plat_sepolicy.cil 2

1. (allow init statsd_exec (file (read getattr map execute open)))
2. (allow init statsd (process (transition)))
3. (allow statsd statsd_exec (file (read getattr map execute open entrypoint)))
4. (dontaudit init statsd (process (noatsecure)))
5. (allow init statsd (process (siginh rlimitinh)))
6. (typetransition init statsd_exec process statsd)
7. (allow statsd perfetto_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
8. (allow statsd perfetto_exec (file (read getattr map execute open)))
9. (allow statsd perfetto (process (transition)))
10. (allow perfetto perfetto_exec (file (read getattr map execute open entrypoint)))
11. (allow perfetto statsd (process (sigchld)))
12. (dontaudit statsd perfetto (process (noatsecure)))
13. (allow statsd perfetto (process (siginh rlimitinh)))
14. (typetransition statsd perfetto_exec process perfetto)
15. (allow statsd statscompanion_service (service_manager (find)))
16. (allow statsd incidentd (fifo_file (write)))
17. (allow statsd system_server (fifo_file (read getattr)))
18. (allow statsd surfaceflinger (binder (call transfer)))
19. (allow surfaceflinger statsd (binder (transfer)))
20. (allow statsd surfaceflinger (fd (use)))
21. (allow init storaged_exec (file (read getattr map execute open)))
22. (allow init storaged (process (transition)))
23. (allow storaged storaged_exec (file (read getattr map execute open entrypoint)))
24. (dontaudit init storaged (process (noatsecure)))
25. (allow init storaged (process (siginh rlimitinh)))
26. (typetransition init storaged_exec process storaged)
27. (allow storaged domain (dir (ioctl read getattr lock open watch watch_reads search)))
28. (allow storaged domain (file (ioctl read getattr lock map open watch watch_reads)))
29. (allow storaged domain (lnk_file (ioctl read getattr lock map open watch watch_reads)))
30. (allow storaged proc_uid_io_stats (file (ioctl read getattr lock map open watch watch_reads)))
31. (allow storaged system_data_file (file (ioctl read getattr lock map open watch watch_reads)))
32. (allow storaged packages_list_file (file (ioctl read getattr lock map open watch watch_reads)))
33. (allow storaged storaged_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
34. (allow storaged storaged_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
35. (allow storaged shell (fd (use)))
36. (allow storaged shell (fifo_file (write)))
37. (allow storaged priv_app (fd (use)))
38. (allow storaged gmscore_app (fd (use)))
39. (allow storaged app_data_file (file (write)))
40. (allow storaged privapp_data_file (file (write)))
41. (allow storaged permission_service (service_manager (find)))
42. (allow storaged storaged_service (service_manager (add find)))
43. ;;* lmx 43 system/sepolicy/private/storaged.te
44.  
45. (neverallow base_typeattr_702 storaged_service (service_manager (add)))
46. ;;* lme
47.  
48. (allow storaged servicemanager (binder (call transfer)))
49. (allow servicemanager storaged (binder (call transfer)))
50. (allow servicemanager storaged (dir (search)))
51. (allow servicemanager storaged (file (read open)))
52. (allow servicemanager storaged (process (getattr)))
53. (allow storaged system_server (binder (call transfer)))
54. (allow system_server storaged (binder (transfer)))
55. (allow storaged system_server (fd (use)))
56. (allow storaged dumpstate (fd (use)))
57. (allow storaged package_native_service (service_manager (find)))
58. (dontaudit storaged self (capability (dac_override dac_read_search)))
59. (dontaudit storaged self (cap_userns (dac_override dac_read_search)))
60. (allow storaged dumpstate (fifo_file (write)))
61. ;;* lmx 66 system/sepolicy/private/storaged.te
62.  
63. (neverallow storaged domain (process (ptrace)))
64. ;;* lme
65.  
66. ;;* lmx 67 system/sepolicy/private/storaged.te
67.  
68. (neverallow storaged self (capability (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
69. (neverallow storaged self (capability2 (mac_override mac_admin syslog wake_alarm block_suspend audit_read)))
70. (neverallow storaged self (cap_userns (chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap)))
71. (neverallow storaged self (cap2_userns (mac_override mac_admin syslog wake_alarm block_suspend audit_read)))
72. ;;* lme
73.  
74. (allow init surfaceflinger_exec (file (read getattr map execute open)))
75. (allow init surfaceflinger (process (transition)))
76. (allow surfaceflinger surfaceflinger_exec (file (read getattr map execute open entrypoint)))
77. (dontaudit init surfaceflinger (process (noatsecure)))
78. (allow init surfaceflinger (process (siginh rlimitinh)))
79. (typetransition init surfaceflinger_exec process surfaceflinger)
80. (typetransition surfaceflinger tmpfs file surfaceflinger_tmpfs)
81. (allow surfaceflinger surfaceflinger_tmpfs (file (read write getattr map)))
82. (allow surfaceflinger runtime_event_log_tags_file (file (ioctl read getattr lock map open watch watch_reads)))
83. (allow surfaceflinger hidl_token_hwservice (hwservice_manager (find)))
84. (allow surfaceflinger servicemanager (binder (call transfer)))
85. (allow servicemanager surfaceflinger (binder (call transfer)))
86. (allow servicemanager surfaceflinger (dir (search)))
87. (allow servicemanager surfaceflinger (file (read open)))
88. (allow servicemanager surfaceflinger (process (getattr)))
89. (allow surfaceflinger binderservicedomain (binder (call transfer)))
90. (allow binderservicedomain surfaceflinger (binder (transfer)))
91. (allow surfaceflinger binderservicedomain (fd (use)))
92. (allow surfaceflinger appdomain (binder (call transfer)))
93. (allow appdomain surfaceflinger (binder (transfer)))
94. (allow surfaceflinger appdomain (fd (use)))
95. (allow surfaceflinger bootanim (binder (call transfer)))
96. (allow bootanim surfaceflinger (binder (transfer)))
97. (allow surfaceflinger bootanim (fd (use)))
98. (allow surfaceflinger system_server (binder (call transfer)))
99. (allow system_server surfaceflinger (binder (transfer)))
100. (allow surfaceflinger system_server (fd (use)))
101. (allow surfaceflinger adbd (binder (call transfer)))
102. (allow adbd surfaceflinger (binder (transfer)))
103. (allow surfaceflinger adbd (fd (use)))
104. (allow surfaceflinger binderservicedomain (dir (ioctl read getattr lock open watch watch_reads search)))
105. (allow surfaceflinger binderservicedomain (file (ioctl read getattr lock map open watch watch_reads)))
106. (allow surfaceflinger binderservicedomain (lnk_file (ioctl read getattr lock map open watch watch_reads)))
107. (allow surfaceflinger appdomain (dir (ioctl read getattr lock open watch watch_reads search)))
108. (allow surfaceflinger appdomain (file (ioctl read getattr lock map open watch watch_reads)))
109. (allow surfaceflinger appdomain (lnk_file (ioctl read getattr lock map open watch watch_reads)))
110. (allow surfaceflinger gpu_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
111. (allow surfaceflinger graphics_device (dir (search)))
112. (allow surfaceflinger graphics_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
113. (allow surfaceflinger video_device (dir (ioctl read getattr lock open watch watch_reads search)))
114. (allow surfaceflinger video_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
115. (allow surfaceflinger self (netlink_kobject_uevent_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
116. (allow surfaceflinger property_socket (sock_file (write)))
117. (allow surfaceflinger init (unix_stream_socket (connectto)))
118. (allow surfaceflinger system_prop (property_service (set)))
119. (allow surfaceflinger system_prop (file (read getattr map open)))
120. (allow surfaceflinger property_socket (sock_file (write)))
121. (allow surfaceflinger init (unix_stream_socket (connectto)))
122. (allow surfaceflinger exported_system_prop (property_service (set)))
123. (allow surfaceflinger exported_system_prop (file (read getattr map open)))
124. (allow surfaceflinger property_socket (sock_file (write)))
125. (allow surfaceflinger init (unix_stream_socket (connectto)))
126. (allow surfaceflinger exported2_system_prop (property_service (set)))
127. (allow surfaceflinger exported2_system_prop (file (read getattr map open)))
128. (allow surfaceflinger property_socket (sock_file (write)))
129. (allow surfaceflinger init (unix_stream_socket (connectto)))
130. (allow surfaceflinger exported3_system_prop (property_service (set)))
131. (allow surfaceflinger exported3_system_prop (file (read getattr map open)))
132. (allow surfaceflinger property_socket (sock_file (write)))
133. (allow surfaceflinger init (unix_stream_socket (connectto)))
134. (allow surfaceflinger ctl_bootanim_prop (property_service (set)))
135. (allow surfaceflinger ctl_bootanim_prop (file (read getattr map open)))
136. (allow surfaceflinger property_socket (sock_file (write)))
137. (allow surfaceflinger init (unix_stream_socket (connectto)))
138. (allow surfaceflinger surfaceflinger_display_prop (property_service (set)))
139. (allow surfaceflinger surfaceflinger_display_prop (file (read getattr map open)))
140. (allow surfaceflinger appdomain (fd (use)))
141. (allow surfaceflinger app_data_file (file (read write)))
142. (allow surfaceflinger privapp_data_file (file (read write)))
143. (allow surfaceflinger traced (fd (use)))
144. (allow surfaceflinger traced_tmpfs (file (read write getattr map)))
145. (allow surfaceflinger traced_producer_socket (sock_file (write)))
146. (allow surfaceflinger traced (unix_stream_socket (connectto)))
147. (allow traced surfaceflinger (fd (use)))
148. (allow surfaceflinger adbd (unix_stream_socket (read write getattr)))
149. (allow surfaceflinger dumpstate (binder (call transfer)))
150. (allow dumpstate surfaceflinger (binder (transfer)))
151. (allow surfaceflinger dumpstate (fd (use)))
152. (allow surfaceflinger shell (binder (call transfer)))
153. (allow shell surfaceflinger (binder (transfer)))
154. (allow surfaceflinger shell (fd (use)))
155. (allow surfaceflinger dumpstate (dir (ioctl read getattr lock open watch watch_reads search)))
156. (allow surfaceflinger dumpstate (file (ioctl read getattr lock map open watch watch_reads)))
157. (allow surfaceflinger dumpstate (lnk_file (ioctl read getattr lock map open watch watch_reads)))
158. (allow surfaceflinger surfaceflinger_service (service_manager (add find)))
159. (allow surfaceflinger vrflinger_vsync_service (service_manager (add find)))
160. ;;* lmx 90 system/sepolicy/private/surfaceflinger.te
161.  
162. (neverallow base_typeattr_703 vrflinger_vsync_service (service_manager (add)))
163. ;;* lme
164.  
165. (allow surfaceflinger mediaserver_service (service_manager (find)))
166. (allow surfaceflinger permission_service (service_manager (find)))
167. (allow surfaceflinger power_service (service_manager (find)))
168. (allow surfaceflinger vr_manager_service (service_manager (find)))
169. (allow surfaceflinger window_service (service_manager (find)))
170. (allow surfaceflinger inputflinger_service (service_manager (find)))
171. (allow surfaceflinger self (capability (sys_nice)))
172. (allow surfaceflinger self (cap_userns (sys_nice)))
173. (allow surfaceflinger proc_meminfo (file (ioctl read getattr lock map open watch watch_reads)))
174. (allow surfaceflinger cgroup (dir (ioctl read getattr lock open watch watch_reads search)))
175. (allow surfaceflinger cgroup (file (ioctl read getattr lock map open watch watch_reads)))
176. (allow surfaceflinger cgroup (lnk_file (ioctl read getattr lock map open watch watch_reads)))
177. (allow surfaceflinger system_file (dir (ioctl read getattr lock open watch watch_reads search)))
178. (allow surfaceflinger system_file (file (ioctl read getattr lock map open watch watch_reads)))
179. (allow surfaceflinger system_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
180. (allow surfaceflinger tmpfs (dir (ioctl read getattr lock open watch watch_reads search)))
181. (allow surfaceflinger system_server (fd (use)))
182. (allow surfaceflinger system_server (unix_stream_socket (read write)))
183. (allow surfaceflinger ion_device (chr_file (ioctl read getattr lock map open watch watch_reads)))
184. (allow init pdx_display_client_endpoint_socket_type (unix_stream_socket (create bind)))
185. (allow surfaceflinger pdx_display_client_endpoint_socket_type (unix_stream_socket (read write getattr setattr lock append listen accept getopt setopt shutdown)))
186. (allow surfaceflinger self (process (setsockcreate)))
187. (allow surfaceflinger pdx_display_client_channel_socket_type (unix_stream_socket (ioctl read write create getattr setattr lock append map bind connect listen accept getopt setopt shutdown)))
188. ;;* lmx 111 system/sepolicy/private/surfaceflinger.te
189.  
190. (neverallow base_typeattr_703 pdx_display_client_endpoint_socket_type (unix_stream_socket (listen accept)))
191. ;;* lme
192.  
193. (allow init pdx_display_manager_endpoint_socket_type (unix_stream_socket (create bind)))
194. (allow surfaceflinger pdx_display_manager_endpoint_socket_type (unix_stream_socket (read write getattr setattr lock append listen accept getopt setopt shutdown)))
195. (allow surfaceflinger self (process (setsockcreate)))
196. (allow surfaceflinger pdx_display_manager_channel_socket_type (unix_stream_socket (ioctl read write create getattr setattr lock append map bind connect listen accept getopt setopt shutdown)))
197. ;;* lmx 112 system/sepolicy/private/surfaceflinger.te
198.  
199. (neverallow base_typeattr_703 pdx_display_manager_endpoint_socket_type (unix_stream_socket (listen accept)))
200. ;;* lme
201.  
202. (allow init pdx_display_screenshot_endpoint_socket_type (unix_stream_socket (create bind)))
203. (allow surfaceflinger pdx_display_screenshot_endpoint_socket_type (unix_stream_socket (read write getattr setattr lock append listen accept getopt setopt shutdown)))
204. (allow surfaceflinger self (process (setsockcreate)))
205. (allow surfaceflinger pdx_display_screenshot_channel_socket_type (unix_stream_socket (ioctl read write create getattr setattr lock append map bind connect listen accept getopt setopt shutdown)))
206. ;;* lmx 113 system/sepolicy/private/surfaceflinger.te
207.  
208. (neverallow base_typeattr_703 pdx_display_screenshot_endpoint_socket_type (unix_stream_socket (listen accept)))
209. ;;* lme
210.  
211. (allow init pdx_display_vsync_endpoint_socket_type (unix_stream_socket (create bind)))
212. (allow surfaceflinger pdx_display_vsync_endpoint_socket_type (unix_stream_socket (read write getattr setattr lock append listen accept getopt setopt shutdown)))
213. (allow surfaceflinger self (process (setsockcreate)))
214. (allow surfaceflinger pdx_display_vsync_channel_socket_type (unix_stream_socket (ioctl read write create getattr setattr lock append map bind connect listen accept getopt setopt shutdown)))
215. ;;* lmx 114 system/sepolicy/private/surfaceflinger.te
216.  
217. (neverallow base_typeattr_703 pdx_display_vsync_endpoint_socket_type (unix_stream_socket (listen accept)))
218. ;;* lme
219.  
220. (allow surfaceflinger pdx_bufferhub_client_endpoint_dir_type (dir (ioctl read getattr lock open watch watch_reads search)))
221. (allow surfaceflinger pdx_bufferhub_client_endpoint_socket_type (sock_file (ioctl read write getattr lock append map open watch watch_reads)))
222. (allow surfaceflinger pdx_bufferhub_client_endpoint_socket_type (unix_stream_socket (read write shutdown connectto)))
223. (allow surfaceflinger pdx_bufferhub_client_channel_socket_type (unix_stream_socket (read write getattr setattr lock append getopt setopt shutdown)))
224. (allow surfaceflinger pdx_bufferhub_client_server_type (fd (use)))
225. (allow pdx_bufferhub_client_server_type surfaceflinger (fd (use)))
226. (allow surfaceflinger pdx_performance_client_endpoint_dir_type (dir (ioctl read getattr lock open watch watch_reads search)))
227. (allow surfaceflinger pdx_performance_client_endpoint_socket_type (sock_file (ioctl read write getattr lock append map open watch watch_reads)))
228. (allow surfaceflinger pdx_performance_client_endpoint_socket_type (unix_stream_socket (read write shutdown connectto)))
229. (allow surfaceflinger pdx_performance_client_channel_socket_type (unix_stream_socket (read write getattr setattr lock append getopt setopt shutdown)))
230. (allow surfaceflinger pdx_performance_client_server_type (fd (use)))
231. (allow pdx_performance_client_server_type surfaceflinger (fd (use)))
232. (allow surfaceflinger stats_service (service_manager (find)))
233. (allow surfaceflinger statsmanager_service (service_manager (find)))
234. (allow surfaceflinger statsd (binder (call transfer)))
235. (allow statsd surfaceflinger (binder (transfer)))
236. (allow surfaceflinger statsd (fd (use)))
237. (dontaudit surfaceflinger vendor_default_prop (file (read)))
238. ;;* lmx 140 system/sepolicy/private/surfaceflinger.te
239.  
240. (neverallow surfaceflinger sdcard_type (file (ioctl read write getattr lock append map open watch watch_reads)))
241. ;;* lme
242.  
243. (dontaudit surfaceflinger unlabeled (dir (search)))
244. (typetransition system_app tmpfs file appdomain_tmpfs)
245. (allow system_app appdomain_tmpfs (file (read write getattr map execute)))
246. ;;* lmx 9 system/sepolicy/private/system_app.te
247.  
248. (neverallow base_typeattr_704 base_typeattr_705 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
249. ;;* lme
250.  
251. ;;* lmx 9 system/sepolicy/private/system_app.te
252.  
253. (neverallow base_typeattr_706 system_app (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
254. ;;* lme
255.  
256. ;;* lmx 9 system/sepolicy/private/system_app.te
257.  
258. (neverallow base_typeattr_707 system_app (process (ptrace)))
259. ;;* lme
260.  
261. (allow system_app rootfs (dir (getattr)))
262. (allow system_app system_app_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
263. (allow system_app system_app_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
264. (allow system_app system_app_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
265. (allow system_app misc_user_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
266. (allow system_app misc_user_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
267. (allow system_app mnt_media_rw_file (dir (search)))
268. (allow system_app apex_data_file (dir (search)))
269. (allow system_app staging_data_file (file (ioctl read getattr lock map open watch watch_reads)))
270. (allow system_app wallpaper_file (file (ioctl read getattr lock map open watch watch_reads)))
271. (allow system_app icon_file (file (ioctl read getattr lock map open watch watch_reads)))
272. (allow system_app property_socket (sock_file (write)))
273. (allow system_app init (unix_stream_socket (connectto)))
274. (allow system_app bluetooth_a2dp_offload_prop (property_service (set)))
275. (allow system_app bluetooth_a2dp_offload_prop (file (read getattr map open)))
276. (allow system_app property_socket (sock_file (write)))
277. (allow system_app init (unix_stream_socket (connectto)))
278. (allow system_app bluetooth_audio_hal_prop (property_service (set)))
279. (allow system_app bluetooth_audio_hal_prop (file (read getattr map open)))
280. (allow system_app property_socket (sock_file (write)))
281. (allow system_app init (unix_stream_socket (connectto)))
282. (allow system_app bluetooth_prop (property_service (set)))
283. (allow system_app bluetooth_prop (file (read getattr map open)))
284. (allow system_app property_socket (sock_file (write)))
285. (allow system_app init (unix_stream_socket (connectto)))
286. (allow system_app debug_prop (property_service (set)))
287. (allow system_app debug_prop (file (read getattr map open)))
288. (allow system_app property_socket (sock_file (write)))
289. (allow system_app init (unix_stream_socket (connectto)))
290. (allow system_app system_prop (property_service (set)))
291. (allow system_app system_prop (file (read getattr map open)))
292. (allow system_app property_socket (sock_file (write)))
293. (allow system_app init (unix_stream_socket (connectto)))
294. (allow system_app exported_bluetooth_prop (property_service (set)))
295. (allow system_app exported_bluetooth_prop (file (read getattr map open)))
296. (allow system_app property_socket (sock_file (write)))
297. (allow system_app init (unix_stream_socket (connectto)))
298. (allow system_app exported_system_prop (property_service (set)))
299. (allow system_app exported_system_prop (file (read getattr map open)))
300. (allow system_app property_socket (sock_file (write)))
301. (allow system_app init (unix_stream_socket (connectto)))
302. (allow system_app exported2_system_prop (property_service (set)))
303. (allow system_app exported2_system_prop (file (read getattr map open)))
304. (allow system_app property_socket (sock_file (write)))
305. (allow system_app init (unix_stream_socket (connectto)))
306. (allow system_app exported3_system_prop (property_service (set)))
307. (allow system_app exported3_system_prop (file (read getattr map open)))
308. (allow system_app property_socket (sock_file (write)))
309. (allow system_app init (unix_stream_socket (connectto)))
310. (allow system_app logd_prop (property_service (set)))
311. (allow system_app logd_prop (file (read getattr map open)))
312. (allow system_app property_socket (sock_file (write)))
313. (allow system_app init (unix_stream_socket (connectto)))
314. (allow system_app net_radio_prop (property_service (set)))
315. (allow system_app net_radio_prop (file (read getattr map open)))
316. (allow system_app property_socket (sock_file (write)))
317. (allow system_app init (unix_stream_socket (connectto)))
318. (allow system_app system_radio_prop (property_service (set)))
319. (allow system_app system_radio_prop (file (read getattr map open)))
320. (allow system_app property_socket (sock_file (write)))
321. (allow system_app init (unix_stream_socket (connectto)))
322. (allow system_app exported_system_radio_prop (property_service (set)))
323. (allow system_app exported_system_radio_prop (file (read getattr map open)))
324. (allow system_app property_socket (sock_file (write)))
325. (allow system_app init (unix_stream_socket (connectto)))
326. (allow system_app log_tag_prop (property_service (set)))
327. (allow system_app log_tag_prop (file (read getattr map open)))
328. (auditallow system_app net_radio_prop (property_service (set)))
329. (auditallow system_app system_radio_prop (property_service (set)))
330. (auditallow system_app exported_system_radio_prop (property_service (set)))
331. (allow system_app property_socket (sock_file (write)))
332. (allow system_app init (unix_stream_socket (connectto)))
333. (allow system_app dynamic_system_prop (property_service (set)))
334. (allow system_app dynamic_system_prop (file (read getattr map open)))
335. (allow system_app property_socket (sock_file (write)))
336. (allow system_app init (unix_stream_socket (connectto)))
337. (allow system_app ctl_default_prop (property_service (set)))
338. (allow system_app ctl_default_prop (file (read getattr map open)))
339. (allow system_app property_socket (sock_file (write)))
340. (allow system_app init (unix_stream_socket (connectto)))
341. (allow system_app ctl_bugreport_prop (property_service (set)))
342. (allow system_app ctl_bugreport_prop (file (read getattr map open)))
343. (allow system_app gsid_prop (file (read getattr map open)))
344. (allow system_app anr_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name search)))
345. (allow system_app anr_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
346. (allow system_app asec_apk_file (file (ioctl read getattr lock map open watch watch_reads)))
347. (allow system_app statsd (binder (call transfer)))
348. (allow statsd system_app (binder (transfer)))
349. (allow system_app statsd (fd (use)))
350. (allow system_app incidentd (binder (call transfer)))
351. (allow incidentd system_app (binder (transfer)))
352. (allow system_app incidentd (fd (use)))
353. (allow system_app gpuservice (binder (call transfer)))
354. (allow gpuservice system_app (binder (transfer)))
355. (allow system_app gpuservice (fd (use)))
356. (allow system_app servicemanager (service_manager (list)))
357. (allow system_app base_typeattr_708 (service_manager (find)))
358. (dontaudit system_app dnsresolver_service (service_manager (find)))
359. (dontaudit system_app dumpstate_service (service_manager (find)))
360. (dontaudit system_app iorapd_service (service_manager (find)))
361. (dontaudit system_app installd_service (service_manager (find)))
362. (dontaudit system_app netd_service (service_manager (find)))
363. (dontaudit system_app virtual_touchpad_service (service_manager (find)))
364. (dontaudit system_app vold_service (service_manager (find)))
365. (dontaudit system_app vr_hwc_service (service_manager (find)))
366. (allow system_app keystore (keystore_key (get_state get insert delete exist list reset password lock unlock is_empty sign verify grant duplicate clear_uid user_changed)))
367. (allow system_app proc_version (file (ioctl read getattr lock map open watch watch_reads)))
368. (allow system_app cgroup (file (write lock append map open)))
369. (allow system_app logd_socket (sock_file (write)))
370. (allow system_app logd (unix_stream_socket (connectto)))
371. (allow system_app runtime_event_log_tags_file (file (ioctl read getattr lock map open watch watch_reads)))
372. (allow system_app device_logging_prop (file (read getattr map open)))
373. (allow system_app system_server (udp_socket (read write getattr connect getopt setopt recvfrom sendto)))
374. ;;* lmx 158 system/sepolicy/private/system_app.te
375.  
376. (neverallow system_app fuse_device (chr_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
377. ;;* lme
378.  
379. ;;* lmx 164 system/sepolicy/private/system_app.te
380.  
381. (neverallow system_app shell_data_file (dir (read write create setattr relabelfrom link rename open add_name remove_name reparent search rmdir)))
382. ;;* lme
383.  
384. ;;* lmx 165 system/sepolicy/private/system_app.te
385.  
386. (neverallow system_app shell_data_file (file (ioctl read lock open)))
387. ;;* lme
388.  
389. (typetransition system_server tmpfs file system_server_tmpfs)
390. (allow system_server system_server_tmpfs (file (read write getattr map)))
391. (allow system_server zygote_tmpfs (file (read)))
392. (allow system_server appdomain_tmpfs (file (read write getattr map)))
393. (allow system_server proc_filesystems (file (ioctl read getattr lock map open watch watch_reads)))
394. (allow system_server incremental_control_file (file (ioctl read getattr lock map open watch watch_reads)))
395. (allowx system_server incremental_control_file (ioctl file (0x671e 0x6721)))
396. (allowx system_server apk_data_file (ioctl file ((range 0x671f 0x6720))))
397. (allow system_server dalvikcache_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
398. (allow system_server dalvikcache_data_file (file (ioctl read getattr lock map open watch watch_reads)))
399. (allow system_server resourcecache_data_file (file (ioctl read getattr lock map open watch watch_reads)))
400. (allow system_server resourcecache_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
401. (allow system_server self (process (ptrace)))
402. (allow system_server zygote (fd (use)))
403. (allow system_server zygote (process (sigchld)))
404. (allow system_server app_zygote (process (sigkill signull)))
405. (allow system_server crash_dump (process (sigkill signull)))
406. (allow system_server webview_zygote (process (sigkill signull)))
407. (allow system_server zygote (process (sigkill signull)))
408. (allow system_server zygote_exec (file (ioctl read getattr lock map open watch watch_reads)))
409. (allow system_server zygote (unix_stream_socket (getattr getopt)))
410. (allowx system_server self (ioctl udp_socket (0x6900 0x6902)))
411. (allowx system_server self (ioctl udp_socket ((range 0x890b 0x890d) 0x8911 0x8914 0x8916 0x8918 0x891a (range 0x891c 0x8920) (range 0x8922 0x8927) 0x8929 (range 0x8930 0x8932) (range 0x8934 0x8937) 0x8939 (range 0x8940 0x8941) 0x8943 (range 0x8946 0x894b) (range 0x8953 0x8955) (range 0x8960 0x8962) (range 0x8970 0x8971) (range 0x8980 0x8983) (range 0x8990 0x8995) (range 0x89a0 0x89a3) 0x89b0 (range 0x89e0 0x89ff))))
412. (allowx system_server self (ioctl udp_socket (0x8b00 0x8b02 0x8b04 0x8b06 0x8b08 0x8b0a 0x8b0c 0x8b0e 0x8b10 (range 0x8b14 0x8b1d) 0x8b20 0x8b22 0x8b24 0x8b26 0x8b28 (range 0x8b2a 0x8b2c) (range 0x8b30 0x8b36) (range 0x8be0 0x8bff))))
413. (allow system_server appdomain (tcp_socket (ioctl)))
414. (allow system_server self (capability (kill net_bind_service net_broadcast net_admin net_raw ipc_lock sys_ptrace sys_boot sys_nice sys_time sys_tty_config)))
415. (allow system_server self (cap_userns (kill net_bind_service net_broadcast net_admin net_raw ipc_lock sys_ptrace sys_boot sys_nice sys_time sys_tty_config)))
416. (allow system_server kernel (system (module_request)))
417. (allow system_server self (capability2 (wake_alarm)))
418. (allow system_server self (cap2_userns (wake_alarm)))
419. (allow system_server self (netlink_netfilter_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
420. (allow system_server self (netlink_tcpdiag_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown nlmsg_read)))
421. (allow system_server self (netlink_kobject_uevent_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
422. (allow system_server self (netlink_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
423. (allow system_server self (netlink_generic_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
424. (allow system_server config_gz (file (read open)))
425. (allow system_server self (socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
426. (allow system_server self (netlink_route_socket (nlmsg_write)))
427. (allow system_server appdomain (process (sigkill signal getpgid)))
428. (allow system_server appdomain (process (signull)))
429. (allow system_server appdomain (process (getsched setsched)))
430. (allow system_server audioserver (process (getsched setsched)))
431. (allow system_server hal_audio (process (getsched setsched)))
432. (allow system_server hal_bluetooth (process (getsched setsched)))
433. (allow system_server hal_codec2_server (process (getsched setsched)))
434. (allow system_server hal_omx_server (process (getsched setsched)))
435. (allow system_server mediaswcodec (process (getsched setsched)))
436. (allow system_server cameraserver (process (getsched setsched)))
437. (allow system_server hal_camera (process (getsched setsched)))
438. (allow system_server mediaserver (process (getsched setsched)))
439. (allow system_server bootanim (process (getsched setsched)))
440. (allow system_server kernel (process (getsched setsched)))
441. (allow system_server domain (file (write lock append map open)))
442. (allow system_server domain (dir (ioctl read getattr lock open watch watch_reads search)))
443. (allow system_server domain (file (ioctl read getattr lock map open watch watch_reads)))
444. (allow system_server domain (lnk_file (ioctl read getattr lock map open watch watch_reads)))
445. (allow system_server proc_uid_cputime_removeuid (file (write getattr lock append map open)))
446. (allow system_server proc_uid_procstat_set (file (write getattr lock append map open)))
447. (allow system_server proc_sysrq (file (ioctl read write getattr lock append map open watch watch_reads)))
448. (allow system_server stats_data_file (dir (read write open remove_name search)))
449. (allow system_server stats_data_file (file (unlink)))
450. (allow system_server debugfs_wakeup_sources (file (ioctl read getattr lock map open watch watch_reads)))
451. (allow system_server sysfs_ion (file (ioctl read getattr lock map open watch watch_reads)))
452. (allow system_server self (packet_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
453. (allow system_server self (tun_socket (read write create getattr setattr lock append map bind connect getopt setopt shutdown)))
454. (allow system_server lmkd_socket (sock_file (write)))
455. (allow system_server lmkd (unix_stream_socket (connectto)))
456. (allow system_server mtpd_socket (sock_file (write)))
457. (allow system_server mtp (unix_stream_socket (connectto)))
458. (allow system_server zygote_socket (sock_file (write)))
459. (allow system_server zygote (unix_stream_socket (connectto)))
460. (allow system_server racoon_socket (sock_file (write)))
461. (allow system_server racoon (unix_stream_socket (connectto)))
462. (allow system_server uncrypt_socket (sock_file (write)))
463. (allow system_server uncrypt (unix_stream_socket (connectto)))
464. (allow system_server statsdw_socket (sock_file (write)))
465. (allow system_server statsd (unix_dgram_socket (sendto)))
466. (allow system_server surfaceflinger (unix_stream_socket (read write setopt)))
467. (allow system_server gpuservice (unix_stream_socket (read write setopt)))
468. (allow system_server webview_zygote (unix_stream_socket (read write setopt connectto)))
469. (allow system_server app_zygote (unix_stream_socket (read write setopt connectto)))
470. (allow system_server servicemanager (binder (call transfer)))
471. (allow servicemanager system_server (binder (call transfer)))
472. (allow servicemanager system_server (dir (search)))
473. (allow servicemanager system_server (file (read open)))
474. (allow servicemanager system_server (process (getattr)))
475. (allow system_server appdomain (binder (call transfer)))
476. (allow appdomain system_server (binder (transfer)))
477. (allow system_server appdomain (fd (use)))
478. (allow system_server binderservicedomain (binder (call transfer)))
479. (allow binderservicedomain system_server (binder (transfer)))
480. (allow system_server binderservicedomain (fd (use)))
481. (allow system_server dumpstate (binder (call transfer)))
482. (allow dumpstate system_server (binder (transfer)))
483. (allow system_server dumpstate (fd (use)))
484. (allow system_server fingerprintd (binder (call transfer)))
485. (allow fingerprintd system_server (binder (transfer)))
486. (allow system_server fingerprintd (fd (use)))
487. (allow system_server gatekeeperd (binder (call transfer)))
488. (allow gatekeeperd system_server (binder (transfer)))
489. (allow system_server gatekeeperd (fd (use)))
490. (allow system_server gpuservice (binder (call transfer)))
491. (allow gpuservice system_server (binder (transfer)))
492. (allow system_server gpuservice (fd (use)))
493. (allow system_server idmap (binder (call transfer)))
494. (allow idmap system_server (binder (transfer)))
495. (allow system_server idmap (fd (use)))
496. (allow system_server installd (binder (call transfer)))
497. (allow installd system_server (binder (transfer)))
498. (allow system_server installd (fd (use)))
499. (allow system_server incidentd (binder (call transfer)))
500. (allow incidentd system_server (binder (transfer)))
501. (allow system_server incidentd (fd (use)))
502. (allow system_server iorapd (binder (call transfer)))
503. (allow iorapd system_server (binder (transfer)))
504. (allow system_server iorapd (fd (use)))
505. (allow system_server netd (binder (call transfer)))
506. (allow netd system_server (binder (transfer)))
507. (allow system_server netd (fd (use)))
508. (allow system_server notify_traceur (binder (call transfer)))
509. (allow notify_traceur system_server (binder (transfer)))
510. (allow system_server notify_traceur (fd (use)))
511. (allow system_server statsd (binder (call transfer)))
512. (allow statsd system_server (binder (transfer)))
513. (allow system_server statsd (fd (use)))
514. (allow system_server storaged (binder (call transfer)))
515. (allow storaged system_server (binder (transfer)))
516. (allow system_server storaged (fd (use)))
517. (allow system_server update_engine (binder (call transfer)))
518. (allow update_engine system_server (binder (transfer)))
519. (allow system_server update_engine (fd (use)))
520. (allow system_server vold (binder (call transfer)))
521. (allow vold system_server (binder (transfer)))
522. (allow system_server vold (fd (use)))
523. (allow system_server wificond (binder (call transfer)))
524. (allow wificond system_server (binder (transfer)))
525. (allow system_server wificond (fd (use)))
526. (allow system_server wpantund (binder (call transfer)))
527. (allow wpantund system_server (binder (transfer)))
528. (allow system_server wpantund (fd (use)))
529. (allow system_server hal_graphics_composer (fd (use)))
530. (allow system_server hal_renderscript_hwservice (hwservice_manager (find)))
531. (allow system_server same_process_hal_file (file (read getattr map execute open)))
532. (allow system_server tombstoned_intercept_socket (sock_file (write)))
533. (allow system_server tombstoned (unix_stream_socket (connectto)))
534. (allow system_server hwservicemanager (hwservice_manager (list)))
535. (allow system_server hal_audio_server (process (signal)))
536. (allow system_server hal_bluetooth_server (process (signal)))
537. (allow system_server hal_camera_server (process (signal)))
538. (allow system_server hal_codec2_server (process (signal)))
539. (allow system_server hal_face_server (process (signal)))
540. (allow system_server hal_fingerprint_server (process (signal)))
541. (allow system_server hal_gnss_server (process (signal)))
542. (allow system_server hal_graphics_allocator_server (process (signal)))
543. (allow system_server hal_graphics_composer_server (process (signal)))
544. (allow system_server hal_health_server (process (signal)))
545. (allow system_server hal_neuralnetworks_server (process (signal)))
546. (allow system_server hal_omx_server (process (signal)))
547. (allow system_server hal_power_stats_server (process (signal)))
548. (allow system_server hal_sensors_server (process (signal)))
549. (allow system_server hal_vr_server (process (signal)))
550. (allow system_server system_suspend_server (process (signal)))
551. (allow system_server audioserver (process (signal)))
552. (allow system_server cameraserver (process (signal)))
553. (allow system_server drmserver (process (signal)))
554. (allow system_server gpuservice (process (signal)))
555. (allow system_server inputflinger (process (signal)))
556. (allow system_server mediadrmserver (process (signal)))
557. (allow system_server mediaextractor (process (signal)))
558. (allow system_server mediametrics (process (signal)))
559. (allow system_server mediaserver (process (signal)))
560. (allow system_server mediaswcodec (process (signal)))
561. (allow system_server netd (process (signal)))
562. (allow system_server sdcardd (process (signal)))
563. (allow system_server statsd (process (signal)))
564. (allow system_server surfaceflinger (process (signal)))
565. (allow system_server vold (process (signal)))
566. (allow system_server audioserver (tcp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
567. (allow system_server audioserver (udp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
568. (allow system_server mediaserver (tcp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
569. (allow system_server mediaserver (udp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
570. (allow system_server mediadrmserver (tcp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
571. (allow system_server mediadrmserver (udp_socket (ioctl read write getattr setattr lock append map bind connect getopt setopt shutdown)))
572. (allow system_server file_contexts_file (file (ioctl read getattr lock map open watch watch_reads)))
573. (allow system_server mac_perms_file (file (ioctl read getattr lock map open watch watch_reads)))
574. (allow system_server selinuxfs (dir (ioctl read getattr lock open watch watch_reads search)))
575. (allow system_server selinuxfs (file (ioctl read getattr lock map open watch watch_reads)))
576. (allow system_server selinuxfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
577. (allow system_server selinuxfs (file (write lock append map open)))
578. (allow system_server kernel (security (compute_av)))
579. (allow system_server self (netlink_selinux_socket (read write create getattr setattr lock relabelfrom relabelto append bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
580. (allow system_server sysfs_type (dir (search)))
581. (allow system_server sysfs_android_usb (dir (ioctl read getattr lock open watch watch_reads search)))
582. (allow system_server sysfs_android_usb (file (ioctl read getattr lock map open watch watch_reads)))
583. (allow system_server sysfs_android_usb (lnk_file (ioctl read getattr lock map open watch watch_reads)))
584. (allow system_server sysfs_android_usb (file (write lock append map open)))
585. (allow system_server sysfs_extcon (dir (ioctl read getattr lock open watch watch_reads search)))
586. (allow system_server sysfs_ipv4 (dir (ioctl read getattr lock open watch watch_reads search)))
587. (allow system_server sysfs_ipv4 (file (ioctl read getattr lock map open watch watch_reads)))
588. (allow system_server sysfs_ipv4 (lnk_file (ioctl read getattr lock map open watch watch_reads)))
589. (allow system_server sysfs_ipv4 (file (write lock append map open)))
590. (allow system_server sysfs_rtc (dir (ioctl read getattr lock open watch watch_reads search)))
591. (allow system_server sysfs_rtc (file (ioctl read getattr lock map open watch watch_reads)))
592. (allow system_server sysfs_rtc (lnk_file (ioctl read getattr lock map open watch watch_reads)))
593. (allow system_server sysfs_switch (dir (ioctl read getattr lock open watch watch_reads search)))
594. (allow system_server sysfs_switch (file (ioctl read getattr lock map open watch watch_reads)))
595. (allow system_server sysfs_switch (lnk_file (ioctl read getattr lock map open watch watch_reads)))
596. (allow system_server sysfs_wakeup_reasons (dir (ioctl read getattr lock open watch watch_reads search)))
597. (allow system_server sysfs_wakeup_reasons (file (ioctl read getattr lock map open watch watch_reads)))
598. (allow system_server sysfs_wakeup_reasons (lnk_file (ioctl read getattr lock map open watch watch_reads)))
599. (allow system_server sysfs_nfc_power_writable (file (ioctl read write getattr lock append map open watch watch_reads)))
600. (allow system_server sysfs_power (dir (search)))
601. (allow system_server sysfs_power (file (ioctl read write getattr lock append map open watch watch_reads)))
602. (allow system_server sysfs_thermal (dir (search)))
603. (allow system_server sysfs_thermal (file (ioctl read getattr lock map open watch watch_reads)))
604. (allow system_server sysfs_vibrator (file (write append)))
605. (allow system_server sysfs_usb (file (write lock append map open)))
606. (allow system_server device (dir (ioctl read getattr lock open watch watch_reads search)))
607. (allow system_server mdns_socket (sock_file (ioctl read write getattr lock append map open watch watch_reads)))
608. (allow system_server gpu_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
609. (allow system_server input_device (dir (ioctl read getattr lock open watch watch_reads search)))
610. (allow system_server input_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
611. (allow system_server tty_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
612. (allow system_server usbaccessory_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
613. (allow system_server video_device (dir (ioctl read getattr lock open watch watch_reads search)))
614. (allow system_server video_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
615. (allow system_server adbd_socket (sock_file (ioctl read write getattr lock append map open watch watch_reads)))
616. (allow system_server rtc_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
617. (allow system_server audio_device (dir (ioctl read getattr lock open watch watch_reads search)))
618. (allow system_server audio_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
619. (allow system_server tun_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
620. (allowx system_server tun_device (ioctl chr_file (0x54ca 0x54d2)))
621. (allow system_server ota_package_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
622. (allow system_server ota_package_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
623. (allow system_server system_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
624. (allow system_server system_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
625. (allow system_server system_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
626. (allow system_server system_data_file (sock_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
627. (allow system_server system_data_file (fifo_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
628. (allow system_server packages_list_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
629. (allow system_server keychain_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
630. (allow system_server keychain_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
631. (allow system_server keychain_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
632. (allow system_server apk_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
633. (allow system_server apk_data_file (file (ioctl read write create getattr setattr lock append map unlink link rename open watch watch_reads)))
634. (allow system_server apk_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink link rename open watch watch_reads)))
635. (allow system_server apk_tmp_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
636. (allow system_server apk_tmp_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
637. (allow system_server vendor_keylayout_file (dir (ioctl read getattr lock open watch watch_reads search)))
638. (allow system_server vendor_keylayout_file (file (ioctl read getattr lock map open watch watch_reads)))
639. (allow system_server vendor_keylayout_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
640. (allow system_server vendor_keychars_file (dir (ioctl read getattr lock open watch watch_reads search)))
641. (allow system_server vendor_keychars_file (file (ioctl read getattr lock map open watch watch_reads)))
642. (allow system_server vendor_keychars_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
643. (allow system_server vendor_idc_file (dir (ioctl read getattr lock open watch watch_reads search)))
644. (allow system_server vendor_idc_file (file (ioctl read getattr lock map open watch watch_reads)))
645. (allow system_server vendor_idc_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
646. (allow system_server vendor_app_file (dir (ioctl read getattr lock open watch watch_reads search)))
647. (allow system_server vendor_app_file (file (ioctl read getattr lock map open watch watch_reads)))
648. (allow system_server vendor_app_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
649. (allow system_server vendor_framework_file (dir (ioctl read getattr lock open watch watch_reads search)))
650. (allow system_server vendor_framework_file (file (ioctl read getattr lock map open watch watch_reads)))
651. (allow system_server vendor_framework_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
652. (allow system_server vendor_overlay_file (dir (ioctl read getattr lock open watch watch_reads search)))
653. (allow system_server vendor_overlay_file (file (ioctl read getattr lock map open watch watch_reads)))
654. (allow system_server vendor_overlay_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
655. (allow system_server apk_private_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
656. (allow system_server apk_private_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
657. (allow system_server apk_private_tmp_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
658. (allow system_server apk_private_tmp_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
659. (allow system_server asec_apk_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
660. (allow system_server asec_apk_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
661. (allow system_server asec_public_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
662. (allow system_server anr_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
663. (allow system_server anr_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
664. (allow system_server tombstoned_java_trace_socket (sock_file (write)))
665. (allow system_server tombstoned (unix_stream_socket (connectto)))
666. (allow system_server tombstoned (fd (use)))
667. (allow system_server dumpstate (fifo_file (append)))
668. (allow system_server incidentd (fifo_file (append)))
669. (allow system_server incidentd (fifo_file (read)))
670. (allow system_server incident_data_file (file (read)))
671. (allow system_server prereboot_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
672. (allow system_server prereboot_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
673. (allow system_server perfetto_traces_data_file (file (read)))
674. (allow system_server perfetto (fd (use)))
675. (allow system_server backup_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
676. (allow system_server backup_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
677. (allow system_server dropbox_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
678. (allow system_server dropbox_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
679. (allow system_server heapdump_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
680. (allow system_server heapdump_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
681. (allow system_server adb_keys_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
682. (allow system_server adb_keys_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
683. (allow system_server emergency_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
684. (allow system_server emergency_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
685. (allow system_server network_watchlist_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
686. (allow system_server network_watchlist_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
687. (allow system_server radio_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
688. (allow system_server radio_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
689. (allow system_server systemkeys_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
690. (allow system_server systemkeys_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
691. (allow system_server textclassifier_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
692. (allow system_server textclassifier_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
693. (allow system_server tombstone_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
694. (allow system_server tombstone_data_file (file (ioctl read getattr lock map open watch watch_reads)))
695. (allow system_server vpn_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
696. (allow system_server vpn_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
697. (allow system_server wifi_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
698. (allow system_server wifi_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
699. (allow system_server zoneinfo_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
700. (allow system_server zoneinfo_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
701. (allow system_server staging_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
702. (allow system_server staging_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
703. (allow system_server shell_data_file (dir (read getattr search)))
704. (allow system_server bluetooth_data_file (dir (read getattr search)))
705. (allow system_server nfc_data_file (dir (read getattr search)))
706. (allow system_server radio_data_file (dir (read getattr search)))
707. (allow system_server app_data_file (dir (read getattr search)))
708. (allow system_server privapp_data_file (dir (read getattr search)))
709. (allow system_server system_app_data_file (dir (read getattr search)))
710. (allow system_server unlabeled (dir (ioctl read getattr lock open watch watch_reads search)))
711. (allow system_server unlabeled (file (ioctl read getattr lock map open watch watch_reads)))
712. (allow system_server system_app_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
713. (allow system_server system_app_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
714. (allow system_server shell_data_file (file (read write getattr append map)))
715. (allow system_server bluetooth_data_file (file (read write getattr append map)))
716. (allow system_server nfc_data_file (file (read write getattr append map)))
717. (allow system_server radio_data_file (file (read write getattr append map)))
718. (allow system_server app_data_file (file (read write getattr append map)))
719. (allow system_server privapp_data_file (file (read write getattr append map)))
720. (allow system_server system_app_data_file (file (read write getattr append map)))
721. (allow system_server media_rw_data_file (dir (read getattr open search)))
722. (allow system_server media_rw_data_file (file (read write getattr append)))
723. (allow system_server system_server (process (setfscreate)))
724. (allow system_server apk_tmp_file (file (relabelfrom relabelto)))
725. (allow system_server apk_tmp_file (dir (relabelfrom relabelto)))
726. (allow system_server apk_private_tmp_file (file (relabelfrom relabelto)))
727. (allow system_server apk_private_tmp_file (dir (relabelfrom relabelto)))
728. (allow system_server apk_data_file (file (relabelfrom relabelto)))
729. (allow system_server apk_data_file (dir (relabelfrom relabelto)))
730. (allow system_server apk_private_data_file (file (relabelfrom relabelto)))
731. (allow system_server apk_private_data_file (dir (relabelfrom relabelto)))
732. (allow system_server system_data_file (file (relabelfrom)))
733. (allow system_server wallpaper_file (file (relabelto)))
734. (allow system_server wallpaper_file (file (ioctl read write getattr lock append map unlink rename open watch watch_reads)))
735. (allow system_server system_data_file (file (link)))
736. (allow system_server wallpaper_file (file (link)))
737. (allow system_server system_data_file (dir (relabelfrom)))
738. (allow system_server shortcut_manager_icons (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
739. (allow system_server shortcut_manager_icons (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
740. (allow system_server ringtone_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
741. (allow system_server ringtone_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
742. (allow system_server icon_file (file (relabelto)))
743. (allow system_server icon_file (file (ioctl read write getattr lock append map unlink open watch watch_reads)))
744. (allow system_server system_data_file (dir (relabelfrom)))
745. (allow system_server server_configurable_flags_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
746. (allow system_server server_configurable_flags_data_file (file (ioctl read getattr lock map open watch watch_reads)))
747. (allow system_server property_socket (sock_file (write)))
748. (allow system_server init (unix_stream_socket (connectto)))
749. (allow system_server system_prop (property_service (set)))
750. (allow system_server system_prop (file (read getattr map open)))
751. (allow system_server property_socket (sock_file (write)))
752. (allow system_server init (unix_stream_socket (connectto)))
753. (allow system_server exported_system_prop (property_service (set)))
754. (allow system_server exported_system_prop (file (read getattr map open)))
755. (allow system_server property_socket (sock_file (write)))
756. (allow system_server init (unix_stream_socket (connectto)))
757. (allow system_server exported2_system_prop (property_service (set)))
758. (allow system_server exported2_system_prop (file (read getattr map open)))
759. (allow system_server property_socket (sock_file (write)))
760. (allow system_server init (unix_stream_socket (connectto)))
761. (allow system_server exported3_system_prop (property_service (set)))
762. (allow system_server exported3_system_prop (file (read getattr map open)))
763. (allow system_server property_socket (sock_file (write)))
764. (allow system_server init (unix_stream_socket (connectto)))
765. (allow system_server safemode_prop (property_service (set)))
766. (allow system_server safemode_prop (file (read getattr map open)))
767. (allow system_server property_socket (sock_file (write)))
768. (allow system_server init (unix_stream_socket (connectto)))
769. (allow system_server theme_prop (property_service (set)))
770. (allow system_server theme_prop (file (read getattr map open)))
771. (allow system_server property_socket (sock_file (write)))
772. (allow system_server init (unix_stream_socket (connectto)))
773. (allow system_server dhcp_prop (property_service (set)))
774. (allow system_server dhcp_prop (file (read getattr map open)))
775. (allow system_server property_socket (sock_file (write)))
776. (allow system_server init (unix_stream_socket (connectto)))
777. (allow system_server net_radio_prop (property_service (set)))
778. (allow system_server net_radio_prop (file (read getattr map open)))
779. (allow system_server property_socket (sock_file (write)))
780. (allow system_server init (unix_stream_socket (connectto)))
781. (allow system_server net_dns_prop (property_service (set)))
782. (allow system_server net_dns_prop (file (read getattr map open)))
783. (allow system_server property_socket (sock_file (write)))
784. (allow system_server init (unix_stream_socket (connectto)))
785. (allow system_server system_radio_prop (property_service (set)))
786. (allow system_server system_radio_prop (file (read getattr map open)))
787. (allow system_server property_socket (sock_file (write)))
788. (allow system_server init (unix_stream_socket (connectto)))
789. (allow system_server exported_system_radio_prop (property_service (set)))
790. (allow system_server exported_system_radio_prop (file (read getattr map open)))
791. (allow system_server property_socket (sock_file (write)))
792. (allow system_server init (unix_stream_socket (connectto)))
793. (allow system_server debug_prop (property_service (set)))
794. (allow system_server debug_prop (file (read getattr map open)))
795. (allow system_server property_socket (sock_file (write)))
796. (allow system_server init (unix_stream_socket (connectto)))
797. (allow system_server powerctl_prop (property_service (set)))
798. (allow system_server powerctl_prop (file (read getattr map open)))
799. (allow system_server property_socket (sock_file (write)))
800. (allow system_server init (unix_stream_socket (connectto)))
801. (allow system_server fingerprint_prop (property_service (set)))
802. (allow system_server fingerprint_prop (file (read getattr map open)))
803. (allow system_server property_socket (sock_file (write)))
804. (allow system_server init (unix_stream_socket (connectto)))
805. (allow system_server exported_fingerprint_prop (property_service (set)))
806. (allow system_server exported_fingerprint_prop (file (read getattr map open)))
807. (allow system_server property_socket (sock_file (write)))
808. (allow system_server init (unix_stream_socket (connectto)))
809. (allow system_server device_logging_prop (property_service (set)))
810. (allow system_server device_logging_prop (file (read getattr map open)))
811. (allow system_server property_socket (sock_file (write)))
812. (allow system_server init (unix_stream_socket (connectto)))
813. (allow system_server dumpstate_options_prop (property_service (set)))
814. (allow system_server dumpstate_options_prop (file (read getattr map open)))
815. (allow system_server property_socket (sock_file (write)))
816. (allow system_server init (unix_stream_socket (connectto)))
817. (allow system_server overlay_prop (property_service (set)))
818. (allow system_server overlay_prop (file (read getattr map open)))
819. (allow system_server property_socket (sock_file (write)))
820. (allow system_server init (unix_stream_socket (connectto)))
821. (allow system_server exported_overlay_prop (property_service (set)))
822. (allow system_server exported_overlay_prop (file (read getattr map open)))
823. (allow system_server property_socket (sock_file (write)))
824. (allow system_server init (unix_stream_socket (connectto)))
825. (allow system_server pm_prop (property_service (set)))
826. (allow system_server pm_prop (file (read getattr map open)))
827. (allow system_server property_socket (sock_file (write)))
828. (allow system_server init (unix_stream_socket (connectto)))
829. (allow system_server exported_pm_prop (property_service (set)))
830. (allow system_server exported_pm_prop (file (read getattr map open)))
831. (allow system_server property_socket (sock_file (write)))
832. (allow system_server init (unix_stream_socket (connectto)))
833. (allow system_server socket_hook_prop (property_service (set)))
834. (allow system_server socket_hook_prop (file (read getattr map open)))
835. (allow system_server property_socket (sock_file (write)))
836. (allow system_server init (unix_stream_socket (connectto)))
837. (allow system_server audio_prop (property_service (set)))
838. (allow system_server audio_prop (file (read getattr map open)))
839. (allow system_server property_socket (sock_file (write)))
840. (allow system_server init (unix_stream_socket (connectto)))
841. (allow system_server ctl_default_prop (property_service (set)))
842. (allow system_server ctl_default_prop (file (read getattr map open)))
843. (allow system_server property_socket (sock_file (write)))
844. (allow system_server init (unix_stream_socket (connectto)))
845. (allow system_server ctl_bugreport_prop (property_service (set)))
846. (allow system_server ctl_bugreport_prop (file (read getattr map open)))
847. (allow system_server property_socket (sock_file (write)))
848. (allow system_server init (unix_stream_socket (connectto)))
849. (allow system_server ctl_gsid_prop (property_service (set)))
850. (allow system_server ctl_gsid_prop (file (read getattr map open)))
851. (allow system_server property_socket (sock_file (write)))
852. (allow system_server init (unix_stream_socket (connectto)))
853. (allow system_server cppreopt_prop (property_service (set)))
854. (allow system_server cppreopt_prop (file (read getattr map open)))
855. (allow system_server property_socket (sock_file (write)))
856. (allow system_server init (unix_stream_socket (connectto)))
857. (allow system_server device_config_input_native_boot_prop (property_service (set)))
858. (allow system_server device_config_input_native_boot_prop (file (read getattr map open)))
859. (allow system_server property_socket (sock_file (write)))
860. (allow system_server init (unix_stream_socket (connectto)))
861. (allow system_server device_config_netd_native_prop (property_service (set)))
862. (allow system_server device_config_netd_native_prop (file (read getattr map open)))
863. (allow system_server property_socket (sock_file (write)))
864. (allow system_server init (unix_stream_socket (connectto)))
865. (allow system_server device_config_activity_manager_native_boot_prop (property_service (set)))
866. (allow system_server device_config_activity_manager_native_boot_prop (file (read getattr map open)))
867. (allow system_server property_socket (sock_file (write)))
868. (allow system_server init (unix_stream_socket (connectto)))
869. (allow system_server device_config_runtime_native_boot_prop (property_service (set)))
870. (allow system_server device_config_runtime_native_boot_prop (file (read getattr map open)))
871. (allow system_server property_socket (sock_file (write)))
872. (allow system_server init (unix_stream_socket (connectto)))
873. (allow system_server device_config_runtime_native_prop (property_service (set)))
874. (allow system_server device_config_runtime_native_prop (file (read getattr map open)))
875. (allow system_server property_socket (sock_file (write)))
876. (allow system_server init (unix_stream_socket (connectto)))
877. (allow system_server device_config_media_native_prop (property_service (set)))
878. (allow system_server device_config_media_native_prop (file (read getattr map open)))
879. (allow system_server property_socket (sock_file (write)))
880. (allow system_server init (unix_stream_socket (connectto)))
881. (allow system_server device_config_storage_native_boot_prop (property_service (set)))
882. (allow system_server device_config_storage_native_boot_prop (file (read getattr map open)))
883. (allow system_server property_socket (sock_file (write)))
884. (allow system_server init (unix_stream_socket (connectto)))
885. (allow system_server device_config_sys_traced_prop (property_service (set)))
886. (allow system_server device_config_sys_traced_prop (file (read getattr map open)))
887. (allow system_server property_socket (sock_file (write)))
888. (allow system_server init (unix_stream_socket (connectto)))
889. (allow system_server device_config_window_manager_native_boot_prop (property_service (set)))
890. (allow system_server device_config_window_manager_native_boot_prop (file (read getattr map open)))
891. (allow system_server property_socket (sock_file (write)))
892. (allow system_server init (unix_stream_socket (connectto)))
893. (allow system_server device_config_configuration_prop (property_service (set)))
894. (allow system_server device_config_configuration_prop (file (read getattr map open)))
895. (allow system_server bootloader_boot_reason_prop (file (read getattr map open)))
896. (allow system_server system_boot_reason_prop (file (read getattr map open)))
897. (allow system_server boottime_prop (file (read getattr map open)))
898. (allow system_server serialno_prop (file (read getattr map open)))
899. (allow system_server property_socket (sock_file (write)))
900. (allow system_server init (unix_stream_socket (connectto)))
901. (allow system_server firstboot_prop (property_service (set)))
902. (allow system_server firstboot_prop (file (read getattr map open)))
903. (allow system_server exported_audio_prop (file (read getattr map open)))
904. (allow system_server device_config_reset_performed_prop (file (read getattr map open)))
905. (allow system_server property_socket (sock_file (write)))
906. (allow system_server init (unix_stream_socket (connectto)))
907. (allow system_server test_harness_prop (property_service (set)))
908. (allow system_server test_harness_prop (file (read getattr map open)))
909. (allow system_server gsid_prop (file (read getattr map open)))
910. (allow system_server mock_ota_prop (file (read getattr map open)))
911. (allow system_server apk_verity_prop (file (read getattr map open)))
912. (allow system_server wifi_prop (file (read getattr map open)))
913. (allow system_server incremental_prop (file (read getattr map open)))
914. (allow system_server system_ndebug_socket (sock_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
915. (allow system_server system_unsolzygote_socket (sock_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
916. (allow system_server cache_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
917. (allow system_server cache_file (dir (ioctl read write create getattr setattr lock relabelfrom rename open watch watch_reads add_name remove_name reparent search rmdir)))
918. (allow system_server cache_recovery_file (dir (ioctl read write create getattr setattr lock relabelfrom rename open watch watch_reads add_name remove_name reparent search rmdir)))
919. (allow system_server cache_file (file (ioctl read write create getattr setattr lock relabelfrom append map unlink rename open watch watch_reads)))
920. (allow system_server cache_recovery_file (file (ioctl read write create getattr setattr lock relabelfrom append map unlink rename open watch watch_reads)))
921. (allow system_server cache_file (fifo_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
922. (allow system_server cache_recovery_file (fifo_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
923. (allow system_server system_file (dir (ioctl read getattr lock open watch watch_reads search)))
924. (allow system_server system_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
925. (allow system_server system_file (file (lock)))
926. (allow system_server gps_control (file (ioctl read write getattr lock append map open watch watch_reads)))
927. (allow system_server appdomain (tcp_socket (read write getattr getopt setopt shutdown)))
928. (allow system_server appdomain (udp_socket (read write getattr getopt setopt shutdown)))
929. (allow system_server appdomain (fifo_file (read write getattr)))
930. (allow system_server appdomain (unix_stream_socket (read write getattr)))
931. (allow system_server cache_backup_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
932. (allow system_server cache_backup_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
933. (allow system_server cache_private_backup_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
934. (allow system_server cache_private_backup_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
935. (allow system_server usb_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
936. (allow system_server usb_device (dir (ioctl read getattr lock open watch watch_reads search)))
937. (allow system_server hw_random_device (chr_file (ioctl read getattr lock map open watch watch_reads)))
938. (allow system_server fscklogs (dir (ioctl read getattr lock open watch watch_reads search)))
939. (allow system_server fscklogs (file (ioctl read getattr lock map open watch watch_reads)))
940. (allow system_server fscklogs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
941. (allow system_server fscklogs (dir (write remove_name)))
942. (allow system_server fscklogs (file (unlink)))
943. (allow system_server zygote (unix_dgram_socket (write)))
944. (allow system_server logcat_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
945. (allow system_server logdr_socket (sock_file (write)))
946. (allow system_server logd (unix_stream_socket (connectto)))
947. (allow system_server runtime_event_log_tags_file (file (ioctl read getattr lock map open watch watch_reads)))
948. (allow system_server sysfs_lowmemorykiller (file (write getattr lock append map open)))
949. (allow system_server pstorefs (dir (ioctl read getattr lock open watch watch_reads search)))
950. (allow system_server pstorefs (file (ioctl read getattr lock map open watch watch_reads)))
951. (allow system_server sysfs_zram (dir (search)))
952. (allow system_server sysfs_zram (file (ioctl read write getattr lock append map open watch watch_reads)))
953. (allow system_server system_server_service (service_manager (add find)))
954. ;;* lmx 753 system/sepolicy/private/system_server.te
955.  
956. (neverallow base_typeattr_276 system_server_service (service_manager (add)))
957. ;;* lme
958.  
959. (allow system_server audioserver_service (service_manager (find)))
960. (allow system_server batteryproperties_service (service_manager (find)))
961. (allow system_server cameraserver_service (service_manager (find)))
962. (allow system_server dataloader_manager_service (service_manager (find)))
963. (allow system_server dnsresolver_service (service_manager (find)))
964. (allow system_server drmserver_service (service_manager (find)))
965. (allow system_server dumpstate_service (service_manager (find)))
966. (allow system_server fingerprintd_service (service_manager (find)))
967. (allow system_server gatekeeper_service (service_manager (find)))
968. (allow system_server gpu_service (service_manager (find)))
969. (allow system_server gsi_service (service_manager (find)))
970. (allow system_server hal_fingerprint_service (service_manager (find)))
971. (allow system_server idmap_service (service_manager (find)))
972. (allow system_server incident_service (service_manager (find)))
973. (allow system_server incremental_service (service_manager (find)))
974. (allow system_server installd_service (service_manager (find)))
975. (allow system_server iorapd_service (service_manager (find)))
976. (allow system_server keystore_service (service_manager (find)))
977. (allow system_server mediaserver_service (service_manager (find)))
978. (allow system_server mediametrics_service (service_manager (find)))
979. (allow system_server mediaextractor_service (service_manager (find)))
980. (allow system_server mediadrmserver_service (service_manager (find)))
981. (allow system_server netd_service (service_manager (find)))
982. (allow system_server nfc_service (service_manager (find)))
983. (allow system_server radio_service (service_manager (find)))
984. (allow system_server stats_service (service_manager (find)))
985. (allow system_server storaged_service (service_manager (find)))
986. (allow system_server surfaceflinger_service (service_manager (find)))
987. (allow system_server update_engine_service (service_manager (find)))
988. (allow system_server vold_service (service_manager (find)))
989. (allow system_server wifinl80211_service (service_manager (find)))
990. (allow system_server batteryproperties_service (service_manager (add find)))
991. ;;* lmx 786 system/sepolicy/private/system_server.te
992.  
993. (neverallow base_typeattr_276 batteryproperties_service (service_manager (add)))
994. ;;* lme
995.  
996. (allow system_server keystore (keystore_key (get_state get insert delete exist list reset password lock unlock is_empty sign verify grant duplicate clear_uid add_auth user_changed)))
997. (allow system_server block_device (dir (search)))
998. (allow system_server frp_block_device (blk_file (ioctl read write getattr lock append map open watch watch_reads)))
999. (allowx system_server frp_block_device (ioctl blk_file (0x1277 0x127d)))
1000. (allow system_server cgroup (dir (remove_name rmdir)))
1001. (allow system_server oemfs (dir (ioctl read getattr lock open watch watch_reads search)))
1002. (allow system_server oemfs (file (ioctl read getattr lock map open watch watch_reads)))
1003. (allow system_server oemfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1004. (allow system_server mnt_user_file (dir (getattr search)))
1005. (allow system_server storage_file (dir (getattr search)))
1006. (allow system_server mnt_user_file (lnk_file (read getattr)))
1007. (allow system_server storage_file (lnk_file (read getattr)))
1008. (allow system_server sdcard_type (dir (getattr search)))
1009. (allow system_server mnt_expand_file (dir (ioctl read getattr lock open watch watch_reads search)))
1010. (allow system_server fingerprintd_data_file (dir (ioctl read write getattr lock relabelto open watch watch_reads remove_name search rmdir)))
1011. (allow system_server fingerprintd_data_file (file (getattr unlink)))
1012. (allow system_server vold (fd (use)))
1013. (allow system_server fuse_device (chr_file (ioctl read write getattr)))
1014. (allow system_server app_fuse_file (file (read write getattr)))
1015. (allow system_server configfs (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
1016. (allow system_server configfs (file (write create getattr unlink open)))
1017. (allow system_server adbd (unix_stream_socket (connectto)))
1018. (allow system_server adbd (fd (use)))
1019. (allow system_server adbd (unix_stream_socket (ioctl read write getattr getopt shutdown)))
1020. (allow system_server adbd_prop (file (read getattr map open)))
1021. (allow system_server property_socket (sock_file (write)))
1022. (allow system_server init (unix_stream_socket (connectto)))
1023. (allow system_server system_adbd_prop (property_service (set)))
1024. (allow system_server system_adbd_prop (file (read getattr map open)))
1025. (allow system_server toolbox_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1026. (allowx system_server apk_data_file (ioctl file ((range 0x6685 0x6686))))
1027. (allow system_server postinstall (binder (call transfer)))
1028. (allow postinstall system_server (binder (transfer)))
1029. (allow system_server postinstall (fd (use)))
1030. (allow system_server postinstall (fifo_file (write)))
1031. (allow system_server update_engine (fd (use)))
1032. (allow system_server update_engine (fifo_file (write)))
1033. (allow system_server preloads_data_file (file (ioctl read getattr lock map unlink open watch watch_reads)))
1034. (allow system_server preloads_data_file (dir (ioctl read write getattr lock open watch watch_reads remove_name search rmdir)))
1035. (allow system_server preloads_media_file (file (ioctl read getattr lock map unlink open watch watch_reads)))
1036. (allow system_server preloads_media_file (dir (ioctl read write getattr lock open watch watch_reads remove_name search rmdir)))
1037. (allow system_server cgroup (dir (ioctl read getattr lock open watch watch_reads search)))
1038. (allow system_server cgroup (file (ioctl read getattr lock map open watch watch_reads)))
1039. (allow system_server cgroup (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1040. (allow system_server ion_device (chr_file (ioctl read getattr lock map open watch watch_reads)))
1041. (allow system_server proc_asound (dir (ioctl read getattr lock open watch watch_reads search)))
1042. (allow system_server proc_asound (file (ioctl read getattr lock map open watch watch_reads)))
1043. (allow system_server proc_asound (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1044. (allow system_server proc_net_type (dir (ioctl read getattr lock open watch watch_reads search)))
1045. (allow system_server proc_net_type (file (ioctl read getattr lock map open watch watch_reads)))
1046. (allow system_server proc_net_type (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1047. (allow system_server proc_qtaguid_stat (dir (ioctl read getattr lock open watch watch_reads search)))
1048. (allow system_server proc_qtaguid_stat (file (ioctl read getattr lock map open watch watch_reads)))
1049. (allow system_server proc_qtaguid_stat (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1050. (allow system_server proc_cmdline (file (ioctl read getattr lock map open watch watch_reads)))
1051. (allow system_server proc_loadavg (file (ioctl read getattr lock map open watch watch_reads)))
1052. (allow system_server proc_locks (file (ioctl read getattr lock map open watch watch_reads)))
1053. (allow system_server proc_meminfo (file (ioctl read getattr lock map open watch watch_reads)))
1054. (allow system_server proc_pagetypeinfo (file (ioctl read getattr lock map open watch watch_reads)))
1055. (allow system_server proc_pipe_conf (file (ioctl read getattr lock map open watch watch_reads)))
1056. (allow system_server proc_stat (file (ioctl read getattr lock map open watch watch_reads)))
1057. (allow system_server proc_uid_cputime_showstat (file (ioctl read getattr lock map open watch watch_reads)))
1058. (allow system_server proc_uid_io_stats (file (ioctl read getattr lock map open watch watch_reads)))
1059. (allow system_server proc_uid_time_in_state (file (ioctl read getattr lock map open watch watch_reads)))
1060. (allow system_server proc_uid_concurrent_active_time (file (ioctl read getattr lock map open watch watch_reads)))
1061. (allow system_server proc_uid_concurrent_policy_time (file (ioctl read getattr lock map open watch watch_reads)))
1062. (allow system_server proc_version (file (ioctl read getattr lock map open watch watch_reads)))
1063. (allow system_server proc_vmallocinfo (file (ioctl read getattr lock map open watch watch_reads)))
1064. (allow system_server proc_uid_time_in_state (dir (ioctl read getattr lock open watch watch_reads search)))
1065. (allow system_server proc_uid_cpupower (file (ioctl read getattr lock map open watch watch_reads)))
1066. (allow system_server rootfs (dir (ioctl read getattr lock open watch watch_reads search)))
1067. (allow system_server rootfs (file (ioctl read getattr lock map open watch watch_reads)))
1068. (allow system_server rootfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1069. (allow system_server debugfs_tracing_instances (dir (search)))
1070. (allow system_server debugfs_wifi_tracing (dir (search)))
1071. (allow system_server debugfs_wifi_tracing (file (ioctl read write getattr lock append map open watch watch_reads)))
1072. (allow system_server debugfs_tracing (file (ioctl read getattr lock map open watch watch_reads)))
1073. (allow system_server fs_bpf (dir (search)))
1074. (allow system_server fs_bpf (file (read write)))
1075. (allow system_server bpfloader (bpf (map_read map_write prog_run)))
1076. (allow system_server user_profile_data_file (dir (getattr search)))
1077. (allow system_server user_profile_data_file (file (read getattr open)))
1078. (allow system_server profman_dump_data_file (file (write create getattr setattr lock append map open)))
1079. (allow system_server profman_dump_data_file (dir (write lock open add_name remove_name search)))
1080. (allow system_server system_jvmti_agent_prop (file (read getattr map open)))
1081. (allow system_server functionfs (dir (search)))
1082. (allow system_server functionfs (file (ioctl read write getattr lock append map open watch watch_reads)))
1083. (allow system_server time_prop (file (read getattr map open)))
1084. (allow system_server system_lmk_prop (file (read getattr map open)))
1085. ;;* lmx 982 system/sepolicy/private/system_server.te
1086.  
1087. (neverallow system_server sdcard_type (dir (read write open)))
1088. ;;* lme
1089.  
1090. ;;* lmx 983 system/sepolicy/private/system_server.te
1091.  
1092. (neverallow system_server sdcard_type (file (ioctl read write getattr lock append map open watch watch_reads)))
1093. ;;* lme
1094.  
1095. ;;* lmx 996 system/sepolicy/private/system_server.te
1096.  
1097. (neverallow system_server shell_data_file (file (create unlink link open)))
1098. (neverallow system_server bluetooth_data_file (file (create unlink link open)))
1099. (neverallow system_server nfc_data_file (file (create unlink link open)))
1100. (neverallow system_server app_data_file (file (create unlink link open)))
1101. (neverallow system_server privapp_data_file (file (create unlink link open)))
1102. ;;* lme
1103.  
1104. ;;* lmx 1007 system/sepolicy/private/system_server.te
1105.  
1106. (neverallow system_server base_typeattr_709 (file (execute_no_trans)))
1107. ;;* lme
1108.  
1109. ;;* lmx 1011 system/sepolicy/private/system_server.te
1110.  
1111. (neverallow system_server base_typeattr_557 (process (transition)))
1112. ;;* lme
1113.  
1114. ;;* lmx 1012 system/sepolicy/private/system_server.te
1115.  
1116. (neverallow system_server base_typeattr_182 (process (dyntransition)))
1117. ;;* lme
1118.  
1119. ;;* lmx 1015 system/sepolicy/private/system_server.te
1120.  
1121. (neverallow base_typeattr_710 system_ndebug_socket (sock_file (write open)))
1122. ;;* lme
1123.  
1124. ;;* lmx 1025 system/sepolicy/private/system_server.te
1125.  
1126. (neverallow base_typeattr_711 system_unsolzygote_socket (sock_file (write open)))
1127. ;;* lme
1128.  
1129. ;;* lmx 1043 system/sepolicy/private/system_server.te
1130.  
1131. (neverallow base_typeattr_712 device_config_activity_manager_native_boot_prop (property_service (set)))
1132. (neverallow base_typeattr_712 device_config_input_native_boot_prop (property_service (set)))
1133. (neverallow base_typeattr_712 device_config_media_native_prop (property_service (set)))
1134. (neverallow base_typeattr_712 device_config_netd_native_prop (property_service (set)))
1135. (neverallow base_typeattr_712 device_config_runtime_native_boot_prop (property_service (set)))
1136. (neverallow base_typeattr_712 device_config_runtime_native_prop (property_service (set)))
1137. (neverallow base_typeattr_712 device_config_storage_native_boot_prop (property_service (set)))
1138. (neverallow base_typeattr_712 device_config_sys_traced_prop (property_service (set)))
1139. (neverallow base_typeattr_712 device_config_window_manager_native_boot_prop (property_service (set)))
1140. ;;* lme
1141.  
1142. ;;* lmx 1049 system/sepolicy/private/system_server.te
1143.  
1144. (neverallow system_server dex2oat_exec (file (execute execute_no_trans)))
1145. ;;* lme
1146.  
1147. ;;* lmx 1054 system/sepolicy/private/system_server.te
1148.  
1149. (neverallow system_server data_file_type (file (execute execute_no_trans)))
1150. ;;* lme
1151.  
1152. ;;* lmx 1059 system/sepolicy/private/system_server.te
1153.  
1154. (neverallow system_server base_typeattr_713 (blk_file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1155. ;;* lme
1156.  
1157. ;;* lmx 1067 system/sepolicy/private/system_server.te
1158.  
1159. (neverallow system_server self (process (execmem)))
1160. ;;* lme
1161.  
1162. ;;* lmx 1070 system/sepolicy/private/system_server.te
1163.  
1164. (neverallow system_server ashmem_device (chr_file (execute)))
1165. (neverallow system_server ashmem_libcutils_device (chr_file (execute)))
1166. ;;* lme
1167.  
1168. ;;* lmx 1073 system/sepolicy/private/system_server.te
1169.  
1170. (neverallow system_server system_server_tmpfs (file (execute)))
1171. ;;* lme
1172.  
1173. (allow system_server system_server_startup (fd (use)))
1174. (allow system_server system_server_startup_tmpfs (file (read write map)))
1175. (allow system_server system_server_startup (unix_dgram_socket (write)))
1176. (allow system_server apex_service (service_manager (find)))
1177. (allow system_server apexd (binder (call)))
1178. (allow system_server apex_mnt_dir (dir (ioctl read getattr lock open watch watch_reads search)))
1179. (allow system_server system_suspend_control_service (service_manager (find)))
1180. (allow system_server system_suspend (binder (call transfer)))
1181. (allow system_suspend system_server (binder (transfer)))
1182. (allow system_server system_suspend (fd (use)))
1183. (allow system_suspend system_server (binder (call transfer)))
1184. (allow system_server system_suspend (binder (transfer)))
1185. (allow system_suspend system_server (fd (use)))
1186. (allow system_server sysfs_wake_lock (file (ioctl read write getattr lock append map open watch watch_reads)))
1187. (allow system_server self (capability2 (block_suspend)))
1188. (allow system_server self (cap2_userns (block_suspend)))
1189. (allow system_server system_suspend_server (binder (call transfer)))
1190. (allow system_suspend_server system_server (binder (transfer)))
1191. (allow system_server system_suspend_server (fd (use)))
1192. (allow system_server system_suspend_hwservice (hwservice_manager (find)))
1193. (allow system_server hwservicemanager (binder (call transfer)))
1194. (allow hwservicemanager system_server (binder (call transfer)))
1195. (allow hwservicemanager system_server (dir (search)))
1196. (allow hwservicemanager system_server (file (read map open)))
1197. (allow hwservicemanager system_server (process (getattr)))
1198. (allow system_server hwservicemanager_prop (file (read getattr map open)))
1199. (allow system_server hidl_manager_hwservice (hwservice_manager (find)))
1200. (allow system_server apex_data_file (dir (getattr search)))
1201. (allow system_server apex_data_file (file (ioctl read getattr lock map open watch watch_reads)))
1202. (allow system_server vendor_apex_file (dir (getattr search)))
1203. (allow system_server vendor_apex_file (file (ioctl read getattr lock map open watch watch_reads)))
1204. (allow system_server apex_module_data_file (dir (getattr search)))
1205. (allow system_server apex_permission_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
1206. (allow system_server apex_permission_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1207. (allow system_server apex_wifi_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
1208. (allow system_server apex_wifi_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1209. (allow system_server metadata_file (dir (search)))
1210. (allow system_server password_slot_metadata_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
1211. (allow system_server password_slot_metadata_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1212. (allow system_server staged_install_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
1213. (allow system_server staged_install_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1214. (allow system_server property_socket (sock_file (write)))
1215. (allow system_server init (unix_stream_socket (connectto)))
1216. (allow system_server userspace_reboot_log_prop (property_service (set)))
1217. (allow system_server userspace_reboot_log_prop (file (read getattr map open)))
1218. ;;* lmx 1137 system/sepolicy/private/system_server.te
1219.  
1220. (neverallow base_typeattr_611 system_jvmti_agent_prop (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1221. ;;* lme
1222.  
1223. (allow system_server proc_pressure_mem (file (ioctl read write getattr lock append map open watch watch_reads)))
1224. ;;* lmx 1144 system/sepolicy/private/system_server.te
1225.  
1226. (neverallow system_server dexoptanalyzer_exec (file (execute execute_no_trans)))
1227. ;;* lme
1228.  
1229. ;;* lmx 1147 system/sepolicy/private/system_server.te
1230.  
1231. (neverallow system_server base_typeattr_276 (process (ptrace)))
1232. ;;* lme
1233.  
1234. ;;* lmx 1151 system/sepolicy/private/system_server.te
1235.  
1236. (neverallow system_server system_server (capability (sys_resource)))
1237. (neverallow system_server system_server (cap_userns (sys_resource)))
1238. ;;* lme
1239.  
1240. ;;* lmx 1154 system/sepolicy/private/system_server.te
1241.  
1242. (neverallow base_typeattr_229 password_slot_metadata_file (dir (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
1243. ;;* lme
1244.  
1245. ;;* lmx 1159 system/sepolicy/private/system_server.te
1246.  
1247. (neverallow base_typeattr_229 password_slot_metadata_file (file (ioctl read write create setattr lock relabelfrom append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1248. (neverallow base_typeattr_229 password_slot_metadata_file (lnk_file (ioctl read write create setattr lock relabelfrom append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1249. (neverallow base_typeattr_229 password_slot_metadata_file (sock_file (ioctl read write create setattr lock relabelfrom append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1250. (neverallow base_typeattr_229 password_slot_metadata_file (fifo_file (ioctl read write create setattr lock relabelfrom append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1251. ;;* lme
1252.  
1253. ;;* lmx 1160 system/sepolicy/private/system_server.te
1254.  
1255. (neverallow base_typeattr_229 password_slot_metadata_file (file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1256. (neverallow base_typeattr_229 password_slot_metadata_file (lnk_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1257. (neverallow base_typeattr_229 password_slot_metadata_file (sock_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1258. (neverallow base_typeattr_229 password_slot_metadata_file (fifo_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1259. ;;* lme
1260.  
1261. (allow system_server property_socket (sock_file (write)))
1262. (allow system_server init (unix_stream_socket (connectto)))
1263. (allow system_server binder_cache_system_server_prop (property_service (set)))
1264. (allow system_server binder_cache_system_server_prop (file (read getattr map open)))
1265. ;;* lmx 1165 system/sepolicy/private/system_server.te
1266.  
1267. (neverallow base_typeattr_229 binder_cache_system_server_prop (property_service (set)))
1268. ;;* lme
1269.  
1270. (allow system_server self (perf_event (open cpu kernel write)))
1271. ;;* lmx 1170 system/sepolicy/private/system_server.te
1272.  
1273. (neverallow system_server self (perf_event (tracepoint read)))
1274. ;;* lme
1275.  
1276. ;;* lmx 1173 system/sepolicy/private/system_server.te
1277.  
1278. (neverallow base_typeattr_229 socket_hook_prop (property_service (set)))
1279. ;;* lme
1280.  
1281. (typetransition system_server_startup tmpfs file system_server_startup_tmpfs)
1282. (allow system_server_startup system_server_startup_tmpfs (file (read write getattr map)))
1283. (allow system_server_startup self (process (execmem)))
1284. (allow system_server_startup system_server_startup_tmpfs (file (read write map execute open)))
1285. (allow system_server_startup self (process (setcurrent)))
1286. (allow system_server_startup system_server (process (dyntransition)))
1287. (allow system_server_startup zygote (process (sigchld)))
1288. (allow init system_suspend_exec (file (read getattr map execute open)))
1289. (allow init system_suspend (process (transition)))
1290. (allow system_suspend system_suspend_exec (file (read getattr map execute open entrypoint)))
1291. (dontaudit init system_suspend (process (noatsecure)))
1292. (allow init system_suspend (process (siginh rlimitinh)))
1293. (typetransition init system_suspend_exec process system_suspend)
1294. (allow system_suspend servicemanager (binder (call transfer)))
1295. (allow servicemanager system_suspend (binder (call transfer)))
1296. (allow servicemanager system_suspend (dir (search)))
1297. (allow servicemanager system_suspend (file (read open)))
1298. (allow servicemanager system_suspend (process (getattr)))
1299. (allow system_suspend system_suspend_control_service (service_manager (add find)))
1300. ;;* lmx 8 system/sepolicy/private/system_suspend.te
1301.  
1302. (neverallow base_typeattr_714 system_suspend_control_service (service_manager (add)))
1303. ;;* lme
1304.  
1305. (allow system_suspend sysfs_power (file (ioctl read write getattr lock append map open watch watch_reads)))
1306. (allow system_suspend sysfs_suspend_stats (dir (ioctl read getattr lock open watch watch_reads search)))
1307. (allow system_suspend sysfs_suspend_stats (file (ioctl read getattr lock map open watch watch_reads)))
1308. (allow system_suspend sysfs_suspend_stats (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1309. (allow system_suspend sysfs_wakeup (dir (ioctl read getattr lock open watch watch_reads search)))
1310. (allow system_suspend sysfs_wakeup (file (ioctl read getattr lock map open watch watch_reads)))
1311. (allow system_suspend sysfs_wakeup (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1312. (allow system_suspend sysfs_type (dir (search)))
1313. ;;* lmx 26 system/sepolicy/private/system_suspend.te
1314.  
1315. (neverallow base_typeattr_715 system_suspend_control_service (service_manager (find)))
1316. ;;* lme
1317.  
1318. (allow init tombstoned_exec (file (read getattr map execute open)))
1319. (allow init tombstoned (process (transition)))
1320. (allow tombstoned tombstoned_exec (file (read getattr map execute open entrypoint)))
1321. (dontaudit init tombstoned (process (noatsecure)))
1322. (allow init tombstoned (process (siginh rlimitinh)))
1323. (typetransition init tombstoned_exec process tombstoned)
1324. (allow init toolbox_exec (file (read getattr map execute open)))
1325. (allow init toolbox (process (transition)))
1326. (allow toolbox toolbox_exec (file (read getattr map execute open entrypoint)))
1327. (dontaudit init toolbox (process (noatsecure)))
1328. (allow init toolbox (process (siginh rlimitinh)))
1329. (typetransition init toolbox_exec process toolbox)
1330. (allow init traced_exec (file (read getattr map execute open)))
1331. (allow init traced (process (transition)))
1332. (allow traced traced_exec (file (read getattr map execute open entrypoint)))
1333. (dontaudit init traced (process (noatsecure)))
1334. (allow init traced (process (siginh rlimitinh)))
1335. (typetransition init traced_exec process traced)
1336. (typetransition traced tmpfs file traced_tmpfs)
1337. (allow traced traced_tmpfs (file (read write getattr map)))
1338. (allow traced self (capability (sys_nice)))
1339. (allow traced self (cap_userns (sys_nice)))
1340. (allow traced perfetto (fd (use)))
1341. (allow traced shell (fd (use)))
1342. (allow traced shell (fifo_file (read write)))
1343. (allow traced perfetto_traces_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1344. (allow traced perfetto_traces_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
1345. (allow traced traceur_app (fd (use)))
1346. (allow traced trace_data_file (file (read write)))
1347. (allow traced iorapd (fd (use)))
1348. (allow traced iorapd_tmpfs (file (read write)))
1349. (allow traced appdomain_tmpfs (file (read write getattr map)))
1350. (allow traced surfaceflinger_tmpfs (file (read write getattr map)))
1351. (allow traced heapprofd_tmpfs (file (read write getattr map)))
1352. (allow traced traced_probes_tmpfs (file (read write getattr map)))
1353. (allow traced property_socket (sock_file (write)))
1354. (allow traced init (unix_stream_socket (connectto)))
1355. (allow traced system_trace_prop (property_service (set)))
1356. (allow traced system_trace_prop (file (read getattr map open)))
1357. (allow traced property_socket (sock_file (write)))
1358. (allow traced init (unix_stream_socket (connectto)))
1359. (allow traced traced_lazy_prop (property_service (set)))
1360. (allow traced traced_lazy_prop (file (read getattr map open)))
1361. ;;* lmx 72 system/sepolicy/private/traced.te
1362.  
1363. (neverallow traced self (process (execmem)))
1364. ;;* lme
1365.  
1366. ;;* lmx 75 system/sepolicy/private/traced.te
1367.  
1368. (neverallow traced dev_type (blk_file (read write)))
1369. ;;* lme
1370.  
1371. ;;* lmx 78 system/sepolicy/private/traced.te
1372.  
1373. (neverallow traced domain (process (ptrace)))
1374. ;;* lme
1375.  
1376. ;;* lmx 92 system/sepolicy/private/traced.te
1377.  
1378. (neverallow traced base_typeattr_662 (dir (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
1379. ;;* lme
1380.  
1381. ;;* lmx 93 system/sepolicy/private/traced.te
1382.  
1383. (neverallow traced system_data_file (dir (ioctl read write create setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent rmdir)))
1384. ;;* lme
1385.  
1386. ;;* lmx 94 system/sepolicy/private/traced.te
1387.  
1388. (neverallow traced zoneinfo_data_file (dir (write create setattr relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access execmod watch_mount watch_sb watch_with_perm add_name remove_name reparent rmdir)))
1389. ;;* lme
1390.  
1391. ;;* lmx 95 system/sepolicy/private/traced.te
1392.  
1393. (neverallow traced base_typeattr_466 (lnk_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1394. ;;* lme
1395.  
1396. ;;* lmx 102 system/sepolicy/private/traced.te
1397.  
1398. (neverallow traced base_typeattr_716 (file (ioctl read create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1399. ;;* lme
1400.  
1401. ;;* lmx 105 system/sepolicy/private/traced.te
1402.  
1403. (neverallow base_typeattr_181 traced (process (transition)))
1404. ;;* lme
1405.  
1406. ;;* lmx 106 system/sepolicy/private/traced.te
1407.  
1408. (neverallow base_typeattr_182 traced (process (dyntransition)))
1409. ;;* lme
1410.  
1411. (allow init traced_perf_exec (file (read getattr map execute open)))
1412. (allow init traced_perf (process (transition)))
1413. (allow traced_perf traced_perf_exec (file (read getattr map execute open entrypoint)))
1414. (dontaudit init traced_perf (process (noatsecure)))
1415. (allow init traced_perf (process (siginh rlimitinh)))
1416. (typetransition init traced_perf_exec process traced_perf)
1417. (allow traced_perf traced (fd (use)))
1418. (allow traced_perf traced_tmpfs (file (read write getattr map)))
1419. (allow traced_perf traced_producer_socket (sock_file (write)))
1420. (allow traced_perf traced (unix_stream_socket (connectto)))
1421. (allow traced traced_perf (fd (use)))
1422. (allow traced_perf self (perf_event (open cpu kernel tracepoint read write)))
1423. (allow traced_perf self (capability (dac_read_search kill)))
1424. (allow traced_perf packages_list_file (file (ioctl read getattr lock map open watch watch_reads)))
1425. (allow traced_perf nativetest_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1426. (allow traced_perf nativetest_data_file (file (ioctl read getattr lock map open watch watch_reads)))
1427. (allow traced_perf nativetest_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1428. (allow traced_perf system_file_type (dir (ioctl read getattr lock open watch watch_reads search)))
1429. (allow traced_perf system_file_type (file (ioctl read getattr lock map open watch watch_reads)))
1430. (allow traced_perf system_file_type (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1431. (allow traced_perf apk_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1432. (allow traced_perf apk_data_file (file (ioctl read getattr lock map open watch watch_reads)))
1433. (allow traced_perf apk_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1434. (allow traced_perf dalvikcache_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1435. (allow traced_perf dalvikcache_data_file (file (ioctl read getattr lock map open watch watch_reads)))
1436. (allow traced_perf dalvikcache_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1437. (allow traced_perf vendor_file_type (dir (ioctl read getattr lock open watch watch_reads search)))
1438. (allow traced_perf vendor_file_type (file (ioctl read getattr lock map open watch watch_reads)))
1439. (allow traced_perf vendor_file_type (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1440. (dontaudit traced_perf domain (dir (getattr open search)))
1441. (dontaudit traced_perf domain (process (signal)))
1442. ;;* lmx 45 system/sepolicy/private/traced_perf.te
1443.  
1444. (neverallow traced_perf app_data_file (file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1445. (neverallow traced_perf privapp_data_file (file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1446. (neverallow traced_perf system_app_data_file (file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1447. ;;* lme
1448.  
1449. ;;* lmx 48 system/sepolicy/private/traced_perf.te
1450.  
1451. (neverallow heapprofd init (file (read)))
1452. (neverallow heapprofd kernel (file (read)))
1453. (neverallow heapprofd keystore (file (read)))
1454. (neverallow heapprofd llkd (file (read)))
1455. (neverallow heapprofd logd (file (read)))
1456. (neverallow heapprofd ueventd (file (read)))
1457. (neverallow heapprofd vendor_init (file (read)))
1458. (neverallow heapprofd vold (file (read)))
1459. (neverallow heapprofd bpfloader (file (read)))
1460. ;;* lme
1461.  
1462. ;;* lmx 48 system/sepolicy/private/traced_perf.te
1463.  
1464. (neverallow heapprofd init (process (signal)))
1465. (neverallow heapprofd kernel (process (signal)))
1466. (neverallow heapprofd keystore (process (signal)))
1467. (neverallow heapprofd llkd (process (signal)))
1468. (neverallow heapprofd logd (process (signal)))
1469. (neverallow heapprofd ueventd (process (signal)))
1470. (neverallow heapprofd vendor_init (process (signal)))
1471. (neverallow heapprofd vold (process (signal)))
1472. (neverallow heapprofd bpfloader (process (signal)))
1473. ;;* lme
1474.  
1475. (allow init traced_probes_exec (file (read getattr map execute open)))
1476. (allow init traced_probes (process (transition)))
1477. (allow traced_probes traced_probes_exec (file (read getattr map execute open entrypoint)))
1478. (dontaudit init traced_probes (process (noatsecure)))
1479. (allow init traced_probes (process (siginh rlimitinh)))
1480. (typetransition init traced_probes_exec process traced_probes)
1481. (typetransition traced_probes tmpfs file traced_probes_tmpfs)
1482. (allow traced_probes traced_probes_tmpfs (file (read write getattr map)))
1483. (allow traced_probes traced (fd (use)))
1484. (allow traced_probes traced_tmpfs (file (read write getattr map)))
1485. (allow traced_probes traced_producer_socket (sock_file (write)))
1486. (allow traced_probes traced (unix_stream_socket (connectto)))
1487. (allow traced traced_probes (fd (use)))
1488. (allow traced_probes debugfs_tracing (dir (ioctl read getattr lock open watch watch_reads search)))
1489. (allow traced_probes debugfs_tracing (file (ioctl read write getattr lock append map open watch watch_reads)))
1490. (allow traced_probes debugfs_trace_marker (file (getattr)))
1491. (allow traced_probes self (capability (sys_nice)))
1492. (allow traced_probes self (cap_userns (sys_nice)))
1493. (allow traced_probes domain (dir (ioctl read getattr lock open watch watch_reads search)))
1494. (allow traced_probes domain (file (ioctl read getattr lock map open watch watch_reads)))
1495. (allow traced_probes domain (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1496. (allow traced_probes packages_list_file (file (ioctl read getattr lock map open watch watch_reads)))
1497. (allow traced_probes kmsg_device (chr_file (write)))
1498. (allow traced_probes system_file (dir (read open)))
1499. (allow traced_probes self (capability (dac_read_search)))
1500. (allow traced_probes self (cap_userns (dac_read_search)))
1501. (allow traced_probes apk_data_file (dir (read getattr open search)))
1502. (allow traced_probes dalvikcache_data_file (dir (read getattr open search)))
1503. (allow traced_probes system_app_data_file (dir (read getattr open search)))
1504. (allow traced_probes backup_data_file (dir (read getattr open search)))
1505. (allow traced_probes bootstat_data_file (dir (read getattr open search)))
1506. (allow traced_probes update_engine_data_file (dir (read getattr open search)))
1507. (allow traced_probes update_engine_log_data_file (dir (read getattr open search)))
1508. (allow traced_probes user_profile_data_file (dir (read getattr open search)))
1509. (allow traced_probes atrace_exec (file (read getattr map execute open)))
1510. (allow traced_probes atrace (process (transition)))
1511. (allow atrace atrace_exec (file (read getattr map execute open entrypoint)))
1512. (allow atrace traced_probes (process (sigchld)))
1513. (dontaudit traced_probes atrace (process (noatsecure)))
1514. (allow traced_probes atrace (process (siginh rlimitinh)))
1515. (typetransition traced_probes atrace_exec process atrace)
1516. (allow traced_probes atrace (process (sigkill)))
1517. (allow traced_probes proc_meminfo (file (ioctl read getattr lock map open watch watch_reads)))
1518. (allow traced_probes proc_stat (file (ioctl read getattr lock map open watch watch_reads)))
1519. (allow traced_probes proc_vmstat (file (ioctl read getattr lock map open watch watch_reads)))
1520. ;;* lmx 90 system/sepolicy/private/traced_probes.te
1521.  
1522. (neverallow traced_probes self (process (execmem)))
1523. ;;* lme
1524.  
1525. ;;* lmx 93 system/sepolicy/private/traced_probes.te
1526.  
1527. (neverallow traced_probes dev_type (blk_file (read write)))
1528. ;;* lme
1529.  
1530. ;;* lmx 96 system/sepolicy/private/traced_probes.te
1531.  
1532. (neverallow traced_probes domain (process (ptrace)))
1533. ;;* lme
1534.  
1535. ;;* lmx 116 system/sepolicy/private/traced_probes.te
1536.  
1537. (neverallow traced_probes base_typeattr_717 (dir (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
1538. ;;* lme
1539.  
1540. ;;* lmx 117 system/sepolicy/private/traced_probes.te
1541.  
1542. (neverallow traced_probes system_data_file (dir (ioctl read write create setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent rmdir)))
1543. ;;* lme
1544.  
1545. ;;* lmx 118 system/sepolicy/private/traced_probes.te
1546.  
1547. (neverallow traced_probes zoneinfo_data_file (dir (write create setattr relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access execmod watch_mount watch_sb watch_with_perm add_name remove_name reparent rmdir)))
1548. ;;* lme
1549.  
1550. ;;* lmx 119 system/sepolicy/private/traced_probes.te
1551.  
1552. (neverallow traced_probes base_typeattr_466 (lnk_file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads)))
1553. ;;* lme
1554.  
1555. ;;* lmx 125 system/sepolicy/private/traced_probes.te
1556.  
1557. (neverallow traced_probes base_typeattr_718 (file (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
1558. ;;* lme
1559.  
1560. ;;* lmx 128 system/sepolicy/private/traced_probes.te
1561.  
1562. (neverallow base_typeattr_181 traced_probes (process (transition)))
1563. ;;* lme
1564.  
1565. ;;* lmx 129 system/sepolicy/private/traced_probes.te
1566.  
1567. (neverallow base_typeattr_182 traced_probes (process (dyntransition)))
1568. ;;* lme
1569.  
1570. (typetransition traceur_app tmpfs file appdomain_tmpfs)
1571. (allow traceur_app appdomain_tmpfs (file (read write getattr map execute)))
1572. ;;* lmx 3 system/sepolicy/private/traceur_app.te
1573.  
1574. (neverallow base_typeattr_719 base_typeattr_720 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1575. ;;* lme
1576.  
1577. ;;* lmx 3 system/sepolicy/private/traceur_app.te
1578.  
1579. (neverallow base_typeattr_721 traceur_app (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1580. ;;* lme
1581.  
1582. ;;* lmx 3 system/sepolicy/private/traceur_app.te
1583.  
1584. (neverallow base_typeattr_722 traceur_app (process (ptrace)))
1585. ;;* lme
1586.  
1587. (allow traceur_app debugfs_tracing (file (ioctl read write getattr lock append map open watch watch_reads)))
1588. (allow traceur_app debugfs_tracing_debug (dir (ioctl read getattr lock open watch watch_reads search)))
1589. (allow traceur_app trace_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1590. (allow traceur_app trace_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
1591. (allow traceur_app atrace_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1592. (allow traceur_app perfetto_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1593. (allow traceur_app traced_consumer_socket (sock_file (write)))
1594. (allow traceur_app traced (unix_stream_socket (connectto)))
1595. (dontaudit traceur_app debugfs_tracing_debug (file (audit_access)))
1596. (allow init tzdatacheck_exec (file (read getattr map execute open)))
1597. (allow init tzdatacheck (process (transition)))
1598. (allow tzdatacheck tzdatacheck_exec (file (read getattr map execute open entrypoint)))
1599. (dontaudit init tzdatacheck (process (noatsecure)))
1600. (allow init tzdatacheck (process (siginh rlimitinh)))
1601. (typetransition init tzdatacheck_exec process tzdatacheck)
1602. (typetransition ueventd tmpfs file ueventd_tmpfs)
1603. (allow ueventd ueventd_tmpfs (file (read write getattr map)))
1604. (allow init uncrypt_exec (file (read getattr map execute open)))
1605. (allow init uncrypt (process (transition)))
1606. (allow uncrypt uncrypt_exec (file (read getattr map execute open entrypoint)))
1607. (dontaudit init uncrypt (process (noatsecure)))
1608. (allow init uncrypt (process (siginh rlimitinh)))
1609. (typetransition init uncrypt_exec process uncrypt)
1610. (typetransition untrusted_app tmpfs file appdomain_tmpfs)
1611. (allow untrusted_app appdomain_tmpfs (file (read write getattr map execute)))
1612. ;;* lmx 13 system/sepolicy/private/untrusted_app.te
1613.  
1614. (neverallow base_typeattr_723 base_typeattr_724 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1615. ;;* lme
1616.  
1617. ;;* lmx 13 system/sepolicy/private/untrusted_app.te
1618.  
1619. (neverallow base_typeattr_725 untrusted_app (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1620. ;;* lme
1621.  
1622. ;;* lmx 13 system/sepolicy/private/untrusted_app.te
1623.  
1624. (neverallow base_typeattr_726 untrusted_app (process (ptrace)))
1625. ;;* lme
1626.  
1627. (typetransition untrusted_app_25 tmpfs file appdomain_tmpfs)
1628. (allow untrusted_app_25 appdomain_tmpfs (file (read write getattr map execute)))
1629. ;;* lmx 13 system/sepolicy/private/untrusted_app_25.te
1630.  
1631. (neverallow base_typeattr_727 base_typeattr_728 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1632. ;;* lme
1633.  
1634. ;;* lmx 13 system/sepolicy/private/untrusted_app_25.te
1635.  
1636. (neverallow base_typeattr_729 untrusted_app_25 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1637. ;;* lme
1638.  
1639. ;;* lmx 13 system/sepolicy/private/untrusted_app_25.te
1640.  
1641. (neverallow base_typeattr_730 untrusted_app_25 (process (ptrace)))
1642. ;;* lme
1643.  
1644. (allow untrusted_app_25 proc_misc (file (ioctl read getattr lock map open watch watch_reads)))
1645. (allow untrusted_app_25 proc_tty_drivers (file (ioctl read getattr lock map open watch watch_reads)))
1646. (allow untrusted_app_25 apk_data_file (file (execmod)))
1647. (allow untrusted_app_25 app_data_file (file (execmod)))
1648. (allow untrusted_app_25 asec_public_file (file (execmod)))
1649. (allow untrusted_app_25 app_data_file (file (execute_no_trans)))
1650. (auditallow untrusted_app_25 app_data_file (file (execute execute_no_trans)))
1651. (allow untrusted_app_25 dex2oat_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1652. (allow untrusted_app_25 ashmem_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
1653. (auditallow untrusted_app_25 ashmem_device (chr_file (open)))
1654. (allow untrusted_app_25 mnt_sdcard_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1655. (allow untrusted_app_25 self (netlink_route_socket (bind nlmsg_readpriv)))
1656. (typetransition untrusted_app_27 tmpfs file appdomain_tmpfs)
1657. (allow untrusted_app_27 appdomain_tmpfs (file (read write getattr map execute)))
1658. ;;* lmx 13 system/sepolicy/private/untrusted_app_27.te
1659.  
1660. (neverallow base_typeattr_731 base_typeattr_732 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1661. ;;* lme
1662.  
1663. ;;* lmx 13 system/sepolicy/private/untrusted_app_27.te
1664.  
1665. (neverallow base_typeattr_733 untrusted_app_27 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1666. ;;* lme
1667.  
1668. ;;* lmx 13 system/sepolicy/private/untrusted_app_27.te
1669.  
1670. (neverallow base_typeattr_734 untrusted_app_27 (process (ptrace)))
1671. ;;* lme
1672.  
1673. (allow untrusted_app_27 apk_data_file (file (execmod)))
1674. (allow untrusted_app_27 app_data_file (file (execmod)))
1675. (allow untrusted_app_27 asec_public_file (file (execmod)))
1676. (allow untrusted_app_27 app_data_file (file (execute_no_trans)))
1677. (auditallow untrusted_app_27 app_data_file (file (execute execute_no_trans)))
1678. (allow untrusted_app_27 dex2oat_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1679. (allow untrusted_app_27 ashmem_device (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
1680. (auditallow untrusted_app_27 ashmem_device (chr_file (open)))
1681. (allow untrusted_app_27 mnt_sdcard_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1682. (allow untrusted_app_27 self (netlink_route_socket (bind nlmsg_readpriv)))
1683. (typetransition untrusted_app_29 tmpfs file appdomain_tmpfs)
1684. (allow untrusted_app_29 appdomain_tmpfs (file (read write getattr map execute)))
1685. ;;* lmx 13 system/sepolicy/private/untrusted_app_29.te
1686.  
1687. (neverallow base_typeattr_735 base_typeattr_736 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1688. ;;* lme
1689.  
1690. ;;* lmx 13 system/sepolicy/private/untrusted_app_29.te
1691.  
1692. (neverallow base_typeattr_737 untrusted_app_29 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1693. ;;* lme
1694.  
1695. ;;* lmx 13 system/sepolicy/private/untrusted_app_29.te
1696.  
1697. (neverallow base_typeattr_738 untrusted_app_29 (process (ptrace)))
1698. ;;* lme
1699.  
1700. (allow untrusted_app_29 self (netlink_route_socket (bind nlmsg_readpriv)))
1701. (allow untrusted_app_all privapp_data_file (file (ioctl read getattr lock map execute open watch watch_reads)))
1702. (allow untrusted_app_all app_data_file (file (ioctl read getattr lock map execute open watch watch_reads)))
1703. (auditallow untrusted_app_all app_data_file (file (execute)))
1704. (allow untrusted_app_all system_linker_exec (file (execute_no_trans)))
1705. (allow untrusted_app_all privapp_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1706. (allow untrusted_app_all app_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1707. (allow untrusted_app_all app_data_file (sock_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1708. (allow untrusted_app_all app_data_file (fifo_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1709. (allow untrusted_app_all app_exec_data_file (file (ioctl read getattr lock map unlink execute open watch watch_reads)))
1710. (allow untrusted_app_all asec_apk_file (file (ioctl read getattr lock map open watch watch_reads)))
1711. (allow untrusted_app_all asec_apk_file (dir (ioctl read getattr lock open watch watch_reads search)))
1712. (allow untrusted_app_all asec_public_file (file (execute)))
1713. (allow untrusted_app_all shell_data_file (file (ioctl read getattr lock map open watch watch_reads)))
1714. (allow untrusted_app_all shell_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1715. (allow untrusted_app_all trace_data_file (file (read getattr)))
1716. ;;* lmx 64 system/sepolicy/private/untrusted_app_all.te
1717.  
1718. (neverallow untrusted_app_all trace_data_file (dir (ioctl read write create getattr setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
1719. ;;* lme
1720.  
1721. ;;* lmx 65 system/sepolicy/private/untrusted_app_all.te
1722.  
1723. (neverallow untrusted_app_all trace_data_file (file (write create setattr relabelfrom append unlink link rename open)))
1724. ;;* lme
1725.  
1726. (allow untrusted_app_all apk_tmp_file (file (read getattr)))
1727. (allow untrusted_app_all apk_private_tmp_file (file (read getattr)))
1728. (allow untrusted_app_all system_app_data_file (file (read write getattr)))
1729. (allow untrusted_app_all media_rw_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
1730. (allow untrusted_app_all media_rw_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
1731. (allow untrusted_app_all mnt_media_rw_file (dir (search)))
1732. (allow untrusted_app_all servicemanager (service_manager (list)))
1733. (allow untrusted_app_all audioserver_service (service_manager (find)))
1734. (allow untrusted_app_all cameraserver_service (service_manager (find)))
1735. (allow untrusted_app_all drmserver_service (service_manager (find)))
1736. (allow untrusted_app_all mediaserver_service (service_manager (find)))
1737. (allow untrusted_app_all mediaextractor_service (service_manager (find)))
1738. (allow untrusted_app_all mediametrics_service (service_manager (find)))
1739. (allow untrusted_app_all mediadrmserver_service (service_manager (find)))
1740. (allow untrusted_app_all nfc_service (service_manager (find)))
1741. (allow untrusted_app_all radio_service (service_manager (find)))
1742. (allow untrusted_app_all app_api_service (service_manager (find)))
1743. (allow untrusted_app_all vr_manager_service (service_manager (find)))
1744. (allow untrusted_app_all gpu_service (service_manager (find)))
1745. (allow untrusted_app_all gpuservice (binder (call transfer)))
1746. (allow gpuservice untrusted_app_all (binder (transfer)))
1747. (allow untrusted_app_all gpuservice (fd (use)))
1748. (allow untrusted_app_all self (process (ptrace)))
1749. (allow untrusted_app_all runas_app (unix_stream_socket (connectto)))
1750. (allow untrusted_app_all runas_app (process (sigchld)))
1751. (allow untrusted_app_all sysfs_hwrandom (dir (search)))
1752. (allow untrusted_app_all sysfs_hwrandom (file (ioctl read getattr lock map open watch watch_reads)))
1753. (allow untrusted_app_all preloads_media_file (dir (ioctl read getattr lock open watch watch_reads search)))
1754. (allow untrusted_app_all preloads_media_file (file (ioctl read getattr lock map open watch watch_reads)))
1755. (allow untrusted_app_all preloads_data_file (dir (search)))
1756. (allow untrusted_app_all vendor_app_file (dir (read getattr open search)))
1757. (allow untrusted_app_all vendor_app_file (file (ioctl read getattr lock map execute open watch watch_reads)))
1758. (allow untrusted_app_all vendor_app_file (lnk_file (read getattr open)))
1759. (allow untrusted_app_all traced (fd (use)))
1760. (allow untrusted_app_all traced_tmpfs (file (read write getattr map)))
1761. (allow untrusted_app_all traced_producer_socket (sock_file (write)))
1762. (allow untrusted_app_all traced (unix_stream_socket (connectto)))
1763. (allow traced untrusted_app_all (fd (use)))
1764. (allow heapprofd untrusted_app_all (process (signal)))
1765. (allow untrusted_app_all heapprofd_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1766. (allow heapprofd untrusted_app_all (file (ioctl read getattr lock map open watch watch_reads)))
1767. (allow heapprofd untrusted_app_all (dir (ioctl read getattr lock open watch watch_reads search)))
1768. (allow traced_perf untrusted_app_all (file (ioctl read getattr lock map open watch watch_reads)))
1769. (allow traced_perf untrusted_app_all (dir (ioctl read getattr lock open watch watch_reads search)))
1770. (allow traced_perf untrusted_app_all (process (signal)))
1771. (allow untrusted_app_all traced_perf_socket (sock_file (write)))
1772. (allow untrusted_app_all traced_perf (unix_stream_socket (connectto)))
1773. (allow traced_perf untrusted_app_all (fd (use)))
1774. (allow untrusted_app_all system_server (udp_socket (read write getattr connect getopt setopt recvfrom sendto)))
1775. (allow untrusted_app_all rs_exec (file (read getattr map execute open)))
1776. (allow untrusted_app_all rs (process (transition)))
1777. (allow rs rs_exec (file (read getattr map execute open entrypoint)))
1778. (allow rs untrusted_app_all (process (sigchld)))
1779. (dontaudit untrusted_app_all rs (process (noatsecure)))
1780. (allow untrusted_app_all rs (process (siginh rlimitinh)))
1781. (typetransition untrusted_app_all rs_exec process rs)
1782. (dontaudit untrusted_app_all net_dns_prop (file (read)))
1783. (dontaudit untrusted_app_all proc_stat (file (read)))
1784. (dontaudit untrusted_app_all proc_vmstat (file (read)))
1785. (dontaudit untrusted_app_all proc_uptime (file (read)))
1786. (typetransition untrusted_app_all devpts chr_file untrusted_app_all_devpts)
1787. (allow untrusted_app_all untrusted_app_all_devpts (chr_file (ioctl read write getattr open)))
1788. (allowx untrusted_app_all untrusted_app_all_devpts (ioctl chr_file ((range 0x5401 0x5403) 0x540b (range 0x540e 0x5411) (range 0x5413 0x5414) (range 0x5450 0x5451))))
1789. ;;* lmx 163 system/sepolicy/private/untrusted_app_all.te
1790.  
1791. (neverallowx base_typeattr_182 untrusted_app_all_devpts (ioctl chr_file (0x5412)))
1792. ;;* lme
1793.  
1794. (allow untrusted_app_all simpleperf (process (signal)))
1795. (allow init update_engine_exec (file (read getattr map execute open)))
1796. (allow init update_engine (process (transition)))
1797. (allow update_engine update_engine_exec (file (read getattr map execute open entrypoint)))
1798. (dontaudit init update_engine (process (noatsecure)))
1799. (allow init update_engine (process (siginh rlimitinh)))
1800. (typetransition init update_engine_exec process update_engine)
1801. (allow update_engine gsi_service (service_manager (find)))
1802. (allow update_engine gsid (binder (call transfer)))
1803. (allow gsid update_engine (binder (transfer)))
1804. (allow update_engine gsid (fd (use)))
1805. (allow update_engine_common postinstall_file (file (read getattr map execute open)))
1806. (allow update_engine_common postinstall (process (transition)))
1807. (allow postinstall postinstall_file (file (read getattr map execute open entrypoint)))
1808. (allow postinstall update_engine_common (process (sigchld)))
1809. (dontaudit update_engine_common postinstall (process (noatsecure)))
1810. (allow update_engine_common postinstall (process (siginh rlimitinh)))
1811. (typetransition update_engine_common postinstall_file process postinstall)
1812. (allow init update_verifier_exec (file (read getattr map execute open)))
1813. (allow init update_verifier (process (transition)))
1814. (allow update_verifier update_verifier_exec (file (read getattr map execute open entrypoint)))
1815. (dontaudit init update_verifier (process (noatsecure)))
1816. (allow init update_verifier (process (siginh rlimitinh)))
1817. (typetransition init update_verifier_exec process update_verifier)
1818. (allow init usbd_exec (file (read getattr map execute open)))
1819. (allow init usbd (process (transition)))
1820. (allow usbd usbd_exec (file (read getattr map execute open entrypoint)))
1821. (dontaudit init usbd (process (noatsecure)))
1822. (allow init usbd (process (siginh rlimitinh)))
1823. (typetransition init usbd_exec process usbd)
1824. (allow usbd system_prop (file (read getattr map open)))
1825. (allow usbd property_socket (sock_file (write)))
1826. (allow usbd init (unix_stream_socket (connectto)))
1827. (allow usbd ctl_default_prop (property_service (set)))
1828. (allow usbd ctl_default_prop (file (read getattr map open)))
1829. (allow init vdc_exec (file (read getattr map execute open)))
1830. (allow init vdc (process (transition)))
1831. (allow vdc vdc_exec (file (read getattr map execute open entrypoint)))
1832. (dontaudit init vdc (process (noatsecure)))
1833. (allow init vdc (process (siginh rlimitinh)))
1834. (typetransition init vdc_exec process vdc)
1835. (dontaudit vendor_init sysfs (dir (write)))
1836. (allow vendor_init system_data_root_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
1837. (allow vendor_init property_socket (sock_file (write)))
1838. (allow vendor_init init (unix_stream_socket (connectto)))
1839. (allow vendor_init adbd_config_prop (property_service (set)))
1840. (allow vendor_init adbd_config_prop (file (read getattr map open)))
1841. (typetransition viewcompiler tmpfs file viewcompiler_tmpfs)
1842. (allow viewcompiler viewcompiler_tmpfs (file (read write getattr map)))
1843. (allow viewcompiler installd (fd (use)))
1844. (allow viewcompiler app_data_file (file (write getattr)))
1845. (allow viewcompiler apk_data_file (file (read map)))
1846. ;;* lmx 25 system/sepolicy/private/viewcompiler.te
1847.  
1848. (neverallow viewcompiler privapp_data_file (file (write create setattr relabelfrom append unlink link rename)))
1849. ;;* lme
1850.  
1851. (allow init virtual_touchpad_exec (file (read getattr map execute open)))
1852. (allow init virtual_touchpad (process (transition)))
1853. (allow virtual_touchpad virtual_touchpad_exec (file (read getattr map execute open entrypoint)))
1854. (dontaudit init virtual_touchpad (process (noatsecure)))
1855. (allow init virtual_touchpad (process (siginh rlimitinh)))
1856. (typetransition init virtual_touchpad_exec process virtual_touchpad)
1857. (allow init vold_exec (file (read getattr map execute open)))
1858. (allow init vold (process (transition)))
1859. (allow vold vold_exec (file (read getattr map execute open entrypoint)))
1860. (dontaudit init vold (process (noatsecure)))
1861. (allow init vold (process (siginh rlimitinh)))
1862. (typetransition init vold_exec process vold)
1863. (allow vold sgdisk_exec (file (read getattr map execute open)))
1864. (allow vold sgdisk (process (transition)))
1865. (allow sgdisk sgdisk_exec (file (read getattr map execute open entrypoint)))
1866. (allow sgdisk vold (process (sigchld)))
1867. (dontaudit vold sgdisk (process (noatsecure)))
1868. (allow vold sgdisk (process (siginh rlimitinh)))
1869. (typetransition vold sgdisk_exec process sgdisk)
1870. (allow vold sdcardd_exec (file (read getattr map execute open)))
1871. (allow vold sdcardd (process (transition)))
1872. (allow sdcardd sdcardd_exec (file (read getattr map execute open entrypoint)))
1873. (allow sdcardd vold (process (sigchld)))
1874. (dontaudit vold sdcardd (process (noatsecure)))
1875. (allow vold sdcardd (process (siginh rlimitinh)))
1876. (typetransition vold sdcardd_exec process sdcardd)
1877. (allow vold blkid_exec (file (read getattr map execute open)))
1878. (allow vold blkid (process (transition)))
1879. (allow blkid blkid_exec (file (read getattr map execute open entrypoint)))
1880. (allow blkid vold (process (sigchld)))
1881. (dontaudit vold blkid (process (noatsecure)))
1882. (allow vold blkid (process (siginh rlimitinh)))
1883. (allow vold blkid_exec (file (read getattr map execute open)))
1884. (allow vold blkid_untrusted (process (transition)))
1885. (allow blkid_untrusted blkid_exec (file (read getattr map execute open entrypoint)))
1886. (allow blkid_untrusted vold (process (sigchld)))
1887. (dontaudit vold blkid_untrusted (process (noatsecure)))
1888. (allow vold blkid_untrusted (process (siginh rlimitinh)))
1889. (allow vold fsck_exec (file (read getattr map execute open)))
1890. (allow vold fsck (process (transition)))
1891. (allow fsck fsck_exec (file (read getattr map execute open entrypoint)))
1892. (allow fsck vold (process (sigchld)))
1893. (dontaudit vold fsck (process (noatsecure)))
1894. (allow vold fsck (process (siginh rlimitinh)))
1895. (allow vold fsck_exec (file (read getattr map execute open)))
1896. (allow vold fsck_untrusted (process (transition)))
1897. (allow fsck_untrusted fsck_exec (file (read getattr map execute open entrypoint)))
1898. (allow fsck_untrusted vold (process (sigchld)))
1899. (dontaudit vold fsck_untrusted (process (noatsecure)))
1900. (allow vold fsck_untrusted (process (siginh rlimitinh)))
1901. (typetransition vold storage_file dir storage_stub_file)
1902. (typetransition vold mnt_media_rw_file dir mnt_media_rw_stub_file)
1903. (allow vold vold_prepare_subdirs_exec (file (read getattr map execute open)))
1904. (allow vold vold_prepare_subdirs (process (transition)))
1905. (allow vold_prepare_subdirs vold_prepare_subdirs_exec (file (read getattr map execute open entrypoint)))
1906. (allow vold_prepare_subdirs vold (process (sigchld)))
1907. (dontaudit vold vold_prepare_subdirs (process (noatsecure)))
1908. (allow vold vold_prepare_subdirs (process (siginh rlimitinh)))
1909. (typetransition vold vold_prepare_subdirs_exec process vold_prepare_subdirs)
1910. (allow vold_prepare_subdirs system_file (file (execute_no_trans)))
1911. (allow vold_prepare_subdirs shell_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1912. (allow vold_prepare_subdirs toolbox_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
1913. (allow vold_prepare_subdirs devpts (chr_file (ioctl read write getattr lock append map open watch watch_reads)))
1914. (allow vold_prepare_subdirs vold (fd (use)))
1915. (allow vold_prepare_subdirs vold (fifo_file (read write)))
1916. (allow vold_prepare_subdirs file_contexts_file (file (ioctl read getattr lock map open watch watch_reads)))
1917. (allow vold_prepare_subdirs self (capability (chown dac_override dac_read_search fowner)))
1918. (allow vold_prepare_subdirs self (cap_userns (chown dac_override dac_read_search fowner)))
1919. (allow vold_prepare_subdirs self (process (setfscreate)))
1920. (allow vold_prepare_subdirs system_data_file (dir (read write relabelfrom open add_name remove_name rmdir)))
1921. (allow vold_prepare_subdirs vendor_data_file (dir (read write relabelfrom open add_name remove_name rmdir)))
1922. (allow vold_prepare_subdirs apex_module_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1923. (allow vold_prepare_subdirs apex_permission_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1924. (allow vold_prepare_subdirs apex_rollback_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1925. (allow vold_prepare_subdirs apex_wifi_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1926. (allow vold_prepare_subdirs vold_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1927. (allow vold_prepare_subdirs backup_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1928. (allow vold_prepare_subdirs fingerprint_vendor_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1929. (allow vold_prepare_subdirs face_vendor_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1930. (allow vold_prepare_subdirs iris_vendor_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1931. (allow vold_prepare_subdirs storaged_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1932. (allow vold_prepare_subdirs rollback_data_file (dir (ioctl read write create getattr setattr lock relabelto rename open watch watch_reads add_name remove_name reparent search rmdir)))
1933. (allow vold_prepare_subdirs system_data_file (file (getattr unlink)))
1934. (allow vold_prepare_subdirs apex_module_data_file (file (getattr unlink)))
1935. (allow vold_prepare_subdirs apex_permission_data_file (file (getattr unlink)))
1936. (allow vold_prepare_subdirs apex_rollback_data_file (file (getattr unlink)))
1937. (allow vold_prepare_subdirs apex_wifi_data_file (file (getattr unlink)))
1938. (allow vold_prepare_subdirs vold_data_file (file (getattr unlink)))
1939. (allow vold_prepare_subdirs backup_data_file (file (getattr unlink)))
1940. (allow vold_prepare_subdirs fingerprint_vendor_data_file (file (getattr unlink)))
1941. (allow vold_prepare_subdirs face_vendor_data_file (file (getattr unlink)))
1942. (allow vold_prepare_subdirs iris_vendor_data_file (file (getattr unlink)))
1943. (allow vold_prepare_subdirs storaged_data_file (file (getattr unlink)))
1944. (allow vold_prepare_subdirs rollback_data_file (file (getattr unlink)))
1945. (allow vold_prepare_subdirs apex_mnt_dir (dir (read open)))
1946. (dontaudit vold_prepare_subdirs proc (file (ioctl read getattr lock map open watch watch_reads)))
1947. (dontaudit vold_prepare_subdirs unlabeled (file (ioctl read getattr lock map open watch watch_reads)))
1948. (allow init vr_hwc_exec (file (read getattr map execute open)))
1949. (allow init vr_hwc (process (transition)))
1950. (allow vr_hwc vr_hwc_exec (file (read getattr map execute open entrypoint)))
1951. (dontaudit init vr_hwc (process (noatsecure)))
1952. (allow init vr_hwc (process (siginh rlimitinh)))
1953. (typetransition init vr_hwc_exec process vr_hwc)
1954. (typetransition vzwomatrigger_app tmpfs file appdomain_tmpfs)
1955. (allow vzwomatrigger_app appdomain_tmpfs (file (read write getattr map execute)))
1956. ;;* lmx 6 system/sepolicy/private/vzwomatrigger_app.te
1957.  
1958. (neverallow base_typeattr_739 base_typeattr_740 (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1959. ;;* lme
1960.  
1961. ;;* lmx 6 system/sepolicy/private/vzwomatrigger_app.te
1962.  
1963. (neverallow base_typeattr_741 vzwomatrigger_app (file (ioctl read write create setattr lock relabelfrom append unlink link rename open watch watch_mount watch_sb watch_with_perm watch_reads)))
1964. ;;* lme
1965.  
1966. ;;* lmx 6 system/sepolicy/private/vzwomatrigger_app.te
1967.  
1968. (neverallow base_typeattr_742 vzwomatrigger_app (process (ptrace)))
1969. ;;* lme
1970.  
1971. (allow init wait_for_keymaster_exec (file (read getattr map execute open)))
1972. (allow init wait_for_keymaster (process (transition)))
1973. (allow wait_for_keymaster wait_for_keymaster_exec (file (read getattr map execute open entrypoint)))
1974. (dontaudit init wait_for_keymaster (process (noatsecure)))
1975. (allow init wait_for_keymaster (process (siginh rlimitinh)))
1976. (typetransition init wait_for_keymaster_exec process wait_for_keymaster)
1977. (allow wait_for_keymaster kmsg_device (chr_file (write lock append map open)))
1978. (allow init watchdogd_exec (file (read getattr map execute open)))
1979. (allow init watchdogd (process (transition)))
1980. (allow watchdogd watchdogd_exec (file (read getattr map execute open entrypoint)))
1981. (dontaudit init watchdogd (process (noatsecure)))
1982. (allow init watchdogd (process (siginh rlimitinh)))
1983. (typetransition init watchdogd_exec process watchdogd)
1984. (typetransition webview_zygote tmpfs file webview_zygote_tmpfs)
1985. (allow webview_zygote webview_zygote_tmpfs (file (read write getattr map)))
1986. (allow webview_zygote apk_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1987. (allow webview_zygote apk_data_file (file (ioctl read getattr lock map execute open watch watch_reads)))
1988. (allow webview_zygote shared_relro_file (dir (search)))
1989. (allow webview_zygote shared_relro_file (file (ioctl read getattr lock map open watch watch_reads)))
1990. (allow webview_zygote self (capability (setgid setuid)))
1991. (allow webview_zygote self (cap_userns (setgid setuid)))
1992. (allow webview_zygote self (capability (setpcap)))
1993. (allow webview_zygote self (cap_userns (setpcap)))
1994. (allow webview_zygote self (process (setcurrent)))
1995. (allow webview_zygote isolated_app (process (dyntransition)))
1996. (allow webview_zygote dalvikcache_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
1997. (allow webview_zygote dalvikcache_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
1998. (allow webview_zygote dalvikcache_data_file (file (ioctl read getattr lock map execute open watch watch_reads)))
1999. (allow webview_zygote self (process (execmem)))
2000. (allow webview_zygote debugfs_trace_marker (file (getattr)))
2001. (allow webview_zygote system_server (process (getpgid)))
2002. (allow webview_zygote isolated_app (process (setpgid)))
2003. (dontaudit webview_zygote mnt_expand_file (dir (getattr)))
2004. (dontaudit webview_zygote dex2oat_exec (file (execute)))
2005. (allow webview_zygote seapp_contexts_file (file (ioctl read getattr lock map open watch watch_reads)))
2006. (allow webview_zygote selinuxfs (dir (ioctl read getattr lock open watch watch_reads search)))
2007. (allow webview_zygote selinuxfs (file (ioctl read getattr lock map open watch watch_reads)))
2008. (allow webview_zygote selinuxfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2009. (allow webview_zygote selinuxfs (file (write lock append map open)))
2010. (allow webview_zygote kernel (security (check_context)))
2011. (allow webview_zygote selinuxfs (dir (ioctl read getattr lock open watch watch_reads search)))
2012. (allow webview_zygote selinuxfs (file (ioctl read getattr lock map open watch watch_reads)))
2013. (allow webview_zygote selinuxfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2014. (allow webview_zygote selinuxfs (file (write lock append map open)))
2015. (allow webview_zygote kernel (security (compute_av)))
2016. (allow webview_zygote self (netlink_selinux_socket (read write create getattr setattr lock relabelfrom relabelto append bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2017. (allow webview_zygote system_file (dir (ioctl read getattr lock open watch watch_reads search)))
2018. (allow webview_zygote zygote_tmpfs (file (read getattr)))
2019. (allow webview_zygote zygote (fd (use)))
2020. (allow webview_zygote zygote (process (sigchld)))
2021. (allow webview_zygote vendor_overlay_file (dir (ioctl read getattr lock open watch watch_reads search)))
2022. (allow webview_zygote vendor_overlay_file (file (ioctl read getattr lock map open watch watch_reads)))
2023. (allow webview_zygote vendor_overlay_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2024. (allow webview_zygote same_process_hal_file (file (read getattr map execute open)))
2025. (allow webview_zygote system_data_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2026. (allow webview_zygote system_unsolzygote_socket (sock_file (write)))
2027. (allow webview_zygote system_server (unix_dgram_socket (sendto)))
2028. ;;* lmx 88 system/sepolicy/private/webview_zygote.te
2029.  
2030. (neverallow webview_zygote base_typeattr_556 (process (dyntransition)))
2031. ;;* lme
2032.  
2033. ;;* lmx 91 system/sepolicy/private/webview_zygote.te
2034.  
2035. (neverallow webview_zygote base_typeattr_557 (process (transition)))
2036. ;;* lme
2037.  
2038. ;;* lmx 95 system/sepolicy/private/webview_zygote.te
2039.  
2040. (neverallow webview_zygote base_typeattr_182 (file (execute_no_trans)))
2041. ;;* lme
2042.  
2043. ;;* lmx 99 system/sepolicy/private/webview_zygote.te
2044.  
2045. (neverallow base_typeattr_558 webview_zygote (process (dyntransition)))
2046. ;;* lme
2047.  
2048. ;;* lmx 102 system/sepolicy/private/webview_zygote.te
2049.  
2050. (neverallow webview_zygote property_socket (sock_file (write)))
2051. ;;* lme
2052.  
2053. ;;* lmx 103 system/sepolicy/private/webview_zygote.te
2054.  
2055. (neverallow webview_zygote property_type (property_service (set)))
2056. ;;* lme
2057.  
2058. ;;* lmx 114 system/sepolicy/private/webview_zygote.te
2059.  
2060. (neverallow webview_zygote shell_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2061. (neverallow webview_zygote bluetooth_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2062. (neverallow webview_zygote nfc_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2063. (neverallow webview_zygote radio_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2064. (neverallow webview_zygote app_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2065. (neverallow webview_zygote privapp_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2066. (neverallow webview_zygote system_app_data_file (file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2067. ;;* lme
2068.  
2069. ;;* lmx 120 system/sepolicy/private/webview_zygote.te
2070.  
2071. (neverallow webview_zygote base_typeattr_559 (service_manager (find)))
2072. ;;* lme
2073.  
2074. ;;* lmx 123 system/sepolicy/private/webview_zygote.te
2075.  
2076. (neverallow webview_zygote gpu_device (chr_file (ioctl read write getattr lock append map execute open watch watch_reads execute_no_trans)))
2077. ;;* lme
2078.  
2079. ;;* lmx 126 system/sepolicy/private/webview_zygote.te
2080.  
2081. (neverallow webview_zygote cache_file (dir (write create setattr relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access execmod watch_mount watch_sb watch_with_perm add_name remove_name reparent rmdir)))
2082. ;;* lme
2083.  
2084. ;;* lmx 127 system/sepolicy/private/webview_zygote.te
2085.  
2086. (neverallow webview_zygote cache_file (file (ioctl write create setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads execute_no_trans entrypoint)))
2087. ;;* lme
2088.  
2089. ;;* lmx 144 system/sepolicy/private/webview_zygote.te
2090.  
2091. (neverallow webview_zygote domain (socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2092. (neverallow webview_zygote domain (tcp_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind node_bind name_connect)))
2093. (neverallow webview_zygote domain (udp_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind node_bind)))
2094. (neverallow webview_zygote domain (rawip_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind node_bind)))
2095. (neverallow webview_zygote domain (netlink_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2096. (neverallow webview_zygote domain (packet_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2097. (neverallow webview_zygote domain (key_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2098. (neverallow webview_zygote domain (netlink_route_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind nlmsg_read nlmsg_write nlmsg_readpriv)))
2099. (neverallow webview_zygote domain (netlink_tcpdiag_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind nlmsg_read nlmsg_write)))
2100. (neverallow webview_zygote domain (netlink_nflog_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2101. (neverallow webview_zygote domain (netlink_xfrm_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind nlmsg_read nlmsg_write)))
2102. (neverallow webview_zygote domain (netlink_audit_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind nlmsg_read nlmsg_write nlmsg_relay nlmsg_readpriv nlmsg_tty_audit)))
2103. (neverallow webview_zygote domain (netlink_dnrt_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2104. (neverallow webview_zygote domain (netlink_kobject_uevent_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2105. (neverallow webview_zygote domain (appletalk_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2106. (neverallow webview_zygote domain (tun_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind attach_queue)))
2107. (neverallow webview_zygote domain (netlink_iscsi_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2108. (neverallow webview_zygote domain (netlink_fib_lookup_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2109. (neverallow webview_zygote domain (netlink_connector_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2110. (neverallow webview_zygote domain (netlink_netfilter_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2111. (neverallow webview_zygote domain (netlink_generic_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2112. (neverallow webview_zygote domain (netlink_scsitransport_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2113. (neverallow webview_zygote domain (netlink_rdma_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2114. (neverallow webview_zygote domain (netlink_crypto_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2115. (neverallow webview_zygote domain (sctp_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind node_bind name_connect association)))
2116. (neverallow webview_zygote domain (icmp_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind node_bind)))
2117. (neverallow webview_zygote domain (ax25_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2118. (neverallow webview_zygote domain (ipx_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2119. (neverallow webview_zygote domain (netrom_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2120. (neverallow webview_zygote domain (atmpvc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2121. (neverallow webview_zygote domain (x25_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2122. (neverallow webview_zygote domain (rose_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2123. (neverallow webview_zygote domain (decnet_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2124. (neverallow webview_zygote domain (atmsvc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2125. (neverallow webview_zygote domain (rds_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2126. (neverallow webview_zygote domain (irda_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2127. (neverallow webview_zygote domain (pppox_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2128. (neverallow webview_zygote domain (llc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2129. (neverallow webview_zygote domain (can_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2130. (neverallow webview_zygote domain (tipc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2131. (neverallow webview_zygote domain (bluetooth_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2132. (neverallow webview_zygote domain (iucv_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2133. (neverallow webview_zygote domain (rxrpc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2134. (neverallow webview_zygote domain (isdn_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2135. (neverallow webview_zygote domain (phonet_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2136. (neverallow webview_zygote domain (ieee802154_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2137. (neverallow webview_zygote domain (caif_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2138. (neverallow webview_zygote domain (alg_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2139. (neverallow webview_zygote domain (nfc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2140. (neverallow webview_zygote domain (vsock_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2141. (neverallow webview_zygote domain (kcm_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2142. (neverallow webview_zygote domain (qipcrtr_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2143. (neverallow webview_zygote domain (smc_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2144. (neverallow webview_zygote domain (xdp_socket (ioctl read write create getattr setattr lock relabelfrom relabelto append map bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2145. ;;* lme
2146.  
2147. ;;* lmx 153 system/sepolicy/private/webview_zygote.te
2148.  
2149. (neverallow webview_zygote bluetooth_a2dp_offload_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2150. (neverallow webview_zygote bluetooth_audio_hal_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2151. (neverallow webview_zygote bluetooth_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2152. (neverallow webview_zygote exported_bluetooth_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2153. ;;* lme
2154.  
2155. (allow init wificond_exec (file (read getattr map execute open)))
2156. (allow init wificond (process (transition)))
2157. (allow wificond wificond_exec (file (read getattr map execute open entrypoint)))
2158. (dontaudit init wificond (process (noatsecure)))
2159. (allow init wificond (process (siginh rlimitinh)))
2160. (typetransition init wificond_exec process wificond)
2161. (allow init wpantund_exec (file (read getattr map execute open)))
2162. (allow init wpantund (process (transition)))
2163. (allow wpantund wpantund_exec (file (read getattr map execute open entrypoint)))
2164. (dontaudit init wpantund (process (noatsecure)))
2165. (allow init wpantund (process (siginh rlimitinh)))
2166. (typetransition init wpantund_exec process wpantund)
2167. (allow init zygote_exec (file (read getattr map execute open)))
2168. (allow init zygote (process (transition)))
2169. (allow zygote zygote_exec (file (read getattr map execute open entrypoint)))
2170. (dontaudit init zygote (process (noatsecure)))
2171. (allow init zygote (process (siginh rlimitinh)))
2172. (typetransition init zygote_exec process zygote)
2173. (typetransition zygote tmpfs file zygote_tmpfs)
2174. (allow zygote zygote_tmpfs (file (read write getattr map)))
2175. (allow zygote runtime_event_log_tags_file (file (ioctl read getattr lock map open watch watch_reads)))
2176. (allow zygote self (capability (chown dac_override dac_read_search fowner setgid setuid)))
2177. (allow zygote self (cap_userns (chown dac_override dac_read_search fowner setgid setuid)))
2178. (allow zygote self (capability (setpcap)))
2179. (allow zygote self (cap_userns (setpcap)))
2180. (allow zygote self (process (setcurrent)))
2181. (allow zygote system_server_startup (process (dyntransition)))
2182. (allow zygote appdomain (process (dyntransition)))
2183. (allow zygote webview_zygote (process (dyntransition)))
2184. (allow zygote app_zygote (process (dyntransition)))
2185. (allow zygote appdomain (dir (getattr search)))
2186. (allow zygote appdomain (file (ioctl read getattr lock map open watch watch_reads)))
2187. (allow zygote system_server (process (getpgid setpgid)))
2188. (allow zygote appdomain (process (getpgid setpgid)))
2189. (allow zygote webview_zygote (process (getpgid setpgid)))
2190. (allow zygote app_zygote (process (getpgid setpgid)))
2191. (allow zygote system_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
2192. (allow zygote system_data_file (file (ioctl read getattr lock map open watch watch_reads)))
2193. (allow zygote dalvikcache_data_file (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
2194. (allow zygote dalvikcache_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2195. (allow zygote dalvikcache_data_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2196. (allow zygote resourcecache_data_file (dir (ioctl read write getattr lock open watch watch_reads add_name remove_name search)))
2197. (allow zygote resourcecache_data_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2198. (allow zygote dalvikcache_data_file (file (execute)))
2199. (allow zygote system_data_file (dir (mounton)))
2200. (allow zygote mnt_expand_file (dir (mounton)))
2201. (allow zygote tmpfs (dir (relabelfrom)))
2202. (allow zygote tmpfs (lnk_file (relabelfrom)))
2203. (allow zygote system_data_file (dir (relabelto)))
2204. (allow zygote system_data_file (lnk_file (relabelto)))
2205. (allow zygote mnt_expand_file (dir (read relabelto open search)))
2206. (allow zygote user_profile_data_file (dir (mounton search)))
2207. (allow zygote tmpfs (dir (ioctl read write create getattr setattr lock rename mounton open watch watch_reads add_name remove_name reparent search rmdir)))
2208. (allow zygote media_rw_data_file (dir (getattr search)))
2209. (allow zygote proc_filesystems (file (ioctl read getattr lock map open watch watch_reads)))
2210. (allow zygote tmpfs (lnk_file (create)))
2211. (allow zygote mirror_data_file (dir (ioctl read getattr lock open watch watch_reads search)))
2212. (allow zygote system_data_file (dir (getattr)))
2213. (allow zygote shell_data_file (dir (getattr)))
2214. (allow zygote mnt_expand_file (dir (getattr)))
2215. (allow zygote bluetooth_data_file (dir (getattr)))
2216. (allow zygote nfc_data_file (dir (getattr)))
2217. (allow zygote radio_data_file (dir (getattr)))
2218. (allow zygote app_data_file (dir (getattr)))
2219. (allow zygote privapp_data_file (dir (getattr)))
2220. (allow zygote self (process (execmem)))
2221. (allow zygote zygote_tmpfs (file (execute)))
2222. (allow zygote ashmem_libcutils_device (chr_file (execute)))
2223. (allow zygote idmap_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
2224. (allow zygote dex2oat_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
2225. (allow zygote vendor_overlay_file (dir (ioctl read getattr lock open watch watch_reads search)))
2226. (allow zygote vendor_overlay_file (file (ioctl read getattr lock map open watch watch_reads)))
2227. (allow zygote vendor_overlay_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2228. (allow zygote cgroup (dir (ioctl read write create getattr setattr lock rename open watch watch_reads add_name remove_name reparent search rmdir)))
2229. (allow zygote cgroup (file (ioctl read getattr lock map open watch watch_reads)))
2230. (allow zygote cgroup (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2231. (allow zygote self (capability (sys_admin)))
2232. (allow zygote self (cap_userns (sys_admin)))
2233. (allow zygote pmsg_device (chr_file (getattr)))
2234. (allow zygote debugfs_trace_marker (file (getattr)))
2235. (allow zygote seapp_contexts_file (file (ioctl read getattr lock map open watch watch_reads)))
2236. (allow zygote selinuxfs (dir (ioctl read getattr lock open watch watch_reads search)))
2237. (allow zygote selinuxfs (file (ioctl read getattr lock map open watch watch_reads)))
2238. (allow zygote selinuxfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2239. (allow zygote selinuxfs (file (write lock append map open)))
2240. (allow zygote kernel (security (check_context)))
2241. (allow zygote selinuxfs (dir (ioctl read getattr lock open watch watch_reads search)))
2242. (allow zygote selinuxfs (file (ioctl read getattr lock map open watch watch_reads)))
2243. (allow zygote selinuxfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2244. (allow zygote selinuxfs (file (write lock append map open)))
2245. (allow zygote kernel (security (compute_av)))
2246. (allow zygote self (netlink_selinux_socket (read write create getattr setattr lock relabelfrom relabelto append bind connect listen accept getopt setopt shutdown recvfrom sendto name_bind)))
2247. (allow zygote proc_cpuinfo (file (mounton)))
2248. (allow zygote rootfs (dir (mounton)))
2249. (allow zygote tmpfs (filesystem (mount unmount)))
2250. (allow zygote fuse (filesystem (unmount)))
2251. (allow zygote sdcardfs (filesystem (unmount)))
2252. (allow zygote mnt_user_file (dir (ioctl read write create getattr setattr lock rename mounton open watch watch_reads add_name remove_name reparent search rmdir)))
2253. (allow zygote mnt_user_file (lnk_file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2254. (allow zygote mnt_user_file (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2255. (allow zygote mnt_pass_through_file (dir (ioctl read write create getattr setattr lock rename mounton open watch watch_reads add_name remove_name reparent search rmdir)))
2256. (allow zygote storage_file (dir (mounton search)))
2257. (allow zygote sdcard_type (dir (ioctl read write create getattr setattr lock rename mounton open watch watch_reads add_name remove_name reparent search rmdir)))
2258. (allow zygote sdcard_type (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2259. (allow zygote zygote_exec (file (ioctl read getattr lock map execute open watch watch_reads execute_no_trans)))
2260. (allow zygote statsdw_socket (sock_file (write)))
2261. (allow zygote statsd (unix_dgram_socket (sendto)))
2262. (allow zygote rootfs (dir (ioctl read getattr lock open watch watch_reads search)))
2263. (allow zygote rootfs (file (ioctl read getattr lock map open watch watch_reads)))
2264. (allow zygote rootfs (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2265. (allow zygote system_file (dir (ioctl read getattr lock open watch watch_reads search)))
2266. (allow zygote system_file (file (ioctl read getattr lock map open watch watch_reads)))
2267. (allow zygote system_file (lnk_file (ioctl read getattr lock map open watch watch_reads)))
2268. (allow zygote oemfs (dir (search)))
2269. (allow zygote ion_device (chr_file (ioctl read getattr lock map open watch watch_reads)))
2270. (allow zygote tmpfs (dir (ioctl read getattr lock open watch watch_reads search)))
2271. (allow zygote same_process_hal_file (file (read getattr map execute open)))
2272. (allow zygote overlay_prop (file (read getattr map open)))
2273. (allow zygote exported_overlay_prop (file (read getattr map open)))
2274. (allow zygote device_config_runtime_native_prop (file (read getattr map open)))
2275. (allow zygote device_config_runtime_native_boot_prop (file (read getattr map open)))
2276. (allow zygote device_config_window_manager_native_boot_prop (file (read getattr map open)))
2277. (dontaudit zygote self (capability (sys_resource)))
2278. (dontaudit zygote self (cap_userns (sys_resource)))
2279. (dontaudit zygote media_rw_data_file (dir (setattr)))
2280. (allow zygote system_server (fd (use)))
2281. (allow zygote system_unsolzygote_socket (sock_file (write)))
2282. (allow zygote system_server (unix_dgram_socket (sendto)))
2283. (allow zygote media_variant_prop (file (read getattr map open)))
2284. ;;* lmx 219 system/sepolicy/private/zygote.te
2285.  
2286. (neverallow zygote base_typeattr_743 (process (dyntransition)))
2287. ;;* lme
2288.  
2289. ;;* lmx 225 system/sepolicy/private/zygote.te
2290.  
2291. (neverallow zygote base_typeattr_744 (file (execute execute_no_trans)))
2292. ;;* lme
2293.  
2294. ;;* lmx 233 system/sepolicy/private/zygote.te
2295.  
2296. (neverallow zygote bluetooth_a2dp_offload_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2297. (neverallow zygote bluetooth_audio_hal_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2298. (neverallow zygote bluetooth_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2299. (neverallow zygote exported_bluetooth_prop (file (ioctl read write create getattr setattr lock append map unlink rename open watch watch_reads)))
2300. ;;* lme
2301.  
2302. ;;* lmx 239 system/sepolicy/private/zygote.te
2303.  
2304. (neverallow zygote app_data_file (dir (ioctl read write create setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
2305. (neverallow zygote privapp_data_file (dir (ioctl read write create setattr lock relabelfrom relabelto append map unlink link rename execute quotaon mounton audit_access open execmod watch watch_mount watch_sb watch_with_perm watch_reads add_name remove_name reparent search rmdir)))
2306. ;;* lme
2307.  
2308. (typetransition system_server system_data_file sock_file "unsolzygotesocket" system_unsolzygote_socket)
2309. (typetransition system_server system_data_file sock_file "ndebugsocket" system_ndebug_socket)
2310. (typeattribute base_typeattr_744)
2311. (typeattributeset base_typeattr_744 (and (data_file_type ) (not (dalvikcache_data_file ))))
2312. (typeattribute base_typeattr_743)
2313. (typeattributeset base_typeattr_743 (not (appdomain app_zygote webview_zygote system_server_startup ) ))
2314. (typeattribute base_typeattr_742)
2315. (typeattributeset base_typeattr_742 (and (domain ) (not (crash_dump runas_app simpleperf vzwomatrigger_app ))))
2316. (typeattribute base_typeattr_741)
2317. (typeattributeset base_typeattr_741 (and (appdomain ) (not (runas_app shell simpleperf vzwomatrigger_app ))))
2318. (typeattribute base_typeattr_740)
2319. (typeattributeset base_typeattr_740 (and (domain ) (not (vzwomatrigger_app ))))
2320. (typeattribute base_typeattr_739)
2321. (typeattributeset base_typeattr_739 (and (vzwomatrigger_app ) (not (runas_app shell simpleperf ))))
2322. (typeattribute base_typeattr_738)
2323. (typeattributeset base_typeattr_738 (and (domain ) (not (crash_dump runas_app simpleperf untrusted_app_29 ))))
2324. (typeattribute base_typeattr_737)
2325. (typeattributeset base_typeattr_737 (and (appdomain ) (not (runas_app shell simpleperf untrusted_app_29 ))))
2326. (typeattribute base_typeattr_736)
2327. (typeattributeset base_typeattr_736 (and (domain ) (not (untrusted_app_29 ))))
2328. (typeattribute base_typeattr_735)
2329. (typeattributeset base_typeattr_735 (and (untrusted_app_29 ) (not (runas_app shell simpleperf ))))
2330. (typeattribute base_typeattr_734)
2331. (typeattributeset base_typeattr_734 (and (domain ) (not (crash_dump runas_app simpleperf untrusted_app_27 ))))
2332. (typeattribute base_typeattr_733)
2333. (typeattributeset base_typeattr_733 (and (appdomain ) (not (runas_app shell simpleperf untrusted_app_27 ))))
2334. (typeattribute base_typeattr_732)
2335. (typeattributeset base_typeattr_732 (and (domain ) (not (untrusted_app_27 ))))
2336. (typeattribute base_typeattr_731)
2337. (typeattributeset base_typeattr_731 (and (untrusted_app_27 ) (not (runas_app shell simpleperf ))))
2338. (typeattribute base_typeattr_730)
2339. (typeattributeset base_typeattr_730 (and (domain ) (not (crash_dump runas_app simpleperf untrusted_app_25 ))))
2340. (typeattribute base_typeattr_729)
2341. (typeattributeset base_typeattr_729 (and (appdomain ) (not (runas_app shell simpleperf untrusted_app_25 ))))
2342. (typeattribute base_typeattr_728)
2343. (typeattributeset base_typeattr_728 (and (domain ) (not (untrusted_app_25 ))))
2344. (typeattribute base_typeattr_727)
2345. (typeattributeset base_typeattr_727 (and (untrusted_app_25 ) (not (runas_app shell simpleperf ))))
2346. (typeattribute base_typeattr_726)
2347. (typeattributeset base_typeattr_726 (and (domain ) (not (crash_dump runas_app simpleperf untrusted_app ))))
2348. (typeattribute base_typeattr_725)
2349. (typeattributeset base_typeattr_725 (and (appdomain ) (not (runas_app shell simpleperf untrusted_app ))))
2350. (typeattribute base_typeattr_724)
2351. (typeattributeset base_typeattr_724 (and (domain ) (not (untrusted_app ))))
2352. (typeattribute base_typeattr_723)
2353. (typeattributeset base_typeattr_723 (and (untrusted_app ) (not (runas_app shell simpleperf ))))
2354. (typeattribute base_typeattr_722)
2355. (typeattributeset base_typeattr_722 (and (domain ) (not (crash_dump runas_app simpleperf traceur_app ))))
2356. (typeattribute base_typeattr_721)
2357. (typeattributeset base_typeattr_721 (and (appdomain ) (not (runas_app shell simpleperf traceur_app ))))
2358. (typeattribute base_typeattr_720)
2359. (typeattributeset base_typeattr_720 (and (domain ) (not (traceur_app ))))
2360. (typeattribute base_typeattr_719)
2361. (typeattributeset base_typeattr_719 (and (traceur_app ) (not (runas_app shell simpleperf ))))
2362. (typeattribute base_typeattr_718)
2363. (typeattributeset base_typeattr_718 (and (data_file_type ) (not (packages_list_file zoneinfo_data_file ))))
2364. (typeattribute base_typeattr_717)
2365. (typeattributeset base_typeattr_717 (and (data_file_type ) (not (system_data_root_file system_data_file vendor_data_file apk_data_file dalvikcache_data_file user_profile_data_file bootstat_data_file zoneinfo_data_file update_engine_data_file update_engine_log_data_file system_app_data_file backup_data_file ))))
2366. (typeattribute base_typeattr_716)
2367. (typeattributeset base_typeattr_716 (and (data_file_type ) (not (trace_data_file zoneinfo_data_file perfetto_traces_data_file ))))
2368. (typeattribute base_typeattr_715)
2369. (typeattributeset base_typeattr_715 (and (domain ) (not (dumpstate system_server traceur_app atrace system_suspend ))))
2370. (typeattribute base_typeattr_714)
2371. (typeattributeset base_typeattr_714 (and (domain ) (not (system_suspend ))))
2372. (typeattribute base_typeattr_713)
2373. (typeattributeset base_typeattr_713 (and (dev_type ) (not (frp_block_device ))))
2374. (typeattribute base_typeattr_712)
2375. (typeattributeset base_typeattr_712 (and (domain ) (not (flags_health_check init system_server ))))
2376. (typeattribute base_typeattr_711)
2377. (typeattributeset base_typeattr_711 (and (domain ) (not (app_zygote init system_server webview_zygote zygote ))))
2378. (typeattribute base_typeattr_710)
2379. (typeattributeset base_typeattr_710 (and (domain ) (not (crash_dump init system_server ))))
2380. (typeattribute base_typeattr_709)
2381. (typeattributeset base_typeattr_709 (and (file_type ) (not (logcat_exec toolbox_exec ))))
2382. (typeattribute base_typeattr_708)
2383. (typeattributeset base_typeattr_708 (and (service_manager_type ) (not (apex_service default_android_service dnsresolver_service dumpstate_service iorapd_service installd_service lpdump_service netd_service system_suspend_control_service virtual_touchpad_service vold_service vr_hwc_service ))))
2384. (typeattribute base_typeattr_707)
2385. (typeattributeset base_typeattr_707 (and (domain ) (not (crash_dump runas_app simpleperf system_app ))))
2386. (typeattribute base_typeattr_706)
2387. (typeattributeset base_typeattr_706 (and (appdomain ) (not (runas_app shell simpleperf system_app ))))
2388. (typeattribute base_typeattr_705)
2389. (typeattributeset base_typeattr_705 (and (domain ) (not (system_app ))))
2390. (typeattribute base_typeattr_704)
2391. (typeattributeset base_typeattr_704 (and (system_app ) (not (runas_app shell simpleperf ))))
2392. (typeattribute base_typeattr_703)
2393. (typeattributeset base_typeattr_703 (and (domain ) (not (surfaceflinger ))))
2394. (typeattribute base_typeattr_702)
2395. (typeattributeset base_typeattr_702 (and (domain ) (not (storaged ))))
2396. (typeattribute base_typeattr_701)
2397. (typeattributeset base_typeattr_701 (and (domain ) (not (dumpstate gmscore_app gpuservice incidentd platform_app priv_app shell statsd surfaceflinger system_app system_server traceur_app stats ))))
2398. (typeattribute base_typeattr_700)
2399. (typeattributeset base_typeattr_700 (and (domain ) (not (statsd ))))
2400. (typeattribute base_typeattr_699)
2401. (typeattributeset base_typeattr_699 (and (domain ) (not (simpleperf ))))
2402. (typeattribute base_typeattr_698)
2403. (typeattributeset base_typeattr_698 (and (simpleperf ) (not (runas_app shell simpleperf ))))
2404. (typeattribute base_typeattr_697)
2405. (typeattributeset base_typeattr_697 (and (untrusted_app_all ) (not (runas_app ))))
2406. (typeattribute base_typeattr_696)
2407. (typeattributeset base_typeattr_696 (and (domain ) (not (crash_dump runas_app shell simpleperf ))))
2408. (typeattribute base_typeattr_695)
2409. (typeattributeset base_typeattr_695 (and (domain ) (not (shell ))))
2410. (typeattribute base_typeattr_694)
2411. (typeattributeset base_typeattr_694 (and (shell ) (not (runas_app shell simpleperf ))))
2412. (typeattribute base_typeattr_693)
2413. (typeattributeset base_typeattr_693 (and (domain ) (not (crash_dump runas_app shared_relro simpleperf ))))
2414. (typeattribute base_typeattr_692)
2415. (typeattributeset base_typeattr_692 (and (appdomain ) (not (runas_app shared_relro shell simpleperf ))))
2416. (typeattribute base_typeattr_691)
2417. (typeattributeset base_typeattr_691 (and (domain ) (not (shared_relro ))))
2418. (typeattribute base_typeattr_690)
2419. (typeattributeset base_typeattr_690 (and (shared_relro ) (not (runas_app shell simpleperf ))))
2420. (typeattribute base_typeattr_689)
2421. (typeattributeset base_typeattr_689 (and (domain ) (not (crash_dump runas_app secure_element simpleperf ))))
2422. (typeattribute base_typeattr_688)
2423. (typeattributeset base_typeattr_688 (and (appdomain ) (not (runas_app secure_element shell simpleperf ))))
2424. (typeattribute base_typeattr_687)
2425. (typeattributeset base_typeattr_687 (and (domain ) (not (secure_element ))))
2426. (typeattribute base_typeattr_686)
2427. (typeattributeset base_typeattr_686 (and (secure_element ) (not (runas_app shell simpleperf ))))
2428. (typeattribute base_typeattr_685)
2429. (typeattributeset base_typeattr_685 (and (domain ) (not (crash_dump runas_app simpleperf ))))
2430. (typeattribute base_typeattr_684)
2431. (typeattributeset base_typeattr_684 (and (appdomain ) (not (runas_app shell simpleperf ))))
2432. (typeattribute base_typeattr_683)
2433. (typeattributeset base_typeattr_683 (and (domain ) (not (runas_app ))))
2434. (typeattribute base_typeattr_682)
2435. (typeattributeset base_typeattr_682 (and (runas_app ) (not (runas_app shell simpleperf ))))
2436. (typeattribute base_typeattr_681)
2437. (typeattributeset base_typeattr_681 (and (file_type ) (not (recovery_data_file ))))
2438. (typeattribute base_typeattr_680)
2439. (typeattributeset base_typeattr_680 (and (domain ) (not (init radio ))))
2440. (typeattribute base_typeattr_679)
2441. (typeattributeset base_typeattr_679 (and (domain ) (not (crash_dump radio runas_app simpleperf ))))
2442. (typeattribute base_typeattr_678)
2443. (typeattributeset base_typeattr_678 (and (appdomain ) (not (radio runas_app shell simpleperf ))))
2444. (typeattribute base_typeattr_677)
2445. (typeattributeset base_typeattr_677 (and (radio ) (not (runas_app shell simpleperf ))))
2446. (typeattribute base_typeattr_676)
2447. (typeattributeset base_typeattr_676 (and (domain ) (not (crash_dump priv_app runas_app simpleperf ))))
2448. (typeattribute base_typeattr_675)
2449. (typeattributeset base_typeattr_675 (and (appdomain ) (not (priv_app runas_app shell simpleperf ))))
2450. (typeattribute base_typeattr_674)
2451. (typeattributeset base_typeattr_674 (and (domain ) (not (priv_app ))))
2452. (typeattribute base_typeattr_673)
2453. (typeattributeset base_typeattr_673 (and (priv_app ) (not (runas_app shell simpleperf ))))
2454. (typeattribute base_typeattr_672)
2455. (typeattributeset base_typeattr_672 (and (domain ) (not (crash_dump platform_app runas_app simpleperf ))))
2456. (typeattribute base_typeattr_671)
2457. (typeattributeset base_typeattr_671 (and (appdomain ) (not (platform_app runas_app shell simpleperf ))))
2458. (typeattribute base_typeattr_670)
2459. (typeattributeset base_typeattr_670 (and (domain ) (not (platform_app ))))
2460. (typeattribute base_typeattr_669)
2461. (typeattributeset base_typeattr_669 (and (platform_app ) (not (runas_app shell simpleperf ))))
2462. (typeattribute base_typeattr_668)
2463. (typeattributeset base_typeattr_668 (and (domain ) (not (crash_dump runas_app simpleperf permissioncontroller_app ))))
2464. (typeattribute base_typeattr_667)
2465. (typeattributeset base_typeattr_667 (and (appdomain ) (not (runas_app shell simpleperf permissioncontroller_app ))))
2466. (typeattribute base_typeattr_666)
2467. (typeattributeset base_typeattr_666 (and (domain ) (not (permissioncontroller_app ))))
2468. (typeattribute base_typeattr_665)
2469. (typeattributeset base_typeattr_665 (and (permissioncontroller_app ) (not (runas_app shell simpleperf ))))
2470. (typeattribute base_typeattr_664)
2471. (typeattributeset base_typeattr_664 (and (data_file_type ) (not (zoneinfo_data_file perfetto_traces_data_file ))))
2472. (typeattribute base_typeattr_663)
2473. (typeattributeset base_typeattr_663 (and (system_data_file ) (not (perfetto_traces_data_file ))))
2474. (typeattribute base_typeattr_662)
2475. (typeattributeset base_typeattr_662 (and (data_file_type ) (not (system_data_root_file system_data_file vendor_data_file zoneinfo_data_file perfetto_traces_data_file ))))
2476. (typeattribute base_typeattr_661)
2477. (typeattributeset base_typeattr_661 (and (domain ) (not (crash_dump nfc runas_app simpleperf ))))
2478. (typeattribute base_typeattr_660)
2479. (typeattributeset base_typeattr_660 (and (appdomain ) (not (nfc runas_app shell simpleperf ))))
2480. (typeattribute base_typeattr_659)
2481. (typeattributeset base_typeattr_659 (and (domain ) (not (nfc ))))
2482. (typeattribute base_typeattr_658)
2483. (typeattributeset base_typeattr_658 (and (nfc ) (not (runas_app shell simpleperf ))))
2484. (typeattribute base_typeattr_657)
2485. (typeattributeset base_typeattr_657 (and (domain ) (not (crash_dump network_stack runas_app simpleperf ))))
2486. (typeattribute base_typeattr_656)
2487. (typeattributeset base_typeattr_656 (and (appdomain ) (not (network_stack runas_app shell simpleperf ))))
2488. (typeattribute base_typeattr_655)
2489. (typeattributeset base_typeattr_655 (and (domain ) (not (network_stack ))))
2490. (typeattribute base_typeattr_654)
2491. (typeattributeset base_typeattr_654 (and (network_stack ) (not (runas_app shell simpleperf ))))
2492. (typeattribute base_typeattr_653)
2493. (typeattributeset base_typeattr_653 (and (domain ) (not (crash_dump runas_app simpleperf mediaprovider_app ))))
2494. (typeattribute base_typeattr_652)
2495. (typeattributeset base_typeattr_652 (and (appdomain ) (not (runas_app shell simpleperf mediaprovider_app ))))
2496. (typeattribute base_typeattr_651)
2497. (typeattributeset base_typeattr_651 (and (domain ) (not (mediaprovider_app ))))
2498. (typeattribute base_typeattr_650)
2499. (typeattributeset base_typeattr_650 (and (mediaprovider_app ) (not (runas_app shell simpleperf ))))
2500. (typeattribute base_typeattr_649)
2501. (typeattributeset base_typeattr_649 (and (domain ) (not (crash_dump mediaprovider runas_app simpleperf ))))
2502. (typeattribute base_typeattr_648)
2503. (typeattributeset base_typeattr_648 (and (appdomain ) (not (mediaprovider runas_app shell simpleperf ))))
2504. (typeattribute base_typeattr_647)
2505. (typeattributeset base_typeattr_647 (and (domain ) (not (mediaprovider ))))
2506. (typeattribute base_typeattr_646)
2507. (typeattributeset base_typeattr_646 (and (mediaprovider ) (not (runas_app shell simpleperf ))))
2508. (typeattribute base_typeattr_645)
2509. (typeattributeset base_typeattr_645 (and (domain ) (not (dumpstate servicemanager shell lpdumpd ))))
2510. (typeattribute base_typeattr_644)
2511. (typeattributeset base_typeattr_644 (and (domain ) (not (dumpstate shell lpdumpd ))))
2512. (typeattribute base_typeattr_643)
2513. (typeattributeset base_typeattr_643 (and (domain ) (not (lpdumpd ))))
2514. (typeattribute base_typeattr_642)
2515. (typeattributeset base_typeattr_642 (and (domain ) (not (dumpstate incidentd init ))))
2516. (typeattribute base_typeattr_641)
2517. (typeattributeset base_typeattr_641 (and (appdomain ) (not (bluetooth platform_app priv_app radio shell system_app ))))
2518. (typeattribute base_typeattr_640)
2519. (typeattributeset base_typeattr_640 (and (domain ) (not (appdomain bootstat dumpstate init logd servicemanager surfaceflinger system_server zygote ))))
2520. (typeattribute base_typeattr_639)
2521. (typeattributeset base_typeattr_639 (and (file_type ) (not (runtime_event_log_tags_file ))))
2522. (typeattribute base_typeattr_638)
2523. (typeattributeset base_typeattr_638 (not (init lmkd vendor_init )))
2524. (typeattribute base_typeattr_637)
2525. (typeattributeset base_typeattr_637 (and (domain ) (not (init linkerconfig ))))
2526. (typeattribute base_typeattr_636)
2527. (typeattributeset base_typeattr_636 (and (sysfs_type ) (not (sysfs_transparent_hugepage sysfs_usb sysfs_devices_system_cpu ))))
2528. (typeattribute base_typeattr_635)
2529. (typeattributeset base_typeattr_635 (and (service_manager_type ) (not (activity_service display_service webviewupdate_service ))))
2530. (typeattribute base_typeattr_634)
2531. (typeattributeset base_typeattr_634 (and (domain ) (not (crash_dump isolated_app runas_app simpleperf ))))
2532. (typeattribute base_typeattr_633)
2533. (typeattributeset base_typeattr_633 (and (appdomain ) (not (isolated_app runas_app shell simpleperf ))))
2534. (typeattribute base_typeattr_632)
2535. (typeattributeset base_typeattr_632 (and (isolated_app ) (not (runas_app shell simpleperf ))))
2536. (typeattribute base_typeattr_631)
2537. (typeattributeset base_typeattr_631 (and (domain ) (not (incidentd init system_server vold ))))
2538. (typeattribute base_typeattr_630)
2539. (typeattributeset base_typeattr_630 (and (domain ) (not (incidentd init vold ))))
2540. (typeattribute base_typeattr_629)
2541. (typeattributeset base_typeattr_629 (and (domain ) (not (incidentd ))))
2542. (typeattribute base_typeattr_628)
2543. (typeattributeset base_typeattr_628 (and (domain ) (not (incident_helper incidentd shell ))))
2544. (typeattribute base_typeattr_627)
2545. (typeattributeset base_typeattr_627 (and (domain ) (not (dumpstate incident shell su ))))
2546. (typeattribute base_typeattr_626)
2547. (typeattributeset base_typeattr_626 (and (domain ) (not (hwservicemanager ))))
2548. (typeattribute base_typeattr_625)
2549. (typeattributeset base_typeattr_625 (and (domain ) (not (init gsid ))))
2550. (typeattribute base_typeattr_624)
2551. (typeattributeset base_typeattr_624 (and (domain ) (not (fastbootd init vold gsid ))))
2552. (typeattribute base_typeattr_623)
2553. (typeattributeset base_typeattr_623 (and (domain ) (not (fastbootd init recovery vold gsid ))))
2554. (typeattribute base_typeattr_622)
2555. (typeattributeset base_typeattr_622 (and (domain ) (not (update_engine_common fastbootd init recovery gsid ))))
2556. (typeattribute base_typeattr_621)
2557. (typeattributeset base_typeattr_621 (and (domain ) (not (gsid ))))
2558. (typeattribute base_typeattr_620)
2559. (typeattributeset base_typeattr_620 (and (domain ) (not (gpuservice ))))
2560. (typeattribute base_typeattr_619)
2561. (typeattributeset base_typeattr_619 (and (domain ) (not (crash_dump gmscore_app runas_app simpleperf ))))
2562. (typeattribute base_typeattr_618)
2563. (typeattributeset base_typeattr_618 (and (appdomain ) (not (gmscore_app runas_app shell simpleperf ))))
2564. (typeattribute base_typeattr_617)
2565. (typeattributeset base_typeattr_617 (and (domain ) (not (gmscore_app ))))
2566. (typeattribute base_typeattr_616)
2567. (typeattributeset base_typeattr_616 (and (gmscore_app ) (not (runas_app shell simpleperf ))))
2568. (typeattribute base_typeattr_615)
2569. (typeattributeset base_typeattr_615 (and (domain ) (not (crash_dump ephemeral_app runas_app simpleperf ))))
2570. (typeattribute base_typeattr_614)
2571. (typeattributeset base_typeattr_614 (and (appdomain ) (not (ephemeral_app runas_app shell simpleperf ))))
2572. (typeattribute base_typeattr_613)
2573. (typeattributeset base_typeattr_613 (and (domain ) (not (ephemeral_app ))))
2574. (typeattribute base_typeattr_612)
2575. (typeattributeset base_typeattr_612 (and (ephemeral_app ) (not (runas_app shell simpleperf ))))
2576. (typeattribute base_typeattr_611)
2577. (typeattributeset base_typeattr_611 (and (domain ) (not (dumpstate init system_server vendor_init ))))
2578. (typeattribute base_typeattr_610)
2579. (typeattributeset base_typeattr_610 (and (domain ) (not (init installd zygote ))))
2580. (typeattribute base_typeattr_609)
2581. (typeattributeset base_typeattr_609 (and (domain ) (not (hal_bootctl_server fastbootd healthd init kernel recovery tee ueventd uncrypt gsid ))))
2582. (typeattribute base_typeattr_608)
2583. (typeattributeset base_typeattr_608 (and (fs_type ) (not (sdcard_type ))))
2584. (typeattribute base_typeattr_607)
2585. (typeattributeset base_typeattr_607 (and (domain ) (not (apexd init kernel recovery update_engine vold zygote otapreopt_chroot ))))
2586. (typeattribute base_typeattr_606)
2587. (typeattributeset base_typeattr_606 (not (apexd dnsmasq dumpstate init installd iorap_inode2filename iorap_prefetcherd lmkd netd recovery rss_hwm_reset sdcardd tee traced_perf traced_probes ueventd uncrypt vendor_init vold vold_prepare_subdirs zygote migrate_legacy_obb_data postinstall_dexopt ) ))
2588. (typeattribute base_typeattr_605)
2589. (typeattributeset base_typeattr_605 (not (apexd dnsmasq dumpstate init installd lmkd netd recovery rss_hwm_reset sdcardd tee ueventd uncrypt vendor_init vold vold_prepare_subdirs zygote migrate_legacy_obb_data postinstall_dexopt ) ))
2590. (typeattribute base_typeattr_604)
2591. (typeattributeset base_typeattr_604 (and (domain ) (not (init installd zygote art_apex_boot_integrity art_apex_postinstall cppreopts dex2oat otapreopt_slot postinstall_dexopt ))))
2592. (typeattribute base_typeattr_603)
2593. (typeattributeset base_typeattr_603 (and (file_type ) (not (exec_type system_file_type vendor_file_type system_lib_file system_linker_exec postinstall_file ))))
2594. (typeattribute base_typeattr_602)
2595. (typeattributeset base_typeattr_602 (and (domain ) (not (appdomain app_zygote iorap_prefetcherd shell webview_zygote zygote system_server_startup ))))
2596. (typeattribute base_typeattr_601)
2597. (typeattributeset base_typeattr_601 (and (fs_type ) (not (rootfs ))))
2598. (typeattribute base_typeattr_600)
2599. (typeattributeset base_typeattr_600 (and (domain ) (not (appdomain bootanim recovery ))))
2600. (typeattribute base_typeattr_599)
2601. (typeattributeset base_typeattr_599 (and (domain ) (not (init installd system_server ))))
2602. (typeattribute base_typeattr_598)
2603. (typeattributeset base_typeattr_598 (and (domain ) (not (apexd init installd iorap_inode2filename kernel priv_app system_app system_server ))))
2604. (typeattribute base_typeattr_597)
2605. (typeattributeset base_typeattr_597 (and (domain ) (not (apexd init installd iorap_inode2filename system_server ))))
2606. (typeattribute base_typeattr_596)
2607. (typeattributeset base_typeattr_596 (and (domain ) (not (appdomain app_zygote installd iorap_prefetcherd rs ))))
2608. (typeattribute base_typeattr_595)
2609. (typeattributeset base_typeattr_595 (and (domain ) (not (appdomain installd rs ))))
2610. (typeattribute base_typeattr_594)
2611. (typeattributeset base_typeattr_594 (and (domain ) (not (appdomain adbd app_zygote installd iorap_inode2filename iorap_prefetcherd profman rs runas system_server zygote dexoptanalyzer viewcompiler ))))
2612. (typeattribute base_typeattr_593)
2613. (typeattributeset base_typeattr_593 (and (domain ) (not (gmscore_app priv_app ))))
2614. (typeattribute base_typeattr_592)
2615. (typeattributeset base_typeattr_592 (and (domain ) (not (dumpstate system_server vold storaged ))))
2616. (typeattribute base_typeattr_591)
2617. (typeattributeset base_typeattr_591 (and (domain ) (not (appdomain coredomain ))))
2618. (typeattribute base_typeattr_590)
2619. (typeattributeset base_typeattr_590 (and (domain ) (not (appdomain rs ))))
2620. (typeattribute base_typeattr_589)
2621. (typeattributeset base_typeattr_589 (and (domain ) (not (init derive_sdk ))))
2622. (typeattribute base_typeattr_588)
2623. (typeattributeset base_typeattr_588 (and (domain ) (not (apexd crash_dump init kernel keystore llkd logd ueventd vendor_init vold bpfloader ))))
2624. (typeattribute base_typeattr_587)
2625. (typeattributeset base_typeattr_587 (and (coredomain ) (not (adbd init mediaprovider system_server ))))
2626. (typeattribute base_typeattr_586)
2627. (typeattributeset base_typeattr_586 (and (coredomain ) (not (init system_server ))))
2628. (typeattribute base_typeattr_585)
2629. (typeattributeset base_typeattr_585 (and (coredomain ) (not (bootstat charger dumpstate healthd init logd logpersist recovery_persist recovery_refresh shell system_server ))))
2630. (typeattribute base_typeattr_584)
2631. (typeattributeset base_typeattr_584 (and (coredomain ) (not (dumpstate init shell system_server traced_probes traceur_app atrace ))))
2632. (typeattribute base_typeattr_583)
2633. (typeattributeset base_typeattr_583 (and (coredomain ) (not (dumpstate init system_server ))))
2634. (typeattribute base_typeattr_582)
2635. (typeattributeset base_typeattr_582 (and (coredomain ) (not (fsck init ueventd ))))
2636. (typeattribute base_typeattr_581)
2637. (typeattributeset base_typeattr_581 (and (coredomain ) (not (init vold ))))
2638. (typeattribute base_typeattr_580)
2639. (typeattributeset base_typeattr_580 (and (coredomain ) (not (appdomain app_zygote idmap init installd iorap_inode2filename iorap_prefetcherd rs system_server traced_perf webview_zygote zygote postinstall_dexopt ))))
2640. (typeattribute base_typeattr_579)
2641. (typeattributeset base_typeattr_579 (and (coredomain ) (not (appdomain idmap init installd mediaserver rs system_server traced_perf dex2oat postinstall_dexopt ))))
2642. (typeattribute base_typeattr_578)
2643. (typeattributeset base_typeattr_578 (and (coredomain ) (not (appdomain idmap init installd rs system_server traced_perf dex2oat postinstall_dexopt ))))
2644. (typeattribute base_typeattr_577)
2645. (typeattributeset base_typeattr_577 (and (coredomain ) (not (init ueventd vold ))))
2646. (typeattribute base_typeattr_576)
2647. (typeattributeset base_typeattr_576 (and (domain ) (not (init bpfloader ))))
2648. (typeattribute base_typeattr_575)
2649. (typeattributeset base_typeattr_575 (and (domain ) (not (netd system_server bpfloader ))))
2650. (typeattribute base_typeattr_574)
2651. (typeattributeset base_typeattr_574 (and (domain ) (not (netd netutils_wrapper system_server bpfloader ))))
2652. (typeattribute base_typeattr_573)
2653. (typeattributeset base_typeattr_573 (and (domain ) (not (init vendor_init bpfloader ))))
2654. (typeattribute base_typeattr_572)
2655. (typeattributeset base_typeattr_572 (and (domain ) (not (bpfloader ))))
2656. (typeattribute base_typeattr_571)
2657. (typeattributeset base_typeattr_571 (and (domain ) (not (init vendor_init boringssl_self_test vendor_boringssl_self_test ))))
2658. (typeattribute base_typeattr_570)
2659. (typeattributeset base_typeattr_570 (and (domain ) (not (bluetooth init ))))
2660. (typeattribute base_typeattr_569)
2661. (typeattributeset base_typeattr_569 (and (domain ) (not (bluetooth crash_dump runas_app simpleperf ))))
2662. (typeattribute base_typeattr_568)
2663. (typeattributeset base_typeattr_568 (and (appdomain ) (not (bluetooth runas_app shell simpleperf ))))
2664. (typeattribute base_typeattr_567)
2665. (typeattributeset base_typeattr_567 (and (domain ) (not (bluetooth ))))
2666. (typeattribute base_typeattr_566)
2667. (typeattributeset base_typeattr_566 (and (bluetooth ) (not (runas_app shell simpleperf ))))
2668. (typeattribute base_typeattr_565)
2669. (typeattributeset base_typeattr_565 (and (fs_type file_type ) (not (shell_exec blkid_exec ))))
2670. (typeattribute base_typeattr_564)
2671. (typeattributeset base_typeattr_564 (and (domain ) (not (automotive_display_service ))))
2672. (typeattribute base_typeattr_563)
2673. (typeattributeset base_typeattr_563 (and (domain ) (not (audioserver ))))
2674. (typeattribute base_typeattr_562)
2675. (typeattributeset base_typeattr_562 (and (service_manager_type ) (not (apex_service default_android_service dnsresolver_service dumpstate_service iorapd_service incident_service installd_service lpdump_service netd_service vold_service stats_service ))))
2676. (typeattribute base_typeattr_561)
2677. (typeattributeset base_typeattr_561 (and (domain ) (not (app_zygote ))))
2678. (typeattribute base_typeattr_560)
2679. (typeattributeset base_typeattr_560 (and (domain ) (not (app_zygote logd system_server ))))
2680. (typeattribute base_typeattr_559)
2681. (typeattributeset base_typeattr_559 (and (service_manager_type ) (not (activity_service webviewupdate_service ))))
2682. (typeattribute base_typeattr_558)
2683. (typeattributeset base_typeattr_558 (and (domain ) (not (zygote ))))
2684. (typeattribute base_typeattr_557)
2685. (typeattributeset base_typeattr_557 (and (domain ) (not (crash_dump ))))
2686. (typeattribute base_typeattr_556)
2687. (typeattributeset base_typeattr_556 (and (domain ) (not (isolated_app ))))
2688. (typeattribute base_typeattr_555)
2689. (typeattributeset base_typeattr_555 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (untrusted_app_25 ))))
2690. (typeattribute base_typeattr_554)
2691. (typeattributeset base_typeattr_554 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (mediaprovider_app ))))
2692. (typeattribute base_typeattr_553)
2693. (typeattributeset base_typeattr_553 (and (fs_type file_type ) (not (sdcard_type user_profile_data_file media_rw_data_file app_data_file privapp_data_file app_exec_data_file ))))
2694. (typeattribute base_typeattr_552)
2695. (typeattributeset base_typeattr_552 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (untrusted_app_29 untrusted_app_27 untrusted_app_25 ))))
2696. (typeattribute base_typeattr_551)
2697. (typeattributeset base_typeattr_551 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (untrusted_app_27 untrusted_app_25 ))))
2698. (typeattribute base_typeattr_550)
2699. (typeattributeset base_typeattr_550 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (runas_app untrusted_app_27 untrusted_app_25 ))))
2700. (typeattribute base_typeattr_549)
2701. (typeattributeset base_typeattr_549 (and (untrusted_app_all ephemeral_app isolated_app mediaprovider untrusted_app untrusted_app_29 untrusted_app_27 untrusted_app_25 mediaprovider_app ) (not (mediaprovider ))))
2702. (typeattribute base_typeattr_548)
2703. (typeattributeset base_typeattr_548 (and (debugfs_type ) (not (debugfs_kcov ))))
2704. (typeattribute base_typeattr_547)
2705. (typeattributeset base_typeattr_547 (and (appdomain ) (not (mediaprovider_app ))))
2706. (typeattribute base_typeattr_546)
2707. (typeattributeset base_typeattr_546 (and (domain ) (not (appdomain crash_dump rs ))))
2708. (typeattribute base_typeattr_545)
2709. (typeattributeset base_typeattr_545 (and (domain ) (not (apexd init vold_prepare_subdirs ))))
2710. (typeattribute base_typeattr_544)
2711. (typeattributeset base_typeattr_544 (and (domain ) (not (apexd init kernel ))))
2712. (typeattribute base_typeattr_543)
2713. (typeattributeset base_typeattr_543 (and (domain ) (not (crash_dump shell ))))
2714. (typeattribute base_typeattr_542)
2715. (typeattributeset base_typeattr_542 (and (domain ) (not (wificond ))))
2716. (typeattribute base_typeattr_541)
2717. (typeattributeset base_typeattr_541 (and (domain ) (not (vr_hwc ))))
2718. (typeattribute base_typeattr_540)
2719. (typeattributeset base_typeattr_540 (and (domain ) (not (hal_bootctl_server hal_health_storage_server hal_keymaster_server system_suspend_server healthd hwservicemanager iorapd_service servicemanager system_server ))))
2720. (typeattribute base_typeattr_539)
2721. (typeattributeset base_typeattr_539 (and (domain ) (not (apexd system_server update_verifier vdc vold ))))
2722. (typeattribute base_typeattr_538)
2723. (typeattributeset base_typeattr_538 (and (domain ) (not (init kernel vold vold_prepare_subdirs ))))
2724. (typeattribute base_typeattr_537)
2725. (typeattributeset base_typeattr_537 (and (domain ) (not (kernel vold vold_prepare_subdirs ))))
2726. (typeattribute base_typeattr_536)
2727. (typeattributeset base_typeattr_536 (and (domain ) (not (init vold vold_prepare_subdirs ))))
2728. (typeattribute base_typeattr_535)
2729. (typeattributeset base_typeattr_535 (and (domain ) (not (vold vold_prepare_subdirs ))))
2730. (typeattribute base_typeattr_534)
2731. (typeattributeset base_typeattr_534 (and (sysfs_type ) (not (sysfs_batteryinfo ))))
2732. (typeattribute base_typeattr_533)
2733. (typeattributeset base_typeattr_533 (and (domain ) (not (virtual_touchpad ))))
2734. (typeattribute base_typeattr_532)
2735. (typeattributeset base_typeattr_532 (and (coredomain ) (not (init modprobe ))))
2736. (typeattribute base_typeattr_531)
2737. (typeattributeset base_typeattr_531 (and (domain ) (not (init logd su vendor_init ))))
2738. (typeattribute base_typeattr_530)
2739. (typeattributeset base_typeattr_530 (and (sysfs_type ) (not (sysfs_usermodehelper ))))
2740. (typeattribute base_typeattr_529)
2741. (typeattributeset base_typeattr_529 (and (dev_type ) (not (keychord_device hw_random_device port_device lowpan_device ))))
2742. (typeattribute base_typeattr_528)
2743. (typeattributeset base_typeattr_528 (and (fs_type ) (not (contextmount_type sdcard_type rootfs proc_uid_time_in_state proc_uid_concurrent_active_time proc_uid_concurrent_policy_time ))))
2744. (typeattribute base_typeattr_527)
2745. (typeattributeset base_typeattr_527 (and (fs_type ) (not (contextmount_type sdcard_type keychord_device rootfs proc_uid_time_in_state proc_uid_concurrent_active_time proc_uid_concurrent_policy_time ))))
2746. (typeattribute base_typeattr_526)
2747. (typeattributeset base_typeattr_526 (and (file_type ) (not (exec_type core_data_file_type system_file_type vendor_file_type vold_metadata_file gsi_metadata_file password_slot_metadata_file apex_metadata_file ota_metadata_file mnt_product_file ))))
2748. (typeattribute base_typeattr_525)
2749. (typeattributeset base_typeattr_525 (and (file_type ) (not (exec_type core_data_file_type system_file_type vendor_file_type unlabeled vold_metadata_file gsi_metadata_file password_slot_metadata_file apex_metadata_file ota_metadata_file apex_mnt_dir ))))
2750. (typeattribute base_typeattr_524)
2751. (typeattributeset base_typeattr_524 (and (file_type ) (not (exec_type core_data_file_type system_file_type vendor_file_type unlabeled vold_metadata_file gsi_metadata_file password_slot_metadata_file apex_metadata_file ota_metadata_file ))))
2752. (typeattribute base_typeattr_523)
2753. (typeattributeset base_typeattr_523 (and (file_type ) (not (exec_type core_data_file_type system_file_type vendor_file_type unlabeled vold_metadata_file gsi_metadata_file password_slot_metadata_file apex_metadata_file ota_metadata_file runtime_event_log_tags_file ))))
2754. (typeattribute base_typeattr_522)
2755. (typeattributeset base_typeattr_522 (and (file_type ) (not (exec_type core_data_file_type system_file_type vendor_file_type unlabeled vold_metadata_file gsi_metadata_file password_slot_metadata_file apex_metadata_file ota_metadata_file mnt_product_file ))))
2756. (typeattribute base_typeattr_521)
2757. (typeattributeset base_typeattr_521 (and (domain ) (not (update_engine ))))
2758. (typeattribute base_typeattr_520)
2759. (typeattributeset base_typeattr_520 (and (vendor_file_type ) (not (vendor_app_file vendor_overlay_file ))))
2760. (typeattribute base_typeattr_519)
2761. (typeattributeset base_typeattr_519 (and (domain ) (not (init system_server tzdatacheck ))))
2762. (typeattribute base_typeattr_518)
2763. (typeattributeset base_typeattr_518 (and (service_manager_type ) (not (apex_service default_android_service dnsresolver_service gatekeeper_service iorapd_service incident_service installd_service lpdump_service netd_service virtual_touchpad_service vold_service vr_hwc_service ))))
2764. (typeattribute base_typeattr_517)
2765. (typeattributeset base_typeattr_517 (and (fs_type file_type ) (not (toolbox_exec ))))
2766. (typeattribute base_typeattr_516)
2767. (typeattributeset base_typeattr_516 (and (domain ) (not (system_suspend_server ))))
2768. (typeattribute base_typeattr_515)
2769. (typeattributeset base_typeattr_515 (and (domain ) (not (init statsd system_server vold ))))
2770. (typeattribute base_typeattr_514)
2771. (typeattributeset base_typeattr_514 (and (domain ) (not (stats_service_server ))))
2772. (typeattribute base_typeattr_513)
2773. (typeattributeset base_typeattr_513 (and (service_manager_type ) (not (apex_service default_android_service dnsresolver_service gatekeeper_service iorapd_service incident_service installd_service netd_service system_suspend_control_service virtual_touchpad_service vold_service vr_hwc_service ))))
2774. (typeattribute base_typeattr_512)
2775. (typeattributeset base_typeattr_512 (and (fs_type file_type ) (not (sgdisk_exec ))))
2776. (typeattribute base_typeattr_511)
2777. (typeattributeset base_typeattr_511 (and (domain ) (not (servicemanager ))))
2778. (typeattribute base_typeattr_510)
2779. (typeattributeset base_typeattr_510 (and (domain ) (not (hwservicemanager init vendor_init vndservicemanager ))))
2780. (typeattribute base_typeattr_509)
2781. (typeattributeset base_typeattr_509 (not (service_manager_type vndservice_manager_type ) ))
2782. (typeattribute base_typeattr_508)
2783. (typeattributeset base_typeattr_508 (and (domain ) (not (sensor_service_server ))))
2784. (typeattribute base_typeattr_507)
2785. (typeattributeset base_typeattr_507 (and (domain ) (not (scheduler_service_server ))))
2786. (typeattribute base_typeattr_506)
2787. (typeattributeset base_typeattr_506 (and (appdomain ) (not (system_app ))))
2788. (typeattribute base_typeattr_505)
2789. (typeattributeset base_typeattr_505 (and (data_file_type ) (not (cache_file cache_recovery_file ))))
2790. (typeattribute base_typeattr_504)
2791. (typeattributeset base_typeattr_504 (and (domain ) (not (radio ))))
2792. (typeattribute base_typeattr_503)
2793. (typeattributeset base_typeattr_503 (not (init surfaceflinger )))
2794. (typeattribute base_typeattr_502)
2795. (typeattributeset base_typeattr_502 (not (init vendor_init )))
2796. (typeattribute base_typeattr_501)
2797. (typeattributeset base_typeattr_501 (not (init shell )))
2798. (typeattribute base_typeattr_500)
2799. (typeattributeset base_typeattr_500 (not (adbd init )))
2800. (typeattribute base_typeattr_499)
2801. (typeattributeset base_typeattr_499 (not (init system_server )))
2802. (typeattribute base_typeattr_498)
2803. (typeattributeset base_typeattr_498 (and (property_type ) (not (extended_core_property_type system_property_type ))))
2804. (typeattribute base_typeattr_497)
2805. (typeattributeset base_typeattr_497 (and (coredomain ) (not (system_writes_vendor_properties_violators init ))))
2806. (typeattribute base_typeattr_496)
2807. (typeattributeset base_typeattr_496 (and (core_property_type extended_core_property_type exported3_system_prop exported3_default_prop exported2_config_prop exported2_system_prop exported2_vold_prop exported_dalvik_prop exported_ffs_prop exported_system_radio_prop ) (not (debug_prop logd_prop nfc_prop powerctl_prop radio_prop ))))
2808. (typeattribute base_typeattr_495)
2809. (typeattributeset base_typeattr_495 (and (domain ) (not (coredomain hal_wifi_server vendor_init wificond ))))
2810. (typeattribute base_typeattr_494)
2811. (typeattributeset base_typeattr_494 (and (domain ) (not (coredomain hal_wifi_server wificond ))))
2812. (typeattribute base_typeattr_493)
2813. (typeattributeset base_typeattr_493 (and (domain ) (not (coredomain hal_camera_server cameraserver vendor_init ))))
2814. (typeattribute base_typeattr_492)
2815. (typeattributeset base_typeattr_492 (and (domain ) (not (coredomain hal_bluetooth_server bluetooth vendor_init ))))
2816. (typeattribute base_typeattr_491)
2817. (typeattributeset base_typeattr_491 (and (domain ) (not (coredomain hal_bluetooth_server bluetooth ))))
2818. (typeattribute base_typeattr_490)
2819. (typeattributeset base_typeattr_490 (and (domain ) (not (appdomain coredomain hal_telephony_server ))))
2820. (typeattribute base_typeattr_489)
2821. (typeattributeset base_typeattr_489 (and (domain ) (not (appdomain coredomain hal_telephony_server vendor_init ))))
2822. (typeattribute base_typeattr_488)
2823. (typeattributeset base_typeattr_488 (and (domain ) (not (appdomain coredomain hal_nfc_server ))))
2824. (typeattribute base_typeattr_487)
2825. (typeattributeset base_typeattr_487 (and (core_property_type extended_core_property_type exported2_default_prop exported3_system_prop exported_dumpstate_prop exported_fingerprint_prop exported_vold_prop exported_config_prop exported_default_prop exported3_default_prop exported_system_prop exported2_config_prop exported2_system_prop exported2_vold_prop exported_dalvik_prop exported_ffs_prop exported_system_radio_prop ) (not (nfc_prop powerctl_prop radio_prop ))))
2826. (typeattribute base_typeattr_486)
2827. (typeattributeset base_typeattr_486 (and (domain ) (not (appdomain coredomain vendor_init ))))
2828. (typeattribute base_typeattr_485)
2829. (typeattributeset base_typeattr_485 (and (domain ) (not (dumpstate init ))))
2830. (typeattribute base_typeattr_484)
2831. (typeattributeset base_typeattr_484 (and (core_property_type ) (not (restorecon_prop config_prop cppreopt_prop dalvik_prop debuggerd_prop default_prop dhcp_prop dumpstate_prop ffs_prop fingerprint_prop net_radio_prop pan_result_prop persist_debug_prop shell_prop system_radio_prop vold_prop audio_prop debug_prop logd_prop nfc_prop ota_prop powerctl_prop radio_prop system_prop ))))
2832. (typeattribute base_typeattr_483)
2833. (typeattributeset base_typeattr_483 (and (vendor_property_type ) (not (vendor_public_property_type ))))
2834. (typeattribute base_typeattr_482)
2835. (typeattributeset base_typeattr_482 (and (coredomain ) (not (init ))))
2836. (typeattribute base_typeattr_481)
2837. (typeattributeset base_typeattr_481 (and (vendor_property_type vendor_internal_property_type ) (not (vendor_restricted_property_type vendor_public_property_type ))))
2838. (typeattribute base_typeattr_480)
2839. (typeattributeset base_typeattr_480 (and (system_property_type ) (not (system_public_property_type ))))
2840. (typeattribute base_typeattr_479)
2841. (typeattributeset base_typeattr_479 (and (system_property_type system_internal_property_type ) (not (system_restricted_property_type system_public_property_type ))))
2842. (typeattribute base_typeattr_478)
2843. (typeattributeset base_typeattr_478 (and (coredomain ) (not (dumpstate init ))))
2844. (typeattribute base_typeattr_477)
2845. (typeattributeset base_typeattr_477 (and (domain ) (not (recovery update_engine ))))
2846. (typeattribute base_typeattr_476)
2847. (typeattributeset base_typeattr_476 (and (domain ) (not (performanced ))))
2848. (typeattribute base_typeattr_475)
2849. (typeattributeset base_typeattr_475 (and (domain ) (not (init netd ))))
2850. (typeattribute base_typeattr_474)
2851. (typeattributeset base_typeattr_474 (and (domain ) (not (dumpstate init netd ))))
2852. (typeattribute base_typeattr_473)
2853. (typeattributeset base_typeattr_473 (and (domain ) (not (dumpstate netd netutils_wrapper network_stack system_server ))))
2854. (typeattribute base_typeattr_472)
2855. (typeattributeset base_typeattr_472 (and (domain ) (not (netd ))))
2856. (typeattribute base_typeattr_471)
2857. (typeattributeset base_typeattr_471 (and (netdomain ) (not (untrusted_app_all ephemeral_app mediaprovider ))))
2858. (typeattribute base_typeattr_470)
2859. (typeattributeset base_typeattr_470 (and (netdomain ) (not (ephemeral_app ))))
2860. (typeattribute base_typeattr_469)
2861. (typeattributeset base_typeattr_469 (and (domain ) (not (mediatranscoding ))))
2862. (typeattribute base_typeattr_468)
2863. (typeattributeset base_typeattr_468 (and (domain ) (not (mediaserver ))))
2864. (typeattribute base_typeattr_467)
2865. (typeattributeset base_typeattr_467 (and (domain ) (not (mediametrics ))))
2866. (typeattribute base_typeattr_466)
2867. (typeattributeset base_typeattr_466 (and (data_file_type ) (not (zoneinfo_data_file ))))
2868. (typeattribute base_typeattr_465)
2869. (typeattributeset base_typeattr_465 (and (domain ) (not (mediaextractor ))))
2870. (typeattribute base_typeattr_464)
2871. (typeattributeset base_typeattr_464 (and (domain ) (not (mediadrmserver ))))
2872. (typeattribute base_typeattr_463)
2873. (typeattributeset base_typeattr_463 (and (domain ) (not (init logd ))))
2874. (typeattribute base_typeattr_462)
2875. (typeattributeset base_typeattr_462 (and (domain ) (not (init keystore ))))
2876. (typeattribute base_typeattr_461)
2877. (typeattributeset base_typeattr_461 (and (domain ) (not (keystore ))))
2878. (typeattribute base_typeattr_460)
2879. (typeattributeset base_typeattr_460 (and (domain ) (not (healthd servicemanager system_server ))))
2880. (typeattribute base_typeattr_459)
2881. (typeattributeset base_typeattr_459 (and (domain ) (not (dumpstate iorapd system_server ))))
2882. (typeattribute base_typeattr_458)
2883. (typeattributeset base_typeattr_458 (and (domain ) (not (init iorapd kernel system_server vendor_init ))))
2884. (typeattribute base_typeattr_457)
2885. (typeattributeset base_typeattr_457 (and (domain ) (not (iorapd kernel ))))
2886. (typeattribute base_typeattr_456)
2887. (typeattributeset base_typeattr_456 (and (domain ) (not (init iorapd system_server ))))
2888. (typeattribute base_typeattr_455)
2889. (typeattributeset base_typeattr_455 (and (domain ) (not (iorapd ))))
2890. (typeattribute base_typeattr_454)
2891. (typeattributeset base_typeattr_454 (and (domain ) (not (init iorapd ))))
2892. (typeattribute base_typeattr_453)
2893. (typeattributeset base_typeattr_453 (and (domain ) (not (servicemanager system_server ))))
2894. (typeattribute base_typeattr_452)
2895. (typeattributeset base_typeattr_452 (and (domain ) (not (dumpstate servicemanager system_server ))))
2896. (typeattribute base_typeattr_451)
2897. (typeattributeset base_typeattr_451 (and (domain ) (not (dumpstate installd system_server ))))
2898. (typeattribute base_typeattr_450)
2899. (typeattributeset base_typeattr_450 (and (domain ) (not (installd ))))
2900. (typeattribute base_typeattr_449)
2901. (typeattributeset base_typeattr_449 (and (domain ) (not (init toolbox vendor_init vold ))))
2902. (typeattribute base_typeattr_448)
2903. (typeattributeset base_typeattr_448 (and (fs_type file_type ) (not (init_exec ))))
2904. (typeattribute base_typeattr_447)
2905. (typeattributeset base_typeattr_447 (and (dev_type ) (not (keychord_device port_device ))))
2906. (typeattribute base_typeattr_446)
2907. (typeattributeset base_typeattr_446 (and (fs_type ) (not (contextmount_type sdcard_type rootfs ))))
2908. (typeattribute base_typeattr_445)
2909. (typeattributeset base_typeattr_445 (and (fs_type ) (not (contextmount_type proc_type sysfs_type sdcard_type keychord_device rootfs ))))
2910. (typeattribute base_typeattr_444)
2911. (typeattributeset base_typeattr_444 (and (file_type ) (not (exec_type system_file_type vendor_file_type app_data_file privapp_data_file ))))
2912. (typeattribute base_typeattr_443)
2913. (typeattributeset base_typeattr_443 (and (file_type ) (not (exec_type system_file_type vendor_file_type shell_data_file nativetest_data_file apex_mnt_dir credstore_data_file keystore_data_file vold_data_file iorapd_data_file gsi_data_file app_data_file privapp_data_file system_app_data_file misc_logd_file ))))
2914. (typeattribute base_typeattr_442)
2915. (typeattributeset base_typeattr_442 (and (file_type ) (not (exec_type system_file_type vendor_file_type shell_data_file nativetest_data_file credstore_data_file keystore_data_file vold_data_file iorapd_data_file gsi_data_file app_data_file privapp_data_file system_app_data_file misc_logd_file ))))
2916. (typeattribute base_typeattr_441)
2917. (typeattributeset base_typeattr_441 (and (file_type ) (not (exec_type system_file_type vendor_file_type runtime_event_log_tags_file shell_data_file nativetest_data_file credstore_data_file keystore_data_file vold_data_file iorapd_data_file gsi_data_file app_data_file privapp_data_file system_app_data_file misc_logd_file ))))
2918. (typeattribute base_typeattr_440)
2919. (typeattributeset base_typeattr_440 (and (file_type ) (not (exec_type system_file_type vendor_file_type shell_data_file nativetest_data_file credstore_data_file keystore_data_file vold_data_file iorapd_data_file app_data_file privapp_data_file system_app_data_file misc_logd_file ))))
2920. (typeattribute base_typeattr_439)
2921. (typeattributeset base_typeattr_439 (and (file_type ) (not (exec_type system_file_type vendor_file_type nativetest_data_file app_data_file privapp_data_file system_app_data_file misc_logd_file ))))
2922. (typeattribute base_typeattr_438)
2923. (typeattributeset base_typeattr_438 (and (domain ) (not (idmap ))))
2924. (typeattribute base_typeattr_437)
2925. (typeattributeset base_typeattr_437 (not (hwservice_manager_type ) ))
2926. (typeattribute base_typeattr_436)
2927. (typeattributeset base_typeattr_436 (and (domain ) (not (hal_wifi_supplicant_client hal_wifi_supplicant_server ))))
2928. (typeattribute base_typeattr_435)
2929. (typeattributeset base_typeattr_435 (and (domain ) (not (hal_wifi_supplicant_server ))))
2930. (typeattribute base_typeattr_434)
2931. (typeattributeset base_typeattr_434 (and (domain ) (not (hal_wifi_hostapd_client hal_wifi_hostapd_server ))))
2932. (typeattribute base_typeattr_433)
2933. (typeattributeset base_typeattr_433 (and (domain ) (not (hal_wifi_hostapd_server ))))
2934. (typeattribute base_typeattr_432)
2935. (typeattributeset base_typeattr_432 (and (domain ) (not (hal_wifi_client hal_wifi_server ))))
2936. (typeattribute base_typeattr_431)
2937. (typeattributeset base_typeattr_431 (and (domain ) (not (hal_wifi_server ))))
2938. (typeattribute base_typeattr_430)
2939. (typeattributeset base_typeattr_430 (and (domain ) (not (hal_weaver_client hal_weaver_server ))))
2940. (typeattribute base_typeattr_429)
2941. (typeattributeset base_typeattr_429 (and (domain ) (not (hal_weaver_server ))))
2942. (typeattribute base_typeattr_428)
2943. (typeattributeset base_typeattr_428 (and (domain ) (not (hal_vr_client hal_vr_server ))))
2944. (typeattribute base_typeattr_427)
2945. (typeattributeset base_typeattr_427 (and (domain ) (not (hal_vr_server ))))
2946. (typeattribute base_typeattr_426)
2947. (typeattributeset base_typeattr_426 (and (domain ) (not (hal_vibrator_client hal_vibrator_server ))))
2948. (typeattribute base_typeattr_425)
2949. (typeattributeset base_typeattr_425 (and (domain ) (not (hal_vibrator_server ))))
2950. (typeattribute base_typeattr_424)
2951. (typeattributeset base_typeattr_424 (and (domain ) (not (hal_vehicle_client hal_vehicle_server ))))
2952. (typeattribute base_typeattr_423)
2953. (typeattributeset base_typeattr_423 (and (domain ) (not (hal_vehicle_server ))))
2954. (typeattribute base_typeattr_422)
2955. (typeattributeset base_typeattr_422 (and (domain ) (not (hal_usb_gadget_client hal_usb_gadget_server ))))
2956. (typeattribute base_typeattr_421)
2957. (typeattributeset base_typeattr_421 (and (domain ) (not (hal_usb_gadget_server ))))
2958. (typeattribute base_typeattr_420)
2959. (typeattributeset base_typeattr_420 (and (domain ) (not (hal_usb_client hal_usb_server ))))
2960. (typeattribute base_typeattr_419)
2961. (typeattributeset base_typeattr_419 (and (domain ) (not (hal_usb_server ))))
2962. (typeattribute base_typeattr_418)
2963. (typeattributeset base_typeattr_418 (and (domain ) (not (hal_tv_tuner_client hal_tv_tuner_server ))))
2964. (typeattribute base_typeattr_417)
2965. (typeattributeset base_typeattr_417 (and (domain ) (not (hal_tv_tuner_server ))))
2966. (typeattribute base_typeattr_416)
2967. (typeattributeset base_typeattr_416 (and (domain ) (not (hal_tv_input_client hal_tv_input_server ))))
2968. (typeattribute base_typeattr_415)
2969. (typeattributeset base_typeattr_415 (and (domain ) (not (hal_tv_input_server ))))
2970. (typeattribute base_typeattr_414)
2971. (typeattributeset base_typeattr_414 (and (domain ) (not (hal_tv_cec_client hal_tv_cec_server ))))
2972. (typeattribute base_typeattr_413)
2973. (typeattributeset base_typeattr_413 (and (domain ) (not (hal_tv_cec_server ))))
2974. (typeattribute base_typeattr_412)
2975. (typeattributeset base_typeattr_412 (and (domain ) (not (hal_thermal_client hal_thermal_server ))))
2976. (typeattribute base_typeattr_411)
2977. (typeattributeset base_typeattr_411 (and (domain ) (not (hal_thermal_server ))))
2978. (typeattribute base_typeattr_410)
2979. (typeattributeset base_typeattr_410 (and (domain ) (not (hal_tetheroffload_client hal_tetheroffload_server ))))
2980. (typeattribute base_typeattr_409)
2981. (typeattributeset base_typeattr_409 (and (domain ) (not (hal_tetheroffload_server ))))
2982. (typeattribute base_typeattr_408)
2983. (typeattributeset base_typeattr_408 (and (domain ) (not (hal_telephony_client hal_telephony_server ))))
2984. (typeattribute base_typeattr_407)
2985. (typeattributeset base_typeattr_407 (and (domain ) (not (hal_telephony_server ))))
2986. (typeattribute base_typeattr_406)
2987. (typeattributeset base_typeattr_406 (and (domain ) (not (hal_sensors_client hal_sensors_server ))))
2988. (typeattribute base_typeattr_405)
2989. (typeattributeset base_typeattr_405 (and (domain ) (not (hal_sensors_server ))))
2990. (typeattribute base_typeattr_404)
2991. (typeattributeset base_typeattr_404 (and (domain ) (not (hal_secure_element_client hal_secure_element_server ))))
2992. (typeattribute base_typeattr_403)
2993. (typeattributeset base_typeattr_403 (and (domain ) (not (hal_secure_element_server ))))
2994. (typeattribute base_typeattr_402)
2995. (typeattributeset base_typeattr_402 (and (domain ) (not (hal_rebootescrow_server ))))
2996. (typeattribute base_typeattr_401)
2997. (typeattributeset base_typeattr_401 (and (domain ) (not (hal_power_stats_client hal_power_stats_server ))))
2998. (typeattribute base_typeattr_400)
2999. (typeattributeset base_typeattr_400 (and (domain ) (not (hal_power_stats_server ))))
3000. (typeattribute base_typeattr_399)
3001. (typeattributeset base_typeattr_399 (and (domain ) (not (hal_power_server ))))
3002. (typeattribute base_typeattr_398)
3003. (typeattributeset base_typeattr_398 (and (domain ) (not (hal_omx_client hal_omx_server ))))
3004. (typeattribute base_typeattr_397)
3005. (typeattributeset base_typeattr_397 (and (domain ) (not (hal_omx_server ))))
3006. (typeattribute base_typeattr_396)
3007. (typeattributeset base_typeattr_396 (and (domain ) (not (hal_oemlock_client hal_oemlock_server ))))
3008. (typeattribute base_typeattr_395)
3009. (typeattributeset base_typeattr_395 (and (domain ) (not (hal_oemlock_server ))))
3010. (typeattribute base_typeattr_394)
3011. (typeattributeset base_typeattr_394 (and (domain ) (not (hal_nfc_client hal_nfc_server ))))
3012. (typeattribute base_typeattr_393)
3013. (typeattributeset base_typeattr_393 (and (domain ) (not (hal_nfc_server ))))
3014. (typeattribute base_typeattr_392)
3015. (typeattributeset base_typeattr_392 (and (halserverdomain ) (not (hal_dumpstate_server hal_telephony_server ))))
3016. (typeattribute base_typeattr_391)
3017. (typeattributeset base_typeattr_391 (and (halserverdomain ) (not (hal_automotive_socket_exemption hal_can_controller_server hal_telephony_server hal_tetheroffload_server hal_wifi_server hal_wifi_hostapd_server hal_wifi_supplicant_server ))))
3018. (typeattribute base_typeattr_390)
3019. (typeattributeset base_typeattr_390 (and (halserverdomain ) (not (hal_bluetooth_server hal_can_controller_server hal_telephony_server hal_wifi_server hal_wifi_hostapd_server hal_wifi_supplicant_server ))))
3020. (typeattribute base_typeattr_389)
3021. (typeattributeset base_typeattr_389 (and (domain ) (not (hal_neuralnetworks_client hal_neuralnetworks_server ))))
3022. (typeattribute base_typeattr_388)
3023. (typeattributeset base_typeattr_388 (and (domain ) (not (hal_neuralnetworks_server ))))
3024. (typeattribute base_typeattr_387)
3025. (typeattributeset base_typeattr_387 (and (domain ) (not (hal_memtrack_client hal_memtrack_server ))))
3026. (typeattribute base_typeattr_386)
3027. (typeattributeset base_typeattr_386 (and (domain ) (not (hal_memtrack_server ))))
3028. (typeattribute base_typeattr_385)
3029. (typeattributeset base_typeattr_385 (and (domain ) (not (hal_lowpan_server init ueventd ))))
3030. (typeattribute base_typeattr_384)
3031. (typeattributeset base_typeattr_384 (and (domain ) (not (hal_lowpan_client hal_lowpan_server ))))
3032. (typeattribute base_typeattr_383)
3033. (typeattributeset base_typeattr_383 (and (domain ) (not (hal_lowpan_server ))))
3034. (typeattribute base_typeattr_382)
3035. (typeattributeset base_typeattr_382 (and (domain ) (not (hal_light_client hal_light_server ))))
3036. (typeattribute base_typeattr_381)
3037. (typeattributeset base_typeattr_381 (and (domain ) (not (hal_light_server ))))
3038. (typeattribute base_typeattr_380)
3039. (typeattributeset base_typeattr_380 (and (domain ) (not (hal_keymaster_client hal_keymaster_server ))))
3040. (typeattribute base_typeattr_379)
3041. (typeattributeset base_typeattr_379 (and (domain ) (not (hal_keymaster_server ))))
3042. (typeattribute base_typeattr_378)
3043. (typeattributeset base_typeattr_378 (and (domain ) (not (hal_ir_client hal_ir_server ))))
3044. (typeattribute base_typeattr_377)
3045. (typeattributeset base_typeattr_377 (and (domain ) (not (hal_ir_server ))))
3046. (typeattribute base_typeattr_376)
3047. (typeattributeset base_typeattr_376 (and (domain ) (not (hal_input_classifier_client hal_input_classifier_server ))))
3048. (typeattribute base_typeattr_375)
3049. (typeattributeset base_typeattr_375 (and (domain ) (not (hal_input_classifier_server ))))
3050. (typeattribute base_typeattr_374)
3051. (typeattributeset base_typeattr_374 (and (domain ) (not (hal_identity_server ))))
3052. (typeattribute base_typeattr_373)
3053. (typeattributeset base_typeattr_373 (and (domain ) (not (hal_health_storage_client hal_health_storage_server ))))
3054. (typeattribute base_typeattr_372)
3055. (typeattributeset base_typeattr_372 (and (domain ) (not (hal_health_storage_server ))))
3056. (typeattribute base_typeattr_371)
3057. (typeattributeset base_typeattr_371 (and (domain ) (not (hal_health_client hal_health_server ))))
3058. (typeattribute base_typeattr_370)
3059. (typeattributeset base_typeattr_370 (and (domain ) (not (hal_health_server ))))
3060. (typeattribute base_typeattr_369)
3061. (typeattributeset base_typeattr_369 (and (domain ) (not (hal_graphics_composer_client hal_graphics_composer_server ))))
3062. (typeattribute base_typeattr_368)
3063. (typeattributeset base_typeattr_368 (and (domain ) (not (hal_graphics_composer_server ))))
3064. (typeattribute base_typeattr_367)
3065. (typeattributeset base_typeattr_367 (and (domain ) (not (hal_graphics_allocator_client hal_graphics_allocator_server ))))
3066. (typeattribute base_typeattr_366)
3067. (typeattributeset base_typeattr_366 (and (domain ) (not (hal_graphics_allocator_server ))))
3068. (typeattribute base_typeattr_365)
3069. (typeattributeset base_typeattr_365 (and (domain ) (not (hal_gnss_client hal_gnss_server ))))
3070. (typeattribute base_typeattr_364)
3071. (typeattributeset base_typeattr_364 (and (domain ) (not (hal_gnss_server ))))
3072. (typeattribute base_typeattr_363)
3073. (typeattributeset base_typeattr_363 (and (domain ) (not (hal_gatekeeper_client hal_gatekeeper_server ))))
3074. (typeattribute base_typeattr_362)
3075. (typeattributeset base_typeattr_362 (and (domain ) (not (hal_gatekeeper_server ))))
3076. (typeattribute base_typeattr_361)
3077. (typeattributeset base_typeattr_361 (and (domain ) (not (hal_fingerprint_client hal_fingerprint_server ))))
3078. (typeattribute base_typeattr_360)
3079. (typeattributeset base_typeattr_360 (and (domain ) (not (hal_fingerprint_server ))))
3080. (typeattribute base_typeattr_359)
3081. (typeattributeset base_typeattr_359 (and (domain ) (not (hal_face_client hal_face_server ))))
3082. (typeattribute base_typeattr_358)
3083. (typeattributeset base_typeattr_358 (and (domain ) (not (hal_face_server ))))
3084. (typeattribute base_typeattr_357)
3085. (typeattributeset base_typeattr_357 (and (domain ) (not (hal_evs_client hal_evs_server ))))
3086. (typeattribute base_typeattr_356)
3087. (typeattributeset base_typeattr_356 (and (domain ) (not (hal_evs_server ))))
3088. (typeattribute base_typeattr_355)
3089. (typeattributeset base_typeattr_355 (and (domain ) (not (hal_dumpstate_client hal_dumpstate_server ))))
3090. (typeattribute base_typeattr_354)
3091. (typeattributeset base_typeattr_354 (and (domain ) (not (hal_dumpstate_server ))))
3092. (typeattribute base_typeattr_353)
3093. (typeattributeset base_typeattr_353 (and (domain ) (not (hal_drm_client hal_drm_server ))))
3094. (typeattribute base_typeattr_352)
3095. (typeattributeset base_typeattr_352 (and (domain ) (not (hal_drm_server ))))
3096. (typeattribute base_typeattr_351)
3097. (typeattributeset base_typeattr_351 (and (domain ) (not (hal_contexthub_client hal_contexthub_server ))))
3098. (typeattribute base_typeattr_350)
3099. (typeattributeset base_typeattr_350 (and (domain ) (not (hal_contexthub_server ))))
3100. (typeattribute base_typeattr_349)
3101. (typeattributeset base_typeattr_349 (and (domain ) (not (hal_confirmationui_client hal_confirmationui_server ))))
3102. (typeattribute base_typeattr_348)
3103. (typeattributeset base_typeattr_348 (and (domain ) (not (hal_confirmationui_server ))))
3104. (typeattribute base_typeattr_347)
3105. (typeattributeset base_typeattr_347 (and (data_file_type ) (not (anr_data_file tombstone_data_file zoneinfo_data_file ))))
3106. (typeattribute base_typeattr_346)
3107. (typeattributeset base_typeattr_346 (and (domain ) (not (hal_configstore_server logd tombstoned ))))
3108. (typeattribute base_typeattr_345)
3109. (typeattributeset base_typeattr_345 (and (domain ) (not (hal_configstore_client hal_configstore_server ))))
3110. (typeattribute base_typeattr_344)
3111. (typeattributeset base_typeattr_344 (and (domain ) (not (hal_configstore_server ))))
3112. (typeattribute base_typeattr_343)
3113. (typeattributeset base_typeattr_343 (and (domain ) (not (hal_codec2_client hal_codec2_server ))))
3114. (typeattribute base_typeattr_342)
3115. (typeattributeset base_typeattr_342 (and (domain ) (not (hal_codec2_server ))))
3116. (typeattribute base_typeattr_341)
3117. (typeattributeset base_typeattr_341 (and (domain ) (not (hal_cas_client hal_cas_server ))))
3118. (typeattribute base_typeattr_340)
3119. (typeattributeset base_typeattr_340 (and (domain ) (not (hal_cas_server ))))
3120. (typeattribute base_typeattr_339)
3121. (typeattributeset base_typeattr_339 (and (domain ) (not (hal_can_bus_server ))))
3122. (typeattribute base_typeattr_338)
3123. (typeattributeset base_typeattr_338 (and (domain ) (not (hal_can_controller_server ))))
3124. (typeattribute base_typeattr_337)
3125. (typeattributeset base_typeattr_337 (and (halserverdomain ) (not (hal_camera_server ))))
3126. (typeattribute base_typeattr_336)
3127. (typeattributeset base_typeattr_336 (and (domain ) (not (hal_camera_client hal_camera_server ))))
3128. (typeattribute base_typeattr_335)
3129. (typeattributeset base_typeattr_335 (and (domain ) (not (hal_camera_server ))))
3130. (typeattribute base_typeattr_334)
3131. (typeattributeset base_typeattr_334 (and (domain ) (not (hal_broadcastradio_client hal_broadcastradio_server ))))
3132. (typeattribute base_typeattr_333)
3133. (typeattributeset base_typeattr_333 (and (domain ) (not (hal_broadcastradio_server ))))
3134. (typeattribute base_typeattr_332)
3135. (typeattributeset base_typeattr_332 (and (domain ) (not (hal_bootctl_client hal_bootctl_server ))))
3136. (typeattribute base_typeattr_331)
3137. (typeattributeset base_typeattr_331 (and (domain ) (not (hal_bootctl_server ))))
3138. (typeattribute base_typeattr_330)
3139. (typeattributeset base_typeattr_330 (and (domain ) (not (hal_bluetooth_client hal_bluetooth_server ))))
3140. (typeattribute base_typeattr_329)
3141. (typeattributeset base_typeattr_329 (and (domain ) (not (hal_bluetooth_server ))))
3142. (typeattribute base_typeattr_328)
3143. (typeattributeset base_typeattr_328 (and (domain ) (not (hal_authsecret_client hal_authsecret_server ))))
3144. (typeattribute base_typeattr_327)
3145. (typeattributeset base_typeattr_327 (and (domain ) (not (hal_authsecret_server ))))
3146. (typeattribute base_typeattr_326)
3147. (typeattributeset base_typeattr_326 (and (domain ) (not (hal_audiocontrol_client hal_audiocontrol_server ))))
3148. (typeattribute base_typeattr_325)
3149. (typeattributeset base_typeattr_325 (and (domain ) (not (hal_audiocontrol_server ))))
3150. (typeattribute base_typeattr_324)
3151. (typeattributeset base_typeattr_324 (and (halserverdomain ) (not (hal_audio_server hal_omx_server ))))
3152. (typeattribute base_typeattr_323)
3153. (typeattributeset base_typeattr_323 (and (domain ) (not (hal_audio_client hal_audio_server ))))
3154. (typeattribute base_typeattr_322)
3155. (typeattributeset base_typeattr_322 (and (domain ) (not (hal_audio_server ))))
3156. (typeattribute base_typeattr_321)
3157. (typeattributeset base_typeattr_321 (and (domain ) (not (hal_atrace_client hal_atrace_server ))))
3158. (typeattribute base_typeattr_320)
3159. (typeattributeset base_typeattr_320 (and (domain ) (not (hal_atrace_server ))))
3160. (typeattribute base_typeattr_319)
3161. (typeattributeset base_typeattr_319 (and (domain ) (not (hal_allocator_client hal_allocator_server ))))
3162. (typeattribute base_typeattr_318)
3163. (typeattributeset base_typeattr_318 (and (domain ) (not (hal_allocator_server ))))
3164. (typeattribute base_typeattr_317)
3165. (typeattributeset base_typeattr_317 (and (domain ) (not (gatekeeperd ))))
3166. (typeattribute base_typeattr_316)
3167. (typeattributeset base_typeattr_316 (and (domain ) (not (hal_bufferhub_client hal_bufferhub_server ))))
3168. (typeattribute base_typeattr_315)
3169. (typeattributeset base_typeattr_315 (and (domain ) (not (hal_bufferhub_server ))))
3170. (typeattribute base_typeattr_314)
3171. (typeattributeset base_typeattr_314 (and (domain ) (not (vold ))))
3172. (typeattribute base_typeattr_313)
3173. (typeattributeset base_typeattr_313 (and (fs_type file_type ) (not (fsck_exec ))))
3174. (typeattribute base_typeattr_312)
3175. (typeattributeset base_typeattr_312 (and (domain ) (not (init vold ))))
3176. (typeattribute base_typeattr_311)
3177. (typeattributeset base_typeattr_311 (and (domain ) (not (flags_health_check init ))))
3178. (typeattribute base_typeattr_310)
3179. (typeattributeset base_typeattr_310 (and (domain ) (not (fingerprintd ))))
3180. (typeattribute base_typeattr_309)
3181. (typeattributeset base_typeattr_309 (and (domain ) (not (dumpstate shell system_server traceur_app ))))
3182. (typeattribute base_typeattr_308)
3183. (typeattributeset base_typeattr_308 (and (domain ) (not (dumpstate ))))
3184. (typeattribute base_typeattr_307)
3185. (typeattributeset base_typeattr_307 (and (service_manager_type ) (not (apex_service default_android_service dumpstate_service gatekeeper_service virtual_touchpad_service vold_service vr_hwc_service ))))
3186. (typeattribute base_typeattr_306)
3187. (typeattributeset base_typeattr_306 (and (domain ) (not (drmserver ))))
3188. (typeattribute base_typeattr_305)
3189. (typeattributeset base_typeattr_305 (and (domain ) (not (ephemeral_app untrusted_app_27 untrusted_app_25 ))))
3190. (typeattribute base_typeattr_304)
3191. (typeattributeset base_typeattr_304 (and (domain ) (not (hal_codec2_server hal_omx_server ))))
3192. (typeattribute base_typeattr_303)
3193. (typeattributeset base_typeattr_303 (and (coredomain ) (not (charger healthd incidentd recovery shell ueventd ))))
3194. (typeattribute base_typeattr_302)
3195. (typeattributeset base_typeattr_302 (and (coredomain ) (not (appdomain ))))
3196. (typeattribute base_typeattr_301)
3197. (typeattributeset base_typeattr_301 (and (coredomain ) (not (system_writes_mnt_vendor_violators init ueventd vold ))))
3198. (typeattribute base_typeattr_300)
3199. (typeattributeset base_typeattr_300 (and (coredomain ) (not (appdomain bootanim crash_dump heapprofd init iorap_inode2filename iorap_prefetcherd kernel traced_perf ueventd ))))
3200. (typeattribute base_typeattr_299)
3201. (typeattributeset base_typeattr_299 (not (coredomain ) ))
3202. (typeattribute base_typeattr_298)
3203. (typeattributeset base_typeattr_298 (not (system_file_type vendor_file_type rootfs ) ))
3204. (typeattribute base_typeattr_297)
3205. (typeattributeset base_typeattr_297 (and (domain ) (not (installd profman ))))
3206. (typeattribute base_typeattr_296)
3207. (typeattributeset base_typeattr_296 (and (domain ) (not (init vendor_init vold ))))
3208. (typeattribute base_typeattr_295)
3209. (typeattributeset base_typeattr_295 (and (domain ) (not (dumpstate init vendor_init ))))
3210. (typeattribute base_typeattr_294)
3211. (typeattributeset base_typeattr_294 (not (hwservicemanager ) ))
3212. (typeattribute base_typeattr_293)
3213. (typeattributeset base_typeattr_293 (not (servicemanager vndservicemanager ) ))
3214. (typeattribute base_typeattr_292)
3215. (typeattributeset base_typeattr_292 (and (domain ) (not (appdomain adbd dumpstate installd ))))
3216. (typeattribute base_typeattr_291)
3217. (typeattributeset base_typeattr_291 (and (domain ) (not (appdomain adbd dumpstate init installd simpleperf_app_runner system_server ))))
3218. (typeattribute base_typeattr_290)
3219. (typeattributeset base_typeattr_290 (and (domain ) (not (adbd dumpstate init installd shell vold ))))
3220. (typeattribute base_typeattr_289)
3221. (typeattributeset base_typeattr_289 (and (domain ) (not (installd shell ))))
3222. (typeattribute base_typeattr_288)
3223. (typeattributeset base_typeattr_288 (and (domain ) (not (appdomain installd ))))
3224. (typeattribute base_typeattr_287)
3225. (typeattributeset base_typeattr_287 (and (appdomain ) (not (shell simpleperf ))))
3226. (typeattribute base_typeattr_286)
3227. (typeattributeset base_typeattr_286 (and (domain ) (not (app_zygote runas simpleperf_app_runner webview_zygote zygote ))))
3228. (typeattribute base_typeattr_285)
3229. (typeattributeset base_typeattr_285 (and (domain ) (not (adbd init runas zygote ))))
3230. (typeattribute base_typeattr_284)
3231. (typeattributeset base_typeattr_284 (and (domain ) (not (appdomain installd iorap_inode2filename system_server traced_probes ))))
3232. (typeattribute base_typeattr_283)
3233. (typeattributeset base_typeattr_283 (and (domain ) (not (init installd system_app system_server toolbox vold_prepare_subdirs ))))
3234. (typeattribute base_typeattr_282)
3235. (typeattributeset base_typeattr_282 (not (domain ) ))
3236. (typeattribute base_typeattr_281)
3237. (typeattributeset base_typeattr_281 (and (domain ) (not (untrusted_app_27 untrusted_app_25 ))))
3238. (typeattribute base_typeattr_280)
3239. (typeattributeset base_typeattr_280 (and (file_type ) (not (apk_data_file app_data_file asec_public_file ))))
3240. (typeattribute base_typeattr_279)
3241. (typeattributeset base_typeattr_279 (and (domain ) (not (dumpstate incidentd system_server ))))
3242. (typeattribute base_typeattr_278)
3243. (typeattributeset base_typeattr_278 (and (domain ) (not (hal_codec2_server hal_omx_server crash_dump dumpstate incidentd mediaextractor system_server tombstoned ))))
3244. (typeattribute base_typeattr_277)
3245. (typeattributeset base_typeattr_277 (and (domain ) (not (app_zygote system_server webview_zygote ))))
3246. (typeattribute base_typeattr_276)
3247. (typeattributeset base_typeattr_276 (and (domain ) (not (system_server ))))
3248. (typeattribute base_typeattr_275)
3249. (typeattributeset base_typeattr_275 (and (domain ) (not (system_server zygote ))))
3250. (typeattribute base_typeattr_274)
3251. (typeattributeset base_typeattr_274 (and (system_file_type ) (not (crash_dump_exec system_event_log_tags_file system_lib_file system_group_file system_linker_exec system_linker_config_file system_passwd_file system_seccomp_policy_file system_security_cacerts_file system_zoneinfo_file task_profiles_file file_contexts_file property_contexts_file iorap_inode2filename_exec netutils_wrapper_exec ))))
3252. (typeattribute base_typeattr_273)
3253. (typeattributeset base_typeattr_273 (and (vendor_file_type ) (not (vendor_task_profiles_file vendor_app_file vendor_configs_file same_process_hal_file vndk_sp_file vendor_framework_file vendor_overlay_file vendor_public_lib_file vendor_keylayout_file vendor_keychars_file vendor_idc_file vendor_apex_file vendor_service_contexts_file ))))
3254. (typeattribute base_typeattr_272)
3255. (typeattributeset base_typeattr_272 (and (coredomain ) (not (system_executes_vendor_violators crash_dump init iorap_inode2filename iorap_prefetcherd kernel shell traced_perf ueventd vold ))))
3256. (typeattribute base_typeattr_271)
3257. (typeattributeset base_typeattr_271 (and (vendor_file_type ) (not (same_process_hal_file ))))
3258. (typeattribute base_typeattr_270)
3259. (typeattributeset base_typeattr_270 (and (coredomain ) (not (system_executes_vendor_violators shell ))))
3260. (typeattribute base_typeattr_269)
3261. (typeattributeset base_typeattr_269 (and (vendor_file_type ) (not (vendor_app_file same_process_hal_file vndk_sp_file vendor_public_lib_file ))))
3262. (typeattribute base_typeattr_268)
3263. (typeattributeset base_typeattr_268 (and (coredomain ) (not (system_executes_vendor_violators init shell ueventd ))))
3264. (typeattribute base_typeattr_267)
3265. (typeattributeset base_typeattr_267 (and (system_file_type ) (not (crash_dump_exec system_lib_file system_linker_exec iorap_inode2filename_exec iorap_prefetcherd_exec netutils_wrapper_exec ))))
3266. (typeattribute base_typeattr_266)
3267. (typeattributeset base_typeattr_266 (and (domain ) (not (appdomain coredomain vendor_executes_system_violators vendor_init ))))
3268. (typeattribute base_typeattr_265)
3269. (typeattributeset base_typeattr_265 (and (coredomain ) (not (init shell ueventd ))))
3270. (typeattribute base_typeattr_264)
3271. (typeattributeset base_typeattr_264 (and (coredomain ) (not (data_between_core_and_vendor_violators init ))))
3272. (typeattribute base_typeattr_263)
3273. (typeattributeset base_typeattr_263 (and (coredomain ) (not (data_between_core_and_vendor_violators init vold vold_prepare_subdirs ))))
3274. (typeattribute base_typeattr_262)
3275. (typeattributeset base_typeattr_262 (and (domain ) (not (appdomain coredomain data_between_core_and_vendor_violators ))))
3276. (typeattribute base_typeattr_261)
3277. (typeattributeset base_typeattr_261 (and (core_data_file_type ) (not (system_data_root_file system_data_file vendor_data_file unencrypted_data_file zoneinfo_data_file ))))
3278. (typeattribute base_typeattr_260)
3279. (typeattributeset base_typeattr_260 (and (core_data_file_type ) (not (system_data_root_file system_data_file vendor_data_file zoneinfo_data_file ))))
3280. (typeattribute base_typeattr_259)
3281. (typeattributeset base_typeattr_259 (and (core_data_file_type ) (not (unencrypted_data_file zoneinfo_data_file ))))
3282. (typeattribute base_typeattr_258)
3283. (typeattributeset base_typeattr_258 (and (vendor_init ) (not (data_between_core_and_vendor_violators ))))
3284. (typeattribute base_typeattr_257)
3285. (typeattributeset base_typeattr_257 (and (core_data_file_type ) (not (zoneinfo_data_file ))))
3286. (typeattribute base_typeattr_256)
3287. (typeattributeset base_typeattr_256 (and (domain ) (not (appdomain coredomain data_between_core_and_vendor_violators vendor_init ))))
3288. (typeattribute base_typeattr_255)
3289. (typeattributeset base_typeattr_255 (and (data_file_type ) (not (core_data_file_type vendor_data_file ))))
3290. (typeattribute base_typeattr_254)
3291. (typeattributeset base_typeattr_254 (and (data_file_type ) (not (core_data_file_type ))))
3292. (typeattribute base_typeattr_253)
3293. (typeattributeset base_typeattr_253 (and (coredomain ) (not (appdomain data_between_core_and_vendor_violators init vold_prepare_subdirs ))))
3294. (typeattribute base_typeattr_252)
3295. (typeattributeset base_typeattr_252 (and (dev_type file_type ) (not (core_data_file_type coredomain_socket unlabeled ))))
3296. (typeattribute base_typeattr_251)
3297. (typeattributeset base_typeattr_251 (and (coredomain ) (not (socket_between_core_and_vendor_violators init ueventd ))))
3298. (typeattribute base_typeattr_250)
3299. (typeattributeset base_typeattr_250 (and (core_data_file_type coredomain_socket unlabeled ) (not (pdx_endpoint_socket_type pdx_channel_socket_type app_data_file privapp_data_file ))))
3300. (typeattribute base_typeattr_249)
3301. (typeattributeset base_typeattr_249 (and (domain ) (not (appdomain coredomain socket_between_core_and_vendor_violators data_between_core_and_vendor_violators vendor_init ))))
3302. (typeattribute base_typeattr_248)
3303. (typeattributeset base_typeattr_248 (and (coredomain ) (not (init logd mdnsd netd tombstoned ))))
3304. (typeattribute base_typeattr_247)
3305. (typeattributeset base_typeattr_247 (and (domain ) (not (appdomain coredomain socket_between_core_and_vendor_violators ))))
3306. (typeattribute base_typeattr_246)
3307. (typeattributeset base_typeattr_246 (and (domain ) (not (coredomain socket_between_core_and_vendor_violators ))))
3308. (typeattribute base_typeattr_245)
3309. (typeattributeset base_typeattr_245 (and (coredomain ) (not (adbd init ))))
3310. (typeattribute base_typeattr_244)
3311. (typeattributeset base_typeattr_244 (and (coredomain ) (not (shell ))))
3312. (typeattribute base_typeattr_243)
3313. (typeattributeset base_typeattr_243 (and (coredomain ) (not (shell ueventd ))))
3314. (typeattribute base_typeattr_242)
3315. (typeattributeset base_typeattr_242 (and (service_manager_type ) (not (app_api_service ephemeral_app_api_service audioserver_service cameraserver_service drmserver_service credstore_service keystore_service mediaserver_service mediametrics_service mediaextractor_service mediadrmserver_service nfc_service radio_service virtual_touchpad_service vr_hwc_service vr_manager_service hal_light_service ))))
3316. (typeattribute base_typeattr_241)
3317. (typeattributeset base_typeattr_241 (and (appdomain ) (not (coredomain ))))
3318. (typeattribute base_typeattr_240)
3319. (typeattributeset base_typeattr_240 (and (service_manager_type ) (not (vendor_service ))))
3320. (typeattribute base_typeattr_239)
3321. (typeattributeset base_typeattr_239 (and (domain ) (not (coredomain binder_in_vendor_violators ))))
3322. (typeattribute base_typeattr_238)
3323. (typeattributeset base_typeattr_238 (and (domain ) (not (hwservicemanager servicemanager vndservicemanager ))))
3324. (typeattribute base_typeattr_237)
3325. (typeattributeset base_typeattr_237 (and (domain ) (not (hal_bootctl_server fastbootd init recovery ueventd uncrypt update_engine vendor_init vendor_misc_writer vold ))))
3326. (typeattribute base_typeattr_236)
3327. (typeattributeset base_typeattr_236 (and (domain ) (not (fastbootd recovery update_engine ))))
3328. (typeattribute base_typeattr_235)
3329. (typeattributeset base_typeattr_235 (and (domain ) (not (e2fs fastbootd fsck init recovery vold ))))
3330. (typeattribute base_typeattr_234)
3331. (typeattributeset base_typeattr_234 (and (domain ) (not (init recovery shell system_server ueventd ))))
3332. (typeattribute base_typeattr_233)
3333. (typeattributeset base_typeattr_233 (and (domain ) (not (dumpstate init system_server ))))
3334. (typeattribute base_typeattr_232)
3335. (typeattributeset base_typeattr_232 (and (domain ) (not (hal_camera_server hal_cas_server hal_drm_server adbd dumpstate fastbootd init mediadrmserver mediaserver recovery shell system_server vendor_init ))))
3336. (typeattribute base_typeattr_231)
3337. (typeattributeset base_typeattr_231 (and (domain ) (not (coredomain vendor_init ))))
3338. (typeattribute base_typeattr_230)
3339. (typeattributeset base_typeattr_230 (and (domain ) (not (init system_server vendor_init ))))
3340. (typeattribute base_typeattr_229)
3341. (typeattributeset base_typeattr_229 (and (domain ) (not (init system_server ))))
3342. (typeattribute base_typeattr_228)
3343. (typeattributeset base_typeattr_228 (and (fs_type ) (not (contextmount_type ))))
3344. (typeattribute base_typeattr_227)
3345. (typeattributeset base_typeattr_227 (and (domain ) (not (init kernel recovery ))))
3346. (typeattribute base_typeattr_226)
3347. (typeattributeset base_typeattr_226 (and (domain ) (not (init vendor_init ))))
3348. (typeattribute base_typeattr_225)
3349. (typeattributeset base_typeattr_225 (and (domain ) (not (init ueventd ))))
3350. (typeattribute base_typeattr_224)
3351. (typeattributeset base_typeattr_224 (and (file_type ) (not (exec_type postinstall_file ))))
3352. (typeattribute base_typeattr_223)
3353. (typeattributeset base_typeattr_223 (and (domain ) (not (shell ueventd ))))
3354. (typeattribute base_typeattr_222)
3355. (typeattributeset base_typeattr_222 (and (domain ) (not (init shell system_server ueventd ))))
3356. (typeattribute base_typeattr_221)
3357. (typeattributeset base_typeattr_221 (and (domain ) (not (kernel ))))
3358. (typeattribute base_typeattr_220)
3359. (typeattributeset base_typeattr_220 (and (domain ) (not (init kernel ueventd vold ))))
3360. (typeattribute base_typeattr_219)
3361. (typeattributeset base_typeattr_219 (and (domain ) (not (init recovery ))))
3362. (typeattribute base_typeattr_218)
3363. (typeattributeset base_typeattr_218 (and (domain ) (not (domain ))))
3364. (typeattribute base_typeattr_217)
3365. (typeattributeset base_typeattr_217 (and (domain ) (not (coredomain ))))
3366. (typeattribute base_typeattr_216)
3367. (typeattributeset base_typeattr_216 (and (domain ) (not (isolated_app servicemanager vndservicemanager ))))
3368. (typeattribute base_typeattr_215)
3369. (typeattributeset base_typeattr_215 (and (domain ) (not (hwservicemanager vndservicemanager ))))
3370. (typeattribute base_typeattr_214)
3371. (typeattributeset base_typeattr_214 (and (domain ) (not (display_service_server ))))
3372. (typeattribute base_typeattr_213)
3373. (typeattributeset base_typeattr_213 (and (domain ) (not (credstore ))))
3374. (typeattribute base_typeattr_212)
3375. (typeattributeset base_typeattr_212 (and (domain ) (not (cameraserver ))))
3376. (typeattribute base_typeattr_211)
3377. (typeattributeset base_typeattr_211 (and (domain ) (not (camera_service_server ))))
3378. (typeattribute base_typeattr_210)
3379. (typeattributeset base_typeattr_210 (and (domain ) (not (bufferhubd ))))
3380. (typeattribute base_typeattr_209)
3381. (typeattributeset base_typeattr_209 (and (domain ) (not (bootstat init ))))
3382. (typeattribute base_typeattr_208)
3383. (typeattributeset base_typeattr_208 (and (domain ) (not (bootstat init system_server ))))
3384. (typeattribute base_typeattr_207)
3385. (typeattributeset base_typeattr_207 (and (domain ) (not (bootanim bootstat dumpstate init recovery shell system_server ))))
3386. (typeattribute base_typeattr_206)
3387. (typeattributeset base_typeattr_206 (and (appdomain ) (not (bluetooth system_app ))))
3388. (typeattribute base_typeattr_205)
3389. (typeattributeset base_typeattr_205 (and (data_file_type ) (not (system_data_file apk_data_file dalvikcache_data_file ))))
3390. (typeattribute base_typeattr_204)
3391. (typeattributeset base_typeattr_204 (and (appdomain ) (not (bluetooth nfc ))))
3392. (typeattribute base_typeattr_203)
3393. (typeattributeset base_typeattr_203 (and (appdomain ) (not (untrusted_app_all platform_app priv_app ))))
3394. (typeattribute base_typeattr_202)
3395. (typeattributeset base_typeattr_202 (and (domain ) (not (credstore init ))))
3396. (typeattribute base_typeattr_201)
3397. (typeattributeset base_typeattr_201 (and (appdomain ) (not (platform_app ))))
3398. (typeattribute base_typeattr_200)
3399. (typeattributeset base_typeattr_200 (and (appdomain ) (not (platform_app system_app ))))
3400. (typeattribute base_typeattr_199)
3401. (typeattributeset base_typeattr_199 (and (domain ) (not (appdomain perfetto ))))
3402. (typeattribute base_typeattr_198)
3403. (typeattributeset base_typeattr_198 (and (appdomain ) (not (shell ))))
3404. (typeattribute base_typeattr_197)
3405. (typeattributeset base_typeattr_197 (and (domain ) (not (appdomain crash_dump ))))
3406. (typeattribute base_typeattr_196)
3407. (typeattributeset base_typeattr_196 (and (domain ) (not (appdomain ))))
3408. (typeattribute base_typeattr_195)
3409. (typeattributeset base_typeattr_195 (and (appdomain ) (not (radio ))))
3410. (typeattribute base_typeattr_194)
3411. (typeattributeset base_typeattr_194 (and (appdomain ) (not (network_stack ))))
3412. (typeattribute base_typeattr_193)
3413. (typeattributeset base_typeattr_193 (and (appdomain ) (not (nfc ))))
3414. (typeattribute base_typeattr_192)
3415. (typeattributeset base_typeattr_192 (and (appdomain ) (not (bluetooth network_stack ))))
3416. (typeattribute base_typeattr_191)
3417. (typeattributeset base_typeattr_191 (and (appdomain ) (not (bluetooth ))))
3418. (typeattribute base_typeattr_190)
3419. (typeattributeset base_typeattr_190 (and (appdomain ) (not (ephemeral_app isolated_app ))))
3420. (typeattribute base_typeattr_189)
3421. (typeattributeset base_typeattr_189 (and (appdomain ) (not (untrusted_app_all ephemeral_app isolated_app platform_app priv_app shell system_app ))))
3422. (typeattribute base_typeattr_188)
3423. (typeattributeset base_typeattr_188 (and (appdomain ) (not (ephemeral_app ))))
3424. (typeattribute base_typeattr_187)
3425. (typeattributeset base_typeattr_187 (and (appdomain ) (not (isolated_app ))))
3426. (typeattribute base_typeattr_186)
3427. (typeattributeset base_typeattr_186 (and (domain ) (not (apexd init ))))
3428. (typeattribute base_typeattr_185)
3429. (typeattributeset base_typeattr_185 (and (domain ) (not (apexd init servicemanager system_server ))))
3430. (typeattribute base_typeattr_184)
3431. (typeattributeset base_typeattr_184 (and (domain ) (not (apexd init system_server ))))
3432. (typeattribute base_typeattr_183)
3433. (typeattributeset base_typeattr_183 (and (domain ) (not (apexd ))))
3434. (typeattribute base_typeattr_182)
3435. (typeattributeset base_typeattr_182 (all))
3436. (typeattribute base_typeattr_181)
3437. (typeattributeset base_typeattr_181 (and (domain ) (not (init ))))
3438. (typeattribute base_typeattr_180)
3439. (typeattributeset base_typeattr_180 (and (hal_lazy_test_client ) (not (halclientdomain ))))
3440. (typeattribute base_typeattr_179)
3441. (typeattributeset base_typeattr_179 (and (hal_lazy_test_server ) (not (hal_lazy_test ))))
3442. (typeattribute base_typeattr_178)
3443. (typeattributeset base_typeattr_178 (and (hal_lazy_test_server ) (not (halserverdomain ))))
3444. (typeattribute base_typeattr_177)
3445. (typeattributeset base_typeattr_177 (and (hal_wifi_supplicant_client ) (not (halclientdomain ))))
3446. (typeattribute base_typeattr_176)
3447. (typeattributeset base_typeattr_176 (and (hal_wifi_supplicant_server ) (not (hal_wifi_supplicant ))))
3448. (typeattribute base_typeattr_175)
3449. (typeattributeset base_typeattr_175 (and (hal_wifi_supplicant_server ) (not (halserverdomain ))))
3450. (typeattribute base_typeattr_174)
3451. (typeattributeset base_typeattr_174 (and (hal_wifi_hostapd_client ) (not (halclientdomain ))))
3452. (typeattribute base_typeattr_173)
3453. (typeattributeset base_typeattr_173 (and (hal_wifi_hostapd_server ) (not (hal_wifi_hostapd ))))
3454. (typeattribute base_typeattr_172)
3455. (typeattributeset base_typeattr_172 (and (hal_wifi_hostapd_server ) (not (halserverdomain ))))
3456. (typeattribute base_typeattr_171)
3457. (typeattributeset base_typeattr_171 (and (hal_wifi_client ) (not (halclientdomain ))))
3458. (typeattribute base_typeattr_170)
3459. (typeattributeset base_typeattr_170 (and (hal_wifi_server ) (not (hal_wifi ))))
3460. (typeattribute base_typeattr_169)
3461. (typeattributeset base_typeattr_169 (and (hal_wifi_server ) (not (halserverdomain ))))
3462. (typeattribute base_typeattr_168)
3463. (typeattributeset base_typeattr_168 (and (hal_weaver_client ) (not (halclientdomain ))))
3464. (typeattribute base_typeattr_167)
3465. (typeattributeset base_typeattr_167 (and (hal_weaver_server ) (not (hal_weaver ))))
3466. (typeattribute base_typeattr_166)
3467. (typeattributeset base_typeattr_166 (and (hal_weaver_server ) (not (halserverdomain ))))
3468. (typeattribute base_typeattr_165)
3469. (typeattributeset base_typeattr_165 (and (hal_vr_client ) (not (halclientdomain ))))
3470. (typeattribute base_typeattr_164)
3471. (typeattributeset base_typeattr_164 (and (hal_vr_server ) (not (hal_vr ))))
3472. (typeattribute base_typeattr_163)
3473. (typeattributeset base_typeattr_163 (and (hal_vr_server ) (not (halserverdomain ))))
3474. (typeattribute base_typeattr_162)
3475. (typeattributeset base_typeattr_162 (and (hal_vibrator_client ) (not (halclientdomain ))))
3476. (typeattribute base_typeattr_161)
3477. (typeattributeset base_typeattr_161 (and (hal_vibrator_server ) (not (hal_vibrator ))))
3478. (typeattribute base_typeattr_160)
3479. (typeattributeset base_typeattr_160 (and (hal_vibrator_server ) (not (halserverdomain ))))
3480. (typeattribute base_typeattr_159)
3481. (typeattributeset base_typeattr_159 (and (hal_vehicle_client ) (not (halclientdomain ))))
3482. (typeattribute base_typeattr_158)
3483. (typeattributeset base_typeattr_158 (and (hal_vehicle_server ) (not (hal_vehicle ))))
3484. (typeattribute base_typeattr_157)
3485. (typeattributeset base_typeattr_157 (and (hal_vehicle_server ) (not (halserverdomain ))))
3486. (typeattribute base_typeattr_156)
3487. (typeattributeset base_typeattr_156 (and (hal_usb_gadget_client ) (not (halclientdomain ))))
3488. (typeattribute base_typeattr_155)
3489. (typeattributeset base_typeattr_155 (and (hal_usb_gadget_server ) (not (hal_usb_gadget ))))
3490. (typeattribute base_typeattr_154)
3491. (typeattributeset base_typeattr_154 (and (hal_usb_gadget_server ) (not (halserverdomain ))))
3492. (typeattribute base_typeattr_153)
3493. (typeattributeset base_typeattr_153 (and (hal_usb_client ) (not (halclientdomain ))))
3494. (typeattribute base_typeattr_152)
3495. (typeattributeset base_typeattr_152 (and (hal_usb_server ) (not (hal_usb ))))
3496. (typeattribute base_typeattr_151)
3497. (typeattributeset base_typeattr_151 (and (hal_usb_server ) (not (halserverdomain ))))
3498. (typeattribute base_typeattr_150)
3499. (typeattributeset base_typeattr_150 (and (hal_tv_tuner_client ) (not (halclientdomain ))))
3500. (typeattribute base_typeattr_149)
3501. (typeattributeset base_typeattr_149 (and (hal_tv_tuner_server ) (not (hal_tv_tuner ))))
3502. (typeattribute base_typeattr_148)
3503. (typeattributeset base_typeattr_148 (and (hal_tv_tuner_server ) (not (halserverdomain ))))
3504. (typeattribute base_typeattr_147)
3505. (typeattributeset base_typeattr_147 (and (hal_tv_input_client ) (not (halclientdomain ))))
3506. (typeattribute base_typeattr_146)
3507. (typeattributeset base_typeattr_146 (and (hal_tv_input_server ) (not (hal_tv_input ))))
3508. (typeattribute base_typeattr_145)
3509. (typeattributeset base_typeattr_145 (and (hal_tv_input_server ) (not (halserverdomain ))))
3510. (typeattribute base_typeattr_144)
3511. (typeattributeset base_typeattr_144 (and (hal_tv_cec_client ) (not (halclientdomain ))))
3512. (typeattribute base_typeattr_143)
3513. (typeattributeset base_typeattr_143 (and (hal_tv_cec_server ) (not (hal_tv_cec ))))
3514. (typeattribute base_typeattr_142)
3515. (typeattributeset base_typeattr_142 (and (hal_tv_cec_server ) (not (halserverdomain ))))
3516. (typeattribute base_typeattr_141)
3517. (typeattributeset base_typeattr_141 (and (hal_thermal_client ) (not (halclientdomain ))))
3518. (typeattribute base_typeattr_140)
3519. (typeattributeset base_typeattr_140 (and (hal_thermal_server ) (not (hal_thermal ))))
3520. (typeattribute base_typeattr_139)
3521. (typeattributeset base_typeattr_139 (and (hal_thermal_server ) (not (halserverdomain ))))
3522. (typeattribute base_typeattr_138)
3523. (typeattributeset base_typeattr_138 (and (hal_tetheroffload_client ) (not (halclientdomain ))))
3524. (typeattribute base_typeattr_137)
3525. (typeattributeset base_typeattr_137 (and (hal_tetheroffload_server ) (not (hal_tetheroffload ))))
3526. (typeattribute base_typeattr_136)
3527. (typeattributeset base_typeattr_136 (and (hal_tetheroffload_server ) (not (halserverdomain ))))
3528. (typeattribute base_typeattr_135)
3529. (typeattributeset base_typeattr_135 (and (hal_telephony_client ) (not (halclientdomain ))))
3530. (typeattribute base_typeattr_134)
3531. (typeattributeset base_typeattr_134 (and (hal_telephony_server ) (not (hal_telephony ))))
3532. (typeattribute base_typeattr_133)
3533. (typeattributeset base_typeattr_133 (and (hal_telephony_server ) (not (halserverdomain ))))
3534. (typeattribute base_typeattr_132)
3535. (typeattributeset base_typeattr_132 (and (hal_sensors_client ) (not (halclientdomain ))))
3536. (typeattribute base_typeattr_131)
3537. (typeattributeset base_typeattr_131 (and (hal_sensors_server ) (not (hal_sensors ))))
3538. (typeattribute base_typeattr_130)
3539. (typeattributeset base_typeattr_130 (and (hal_sensors_server ) (not (halserverdomain ))))
3540. (typeattribute base_typeattr_129)
3541. (typeattributeset base_typeattr_129 (and (hal_secure_element_client ) (not (halclientdomain ))))
3542. (typeattribute base_typeattr_128)
3543. (typeattributeset base_typeattr_128 (and (hal_secure_element_server ) (not (hal_secure_element ))))
3544. (typeattribute base_typeattr_127)
3545. (typeattributeset base_typeattr_127 (and (hal_secure_element_server ) (not (halserverdomain ))))
3546. (typeattribute base_typeattr_126)
3547. (typeattributeset base_typeattr_126 (and (hal_rebootescrow_client ) (not (halclientdomain ))))
3548. (typeattribute base_typeattr_125)
3549. (typeattributeset base_typeattr_125 (and (hal_rebootescrow_server ) (not (hal_rebootescrow ))))
3550. (typeattribute base_typeattr_124)
3551. (typeattributeset base_typeattr_124 (and (hal_rebootescrow_server ) (not (halserverdomain ))))
3552. (typeattribute base_typeattr_123)
3553. (typeattributeset base_typeattr_123 (and (hal_power_stats_client ) (not (halclientdomain ))))
3554. (typeattribute base_typeattr_122)
3555. (typeattributeset base_typeattr_122 (and (hal_power_stats_server ) (not (hal_power_stats ))))
3556. (typeattribute base_typeattr_121)
3557. (typeattributeset base_typeattr_121 (and (hal_power_stats_server ) (not (halserverdomain ))))
3558. (typeattribute base_typeattr_120)
3559. (typeattributeset base_typeattr_120 (and (hal_power_client ) (not (halclientdomain ))))
3560. (typeattribute base_typeattr_119)
3561. (typeattributeset base_typeattr_119 (and (hal_power_server ) (not (hal_power ))))
3562. (typeattribute base_typeattr_118)
3563. (typeattributeset base_typeattr_118 (and (hal_power_server ) (not (halserverdomain ))))
3564. (typeattribute base_typeattr_117)
3565. (typeattributeset base_typeattr_117 (and (hal_omx_client ) (not (halclientdomain ))))
3566. (typeattribute base_typeattr_116)
3567. (typeattributeset base_typeattr_116 (and (hal_omx_server ) (not (hal_omx ))))
3568. (typeattribute base_typeattr_115)
3569. (typeattributeset base_typeattr_115 (and (hal_omx_server ) (not (halserverdomain ))))
3570. (typeattribute base_typeattr_114)
3571. (typeattributeset base_typeattr_114 (and (hal_oemlock_client ) (not (halclientdomain ))))
3572. (typeattribute base_typeattr_113)
3573. (typeattributeset base_typeattr_113 (and (hal_oemlock_server ) (not (hal_oemlock ))))
3574. (typeattribute base_typeattr_112)
3575. (typeattributeset base_typeattr_112 (and (hal_oemlock_server ) (not (halserverdomain ))))
3576. (typeattribute base_typeattr_111)
3577. (typeattributeset base_typeattr_111 (and (hal_nfc_client ) (not (halclientdomain ))))
3578. (typeattribute base_typeattr_110)
3579. (typeattributeset base_typeattr_110 (and (hal_nfc_server ) (not (hal_nfc ))))
3580. (typeattribute base_typeattr_109)
3581. (typeattributeset base_typeattr_109 (and (hal_nfc_server ) (not (halserverdomain ))))
3582. (typeattribute base_typeattr_108)
3583. (typeattributeset base_typeattr_108 (and (hal_neuralnetworks_client ) (not (halclientdomain ))))
3584. (typeattribute base_typeattr_107)
3585. (typeattributeset base_typeattr_107 (and (hal_neuralnetworks_server ) (not (hal_neuralnetworks ))))
3586. (typeattribute base_typeattr_106)
3587. (typeattributeset base_typeattr_106 (and (hal_neuralnetworks_server ) (not (halserverdomain ))))
3588. (typeattribute base_typeattr_105)
3589. (typeattributeset base_typeattr_105 (and (hal_memtrack_client ) (not (halclientdomain ))))
3590. (typeattribute base_typeattr_104)
3591. (typeattributeset base_typeattr_104 (and (hal_memtrack_server ) (not (hal_memtrack ))))
3592. (typeattribute base_typeattr_103)
3593. (typeattributeset base_typeattr_103 (and (hal_memtrack_server ) (not (halserverdomain ))))
3594. (typeattribute base_typeattr_102)
3595. (typeattributeset base_typeattr_102 (and (hal_lowpan_client ) (not (halclientdomain ))))
3596. (typeattribute base_typeattr_101)
3597. (typeattributeset base_typeattr_101 (and (hal_lowpan_server ) (not (hal_lowpan ))))
3598. (typeattribute base_typeattr_100)
3599. (typeattributeset base_typeattr_100 (and (hal_lowpan_server ) (not (halserverdomain ))))
3600. (typeattribute base_typeattr_99)
3601. (typeattributeset base_typeattr_99 (and (hal_light_client ) (not (halclientdomain ))))
3602. (typeattribute base_typeattr_98)
3603. (typeattributeset base_typeattr_98 (and (hal_light_server ) (not (hal_light ))))
3604. (typeattribute base_typeattr_97)
3605. (typeattributeset base_typeattr_97 (and (hal_light_server ) (not (halserverdomain ))))
3606. (typeattribute base_typeattr_96)
3607. (typeattributeset base_typeattr_96 (and (hal_keymaster_client ) (not (halclientdomain ))))
3608. (typeattribute base_typeattr_95)
3609. (typeattributeset base_typeattr_95 (and (hal_keymaster_server ) (not (hal_keymaster ))))
3610. (typeattribute base_typeattr_94)
3611. (typeattributeset base_typeattr_94 (and (hal_keymaster_server ) (not (halserverdomain ))))
3612. (typeattribute base_typeattr_93)
3613. (typeattributeset base_typeattr_93 (and (hal_ir_client ) (not (halclientdomain ))))
3614. (typeattribute base_typeattr_92)
3615. (typeattributeset base_typeattr_92 (and (hal_ir_server ) (not (hal_ir ))))
3616. (typeattribute base_typeattr_91)
3617. (typeattributeset base_typeattr_91 (and (hal_ir_server ) (not (halserverdomain ))))
3618. (typeattribute base_typeattr_90)
3619. (typeattributeset base_typeattr_90 (and (hal_input_classifier_client ) (not (halclientdomain ))))
3620. (typeattribute base_typeattr_89)
3621. (typeattributeset base_typeattr_89 (and (hal_input_classifier_server ) (not (hal_input_classifier ))))
3622. (typeattribute base_typeattr_88)
3623. (typeattributeset base_typeattr_88 (and (hal_input_classifier_server ) (not (halserverdomain ))))
3624. (typeattribute base_typeattr_87)
3625. (typeattributeset base_typeattr_87 (and (hal_identity_client ) (not (halclientdomain ))))
3626. (typeattribute base_typeattr_86)
3627. (typeattributeset base_typeattr_86 (and (hal_identity_server ) (not (hal_identity ))))
3628. (typeattribute base_typeattr_85)
3629. (typeattributeset base_typeattr_85 (and (hal_identity_server ) (not (halserverdomain ))))
3630. (typeattribute base_typeattr_84)
3631. (typeattributeset base_typeattr_84 (and (hal_health_storage_client ) (not (halclientdomain ))))
3632. (typeattribute base_typeattr_83)
3633. (typeattributeset base_typeattr_83 (and (hal_health_storage_server ) (not (hal_health_storage ))))
3634. (typeattribute base_typeattr_82)
3635. (typeattributeset base_typeattr_82 (and (hal_health_storage_server ) (not (halserverdomain ))))
3636. (typeattribute base_typeattr_81)
3637. (typeattributeset base_typeattr_81 (and (hal_health_client ) (not (halclientdomain ))))
3638. (typeattribute base_typeattr_80)
3639. (typeattributeset base_typeattr_80 (and (hal_health_server ) (not (hal_health ))))
3640. (typeattribute base_typeattr_79)
3641. (typeattributeset base_typeattr_79 (and (hal_health_server ) (not (halserverdomain ))))
3642. (typeattribute base_typeattr_78)
3643. (typeattributeset base_typeattr_78 (and (hal_graphics_composer_client ) (not (halclientdomain ))))
3644. (typeattribute base_typeattr_77)
3645. (typeattributeset base_typeattr_77 (and (hal_graphics_composer_server ) (not (hal_graphics_composer ))))
3646. (typeattribute base_typeattr_76)
3647. (typeattributeset base_typeattr_76 (and (hal_graphics_composer_server ) (not (halserverdomain ))))
3648. (typeattribute base_typeattr_75)
3649. (typeattributeset base_typeattr_75 (and (hal_graphics_allocator_client ) (not (halclientdomain ))))
3650. (typeattribute base_typeattr_74)
3651. (typeattributeset base_typeattr_74 (and (hal_graphics_allocator_server ) (not (hal_graphics_allocator ))))
3652. (typeattribute base_typeattr_73)
3653. (typeattributeset base_typeattr_73 (and (hal_graphics_allocator_server ) (not (halserverdomain ))))
3654. (typeattribute base_typeattr_72)
3655. (typeattributeset base_typeattr_72 (and (hal_gnss_client ) (not (halclientdomain ))))
3656. (typeattribute base_typeattr_71)
3657. (typeattributeset base_typeattr_71 (and (hal_gnss_server ) (not (hal_gnss ))))
3658. (typeattribute base_typeattr_70)
3659. (typeattributeset base_typeattr_70 (and (hal_gnss_server ) (not (halserverdomain ))))
3660. (typeattribute base_typeattr_69)
3661. (typeattributeset base_typeattr_69 (and (hal_gatekeeper_client ) (not (halclientdomain ))))
3662. (typeattribute base_typeattr_68)
3663. (typeattributeset base_typeattr_68 (and (hal_gatekeeper_server ) (not (hal_gatekeeper ))))
3664. (typeattribute base_typeattr_67)
3665. (typeattributeset base_typeattr_67 (and (hal_gatekeeper_server ) (not (halserverdomain ))))
3666. (typeattribute base_typeattr_66)
3667. (typeattributeset base_typeattr_66 (and (hal_fingerprint_client ) (not (halclientdomain ))))
3668. (typeattribute base_typeattr_65)
3669. (typeattributeset base_typeattr_65 (and (hal_fingerprint_server ) (not (hal_fingerprint ))))
3670. (typeattribute base_typeattr_64)
3671. (typeattributeset base_typeattr_64 (and (hal_fingerprint_server ) (not (halserverdomain ))))
3672. (typeattribute base_typeattr_63)
3673. (typeattributeset base_typeattr_63 (and (hal_face_client ) (not (halclientdomain ))))
3674. (typeattribute base_typeattr_62)
3675. (typeattributeset base_typeattr_62 (and (hal_face_server ) (not (hal_face ))))
3676. (typeattribute base_typeattr_61)
3677. (typeattributeset base_typeattr_61 (and (hal_face_server ) (not (halserverdomain ))))
3678. (typeattribute base_typeattr_60)
3679. (typeattributeset base_typeattr_60 (and (hal_evs_client ) (not (halclientdomain ))))
3680. (typeattribute base_typeattr_59)
3681. (typeattributeset base_typeattr_59 (and (hal_evs_server ) (not (hal_evs ))))
3682. (typeattribute base_typeattr_58)
3683. (typeattributeset base_typeattr_58 (and (hal_evs_server ) (not (halserverdomain ))))
3684. (typeattribute base_typeattr_57)
3685. (typeattributeset base_typeattr_57 (and (hal_dumpstate_client ) (not (halclientdomain ))))
3686. (typeattribute base_typeattr_56)
3687. (typeattributeset base_typeattr_56 (and (hal_dumpstate_server ) (not (hal_dumpstate ))))
3688. (typeattribute base_typeattr_55)
3689. (typeattributeset base_typeattr_55 (and (hal_dumpstate_server ) (not (halserverdomain ))))
3690. (typeattribute base_typeattr_54)
3691. (typeattributeset base_typeattr_54 (and (hal_drm_client ) (not (halclientdomain ))))
3692. (typeattribute base_typeattr_53)
3693. (typeattributeset base_typeattr_53 (and (hal_drm_server ) (not (hal_drm ))))
3694. (typeattribute base_typeattr_52)
3695. (typeattributeset base_typeattr_52 (and (hal_drm_server ) (not (halserverdomain ))))
3696. (typeattribute base_typeattr_51)
3697. (typeattributeset base_typeattr_51 (and (hal_contexthub_client ) (not (halclientdomain ))))
3698. (typeattribute base_typeattr_50)
3699. (typeattributeset base_typeattr_50 (and (hal_contexthub_server ) (not (hal_contexthub ))))
3700. (typeattribute base_typeattr_49)
3701. (typeattributeset base_typeattr_49 (and (hal_contexthub_server ) (not (halserverdomain ))))
3702. (typeattribute base_typeattr_48)
3703. (typeattributeset base_typeattr_48 (and (hal_confirmationui_client ) (not (halclientdomain ))))
3704. (typeattribute base_typeattr_47)
3705. (typeattributeset base_typeattr_47 (and (hal_confirmationui_server ) (not (hal_confirmationui ))))
3706. (typeattribute base_typeattr_46)
3707. (typeattributeset base_typeattr_46 (and (hal_confirmationui_server ) (not (halserverdomain ))))
3708. (typeattribute base_typeattr_45)
3709. (typeattributeset base_typeattr_45 (and (hal_configstore_client ) (not (halclientdomain ))))
3710. (typeattribute base_typeattr_44)
3711. (typeattributeset base_typeattr_44 (and (hal_configstore_server ) (not (hal_configstore ))))
3712. (typeattribute base_typeattr_43)
3713. (typeattributeset base_typeattr_43 (and (hal_configstore_server ) (not (halserverdomain ))))
3714. (typeattribute base_typeattr_42)
3715. (typeattributeset base_typeattr_42 (and (hal_codec2_client ) (not (halclientdomain ))))
3716. (typeattribute base_typeattr_41)
3717. (typeattributeset base_typeattr_41 (and (hal_codec2_server ) (not (hal_codec2 ))))
3718. (typeattribute base_typeattr_40)
3719. (typeattributeset base_typeattr_40 (and (hal_codec2_server ) (not (halserverdomain ))))
3720. (typeattribute base_typeattr_39)
3721. (typeattributeset base_typeattr_39 (and (hal_cas_client ) (not (halclientdomain ))))
3722. (typeattribute base_typeattr_38)
3723. (typeattributeset base_typeattr_38 (and (hal_cas_server ) (not (hal_cas ))))
3724. (typeattribute base_typeattr_37)
3725. (typeattributeset base_typeattr_37 (and (hal_cas_server ) (not (halserverdomain ))))
3726. (typeattribute base_typeattr_36)
3727. (typeattributeset base_typeattr_36 (and (hal_can_controller_client ) (not (halclientdomain ))))
3728. (typeattribute base_typeattr_35)
3729. (typeattributeset base_typeattr_35 (and (hal_can_controller_server ) (not (hal_can_controller ))))
3730. (typeattribute base_typeattr_34)
3731. (typeattributeset base_typeattr_34 (and (hal_can_controller_server ) (not (halserverdomain ))))
3732. (typeattribute base_typeattr_33)
3733. (typeattributeset base_typeattr_33 (and (hal_can_bus_client ) (not (halclientdomain ))))
3734. (typeattribute base_typeattr_32)
3735. (typeattributeset base_typeattr_32 (and (hal_can_bus_server ) (not (hal_can_bus ))))
3736. (typeattribute base_typeattr_31)
3737. (typeattributeset base_typeattr_31 (and (hal_can_bus_server ) (not (halserverdomain ))))
3738. (typeattribute base_typeattr_30)
3739. (typeattributeset base_typeattr_30 (and (hal_camera_client ) (not (halclientdomain ))))
3740. (typeattribute base_typeattr_29)
3741. (typeattributeset base_typeattr_29 (and (hal_camera_server ) (not (hal_camera ))))
3742. (typeattribute base_typeattr_28)
3743. (typeattributeset base_typeattr_28 (and (hal_camera_server ) (not (halserverdomain ))))
3744. (typeattribute base_typeattr_27)
3745. (typeattributeset base_typeattr_27 (and (hal_broadcastradio_client ) (not (halclientdomain ))))
3746. (typeattribute base_typeattr_26)
3747. (typeattributeset base_typeattr_26 (and (hal_broadcastradio_server ) (not (hal_broadcastradio ))))
3748. (typeattribute base_typeattr_25)
3749. (typeattributeset base_typeattr_25 (and (hal_broadcastradio_server ) (not (halserverdomain ))))
3750. (typeattribute base_typeattr_24)
3751. (typeattributeset base_typeattr_24 (and (hal_bufferhub_client ) (not (halclientdomain ))))
3752. (typeattribute base_typeattr_23)
3753. (typeattributeset base_typeattr_23 (and (hal_bufferhub_server ) (not (hal_bufferhub ))))
3754. (typeattribute base_typeattr_22)
3755. (typeattributeset base_typeattr_22 (and (hal_bufferhub_server ) (not (halserverdomain ))))
3756. (typeattribute base_typeattr_21)
3757. (typeattributeset base_typeattr_21 (and (hal_bootctl_client ) (not (halclientdomain ))))
3758. (typeattribute base_typeattr_20)
3759. (typeattributeset base_typeattr_20 (and (hal_bootctl_server ) (not (hal_bootctl ))))
3760. (typeattribute base_typeattr_19)
3761. (typeattributeset base_typeattr_19 (and (hal_bootctl_server ) (not (halserverdomain ))))
3762. (typeattribute base_typeattr_18)
3763. (typeattributeset base_typeattr_18 (and (hal_bluetooth_client ) (not (halclientdomain ))))
3764. (typeattribute base_typeattr_17)
3765. (typeattributeset base_typeattr_17 (and (hal_bluetooth_server ) (not (hal_bluetooth ))))
3766. (typeattribute base_typeattr_16)
3767. (typeattributeset base_typeattr_16 (and (hal_bluetooth_server ) (not (halserverdomain ))))
3768. (typeattribute base_typeattr_15)
3769. (typeattributeset base_typeattr_15 (and (hal_authsecret_client ) (not (halclientdomain ))))
3770. (typeattribute base_typeattr_14)
3771. (typeattributeset base_typeattr_14 (and (hal_authsecret_server ) (not (hal_authsecret ))))
3772. (typeattribute base_typeattr_13)
3773. (typeattributeset base_typeattr_13 (and (hal_authsecret_server ) (not (halserverdomain ))))
3774. (typeattribute base_typeattr_12)
3775. (typeattributeset base_typeattr_12 (and (hal_audiocontrol_client ) (not (halclientdomain ))))
3776. (typeattribute base_typeattr_11)
3777. (typeattributeset base_typeattr_11 (and (hal_audiocontrol_server ) (not (hal_audiocontrol ))))
3778. (typeattribute base_typeattr_10)
3779. (typeattributeset base_typeattr_10 (and (hal_audiocontrol_server ) (not (halserverdomain ))))
3780. (typeattribute base_typeattr_9)
3781. (typeattributeset base_typeattr_9 (and (hal_audio_client ) (not (halclientdomain ))))
3782. (typeattribute base_typeattr_8)
3783. (typeattributeset base_typeattr_8 (and (hal_audio_server ) (not (hal_audio ))))
3784. (typeattribute base_typeattr_7)
3785. (typeattributeset base_typeattr_7 (and (hal_audio_server ) (not (halserverdomain ))))
3786. (typeattribute base_typeattr_6)
3787. (typeattributeset base_typeattr_6 (and (hal_atrace_client ) (not (halclientdomain ))))
3788. (typeattribute base_typeattr_5)
3789. (typeattributeset base_typeattr_5 (and (hal_atrace_server ) (not (hal_atrace ))))
3790. (typeattribute base_typeattr_4)
3791. (typeattributeset base_typeattr_4 (and (hal_atrace_server ) (not (halserverdomain ))))
3792. (typeattribute base_typeattr_3)
3793. (typeattributeset base_typeattr_3 (and (hal_allocator_client ) (not (halclientdomain ))))
3794. (typeattribute base_typeattr_2)
3795. (typeattributeset base_typeattr_2 (and (hal_allocator_server ) (not (hal_allocator ))))
3796. (typeattribute base_typeattr_1)
3797. (typeattributeset base_typeattr_1 (and (hal_allocator_server ) (not (halserverdomain ))))
3798. ; THIS IS A WORKAROUND for the current limitations of the module policy language
3799. ; This should be used sparingly until we figure out a saner way to achieve the
3800. ; stuff below, for example, by improving typeattribute statement of module
3801. ; language.
3802. ;
3803. ; NOTE: This file has no effect on recovery policy.
3804.  
3805. ; Apps, except isolated apps, are clients of Allocator HAL
3806. ; Unfortunately, we can't currently express this in module policy language:
3807. ; typeattribute { appdomain -isolated_app } hal_allocator_client;
3808. ; typeattribute hal_allocator_client halclientdomain;
3809. (typeattributeset hal_allocator_client ((and (appdomain) ((not (isolated_app))))))
3810. (typeattributeset halclientdomain (hal_allocator_client))
3811.  
3812. ; Apps, except isolated apps, are clients of OMX-related services
3813. ; Unfortunately, we can't currently express this in module policy language:
3814. (typeattributeset hal_omx_client ((and (appdomain) ((not (isolated_app))))))
3815.  
3816. ; Apps, except isolated apps, are clients of Codec2-related services
3817. ; Unfortunately, we can't currently express this in module policy language:
3818. (typeattributeset hal_codec2_client ((and (appdomain) ((not (isolated_app))))))
3819.  
3820. ; Apps, except isolated apps, are clients of Drm-related services
3821. ; Unfortunately, we can't currently express this in module policy language:
3822. (typeattributeset hal_drm_client ((and (appdomain) ((not (isolated_app))))))
3823.  
3824. ; Apps, except isolated apps, are clients of Configstore HAL
3825. ; Unfortunately, we can't currently express this in module policy language:
3826. ; typeattribute { appdomain -isolated_app } hal_configstore_client;
3827. (typeattributeset hal_configstore_client ((and (appdomain) ((not (isolated_app))))))
3828.  
3829. ; Apps, except isolated apps, are clients of Graphics Allocator HAL
3830. ; Unfortunately, we can't currently express this in module policy language:
3831. ; typeattribute { appdomain -isolated_app } hal_graphics_allocator_client;
3832. (typeattributeset hal_graphics_allocator_client ((and (appdomain) ((not (isolated_app))))))
3833.  
3834. ; Apps, except isolated apps, are clients of Cas HAL
3835. ; Unfortunately, we can't currently express this in module policy language:
3836. ; typeattribute { appdomain -isolated_app } hal_cas_client;
3837. (typeattributeset hal_cas_client ((and (appdomain) ((not (isolated_app))))))
3838.  
3839. ; Domains hosting Camera HAL implementations are clients of Allocator HAL
3840. ; Unfortunately, we can't currently express this in module policy language:
3841. ; typeattribute hal_camera hal_allocator_client;
3842. (typeattributeset hal_allocator_client (hal_camera))
3843.  
3844. ; Apps, except isolated apps, are clients of Neuralnetworks HAL
3845. ; Unfortunately, we can't currently express this in module policy language:
3846. ; typeattribute { appdomain -isolated_app } hal_neuralnetworks_client;
3847. (typeattributeset hal_neuralnetworks_client ((and (appdomain) ((not (isolated_app))))))
3848.  
3849. ; TODO(b/112056006): move these to mapping files when/if we implement 'versioned' attributes.
3850. ; Rename untrusted_app_visible_* to untrusted_app_visible_*_violators.
3851. ; Unfortunately, we can't currently express this in module policy language:
3852. ; typeattribute untrusted_app_visible_hwservice untrusted_app_visible_hwservice_violators;
3853. ; typeattribute untrusted_app_visible_halserver untrusted_app_visible_halserver_violators;
3854. (typeattribute untrusted_app_visible_hwservice)
3855. (typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice))
3856. (typeattribute untrusted_app_visible_halserver)
3857. (typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver))
3858.  
3859. ; Apps, except isolated apps, are clients of BufferHub HAL
3860. ; Unfortunately, we can't currently express this in module policy language:
3861. ; typeattribute { appdomain -isolated_app } hal_cas_client;