..
access_vectors
Remove obsolete netlink_firewall_socket and netlink_ip6fw_socket classes.
2017-02-06 14:24:41 -05:00
adbd.te
adbd/shell: grant access to sepolicy for cts
2017-04-03 16:31:09 -07:00
app.te
Mark all clients of Allocator HAL
2017-03-24 13:54:43 -07:00
app_neverallows.te
app.te: prevent locks of files on /system
2017-03-22 10:35:24 -07:00
asan_extract.te
Sepolicy: Add ASAN-Extract
2017-03-31 18:53:51 -07:00
atrace.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
audioserver.te
Mark all clients of Allocator HAL
2017-03-24 13:54:43 -07:00
binder_in_vendor_violators.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
binderservicedomain.te
Move binderservicedomain policy to private
2017-02-08 09:09:39 -08:00
blkid.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
blkid_untrusted.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
bluetooth.te
Ban socket connections between core and vendor
2017-03-27 08:49:13 -07:00
bluetoothdomain.te
Move bluetoothdomain policy to private
2017-02-06 15:32:08 -08:00
bootanim.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
bootstat.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
bufferhubd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
cameraserver.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
charger.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
clatd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
cppreopts.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
crash_dump.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
dex2oat.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
dexoptanalyzer.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
dhcp.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
dnsmasq.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
domain.te
Remove crash_dump from sys_ptrace neverallow exception
2017-02-16 09:17:35 -08:00
drmserver.te
Tighten restrictions on core <-> vendor socket comms
2017-03-31 09:17:54 -07:00
dumpstate.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
ephemeral_app.te
Add media services to ephemeral_app
2017-03-29 15:07:11 -07:00
file.te
Label /proc/config.gz
2017-02-16 12:07:01 -08:00
file_contexts
Merge "Move TEE rules to vendor image" into oc-dev
2017-04-04 18:59:24 +00:00
file_contexts_asan
Sepolicy: Add ASAN-Extract
2017-03-31 18:53:51 -07:00
fingerprintd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
fs_use
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
fsck.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
fsck_untrusted.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
gatekeeperd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
genfs_contexts
enabled /sbin/modprobe for recovery mode
2017-03-16 01:19:58 +00:00
hal_allocator_default.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
halclientdomain.te
Allow hals to read hwservicemanager prop.
2017-03-23 01:50:50 +00:00
halserverdomain.te
Allow hals to read hwservicemanager prop.
2017-03-23 01:50:50 +00:00
healthd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
hwservicemanager.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
idmap.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
incident.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
incidentd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
init.te
SELinux changes for Treble Loadable Kernel Module
2017-03-28 16:28:03 +08:00
initial_sid_contexts
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
initial_sids
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
inputflinger.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
install_recovery.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
installd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
isolated_app.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
kernel.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
keys.conf
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
keystore.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
lmkd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
logd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
logpersist.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
mac_permissions.xml
Move MediaProvider to its own domain, add new MtpServer permissions
2016-12-12 11:05:33 -08:00
mdnsd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
mediadrmserver.te
update sepolicy for gralloc HAL
2017-03-30 14:43:35 -07:00
mediaextractor.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
mediametrics.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
mediaserver.te
update sepolicy for gralloc HAL
2017-03-30 14:43:35 -07:00
mls
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
mls_decl
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
mls_macros
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
modprobe.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
mtp.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
net.te
Move netdomain policy to private
2017-02-06 15:02:00 -08:00
netd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
nfc.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
otapreopt_chroot.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
otapreopt_slot.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
performanced.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
perfprofd.te
su and perfprofd are coredomain too
2017-03-24 09:31:50 -07:00
platform_app.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
policy_capabilities
Define extended_socket_class policy capability and socket classes
2017-02-06 13:53:11 -05:00
port_contexts
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
postinstall.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
postinstall_dexopt.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
ppp.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
preopt2cachename.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
priv_app.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
profman.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
property_contexts
Merge "Remove hal_binderization_prop" am: 1871fc0a88 am: 2261cab6f2 am: 484a277c29
2017-04-04 20:26:04 +00:00
racoon.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
radio.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
recovery.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
recovery_persist.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
recovery_refresh.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
roles_decl
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
runas.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
sdcardd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
seapp_contexts
Use levelFrom=user for v2 apps
2017-03-02 09:50:33 -08:00
security_classes
Remove obsolete netlink_firewall_socket and netlink_ip6fw_socket classes.
2017-02-06 14:24:41 -05:00
sensord.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
service_contexts
Merge "VR: Add sepolicy for VR HWC service" into oc-dev
2017-04-03 14:40:02 +00:00
servicemanager.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
sgdisk.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
shared_relro.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
shell.te
storaged: allow shell to call dumpsys storaged
2017-03-31 10:53:55 -07:00
slideshow.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
storaged.te
storaged: allow shell to call dumpsys storaged
2017-03-31 10:53:55 -07:00
su.te
su and perfprofd are coredomain too
2017-03-24 09:31:50 -07:00
surfaceflinger.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
system_app.te
Merge "Remove hal_binderization_prop" am: 1871fc0a88 am: 2261cab6f2
2017-04-04 20:22:31 +00:00
system_server.te
SE Policy for Wifi Offload HAL
2017-04-04 14:28:39 -07:00
technical_debt.cil
update sepolicy for gralloc HAL
2017-03-30 14:43:35 -07:00
tombstoned.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
toolbox.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
tzdatacheck.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
ueventd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
uncrypt.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
untrusted_app.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
untrusted_app_25.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
untrusted_app_all.te
Add media services to ephemeral_app
2017-03-29 15:07:11 -07:00
untrusted_v2_app.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
update_engine.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
update_engine_common.te
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
update_verifier.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
users
Split general policy into public and private components.
2016-10-06 13:09:06 -07:00
vdc.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
virtual_touchpad.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
vold.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
vr_hwc.te
VR: Add sepolicy for VR HWC service
2017-03-31 10:25:53 -04:00
vr_wm.te
Mark vr_wm as coredomain
2017-03-24 08:06:28 -07:00
watchdogd.te
Vendor domains must not use Binder
2017-03-24 07:54:00 -07:00
webview_zygote.te
seapp_context: explicitly label all seapp context files
2017-03-29 10:20:11 -07:00
wificond.te
SE Policy for Wifi Offload HAL
2017-04-04 14:28:39 -07:00
zygote.te
seapp_context: explicitly label all seapp context files
2017-03-29 10:20:11 -07:00
3dd460ba2b