warm_reset.
-set_prop(update_engine, ota_prop)
-
-# Allow to get the DSU status
-get_prop(update_engine, gsid_prop)
-
# update_engine tries to determine the parent path for all devices (e.g.
# /dev/block/by-name) by reading the default fstab and looking for the misc
# device. ReadDefaultFstab() checks whether a GSI is running by checking
diff --git a/public/update_verifier.te b/public/update_verifier.te
index f881aeb..68b43f0 100644
--- a/public/update_verifier.te
+++ b/public/update_verifier.te
@@ -24,12 +24,6 @@
# Write to kernel message.
allow update_verifier kmsg_device:chr_file { getattr w_file_perms };
-# Allow update_verifier to reboot the device.
-set_prop(update_verifier, powerctl_prop)
-
-# Allow to set the OTA related properties e.g. ota.warm_reset.
-set_prop(update_verifier, ota_prop)
-
# Use Boot Control HAL
hal_client_domain(update_verifier, hal_bootctl)
diff --git a/public/usbd.te b/public/usbd.te
index 991e7be..6f34954 100644
--- a/public/usbd.te
+++ b/public/usbd.te
@@ -1,5 +1,2 @@
type usbd, domain;
type usbd_exec, system_file_type, exec_type, file_type;
-
-# Start/stop adbd via ctl.start adbd
-set_prop(usbd, ctl_adbd_prop)
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 36bb5cb..c742206 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -74,6 +74,7 @@
-vold_metadata_file
-gsi_metadata_file
-apex_metadata_file
+ -apex_info_file
}:file { create getattr open read write setattr relabelfrom unlink map };
allow vendor_init {
@@ -210,24 +211,19 @@
set_prop(vendor_init, bluetooth_a2dp_offload_prop)
set_prop(vendor_init, bluetooth_audio_hal_prop)
set_prop(vendor_init, cpu_variant_prop)
+set_prop(vendor_init, dalvik_runtime_prop)
set_prop(vendor_init, debug_prop)
-set_prop(vendor_init, exported_audio_prop)
set_prop(vendor_init, exported_bluetooth_prop)
set_prop(vendor_init, exported_camera_prop)
set_prop(vendor_init, exported_config_prop)
-set_prop(vendor_init, exported_dalvik_prop)
set_prop(vendor_init, exported_default_prop)
-set_prop(vendor_init, exported_ffs_prop)
set_prop(vendor_init, exported_overlay_prop)
set_prop(vendor_init, exported_pm_prop)
-set_prop(vendor_init, exported_radio_prop)
-set_prop(vendor_init, exported_system_radio_prop)
set_prop(vendor_init, exported_wifi_prop)
-set_prop(vendor_init, exported2_config_prop)
set_prop(vendor_init, exported2_system_prop)
-set_prop(vendor_init, exported2_vold_prop)
set_prop(vendor_init, exported3_default_prop)
set_prop(vendor_init, exported3_radio_prop)
+set_prop(vendor_init, ffs_control_prop)
set_prop(vendor_init, incremental_prop)
set_prop(vendor_init, lmkd_prop)
set_prop(vendor_init, logd_prop)
@@ -235,7 +231,8 @@
set_prop(vendor_init, log_prop)
set_prop(vendor_init, rebootescrow_hal_prop)
set_prop(vendor_init, serialno_prop)
-set_prop(vendor_init, storage_config_prop)
+set_prop(vendor_init, surfaceflinger_color_prop)
+set_prop(vendor_init, usb_control_prop)
set_prop(vendor_init, userspace_reboot_config_prop)
set_prop(vendor_init, vehicle_hal_prop)
set_prop(vendor_init, vendor_default_prop)
@@ -243,13 +240,16 @@
set_prop(vendor_init, vndk_prop)
set_prop(vendor_init, virtual_ab_prop)
set_prop(vendor_init, wifi_log_prop)
+set_prop(vendor_init, zram_control_prop)
-get_prop(vendor_init, exported2_radio_prop)
+get_prop(vendor_init, boot_status_prop)
get_prop(vendor_init, exported3_system_prop)
+get_prop(vendor_init, ota_prop)
+get_prop(vendor_init, provisioned_prop)
+get_prop(vendor_init, retaildemo_prop)
get_prop(vendor_init, surfaceflinger_display_prop)
get_prop(vendor_init, theme_prop)
-get_prop(vendor_init, ota_prop)
###
### neverallow rules
diff --git a/public/vold.te b/public/vold.te
index 1d125d3..c1e8e07 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -191,19 +191,6 @@
# Set scheduling policy of kernel processes
allow vold kernel:process setsched;
-# Property Service
-set_prop(vold, vold_prop)
-set_prop(vold, exported_vold_prop)
-set_prop(vold, exported2_vold_prop)
-set_prop(vold, powerctl_prop)
-set_prop(vold, ctl_fuse_prop)
-set_prop(vold, restorecon_prop)
-set_prop(vold, ota_prop)
-set_prop(vold, boottime_prop)
-set_prop(vold, boottime_public_prop)
-get_prop(vold, storage_config_prop)
-get_prop(vold, incremental_prop)
-
# ASEC
allow vold asec_image_file:file create_file_perms;
allow vold asec_image_file:dir rw_dir_perms;
diff --git a/public/wificond.te b/public/wificond.te
index b429884..6a1932b 100644
--- a/public/wificond.te
+++ b/public/wificond.te
@@ -8,10 +8,6 @@
add_service(wificond, wifinl80211_service)
-set_prop(wificond, exported_wifi_prop)
-set_prop(wificond, wifi_prop)
-set_prop(wificond, ctl_default_prop)
-
# create sockets to set interfaces up and down
allow wificond self:udp_socket create_socket_perms;
# setting interface state up/down is a privileged ioctl
@@ -33,7 +29,6 @@
#### Offer the Wifi Keystore HwBinder service ###
hwbinder_use(wificond)
-get_prop(wificond, hwservicemanager_prop)
typeattribute wificond wifi_keystore_service_server;
add_hwservice(wificond, system_wifi_keystore_hwservice)
diff --git a/tests/treble_sepolicy_tests.py b/tests/treble_sepolicy_tests.py
index cf1e856..2b25ed7 100644
--- a/tests/treble_sepolicy_tests.py
+++ b/tests/treble_sepolicy_tests.py
@@ -13,33 +13,15 @@
Use file_contexts and policy to verify Treble requirements
are not violated.
'''
-###
-# Differentiate between domains that are part of the core Android platform and
-# domains introduced by vendors
-coreAppdomain = {
- 'bluetooth',
- 'ephemeral_app',
- 'isolated_app',
- 'nfc',
- 'platform_app',
- 'priv_app',
- 'radio',
- 'shared_relro',
- 'shell',
- 'system_app',
- 'untrusted_app',
- 'untrusted_app_25',
- }
coredomainWhitelist = {
- 'adbd',
- 'kernel',
- 'postinstall',
- 'postinstall_dexopt',
- 'recovery',
- 'system_server',
+ # TODO: how do we make sure vendor_init doesn't have bad coupling with
+ # /vendor? It is the only system process which is not coredomain.
'vendor_init',
+ # TODO(b/152813275): need to avoid whitelist for rootdir
+ "modprobe",
+ "slideshow",
+ "healthd",
}
-coredomainWhitelist |= coreAppdomain
class scontext:
def __init__(self):
@@ -50,6 +32,7 @@
self.attributes = set()
self.entrypoints = []
self.entrypointpaths = []
+ self.error = ""
def PrintScontexts():
for d in sorted(alldomains.keys()):
@@ -102,32 +85,42 @@
global alldomains
global coredomains
for d in alldomains:
+ domain = alldomains[d]
# TestCoredomainViolations will verify if coredomain was incorrectly
# applied.
- if "coredomain" in alldomains[d].attributes:
- alldomains[d].coredomain = True
+ if "coredomain" in domain.attributes:
+ domain.coredomain = True
coredomains.add(d)
# check whether domains are executed off of /system or /vendor
if d in coredomainWhitelist:
continue
- # TODO, add checks to prevent app domains from being incorrectly
- # labeled as coredomain. Apps don't have entrypoints as they're always
- # dynamically transitioned to by zygote.
+ # TODO(b/153112003): add checks to prevent app domains from being
+ # incorrectly labeled as coredomain. Apps don't have entrypoints as
+ # they're always dynamically transitioned to by zygote.
if d in appdomains:
continue
- if not alldomains[d].entrypointpaths:
+ # TODO(b/153112747): need to handle cases where there is a dynamic
+ # transition OR there happens to be no context in AOSP files.
+ if not domain.entrypointpaths:
continue
- for path in alldomains[d].entrypointpaths:
- # Processes with entrypoint on /system
- if ((MatchPathPrefix(path, "/system") and not
- MatchPathPrefix(path, "/system/vendor")) or
- MatchPathPrefix(path, "/init") or
- MatchPathPrefix(path, "/charger")):
- alldomains[d].fromSystem = True
- # Processes with entrypoint on /vendor or /system/vendor
- if (MatchPathPrefix(path, "/vendor") or
- MatchPathPrefix(path, "/system/vendor")):
- alldomains[d].fromVendor = True
+
+ for path in domain.entrypointpaths:
+ vendor = any(MatchPathPrefix(path, prefix) for prefix in
+ ["/vendor", "/odm"])
+ system = any(MatchPathPrefix(path, prefix) for prefix in
+ ["/init", "/system_ext", "/product" ])
+
+ # only mark entrypoint as system if it is not in legacy /system/vendor
+ if MatchPathPrefix(path, "/system/vendor"):
+ vendor = True
+ elif MatchPathPrefix(path, "/system"):
+ system = True
+
+ if not vendor and not system:
+ domain.error += "Unrecognized entrypoint for " + d + " at " + path + "\n"
+
+ domain.fromSystem = domain.fromSystem or system
+ domain.fromVendor = domain.fromVendor or vendor
###
# Add the entrypoint type and path(s) to each domain.
@@ -195,6 +188,15 @@
# verify that all domains launched from /system have the coredomain
# attribute
ret = ""
+
+ for d in alldomains:
+ domain = alldomains[d]
+ if domain.fromSystem and domain.fromVendor:
+ ret += "The following domain is system and vendor: " + d + "\n"
+
+ for domain in alldomains.values():
+ ret += domain.error
+
violators = []
for d in alldomains:
domain = alldomains[d]
diff --git a/vendor/hal_can_socketcan.te b/vendor/hal_can_socketcan.te
index afa1311..7498788 100644
--- a/vendor/hal_can_socketcan.te
+++ b/vendor/hal_can_socketcan.te
@@ -25,6 +25,8 @@
# Un-publishing ICanBus interfaces
allow hal_can_socketcan hidl_manager_hwservice:hwservice_manager find;
+allow hal_can_socketcan sysfs:dir r_dir_perms;
+
allow hal_can_socketcan usb_serial_device:chr_file { ioctl read write open };
allowxperm hal_can_socketcan usb_serial_device:chr_file ioctl {
TCGETS
diff --git a/vendor/hal_gnss_default.te b/vendor/hal_gnss_default.te
index 92af53b..cea362f 100644
--- a/vendor/hal_gnss_default.te
+++ b/vendor/hal_gnss_default.te
@@ -3,3 +3,5 @@
type hal_gnss_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_gnss_default)
+
+allow hal_gnss_default gnss_device:chr_file rw_file_perms;
diff --git a/vendor/mediacodec.te b/vendor/mediacodec.te
index d6d0de1..b4c6df4 100644
--- a/vendor/mediacodec.te
+++ b/vendor/mediacodec.te
@@ -23,6 +23,9 @@
crash_dump_fallback(mediacodec)
+# get aac_drc_* properties
+get_prop(mediacodec, aac_drc_prop)
+
# mediacodec should never execute any executable without a domain transition
neverallow mediacodec { file_type fs_type }:file execute_no_trans;
