..
adbd.te
Rename autoplay_app to ephemeral_app
2016-10-07 09:52:31 -07:00
app.te
only permit text relocations in untrusted_app
2016-11-20 15:10:34 +00:00
attributes
Move hal_light to attribute.
2016-11-18 08:40:04 -08:00
audioserver.te
clean up hal types
2016-10-26 09:50:04 -07:00
binderservicedomain.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
blkid.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
blkid_untrusted.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
bluetooth.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
bluetoothdomain.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
boot_control_hal.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
bootanim.te
Add sepolicy for hwcomposer HAL
2016-11-14 01:10:02 +00:00
bootstat.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
cameraserver.te
Add sepolicy for gralloc-alloc HAL
2016-11-14 01:09:51 +00:00
clatd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
cppreopts.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
debuggerd.te
profman/debuggerd: allow libart_file:file r_file_perms
2016-11-08 09:28:28 -08:00
device.te
Collapse urandom_device into random_device
2016-11-21 16:37:07 +00:00
dex2oat.te
Label ephemeral APKs and handle their install/uninstall
2016-11-12 00:27:28 +00:00
dhcp.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
dnsmasq.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
domain.te
Move to ioctl whitelisting for /dev/pts/* files
2016-11-22 18:59:38 -08:00
domain_deprecated.te
Add directory read permissions to certain domains.
2016-11-28 17:03:41 +00:00
drmserver.te
Rename autoplay_app to ephemeral_app
2016-10-07 09:52:31 -07:00
dumpstate.te
Added permissions for the dumpstate service.
2016-11-01 10:43:25 -07:00
ephemeral_app.te
neverallow some /proc file reads
2016-11-22 13:18:02 -08:00
file.te
Label ephemeral APKs and handle their install/uninstall
2016-11-12 00:27:28 +00:00
fingerprintd.te
Add directory read permissions to certain domains.
2016-11-28 17:03:41 +00:00
fsck.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
fsck_untrusted.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
gatekeeperd.te
Add directory read permissions to certain domains.
2016-11-28 17:03:41 +00:00
global_macros
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
hal_audio.te
clean up hal types
2016-10-26 09:50:04 -07:00
hal_boot.te
Add permissions for hal_boot
2016-11-21 10:09:40 -08:00
hal_graphics_allocator.te
Add sepolicy for gralloc-alloc HAL
2016-11-14 01:09:51 +00:00
hal_graphics_composer.te
Add sepolicy for hwcomposer HAL
2016-11-14 01:10:02 +00:00
hal_light.te
Move hal_light to attribute.
2016-11-18 08:40:04 -08:00
hal_memtrack.te
hal_memtrack: Add sepolicy for memtrack service.
2016-11-03 13:05:48 -07:00
hal_nfc.te
clean up hal types
2016-10-26 09:50:04 -07:00
hal_power.te
hal_power: Add sepolicy for power service.
2016-11-03 13:01:48 -07:00
hal_thermal.te
sepolicy: Add policy for thermal HIDL service
2016-11-08 13:34:31 +01:00
hal_vibrator.te
clean up hal types
2016-10-26 09:50:04 -07:00
hal_vr.te
clean up hal types
2016-10-26 09:50:04 -07:00
hal_wifi.te
wifi_hal: Rename to 'hal_wifi'
2016-10-28 09:00:31 -07:00
hci_attach.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
healthd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
hostapd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
hwservicemanager.te
Add directory read permissions to certain domains.
2016-11-28 17:03:41 +00:00
idmap.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
init.te
Collapse urandom_device into random_device
2016-11-21 16:37:07 +00:00
inputflinger.te
Remove domain_deprecated from some domains.
2016-11-25 17:37:30 -08:00
install_recovery.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
installd.te
Label ephemeral APKs and handle their install/uninstall
2016-11-12 00:27:28 +00:00
ioctl_defines
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
ioctl_macros
Move to ioctl whitelisting for /dev/pts/* files
2016-11-22 18:59:38 -08:00
isolated_app.te
neverallow some /proc file reads
2016-11-22 13:18:02 -08:00
kernel.te
kernel.te: tighten entrypoint / execute_no_trans neverallow
2016-10-30 18:46:44 -07:00
keystore.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
lmkd.te
Remove domain_deprecated from some domains.
2016-11-25 17:37:30 -08:00
logd.te
logd.te: Remove setting persist.sys. and sys.powerctl
2016-11-27 15:34:18 -08:00
mdnsd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
mediacodec.te
Add sepolicy for gralloc-alloc HAL
2016-11-14 01:09:51 +00:00
mediadrmserver.te
Add sepolicy for gralloc-alloc HAL
2016-11-14 01:09:51 +00:00
mediaextractor.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
mediaserver.te
Add sepolicy for gralloc-alloc HAL
2016-11-14 01:09:51 +00:00
mtp.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
net.te
Allow ephemeral apps network connections
2016-11-14 12:24:51 -08:00
netd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
neverallow_macros
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
nfc.te
clean up hal types
2016-10-26 09:50:04 -07:00
otapreopt_chroot.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
otapreopt_slot.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
platform_app.te
Label ephemeral APKs and handle their install/uninstall
2016-11-12 00:27:28 +00:00
postinstall.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
postinstall_dexopt.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
ppp.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
preopt2cachename.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
priv_app.te
Allow apps to search appfuse mount point and open a file on appfuse mount point.
2016-11-15 10:22:19 +09:00
profman.te
profman/debuggerd: allow libart_file:file r_file_perms
2016-11-08 09:28:28 -08:00
property.te
property.te: delete security_prop
2016-11-11 12:31:19 -08:00
racoon.te
racoon: remove domain_deprecated attribute
2016-10-15 17:15:25 -07:00
radio.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
recovery.te
recovery.te: Allow writing to sysfs_devices_system_cpu.
2016-11-22 14:03:25 -08:00
recovery_persist.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
recovery_refresh.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
rild.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
runas.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
sdcardd.te
Allow sdcardd to remount sdcardfs
2016-11-28 16:10:27 -08:00
service.te
[NAN-AWARE] Remove NAN service
2016-11-04 13:38:14 -07:00
servicemanager.te
Remove domain_deprecated from some domains.
2016-11-25 17:37:30 -08:00
sgdisk.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
shared_relro.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
shell.te
shell.te: revoke syslog(2) access to shell user
2016-11-16 10:22:51 -08:00
slideshow.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
surfaceflinger.te
Add sepolicy for hwcomposer HAL
2016-11-14 01:10:02 +00:00
system_app.te
Added permissions for the dumpstate service.
2016-11-01 10:43:25 -07:00
system_server.te
system_server: Delete system_file:file execute_no_trans;
2016-11-25 16:20:34 -08:00
te_macros
Remove "eng" macro
2016-11-27 16:03:26 -08:00
tee.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
toolbox.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
tzdatacheck.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
ueventd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
uncrypt.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
untrusted_app.te
neverallow some /proc file reads
2016-11-22 13:18:02 -08:00
update_engine.te
Add permissions for hal_boot
2016-11-21 10:09:40 -08:00
update_engine_common.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
update_verifier.te
Add permissions for hal_boot
2016-11-21 10:09:40 -08:00
vdc.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
vold.te
Added an auditallow rule to track vold remounting filesystems.
2016-11-29 17:11:36 -08:00
watchdogd.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
webview_zygote.te
Add the "webview_zygote" domain.
2016-11-11 10:13:17 -05:00
wificond.te
wifi_hal: Rename to 'hal_wifi'
2016-10-28 09:00:31 -07:00
wpa.te
wpa.te: Add binder permission back
2016-11-07 12:51:07 -08:00
zygote.te
zygote: drop braces on single item rule
2016-11-28 08:07:25 -08:00
314d8c5801