tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/public
History
Inseob Kim 75806ef3c5 Minimize public policy 
Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.

Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
           <(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
      to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12
2024-03-28 00:33:46 +00:00
..
adbd.te Minimize public policy 2024-03-28 00:33:46 +00:00
aidl_lazy_test_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
apexd.te Minimize public policy 2024-03-28 00:33:46 +00:00
app.te Minimize public policy 2024-03-28 00:33:46 +00:00
app_zygote.te
artd.te
asan_extract.te Minimize public policy 2024-03-28 00:33:46 +00:00
atrace.te
attributes Revert^4 "[avf][rkp] Allow virtualizationservice to register RKP HAL" 2023-11-22 08:21:27 +00:00
audioserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
blkid.te
blkid_untrusted.te
bluetooth.te
bootanim.te Minimize public policy 2024-03-28 00:33:46 +00:00
bootstat.te Minimize public policy 2024-03-28 00:33:46 +00:00
bpfloader.te
bufferhubd.te Minimize public policy 2024-03-28 00:33:46 +00:00
cameraserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
charger.te Minimize public policy 2024-03-28 00:33:46 +00:00
charger_vendor.te Minimize public policy 2024-03-28 00:33:46 +00:00
crash_dump.te Minimize public policy 2024-03-28 00:33:46 +00:00
credstore.te Minimize public policy 2024-03-28 00:33:46 +00:00
device.te Allow system_server access to hidraw devices. 2023-11-30 23:33:55 +00:00
dhcp.te Minimize public policy 2024-03-28 00:33:46 +00:00
dnsmasq.te Minimize public policy 2024-03-28 00:33:46 +00:00
drmserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
dumpstate.te Minimize public policy 2024-03-28 00:33:46 +00:00
e2fs.te Minimize public policy 2024-03-28 00:33:46 +00:00
ephemeral_app.te
evsmanagerd.te
extra_free_kbytes.te Minimize public policy 2024-03-28 00:33:46 +00:00
fastbootd.te Minimize public policy 2024-03-28 00:33:46 +00:00
file.te Minimize public policy 2024-03-28 00:33:46 +00:00
fingerprintd.te Minimize public policy 2024-03-28 00:33:46 +00:00
flags_health_check.te Minimize public policy 2024-03-28 00:33:46 +00:00
fsck.te Minimize public policy 2024-03-28 00:33:46 +00:00
fsck_untrusted.te Minimize public policy 2024-03-28 00:33:46 +00:00
gatekeeperd.te Minimize public policy 2024-03-28 00:33:46 +00:00
global_macros
gmscore_app.te
gpuservice.te
hal_graphics_composer.te Minimize public policy 2024-03-28 00:33:46 +00:00
healthd.te
heapprofd.te
hwservice.te Minimize public policy 2024-03-28 00:33:46 +00:00
hwservicemanager.te Minimize public policy 2024-03-28 00:33:46 +00:00
idmap.te Minimize public policy 2024-03-28 00:33:46 +00:00
incident.te
incident_helper.te
incidentd.te
init.te Minimize public policy 2024-03-28 00:33:46 +00:00
inputflinger.te Minimize public policy 2024-03-28 00:33:46 +00:00
installd.te Minimize public policy 2024-03-28 00:33:46 +00:00
ioctl_defines Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS 2023-02-23 00:49:42 +00:00
ioctl_macros
isolated_app.te
isolated_compute_app.te Move isolated_compute_app to be public 2023-04-20 05:39:29 +00:00
kernel.te Minimize public policy 2024-03-28 00:33:46 +00:00
keystore.te Minimize public policy 2024-03-28 00:33:46 +00:00
keystore_keys.te
llkd.te
lmkd.te Minimize public policy 2024-03-28 00:33:46 +00:00
logd.te Minimize public policy 2024-03-28 00:33:46 +00:00
logpersist.te Minimize public policy 2024-03-28 00:33:46 +00:00
mdnsd.te
mediadrmserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaextractor.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediametrics.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaprovider.te
mediaserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaswcodec.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediatranscoding.te
modprobe.te Minimize public policy 2024-03-28 00:33:46 +00:00
mtp.te Remove all sepolicy relating to ppp/mtp. 2024-01-30 17:46:49 +08:00
net.te Minimize public policy 2024-03-28 00:33:46 +00:00
netd.te Minimize public policy 2024-03-28 00:33:46 +00:00
netutils_wrapper.te Minimize public policy 2024-03-28 00:33:46 +00:00
network_stack.te
neverallow_macros
nfc.te
otapreopt_chroot.te
perfetto.te
performanced.te Minimize public policy 2024-03-28 00:33:46 +00:00
platform_app.te
postinstall.te Minimize public policy 2024-03-28 00:33:46 +00:00
ppp.te Remove all sepolicy relating to ppp/mtp. 2024-01-30 17:46:49 +08:00
priv_app.te
prng_seeder.te
profman.te Minimize public policy 2024-03-28 00:33:46 +00:00
property.te Minimize public policy 2024-03-28 00:33:46 +00:00
radio.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery_persist.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery_refresh.te Minimize public policy 2024-03-28 00:33:46 +00:00
rkpd_app.te
roles
rs.te
rss_hwm_reset.te
runas.te Minimize public policy 2024-03-28 00:33:46 +00:00
runas_app.te
sdcardd.te Minimize public policy 2024-03-28 00:33:46 +00:00
secure_element.te
service.te Minimize public policy 2024-03-28 00:33:46 +00:00
servicemanager.te Minimize public policy 2024-03-28 00:33:46 +00:00
sgdisk.te Minimize public policy 2024-03-28 00:33:46 +00:00
shared_relro.te
shell.te Minimize public policy 2024-03-28 00:33:46 +00:00
simpleperf.te
simpleperf_app_runner.te
slideshow.te Minimize public policy 2024-03-28 00:33:46 +00:00
statsd.te Minimize public policy 2024-03-28 00:33:46 +00:00
su.te Minimize public policy 2024-03-28 00:33:46 +00:00
surfaceflinger.te
system_app.te
system_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
te_macros Allow su to access virtualization 2023-12-20 14:55:28 +00:00
tee.te Minimize public policy 2024-03-28 00:33:46 +00:00
tombstoned.te Minimize public policy 2024-03-28 00:33:46 +00:00
toolbox.te Minimize public policy 2024-03-28 00:33:46 +00:00
traced.te Iorapd and friends have been removed 2022-05-18 12:07:39 +02:00
traced_perf.te
traced_probes.te
traceur_app.te Minimize public policy 2024-03-28 00:33:46 +00:00
ueventd.te Minimize public policy 2024-03-28 00:33:46 +00:00
uncrypt.te Minimize public policy 2024-03-28 00:33:46 +00:00
untrusted_app.te
update_engine.te Minimize public policy 2024-03-28 00:33:46 +00:00
update_verifier.te Minimize public policy 2024-03-28 00:33:46 +00:00
usbd.te Minimize public policy 2024-03-28 00:33:46 +00:00
vdc.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_init.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_misc_writer.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_modprobe.te
vendor_shell.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_toolbox.te Minimize public policy 2024-03-28 00:33:46 +00:00
virtual_touchpad.te Minimize public policy 2024-03-28 00:33:46 +00:00
vndservice.te
vndservicemanager.te
vold.te Minimize public policy 2024-03-28 00:33:46 +00:00
vold_prepare_subdirs.te Minimize public policy 2024-03-28 00:33:46 +00:00
watchdogd.te Minimize public policy 2024-03-28 00:33:46 +00:00
webview_zygote.te
wificond.te Minimize public policy 2024-03-28 00:33:46 +00:00
zygote.te