1########################## 2# property service keys 3# 4# 5net.rmnet u:object_r:net_radio_prop:s0 6net.gprs u:object_r:net_radio_prop:s0 7net.ppp u:object_r:net_radio_prop:s0 8net.qmi u:object_r:net_radio_prop:s0 9net.lte u:object_r:net_radio_prop:s0 10net.cdma u:object_r:net_radio_prop:s0 11net.dns u:object_r:net_dns_prop:s0 12sys.usb.config u:object_r:system_radio_prop:s0 13ril. u:object_r:radio_prop:s0 14ro.ril. u:object_r:radio_prop:s0 15gsm. u:object_r:radio_prop:s0 16persist.radio u:object_r:radio_prop:s0 17 18net. u:object_r:system_prop:s0 19dev. u:object_r:system_prop:s0 20ro.runtime. u:object_r:system_prop:s0 21ro.runtime.firstboot u:object_r:firstboot_prop:s0 22hw. u:object_r:system_prop:s0 23ro.hw. u:object_r:system_prop:s0 24sys. u:object_r:system_prop:s0 25sys.audio. u:object_r:audio_prop:s0 26sys.init.perf_lsm_hooks u:object_r:init_perf_lsm_hooks_prop:s0 27sys.cppreopt u:object_r:cppreopt_prop:s0 28sys.lpdumpd u:object_r:lpdumpd_prop:s0 29sys.powerctl u:object_r:powerctl_prop:s0 30sys.usb.ffs. u:object_r:ffs_prop:s0 31service. u:object_r:system_prop:s0 32dhcp. u:object_r:dhcp_prop:s0 33dhcp.bt-pan.result u:object_r:pan_result_prop:s0 34bluetooth. u:object_r:bluetooth_prop:s0 35 36debug. u:object_r:debug_prop:s0 37debug.db. u:object_r:debuggerd_prop:s0 38dumpstate. u:object_r:dumpstate_prop:s0 39dumpstate.options u:object_r:dumpstate_options_prop:s0 40init.svc_debug_pid. u:object_r:init_svc_debug_prop:s0 41llk. u:object_r:llkd_prop:s0 42khungtask. u:object_r:llkd_prop:s0 43ro.llk. u:object_r:llkd_prop:s0 44ro.khungtask. u:object_r:llkd_prop:s0 45lmkd.reinit u:object_r:lmkd_prop:s0 exact int 46log. u:object_r:log_prop:s0 47log.tag u:object_r:log_tag_prop:s0 48log.tag.WifiHAL u:object_r:wifi_log_prop:s0 49security.perf_harden u:object_r:shell_prop:s0 50service.adb.root u:object_r:shell_prop:s0 51service.adb.tcp.port u:object_r:shell_prop:s0 52service.adb.tls.port u:object_r:adbd_prop:s0 53persist.adb.wifi. u:object_r:adbd_prop:s0 54persist.adb.tls_server.enable u:object_r:system_adbd_prop:s0 55 56persist.audio. u:object_r:audio_prop:s0 57persist.bluetooth. u:object_r:bluetooth_prop:s0 58persist.nfc_cfg. u:object_r:nfc_prop:s0 59persist.debug. u:object_r:persist_debug_prop:s0 60persist.logd. u:object_r:logd_prop:s0 61ro.logd. u:object_r:logd_prop:s0 62persist.logd.security u:object_r:device_logging_prop:s0 63persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0 64logd.logpersistd u:object_r:logpersistd_logging_prop:s0 65persist.log.tag u:object_r:log_tag_prop:s0 66persist.mmc. u:object_r:mmc_prop:s0 67persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0 68persist.pm.mock-upgrade u:object_r:mock_ota_prop:s0 69persist.sys. u:object_r:system_prop:s0 70persist.sys.safemode u:object_r:safemode_prop:s0 71persist.sys.theme u:object_r:theme_prop:s0 72persist.sys.fflag.override.settings_dynamic_system u:object_r:dynamic_system_prop:s0 73ro.sys.safemode u:object_r:safemode_prop:s0 74persist.sys.audit_safemode u:object_r:safemode_prop:s0 75persist.sys.dalvik.jvmtiagent u:object_r:system_jvmti_agent_prop:s0 76persist.service. u:object_r:system_prop:s0 77persist.service.bdroid. u:object_r:bluetooth_prop:s0 78persist.security. u:object_r:system_prop:s0 79persist.traced.enable u:object_r:traced_enabled_prop:s0 80traced.lazy. u:object_r:traced_lazy_prop:s0 81persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0 82persist.traced_perf.enable u:object_r:traced_perf_enabled_prop:s0 83persist.vendor.overlay. u:object_r:overlay_prop:s0 84ro.boot.vendor.overlay. u:object_r:overlay_prop:s0 85ro.boottime. u:object_r:boottime_prop:s0 86ro.serialno u:object_r:serialno_prop:s0 87ro.boot.btmacaddr u:object_r:bluetooth_prop:s0 88ro.boot.serialno u:object_r:serialno_prop:s0 89ro.bt. u:object_r:bluetooth_prop:s0 90ro.boot.bootreason u:object_r:bootloader_boot_reason_prop:s0 91persist.sys.boot.reason u:object_r:last_boot_reason_prop:s0 92sys.boot.reason u:object_r:system_boot_reason_prop:s0 93sys.boot.reason.last u:object_r:last_boot_reason_prop:s0 94pm. u:object_r:pm_prop:s0 95test.sys.boot.reason u:object_r:test_boot_reason_prop:s0 96test.userspace_reboot.requested u:object_r:userspace_reboot_test_prop:s0 97sys.lmk. u:object_r:system_lmk_prop:s0 98sys.trace. u:object_r:system_trace_prop:s0 99 100# Fastbootd protocol control property 101fastbootd.protocol u:object_r:fastbootd_protocol_prop:s0 exact enum usb tcp 102 103# Boolean property set by system server upon boot indicating 104# if device is fully owned by organization instead of being 105# a personal device. 106ro.organization_owned u:object_r:device_logging_prop:s0 107 108# selinux non-persistent properties 109selinux.restorecon_recursive u:object_r:restorecon_prop:s0 110 111# default property context 112* u:object_r:default_prop:s0 113 114# data partition encryption properties 115vold. u:object_r:vold_prop:s0 116ro.crypto. u:object_r:vold_prop:s0 117 118# ro.build.fingerprint is either set in /system/build.prop, or is 119# set at runtime by system_server. 120ro.build.fingerprint u:object_r:fingerprint_prop:s0 121 122ro.persistent_properties.ready u:object_r:persistent_properties_ready_prop:s0 123 124# ctl properties 125ctl.bootanim u:object_r:ctl_bootanim_prop:s0 126ctl.dumpstate u:object_r:ctl_dumpstate_prop:s0 127ctl.fuse_ u:object_r:ctl_fuse_prop:s0 128ctl.mdnsd u:object_r:ctl_mdnsd_prop:s0 129ctl.ril-daemon u:object_r:ctl_rildaemon_prop:s0 130ctl.bugreport u:object_r:ctl_bugreport_prop:s0 131ctl.console u:object_r:ctl_console_prop:s0 132ctl. u:object_r:ctl_default_prop:s0 133 134# Don't allow blind access to all services 135ctl.sigstop_on$ u:object_r:ctl_sigstop_prop:s0 136ctl.sigstop_off$ u:object_r:ctl_sigstop_prop:s0 137ctl.start$ u:object_r:ctl_start_prop:s0 138ctl.stop$ u:object_r:ctl_stop_prop:s0 139ctl.restart$ u:object_r:ctl_restart_prop:s0 140ctl.interface_start$ u:object_r:ctl_interface_start_prop:s0 141ctl.interface_stop$ u:object_r:ctl_interface_stop_prop:s0 142ctl.interface_restart$ u:object_r:ctl_interface_restart_prop:s0 143 144 # Restrict access to starting/stopping adbd 145ctl.start$adbd u:object_r:ctl_adbd_prop:s0 146ctl.stop$adbd u:object_r:ctl_adbd_prop:s0 147ctl.restart$adbd u:object_r:ctl_adbd_prop:s0 148 149# Restrict access to starting/stopping gsid. 150ctl.start$gsid u:object_r:ctl_gsid_prop:s0 151ctl.stop$gsid u:object_r:ctl_gsid_prop:s0 152ctl.restart$gsid u:object_r:ctl_gsid_prop:s0 153 154# Restrict access to stopping apexd. 155ctl.stop$apexd u:object_r:ctl_apexd_prop:s0 156 157# Restrict access to restart dumpstate 158ctl.interface_restart$android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0 159 160# NFC properties 161nfc. u:object_r:nfc_prop:s0 162 163# These properties are not normally set by processes other than init. 164# They are only distinguished here for setting by qemu-props on the 165# emulator/goldfish. 166config. u:object_r:config_prop:s0 167ro.config. u:object_r:config_prop:s0 168dalvik. u:object_r:dalvik_prop:s0 169ro.dalvik. u:object_r:dalvik_prop:s0 170 171# Shared between system server and wificond 172wifi. u:object_r:wifi_prop:s0 173wlan. u:object_r:wifi_prop:s0 174 175# Lowpan properties 176lowpan. u:object_r:lowpan_prop:s0 177ro.lowpan. u:object_r:lowpan_prop:s0 178 179# heapprofd properties 180heapprofd. u:object_r:heapprofd_prop:s0 181 182# hwservicemanager properties 183hwservicemanager. u:object_r:hwservicemanager_prop:s0 184 185# Common default properties for vendor and odm. 186init.svc.odm. u:object_r:vendor_default_prop:s0 187init.svc.vendor. u:object_r:vendor_default_prop:s0 188ro.hardware. u:object_r:vendor_default_prop:s0 189ro.odm. u:object_r:vendor_default_prop:s0 190ro.vendor. u:object_r:vendor_default_prop:s0 191odm. u:object_r:vendor_default_prop:s0 192persist.odm. u:object_r:vendor_default_prop:s0 193persist.vendor. u:object_r:vendor_default_prop:s0 194vendor. u:object_r:vendor_default_prop:s0 195# ro.boot. properties are set based on kernel commandline arguments, which are vendor owned. 196ro.boot. u:object_r:exported2_default_prop:s0 197 198# Properties that relate to time / time zone detection behavior. 199persist.time. u:object_r:time_prop:s0 200 201# Properties that relate to server configurable flags 202device_config.reset_performed u:object_r:device_config_reset_performed_prop:s0 203persist.device_config.activity_manager_native_boot. u:object_r:device_config_activity_manager_native_boot_prop:s0 204persist.device_config.attempted_boot_count u:object_r:device_config_boot_count_prop:s0 205persist.device_config.input_native_boot. u:object_r:device_config_input_native_boot_prop:s0 206persist.device_config.netd_native. u:object_r:device_config_netd_native_prop:s0 207persist.device_config.runtime_native. u:object_r:device_config_runtime_native_prop:s0 208persist.device_config.runtime_native_boot. u:object_r:device_config_runtime_native_boot_prop:s0 209persist.device_config.media_native. u:object_r:device_config_media_native_prop:s0 210persist.device_config.storage_native_boot. u:object_r:device_config_storage_native_boot_prop:s0 211persist.device_config.window_manager_native_boot. u:object_r:device_config_window_manager_native_boot_prop:s0 212persist.device_config.configuration. u:object_r:device_config_configuration_prop:s0 213 214# Properties that relate to legacy server configurable flags 215persist.device_config.global_settings.sys_traced u:object_r:device_config_sys_traced_prop:s0 216 217apexd. u:object_r:apexd_prop:s0 218persist.apexd. u:object_r:apexd_prop:s0 219 220bpf.progs_loaded u:object_r:bpf_progs_loaded_prop:s0 221 222gsid. u:object_r:gsid_prop:s0 223ro.gsid. u:object_r:gsid_prop:s0 224 225# Property for disabling NNAPI vendor extensions on product image (used on GSI /product image, 226# which can't use NNAPI vendor extensions). 227ro.nnapi.extensions.deny_on_product u:object_r:nnapi_ext_deny_product_prop:s0 228 229# Property that is set once ueventd finishes cold boot. 230ro.cold_boot_done u:object_r:cold_boot_done_prop:s0 231 232# Charger properties 233ro.charger. u:object_r:charger_prop:s0 234 235# Virtual A/B properties 236ro.virtual_ab.enabled u:object_r:virtual_ab_prop:s0 237ro.virtual_ab.retrofit u:object_r:virtual_ab_prop:s0 238 239# Property to set/clear the warm reset flag after an OTA update. 240ota.warm_reset u:object_r:ota_prop:s0 241 242# Module properties 243com.android.sdkext. u:object_r:module_sdkextensions_prop:s0 244persist.com.android.sdkext. u:object_r:module_sdkextensions_prop:s0 245 246# Userspace reboot properties 247sys.userspace_reboot.log. u:object_r:userspace_reboot_log_prop:s0 248persist.sys.userspace_reboot.log. u:object_r:userspace_reboot_log_prop:s0 249 250# Integer property which is used in libgui to configure the number of frames 251# tracked by buffer queue's frame event timing history. The property is set 252# by devices with video decoding pipelines long enough to overflow the default 253# history size. 254ro.lib_gui.frame_event_history_size u:object_r:bq_config_prop:s0 255 256# Property to enable incremental feature 257ro.incremental.enable u:object_r:incremental_prop:s0 258 259# Properties to configure userspace reboot. 260init.userspace_reboot.is_supported u:object_r:userspace_reboot_config_prop:s0 exact bool 261init.userspace_reboot.sigkill.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int 262init.userspace_reboot.sigterm.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int 263init.userspace_reboot.started.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int 264init.userspace_reboot.userdata_remount.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int 265init.userspace_reboot.watchdog.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int 266 267# surfaceflinger-settable 268graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool 269