tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/microdroid/system/private
History
Inseob Kim 5ee61a7628 microdroid: Narrow property permissions 
microdroid's domains have been able to read/write any properties. That's
just for convenience while bringing up microdroid. This cleans up such
global permission and grants minimal access.

Bug: 194447534
Test: atest MicrodroidHostTestCases ComposHostTestCases
Test: run microdroid demo app
Change-Id: I09ce1174d4af9c228b788a522a6ab845cafd4505
2021-09-23 17:23:28 +09:00
..
access_vectors Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
adbd.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
apexd.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
apkdmverity.te Microdroid boot process is controlled by microdroid_manager 2021-09-07 17:13:43 +09:00
attributes Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
authfs.te Grant authfs_service and authfs CAP_SYS_ADMIN 2021-08-11 15:48:14 +00:00
authfs_service.te Grant authfs_service and authfs CAP_SYS_ADMIN 2021-08-11 15:48:14 +00:00
binderservicedomain.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
bug_map Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
compos.te Allow compos to getattr on authfs 2021-08-13 15:48:21 -07:00
crash_dump.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
dex2oat.te Remove unnecessary privileges from dex2oat in VM 2021-08-19 14:01:59 -07:00
domain.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
file.te SELinux policy for authfs_service and authfs 2021-08-06 09:16:48 -07:00
file_contexts SELinux policy for authfs_service and authfs 2021-08-06 09:16:48 -07:00
fs_use Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
genfs_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
halclientdomain.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
hwservice_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
hwservicemanager.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
init.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
initial_sid_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
initial_sids Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
kernel.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
keys.conf Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
keystore.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
keystore2_key_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
linkerconfig.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
logd.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
mac_permissions.xml Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
microdroid_app.te Don't audit microdroid_app getattr vsock_socket 2021-08-09 12:50:41 +00:00
microdroid_manager.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
microdroid_payload.te Add vsock permissions to microdroid_payload 2021-09-09 02:30:59 +00:00
mls Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
mls_decl Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
mls_macros Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
net.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
policy_capabilities Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
port_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
property.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
property_contexts microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
roles_decl Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
seapp_contexts Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
security_classes Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
service_contexts Allow authfs_service to add itself to service manager 2021-08-10 10:55:54 -07:00
servicemanager.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
shell.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
statsd.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
su.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
tombstoned.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
toolbox.te Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
ueventd.te microdroid: Narrow property permissions 2021-09-23 17:23:28 +09:00
users Move microdroid sepolicy to system/sepolicy 2021-07-19 07:48:34 +00:00
zipfuse.te make zipfuse a bootstrap process 2021-09-10 08:56:08 +09:00