..
adbd.te
Move adbd policy to private
2017-02-07 09:55:05 -08:00
attributes
Switch Bluetooth HAL policy to _client/_server
2017-02-17 11:32:00 -08:00
audioserver.te
Move audioserver policy to private
2017-02-07 10:47:18 -08:00
blkid.te
Move blkid policy to private
2017-02-07 23:57:53 +00:00
blkid_untrusted.te
Move blkid policy to private
2017-02-07 23:57:53 +00:00
bluetooth.te
Move bluetooth policy to private
2017-02-06 15:29:10 -08:00
boot_control_hal.te
bootanim.te
Add sepolicy for hwcomposer HAL
2016-11-14 01:54:33 +00:00
bootstat.te
logd: restrict access to /dev/event-log-tags
2017-01-31 15:50:15 +00:00
bufferhubd.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
cameraserver.te
Switch Camera HAL policy to _client/_server
2017-02-16 20:37:21 -08:00
charger.te
healthd: create SEPolicy for 'charger' and reduce healthd's scope
2016-12-15 18:17:13 -08:00
clatd.te
cppreopts.te
crash_dump.te
crash_dump: allow appending to pipes.
2017-02-15 17:29:50 -08:00
device.te
Auditing init and ueventd access to chr device files.
2017-01-13 17:38:39 +00:00
dex2oat.te
Merge ephemeral data and apk files into app
2017-02-06 10:16:50 -08:00
dhcp.te
dnsmasq.te
remove more domain_deprecated
2016-12-09 19:57:43 -08:00
domain.te
untrusted_app: policy versioning based on targetSdkVersion
2017-02-14 13:30:12 -08:00
domain_deprecated.te
domain_deprecated.te: remove auditallow statements on user builds
2017-02-10 12:58:41 -08:00
drmserver.te
Merge ephemeral data and apk files into app
2017-02-06 10:16:50 -08:00
dumpstate.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
ephemeral_app.te
Move ephemeral_app policy to private
2017-01-09 15:34:27 -08:00
file.te
tracefs: avoid overly generic regexes
2017-02-12 08:40:32 -08:00
fingerprintd.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
fsck.te
Remove logspam
2017-02-10 12:06:38 -08:00
fsck_untrusted.te
gatekeeperd.te
Remove hal_gatekeeper from gatekeeperd domain
2017-01-26 07:17:51 -08:00
global_macros
Remove obsolete netlink_firewall_socket and netlink_ip6fw_socket classes.
2017-02-06 14:24:41 -05:00
hal_allocator.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_audio.te
Use _client and _server for Audio HAL policy
2017-02-15 13:32:14 -08:00
hal_bluetooth.te
Switch Bluetooth HAL policy to _client/_server
2017-02-17 11:32:00 -08:00
hal_boot.te
Move hal_*_default policy to vendor image
2017-02-14 18:35:50 -08:00
hal_camera.te
Switch Camera HAL policy to _client/_server
2017-02-16 20:37:21 -08:00
hal_contexthub.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_drm.te
Add sepolicy for drm HALs
2017-01-25 11:21:03 -08:00
hal_dumpstate.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_fingerprint.te
hal_fingerprint: grant read access to /sys
2017-02-10 13:20:52 -08:00
hal_gatekeeper.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_gnss.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_graphics_allocator.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_graphics_composer.te
Allow hwcomposer to change scheduling policy
2017-02-13 09:02:04 -08:00
hal_health.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_ir.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_keymaster.te
Preliminary policy for hal_keymaster (TREBLE)
2017-01-27 15:02:57 -08:00
hal_light.te
hal_light: add permission to sys/class/leds.
2017-01-20 00:17:11 +00:00
hal_nfc.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_telephony.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_thermal.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_usb.te
sepolicy for usb hal
2017-01-27 00:05:19 +00:00
hal_vibrator.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_vr.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
hal_wifi.te
haldomain: add hwbinder_use
2017-01-18 09:47:50 -08:00
healthd.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
hostapd.te
hwservicemanager.te
hwbinder_use: allow for hwservicemanager callbacks.
2016-12-15 14:17:27 -08:00
idmap.te
remove more domain_deprecated
2016-12-09 19:57:43 -08:00
incident.te
Add incident command and incidentd daemon se policy.
2017-02-07 15:52:07 -08:00
incidentd.te
Add incident command and incidentd daemon se policy.
2017-02-07 15:52:07 -08:00
init.te
tracefs: avoid overly generic regexes
2017-02-12 08:40:32 -08:00
inputflinger.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
install_recovery.te
install_recovery.te: remove domain_deprecated
2017-01-09 16:47:36 +00:00
installd.te
Merge ephemeral data and apk files into app
2017-02-06 10:16:50 -08:00
ioctl_defines
ioctl_macros
Add TCSETS to unpriv_tty_ioctls
2016-12-07 15:59:34 -08:00
isolated_app.te
Move isolated_app policy to private
2017-01-05 16:06:54 -08:00
kernel.te
kernel.te: tighten entrypoint / execute_no_trans neverallow
2016-10-30 18:46:44 -07:00
keystore.te
Remove logspam
2017-02-10 12:06:38 -08:00
lmkd.te
more ephemeral_app cleanup
2017-01-20 14:35:17 +00:00
logd.te
logd: add getEventTag command and service
2017-01-31 15:50:42 +00:00
logpersist.te
logpersist: do not permit dynamic transition to domain
2016-12-29 09:29:36 -08:00
mdnsd.te
Move mdnsd policy to private
2017-02-06 15:02:32 -08:00
mediacodec.te
Sepolicy for OMX hal.
2017-02-11 00:12:00 -08:00
mediadrmserver.te
Fix selinux denial for binderized drm hal
2017-02-08 20:48:18 +00:00
mediaextractor.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
mediametrics.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
mediaserver.te
Sepolicy for OMX hal.
2017-02-11 00:12:00 -08:00
mtp.te
net.te
Move netdomain policy to private
2017-02-06 15:02:00 -08:00
netd.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
neverallow_macros
nfc.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
otapreopt_chroot.te
otapreopt_slot.te
performanced.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
perfprofd.te
Fix build.
2016-12-06 16:49:25 -08:00
platform_app.te
Move platform_app policy to private
2017-01-09 14:52:59 -08:00
postinstall.te
postinstall_dexopt.te
ppp.te
domain_deprecated.te: remove /proc/net access
2016-11-30 15:23:26 -08:00
preopt2cachename.te
priv_app.te
Move priv_app policy to private
2017-01-05 15:44:32 -08:00
profman.te
Remove SElinux audit to libart_file
2017-01-31 23:43:14 +00:00
property.te
Move net.dns* to it's own label.
2017-02-09 16:14:05 -08:00
racoon.te
racoon: Add SIOCSIFNETMASK
2017-01-24 17:12:58 -08:00
radio.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
recovery.te
Remove SElinux audit to libart_file
2017-01-31 23:43:14 +00:00
recovery_persist.te
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
recovery_refresh.te
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
rild.te
Grant rild and gatekeeperd access to hwservicemanager
2017-01-20 13:01:47 -08:00
roles
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
runas.te
sdcardd.te
Remove logspam
2017-02-10 12:06:38 -08:00
sensord.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
service.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
servicemanager.te
Remove domain_deprecated from some domains.
2016-11-25 17:37:30 -08:00
sgdisk.te
remove more domain_deprecated
2016-12-09 19:57:43 -08:00
shared_relro.te
Restore app_domain macro and move to private use.
2016-12-08 14:42:43 -08:00
shell.te
shell.te: hwbinder for lshal
2017-02-13 15:42:42 -08:00
slideshow.te
su.te
Introduce crash_dump debugging helper.
2017-01-18 15:03:24 -08:00
surfaceflinger.te
Move surfaceflinger policy to private
2017-02-07 10:06:12 -08:00
system_app.te
Move system_app policy to private
2017-01-05 17:20:28 -08:00
system_server.te
Move system_server policy to private
2017-02-07 20:24:05 +00:00
te_macros
Use _client and _server for Audio HAL policy
2017-02-15 13:32:14 -08:00
tee.te
tombstoned.te
tombstoned: temporarily allow write to anr_data_file.
2017-01-23 12:54:03 -08:00
toolbox.te
tzdatacheck.te
remove more domain_deprecated
2016-12-09 19:57:43 -08:00
ueventd.te
Removing init and ueventd access to generic char files
2017-02-01 21:35:08 +00:00
uncrypt.te
untrusted_app.te
Move untrusted_app policy to private
2017-01-05 14:39:52 -08:00
untrusted_app_25.te
untrusted_app: policy versioning based on targetSdkVersion
2017-02-14 13:30:12 -08:00
update_engine.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
update_engine_common.te
Remove logspam
2017-02-10 12:06:38 -08:00
update_verifier.te
Allow update_verifier to read dm blocks
2017-02-03 21:00:30 +00:00
vdc.te
remove more domain_deprecated
2016-12-09 19:57:43 -08:00
virtual_touchpad.te
Add policies for new services.
2017-02-09 15:15:11 -08:00
vold.te
Remove logspam
2017-02-10 12:06:38 -08:00
watchdogd.te
webview_zygote.te
Move webview_zygote policy to private
2017-01-27 17:01:43 +00:00
wificond.te
te_macros: introduce add_service() macro
2017-01-26 04:43:16 +00:00
wpa.te
hal_wifi: Allow system_server to access wifi HIDL services
2016-12-12 10:40:14 -08:00
zygote.te
Move zygote policy to private
2017-01-26 13:31:16 -08:00
168435fe03