1########################## 2# Devices 3# 4 5/dev/block/by-name/misc u:object_r:misc_block_device:s0 6/dev/block/by-name/boot_[ab] u:object_r:boot_block_device:s0 7/dev/block/by-name/init_boot_[ab] u:object_r:boot_block_device:s0 8/dev/block/by-name/vendor_boot_[ab] u:object_r:boot_block_device:s0 9/dev/block/by-name/vbmeta_[ab] u:object_r:ab_block_device:s0 10/dev/block/by-name/vbmeta_system_[ab] u:object_r:ab_block_device:s0 11/dev/block/by-name/vbmeta_vendor_dlkm_[ab] u:object_r:ab_block_device:s0 12/dev/block/by-name/vbmeta_system_dlkm_[ab] u:object_r:ab_block_device:s0 13/dev/block/by-name/super u:object_r:super_block_device:s0 14/dev/block/by-name/userdata u:object_r:userdata_block_device:s0 15/dev/block/by-name/metadata u:object_r:metadata_block_device:s0 16 17/dev/block/by-name/frp u:object_r:frp_block_device:s0 18 19/dev/block/zram0 u:object_r:swap_block_device:s0 20# /dev/hvc0 is only used by the kernel directly 21/dev/hvc1 u:object_r:serial_device:s0 22# /dev/hvc2 handled in seriallogging/file_contexts 23/dev/hvc3 u:object_r:keymaster_device:s0 24/dev/hvc4 u:object_r:gatekeeper_device:s0 25 26# hvc8 for confirmation UI 27/dev/hvc8 u:object_r:confirmationui_device:s0 28 29# hvc9 for uwb 30/dev/hvc9 u:object_r:uwb_device:s0 31 32# hvc10 for oemlock 33/dev/hvc10 u:object_r:oemlock_device:s0 34 35# hvc11 for keymint / Rust 36/dev/hvc11 u:object_r:keymint_device:s0 37 38# hvc12 for NFC 39/dev/hvc12 u:object_r:nfc_device:s0 40 41# hvc13 for Sensors 42/dev/hvc13 u:object_r:sensors_device:s0 43 44# hvc14 for MCU control 45/dev/hvc14 u:object_r:mcu_control_device:s0 46# hvc15 for MCU UART 47/dev/hvc15 u:object_r:mcu_uart_device:s0 48 49# hvc16 for Ti50 emulator 50/dev/hvc16 u:object_r:ti50_char_device:s0 51 52# ARM serial console device 53/dev/ttyAMA[0-9]* u:object_r:serial_device:s0 54 55############################# 56# data files 57/data/vendor/mediadrm(/.*)? u:object_r:mediadrm_vendor_data_file:s0 58 59############################# 60# sys files 61# x86 62/sys/devices/pci0000:00/0000:00:[0-9a-fA-F]{2}\.[0-7]/virtio[0-9]+/net(/.*)? u:object_r:sysfs_net:s0 63/sys/devices/pci0000:00/0000:00:[0-9a-fA-F]{2}\.[0-7]/virtio[0-9]+/(block|ndbus[0-9]+)(/.*)? u:object_r:sysfs_devices_block:s0 64# crosvm (arm64) 65/sys/devices/platform/10000.pci/pci0000:00/0000:00:[0-9a-fA-F]{2}\.[0-7]/virtio[0-9]+/net(/.*)? u:object_r:sysfs_net:s0 66/sys/devices/platform/10000.pci/pci0000:00/0000:00:[0-9a-fA-F]{2}\.[0-7]/virtio[0-9]+/(block|ndbus[0-9]+)(/.*)? u:object_r:sysfs_devices_block:s0 67# qemu (x86) 68/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00(/device:[0-9a-fA-F]{2})?/wakeup/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0 69# crosvm (x86) 70/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A08:00(/device:[0-9a-fA-F]{2})?/wakeup/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0 71# qemu (aarch64) 72/sys/devices/platform/4010000000.pcie/pci0000:00/0000:00:[0-9a-fA-F]{2}.0/virtio[0-9]+/net u:object_r:sysfs_net:s0 73/sys/devices/platform/4010000000.pcie/pci0000:00/0000:00:[0-9a-fA-F]{2}.0/virtio[0-9]+/(block|ndbus[0-9]+)(/.*)? u:object_r:sysfs_devices_block:s0 74# qemu (arm) 75/sys/devices/platform/3f000000.pcie/pci0000:00/0000:00:[0-9a-fA-F]{2}.0/virtio[0-9]+/net u:object_r:sysfs_net:s0 76/sys/devices/platform/3f000000.pcie/pci0000:00/0000:00:[0-9a-fA-F]{2}.0/virtio[0-9]+/(block|ndbus[0-9]+)(/.*)? u:object_r:sysfs_devices_block:s0 77# qemu (riscv64) 78/sys/devices/platform/soc/30000000.pci/pci0000:00/0000:00:[0-9a-fA-F]{2}.0/virtio[0-9]+/(block|ndbus[0-9]+)(/.*)? u:object_r:sysfs_devices_block:s0 79 80############################# 81# Vendor files 82# 83/vendor/bin/mac80211_create_radios u:object_r:mac80211_create_radios_exec:s0 84/vendor/bin/socket_vsock_proxy u:object_r:socket_vsock_proxy_exec:s0 85/vendor/bin/rename_netiface u:object_r:rename_netiface_exec:s0 86/vendor/bin/suspend_blocker u:object_r:suspend_blocker_exec:s0 87/vendor/bin/metrics_helper u:object_r:metrics_helper_exec:s0 88/vendor/bin/hw/android\.hardware\.power\.stats@1\.0-service\.mock u:object_r:hal_power_stats_default_exec:s0 89/vendor/bin/hw/android\.hardware\.audio\.service u:object_r:hal_audio_cuttlefish_exec:s0 90/vendor/bin/hw/android\.hardware\.contexthub@1\.2-service\.mock u:object_r:hal_contexthub_default_exec:s0 91/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0 92/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service-lazy\.clearkey u:object_r:hal_drm_clearkey_exec:s0 93/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service\.widevine u:object_r:hal_drm_widevine_exec:s0 94/vendor/bin/hw/android\.hardware\.drm-service\.widevine u:object_r:hal_drm_widevine_exec:s0 95/vendor/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service-lazy\.widevine u:object_r:hal_drm_widevine_exec:s0 96/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software u:object_r:hal_gatekeeper_default_exec:s0 97/vendor/bin/hw/android\.hardware\.health-service\.cuttlefish u:object_r:hal_health_default_exec:s0 98/vendor/bin/hw/android\.hardware\.health\.storage-service\.cuttlefish u:object_r:hal_health_storage_default_exec:s0 99/vendor/bin/hw/android\.hardware\.lights-service\.cuttlefish u:object_r:hal_light_cuttlefish_exec:s0 100/vendor/bin/hw/android\.hardware\.neuralnetworks-shim-service-sample u:object_r:hal_neuralnetworks_sample_exec:s0 101/vendor/bin/hw/android\.hardware\.neuralnetworks-service-sample-.* u:object_r:hal_neuralnetworks_sample_exec:s0 102/vendor/bin/hw/android\.hardware\.nfc-service\.cuttlefish u:object_r:hal_nfc_default_exec:s0 103/vendor/bin/hw/android\.hardware\.net\.nlinterceptor-service\.default u:object_r:hal_nlinterceptor_default_exec:s0 104/vendor/bin/setup_wifi u:object_r:setup_wifi_exec:s0 105/vendor/bin/hw/android\.hardware\.input\.classifier@1\.0-service.default u:object_r:hal_input_classifier_default_exec:s0 106/vendor/bin/hw/android\.hardware\.input\.processor-service\.example u:object_r:hal_input_processor_default_exec:s0 107/vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.mock u:object_r:hal_thermal_default_exec:s0 108/vendor/bin/hw/android\.hardware\.security\.keymint-service\.remote u:object_r:hal_keymint_remote_exec:s0 109/vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust u:object_r:hal_keymint_rust_exec:s0 110/vendor/bin/hw/android\.hardware\.security\.keymint-service\.nonsecure u:object_r:hal_keymint_rust_exec:s0 111/vendor/bin/hw/android\.hardware\.keymaster@4\.1-service.remote u:object_r:hal_keymaster_remote_exec:s0 112/vendor/bin/hw/android\.hardware\.gatekeeper-service.remote u:object_r:hal_gatekeeper_remote_exec:s0 113/vendor/bin/hw/android\.hardware\.confirmationui-service.cuttlefish u:object_r:hal_confirmationui_cuttlefish_exec:s0 114/vendor/bin/hw/android\.hardware\.oemlock-service.example u:object_r:hal_oemlock_default_exec:s0 115/vendor/bin/hw/android\.hardware\.oemlock-service.remote u:object_r:hal_oemlock_remote_exec:s0 116/vendor/bin/hw/android\.hardware\.weaver-service.example u:object_r:hal_weaver_default_exec:s0 117/vendor/bin/hw/android\.hardware\.authsecret@1\.0-service u:object_r:hal_authsecret_default_exec:s0 118/vendor/bin/hw/android\.hardware\.authsecret-service.example u:object_r:hal_authsecret_default_exec:s0 119/vendor/bin/dlkm_loader u:object_r:dlkm_loader_exec:s0 120/vendor/bin/init\.wifi u:object_r:init_wifi_sh_exec:s0 121/vendor/bin/snapshot_hook_post_resume u:object_r:snapshot_hook_sh:s0 122/vendor/bin/snapshot_hook_pre_suspend u:object_r:snapshot_hook_sh:s0 123 124/vendor/lib(64)?/hw/android\.hardware\.health@2\.0-impl-2\.1-cuttlefish\.so u:object_r:same_process_hal_file:s0 125/vendor/lib(64)?/libcuttlefish_fs.so u:object_r:same_process_hal_file:s0 126/vendor/lib(64)?/vsoc_lib.so u:object_r:same_process_hal_file:s0 127