1# Label inodes with the fs label. 2genfscon rootfs / u:object_r:rootfs:s0 3# proc labeling can be further refined (longest matching prefix). 4genfscon proc / u:object_r:proc:s0 5genfscon proc /asound u:object_r:proc_asound:s0 6genfscon proc /buddyinfo u:object_r:proc_buddyinfo:s0 7genfscon proc /cmdline u:object_r:proc_cmdline:s0 8genfscon proc /config.gz u:object_r:config_gz:s0 9genfscon proc /diskstats u:object_r:proc_diskstats:s0 10genfscon proc /filesystems u:object_r:proc_filesystems:s0 11genfscon proc /interrupts u:object_r:proc_interrupts:s0 12genfscon proc /iomem u:object_r:proc_iomem:s0 13genfscon proc /kmsg u:object_r:proc_kmsg:s0 14genfscon proc /loadavg u:object_r:proc_loadavg:s0 15genfscon proc /meminfo u:object_r:proc_meminfo:s0 16genfscon proc /misc u:object_r:proc_misc:s0 17genfscon proc /modules u:object_r:proc_modules:s0 18genfscon proc /mounts u:object_r:proc_mounts:s0 19genfscon proc /net u:object_r:proc_net:s0 20genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0 21genfscon proc /net/xt_qtaguid/ u:object_r:proc_qtaguid_stat:s0 22genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0 23genfscon proc /pagetypeinfo u:object_r:proc_pagetypeinfo:s0 24genfscon proc /softirqs u:object_r:proc_timer:s0 25genfscon proc /stat u:object_r:proc_stat:s0 26genfscon proc /swaps u:object_r:proc_swaps:s0 27genfscon proc /sysrq-trigger u:object_r:proc_sysrq:s0 28genfscon proc /sys/abi/swp u:object_r:proc_abi:s0 29genfscon proc /sys/fs/pipe-max-size u:object_r:proc_pipe_conf:s0 30genfscon proc /sys/fs/protected_hardlinks u:object_r:proc_security:s0 31genfscon proc /sys/fs/protected_symlinks u:object_r:proc_security:s0 32genfscon proc /sys/fs/suid_dumpable u:object_r:proc_security:s0 33genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0 34genfscon proc /sys/kernel/core_pipe_limit u:object_r:usermodehelper:s0 35genfscon proc /sys/kernel/domainname u:object_r:proc_hostname:s0 36genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0 37genfscon proc /sys/kernel/hostname u:object_r:proc_hostname:s0 38genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0 39genfscon proc /sys/kernel/hung_task_timeout_secs u:object_r:proc_hung_task:s0 40genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0 41genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0 42genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0 43genfscon proc /sys/kernel/panic_on_oops u:object_r:proc_panic:s0 44genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0 45genfscon proc /sys/kernel/perf_event_paranoid u:object_r:proc_perf:s0 46genfscon proc /sys/kernel/pid_max u:object_r:proc_pid_max:s0 47genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0 48genfscon proc /sys/kernel/random u:object_r:proc_random:s0 49genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0 50genfscon proc /sys/kernel/sched_child_runs_first u:object_r:proc_sched:s0 51genfscon proc /sys/kernel/sched_latency_ns u:object_r:proc_sched:s0 52genfscon proc /sys/kernel/sched_rt_period_us u:object_r:proc_sched:s0 53genfscon proc /sys/kernel/sched_rt_runtime_us u:object_r:proc_sched:s0 54genfscon proc /sys/kernel/sched_schedstats u:object_r:proc_sched:s0 55genfscon proc /sys/kernel/sched_tunable_scaling u:object_r:proc_sched:s0 56genfscon proc /sys/kernel/sched_wakeup_granularity_ns u:object_r:proc_sched:s0 57genfscon proc /sys/kernel/sysrq u:object_r:proc_sysrq:s0 58genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0 59genfscon proc /sys/net u:object_r:proc_net:s0 60genfscon proc /sys/vm/dirty_background_ratio u:object_r:proc_dirty:s0 61genfscon proc /sys/vm/dirty_expire_centisecs u:object_r:proc_dirty:s0 62genfscon proc /sys/vm/extra_free_kbytes u:object_r:proc_extra_free_kbytes:s0 63genfscon proc /sys/vm/max_map_count u:object_r:proc_max_map_count:s0 64genfscon proc /sys/vm/mmap_min_addr u:object_r:proc_security:s0 65genfscon proc /sys/vm/mmap_rnd_bits u:object_r:proc_security:s0 66genfscon proc /sys/vm/mmap_rnd_compat_bits u:object_r:proc_security:s0 67genfscon proc /sys/vm/page-cluster u:object_r:proc_page_cluster:s0 68genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0 69genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0 70genfscon proc /sys/vm/min_free_order_shift u:object_r:proc_min_free_order_shift:s0 71genfscon proc /timer_list u:object_r:proc_timer:s0 72genfscon proc /timer_stats u:object_r:proc_timer:s0 73genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0 74genfscon proc /uid/ u:object_r:proc_uid_time_in_state:s0 75genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0 76genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0 77genfscon proc /uid_io/stats u:object_r:proc_uid_io_stats:s0 78genfscon proc /uid_procstat/set u:object_r:proc_uid_procstat_set:s0 79genfscon proc /uid_time_in_state u:object_r:proc_uid_time_in_state:s0 80genfscon proc /uid_concurrent_active_time u:object_r:proc_uid_concurrent_active_time:s0 81genfscon proc /uid_concurrent_policy_time u:object_r:proc_uid_concurrent_policy_time:s0 82genfscon proc /uid_cpupower/ u:object_r:proc_uid_cpupower:s0 83genfscon proc /uptime u:object_r:proc_uptime:s0 84genfscon proc /version u:object_r:proc_version:s0 85genfscon proc /vmallocinfo u:object_r:proc_vmallocinfo:s0 86genfscon proc /vmstat u:object_r:proc_vmstat:s0 87genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0 88 89# selinuxfs booleans can be individually labeled. 90genfscon selinuxfs / u:object_r:selinuxfs:s0 91genfscon cgroup / u:object_r:cgroup:s0 92genfscon cgroup2 / u:object_r:cgroup_bpf:s0 93# sysfs labels can be set by userspace. 94genfscon sysfs / u:object_r:sysfs:s0 95genfscon sysfs /devices/system/cpu u:object_r:sysfs_devices_system_cpu:s0 96genfscon sysfs /class/android_usb u:object_r:sysfs_android_usb:s0 97genfscon sysfs /class/leds u:object_r:sysfs_leds:s0 98genfscon sysfs /class/net u:object_r:sysfs_net:s0 99genfscon sysfs /class/rtc u:object_r:sysfs_rtc:s0 100genfscon sysfs /class/switch u:object_r:sysfs_switch:s0 101genfscon sysfs /devices/platform/nfc-power/nfc_power u:object_r:sysfs_nfc_power_writable:s0 102genfscon sysfs /devices/virtual/android_usb u:object_r:sysfs_android_usb:s0 103genfscon sysfs /devices/virtual/block/dm- u:object_r:sysfs_dm:s0 104genfscon sysfs /devices/virtual/block/zram0 u:object_r:sysfs_zram:s0 105genfscon sysfs /devices/virtual/block/zram1 u:object_r:sysfs_zram:s0 106genfscon sysfs /devices/virtual/block/zram0/uevent u:object_r:sysfs_zram_uevent:s0 107genfscon sysfs /devices/virtual/block/zram1/uevent u:object_r:sysfs_zram_uevent:s0 108genfscon sysfs /devices/virtual/misc/hw_random u:object_r:sysfs_hwrandom:s0 109genfscon sysfs /devices/virtual/switch u:object_r:sysfs_switch:s0 110genfscon sysfs /firmware/devicetree/base/firmware/android u:object_r:sysfs_dt_firmware_android:s0 111genfscon sysfs /fs/ext4/features u:object_r:sysfs_fs_ext4_features:s0 112genfscon sysfs /power/autosleep u:object_r:sysfs_power:s0 113genfscon sysfs /power/state u:object_r:sysfs_power:s0 114genfscon sysfs /power/wakeup_count u:object_r:sysfs_power:s0 115genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0 116genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0 117genfscon sysfs /kernel/memory_state_time u:object_r:sysfs_power:s0 118genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0 119genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0 120genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0 121genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0 122genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0 123genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0 124genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0 125 126genfscon debugfs /mmc0 u:object_r:debugfs_mmc:s0 127genfscon debugfs /tracing u:object_r:debugfs_tracing_debug:s0 128genfscon tracefs / u:object_r:debugfs_tracing_debug:s0 129genfscon debugfs /tracing/tracing_on u:object_r:debugfs_tracing:s0 130genfscon tracefs /tracing_on u:object_r:debugfs_tracing:s0 131genfscon debugfs /tracing/trace u:object_r:debugfs_tracing:s0 132genfscon tracefs /trace u:object_r:debugfs_tracing:s0 133genfscon debugfs /tracing/per_cpu/cpu u:object_r:debugfs_tracing:s0 134genfscon tracefs /per_cpu/cpu u:object_r:debugfs_tracing:s0 135 136genfscon debugfs /tracing/instances u:object_r:debugfs_tracing_instances:s0 137genfscon tracefs /instances u:object_r:debugfs_tracing_instances:s0 138genfscon debugfs /tracing/instances/wifi u:object_r:debugfs_wifi_tracing:s0 139genfscon tracefs /instances/wifi u:object_r:debugfs_wifi_tracing:s0 140genfscon debugfs /tracing/trace_marker u:object_r:debugfs_trace_marker:s0 141genfscon tracefs /trace_marker u:object_r:debugfs_trace_marker:s0 142genfscon debugfs /wakeup_sources u:object_r:debugfs_wakeup_sources:s0 143 144genfscon debugfs /tracing/events/workqueue/ u:object_r:debugfs_tracing_debug:s0 145genfscon debugfs /tracing/events/regulator/ u:object_r:debugfs_tracing_debug:s0 146genfscon debugfs /tracing/events/pagecache/ u:object_r:debugfs_tracing_debug:s0 147genfscon debugfs /tracing/events/irq/ u:object_r:debugfs_tracing_debug:s0 148genfscon debugfs /tracing/events/ipi/ u:object_r:debugfs_tracing_debug:s0 149genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0 150genfscon debugfs /tracing/events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0 151genfscon debugfs /tracing/events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0 152genfscon debugfs /tracing/events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0 153genfscon debugfs /tracing/events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0 154genfscon debugfs /tracing/events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0 155genfscon debugfs /tracing/events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0 156genfscon debugfs /tracing/events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0 157genfscon debugfs /tracing/events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0 158genfscon debugfs /tracing/events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0 159 160genfscon tracefs /events/workqueue/ u:object_r:debugfs_tracing_debug:s0 161genfscon tracefs /events/regulator/ u:object_r:debugfs_tracing_debug:s0 162genfscon tracefs /events/pagecache/ u:object_r:debugfs_tracing_debug:s0 163genfscon tracefs /events/irq/ u:object_r:debugfs_tracing_debug:s0 164genfscon tracefs /events/ipi/ u:object_r:debugfs_tracing_debug:s0 165genfscon tracefs /events/f2fs/f2fs_sync_file_enter/ u:object_r:debugfs_tracing:s0 166genfscon tracefs /events/f2fs/f2fs_sync_file_exit/ u:object_r:debugfs_tracing:s0 167genfscon tracefs /events/f2fs/f2fs_write_begin/ u:object_r:debugfs_tracing:s0 168genfscon tracefs /events/f2fs/f2fs_write_end/ u:object_r:debugfs_tracing:s0 169genfscon tracefs /events/ext4/ext4_da_write_begin/ u:object_r:debugfs_tracing:s0 170genfscon tracefs /events/ext4/ext4_da_write_end/ u:object_r:debugfs_tracing:s0 171genfscon tracefs /events/ext4/ext4_sync_file_enter/ u:object_r:debugfs_tracing:s0 172genfscon tracefs /events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_tracing:s0 173genfscon tracefs /events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0 174genfscon tracefs /events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0 175 176genfscon tracefs /trace_clock u:object_r:debugfs_tracing:s0 177genfscon tracefs /buffer_size_kb u:object_r:debugfs_tracing:s0 178genfscon tracefs /options/overwrite u:object_r:debugfs_tracing:s0 179genfscon tracefs /options/print-tgid u:object_r:debugfs_tracing:s0 180genfscon tracefs /saved_cmdlines_size u:object_r:debugfs_tracing:s0 181genfscon tracefs /events/sched/sched_switch/ u:object_r:debugfs_tracing:s0 182genfscon tracefs /events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0 183genfscon tracefs /events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0 184genfscon tracefs /events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0 185genfscon tracefs /events/cgroup/ u:object_r:debugfs_tracing:s0 186genfscon tracefs /events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0 187genfscon tracefs /events/power/cpu_idle/ u:object_r:debugfs_tracing:s0 188genfscon tracefs /events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0 189genfscon tracefs /events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0 190genfscon tracefs /events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0 191genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0 192genfscon tracefs /events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0 193genfscon tracefs /events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0 194genfscon tracefs /events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0 195genfscon tracefs /events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0 196genfscon tracefs /events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0 197genfscon tracefs /events/binder/binder_lock/ u:object_r:debugfs_tracing:s0 198genfscon tracefs /events/binder/binder_locked/ u:object_r:debugfs_tracing:s0 199genfscon tracefs /events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0 200genfscon tracefs /events/lowmemorykiller/ u:object_r:debugfs_tracing:s0 201genfscon tracefs /events/sync/ u:object_r:debugfs_tracing:s0 202genfscon tracefs /events/fence/ u:object_r:debugfs_tracing:s0 203 204genfscon debugfs /tracing/trace_clock u:object_r:debugfs_tracing:s0 205genfscon debugfs /tracing/buffer_size_kb u:object_r:debugfs_tracing:s0 206genfscon debugfs /tracing/options/overwrite u:object_r:debugfs_tracing:s0 207genfscon debugfs /tracing/options/print-tgid u:object_r:debugfs_tracing:s0 208genfscon debugfs /tracing/saved_cmdlines_size u:object_r:debugfs_tracing:s0 209genfscon debugfs /tracing/events/sched/sched_switch/ u:object_r:debugfs_tracing:s0 210genfscon debugfs /tracing/events/sched/sched_wakeup/ u:object_r:debugfs_tracing:s0 211genfscon debugfs /tracing/events/sched/sched_blocked_reason/ u:object_r:debugfs_tracing:s0 212genfscon debugfs /tracing/events/sched/sched_cpu_hotplug/ u:object_r:debugfs_tracing:s0 213genfscon debugfs /tracing/events/cgroup/ u:object_r:debugfs_tracing:s0 214genfscon debugfs /tracing/events/power/cpu_frequency/ u:object_r:debugfs_tracing:s0 215genfscon debugfs /tracing/events/power/cpu_idle/ u:object_r:debugfs_tracing:s0 216genfscon debugfs /tracing/events/power/clock_set_rate/ u:object_r:debugfs_tracing:s0 217genfscon debugfs /tracing/events/power/cpu_frequency_limits/ u:object_r:debugfs_tracing:s0 218genfscon debugfs /tracing/events/cpufreq_interactive/ u:object_r:debugfs_tracing:s0 219genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/ u:object_r:debugfs_tracing:s0 220genfscon debugfs /tracing/events/vmscan/mm_vmscan_direct_reclaim_end/ u:object_r:debugfs_tracing:s0 221genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_wake/ u:object_r:debugfs_tracing:s0 222genfscon debugfs /tracing/events/vmscan/mm_vmscan_kswapd_sleep/ u:object_r:debugfs_tracing:s0 223genfscon debugfs /tracing/events/binder/binder_transaction/ u:object_r:debugfs_tracing:s0 224genfscon debugfs /tracing/events/binder/binder_transaction_received/ u:object_r:debugfs_tracing:s0 225genfscon debugfs /tracing/events/binder/binder_lock/ u:object_r:debugfs_tracing:s0 226genfscon debugfs /tracing/events/binder/binder_locked/ u:object_r:debugfs_tracing:s0 227genfscon debugfs /tracing/events/binder/binder_unlock/ u:object_r:debugfs_tracing:s0 228genfscon debugfs /tracing/events/lowmemorykiller/ u:object_r:debugfs_tracing:s0 229genfscon debugfs /tracing/events/sync/ u:object_r:debugfs_tracing:s0 230genfscon debugfs /tracing/events/fence/ u:object_r:debugfs_tracing:s0 231 232genfscon inotifyfs / u:object_r:inotify:s0 233genfscon vfat / u:object_r:vfat:s0 234genfscon exfat / u:object_r:exfat:s0 235genfscon debugfs / u:object_r:debugfs:s0 236genfscon fuse / u:object_r:fuse:s0 237genfscon configfs / u:object_r:configfs:s0 238genfscon sdcardfs / u:object_r:sdcardfs:s0 239genfscon esdfs / u:object_r:sdcardfs:s0 240genfscon pstore / u:object_r:pstorefs:s0 241genfscon functionfs / u:object_r:functionfs:s0 242genfscon usbfs / u:object_r:usbfs:s0 243genfscon binfmt_misc / u:object_r:binfmt_miscfs:s0 244genfscon bpf / u:object_r:fs_bpf:s0 245