tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/public
History
Mikhail Naganov afcdbefb43 Allow mediaserver to find "audio" service 
mediaserver uses libaudioclient (via libmediaplayerservice).
The code in libaudioclient may access IAudioManager.
For that, mediaserver has to be allowed to find "audio" service.

Bug: 123312504
Test: MediaRecorderTest#testAudioRecordInfoCallback
Merged-In: Iaa3651c692fd550f72e7ce6eafbf3386ee07a0c0
Change-Id: Iaa3651c692fd550f72e7ce6eafbf3386ee07a0c0
2019-04-23 09:49:33 -07:00
..
adbd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
apexd.te Sepolicy: Allow crash_dump to ptrace apexd in userdebug 2019-03-05 09:59:50 -08:00
app.te Allow bootstrap bionic only to init, ueventd, and apexd 2019-04-11 13:04:19 +09:00
app_zygote.te Properly Treble-ize tmpfs access 2019-01-26 17:30:41 +00:00
asan_extract.te
ashmemd.te sepolicy for ashmemd 2019-02-05 21:38:14 +00:00
attributes Add super_block_device_type 2019-03-25 17:58:10 +00:00
audioserver.te Properly Treble-ize tmpfs access 2019-01-26 17:30:41 +00:00
blkid.te
blkid_untrusted.te
bluetooth.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
bootanim.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
bootstat.te Allow zygote to write to statsd and refactor 2018-10-08 13:48:28 -07:00
bufferhubd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
camera_service_server.te Abstract use of cameraserver behind an attribute 2019-03-01 14:02:59 -08:00
cameraserver.te Abstract use of cameraserver behind an attribute 2019-03-01 14:02:59 -08:00
charger.te Move /sbin/charger to /system/bin/charger. 2019-03-14 09:44:03 -07:00
clatd.te Clatd: allow clatd use ioctl 2018-11-06 14:22:56 +09:00
crash_dump.te crash_dump: suppress denials on properties 2019-02-07 08:45:15 -08:00
device.te Add sepolicy for installing GSIs to external storage. 2019-03-27 17:12:51 -07:00
dhcp.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
display_service_server.te
dnsmasq.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
domain.te Allow execmod for apps with targetSdkVersion=26-28 2019-04-02 13:07:27 -07:00
drmserver.te Remove coredomain /dev access no longer needed after Treble 2018-11-29 04:56:18 +00:00
dumpstate.te Fix denial during bugreport. 2019-04-11 09:41:50 -07:00
e2fs.te Allow e2fs more ioctls to device-mapper devices. 2019-02-05 18:05:50 -08:00
ephemeral_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
fastbootd.te super_block_device -> super_block_device_type 2019-03-28 18:08:19 +00:00
file.te Allow bootstrap bionic only to init, ueventd, and apexd 2019-04-11 13:04:19 +09:00
fingerprintd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
flags_health_check.te Fix typo in file name. 2019-02-14 16:09:44 +00:00
fsck.te fs_mgr: overlayfs support legacy devices (marlin) Part Deux 2019-02-15 15:56:16 +00:00
fsck_untrusted.te
fwk_bufferhub.te Allow app to conntect to BufferHub service 2019-01-14 10:49:35 -08:00
gatekeeperd.te Allow gatekeeperd to read ro.gsid.image_running. 2019-02-19 21:08:22 +00:00
global_macros rs: add tests to ensure rs cannot abuse app data 2019-01-17 15:24:34 -08:00
gpuservice.te Game Driver: sepolicy update for plumbing GpuStats into GpuService 2019-02-08 18:15:17 -08:00
hal_allocator.te same_process_hal_file: access to individual coredomains 2018-10-26 18:03:01 +00:00
hal_atrace.te Add atrace HAL 1.0 sepolicy 2018-09-27 23:18:29 +00:00
hal_audio.te Add rules for accessing the related bluetooth_audio_hal_prop 2019-03-20 03:12:25 +00:00
hal_audiocontrol.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_authsecret.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_bluetooth.te Add rules for accessing the related bluetooth_audio_hal_prop 2019-03-20 03:12:25 +00:00
hal_bootctl.te add hal_bootctl to white-list of sys_rawio 2019-02-13 12:38:22 +00:00
hal_broadcastradio.te Allow radio server to client binder callback 2019-03-29 15:22:16 -07:00
hal_camera.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_cas.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_configstore.te Allow heap profiling everything except TCB on userdebug. 2018-11-28 22:01:58 +00:00
hal_confirmationui.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_contexthub.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_drm.te More granular vendor access to /system files. 2018-09-20 03:07:50 +00:00
hal_dumpstate.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_evs.te Updates hal_evs sepolicy 2019-03-03 17:35:06 +00:00
hal_face.te Added placeholder SELinux policy for the biometric face HAL. 2018-12-28 12:23:56 -08:00
hal_fingerprint.te Revert "Add placeholder iris and face policy for vold data directory" 2018-11-19 15:00:19 -08:00
hal_gatekeeper.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_gnss.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_graphics_allocator.te same_process_hal_file: access to individual coredomains 2018-10-26 18:03:01 +00:00
hal_graphics_composer.te Initial selinux policy support for memfd 2019-01-30 19:11:49 +00:00
hal_health.te Allow to getattr kmsg_device 2019-03-25 10:14:20 -07:00
hal_health_storage.te health.filesystem HAL renamed to health.storage 2018-09-20 04:12:45 +00:00
hal_input_classifier.te Permissions for InputClassifier HAL 2019-01-11 02:08:19 +00:00
hal_ir.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_keymaster.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_light.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_lowpan.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_memtrack.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_neuralnetworks.te NNAPI property to disable extensions use on GSI/AOSP product partition. 2019-04-02 20:23:40 +01:00
hal_neverallows.te Allow to use sockets from hal server for auto 2018-05-15 14:38:00 -07:00
hal_nfc.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_oemlock.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_omx.te add mediaswcodec service 2018-10-11 15:10:17 -07:00
hal_power.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_power_stats.te Add power.stats HAL 1.0 sepolicy 2018-12-11 00:11:08 +00:00
hal_secure_element.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_sensors.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_telephony.te Remove sepolicy for /dev/alarm. 2018-12-06 04:23:22 +00:00
hal_tetheroffload.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_thermal.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_tv_cec.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_tv_input.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_usb.te Allow hal_usb to call getsockopt on uevent socket 2018-12-03 18:37:25 +00:00
hal_usb_gadget.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_vehicle.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_vibrator.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_vr.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_weaver.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_wifi.te Allow dumpstate to dump wlan hal log on userbuild 2019-03-21 12:27:44 +08:00
hal_wifi_hostapd.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_wifi_offload.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
hal_wifi_supplicant.te hal_attribute_hwservice_client drop '_client' 2018-06-06 09:30:18 -07:00
healthd.te Hide denial seen during boot. 2019-02-06 12:49:26 -08:00
heapprofd.te Add userdebug selinux config for heapprofd. 2018-11-14 09:22:07 +00:00
hwservice.te Add selinux rules for HIDL ICameraServer. 2019-03-01 14:01:07 -08:00
hwservicemanager.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
idmap.te Add idmap2 and idmap2d 2018-11-15 14:42:10 +00:00
incident.te
incident_helper.te Selinux permissions for incidentd project 2018-01-23 19:08:49 +00:00
incidentd.te
init.te Allow bootstrap bionic only to init, ueventd, and apexd 2019-04-11 13:04:19 +09:00
inputflinger.te SEPolicy for InputFlinger Service. 2018-11-16 21:52:01 +00:00
install_recovery.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
installd.te Allow installd to scan JARs in /vendor/framework. 2019-02-27 20:23:24 +00:00
ioctl_defines Allow fs-verity setup within system_server 2019-01-11 12:21:59 -08:00
ioctl_macros more ioctl work 2018-10-17 11:12:18 -07:00
iorapd.te iorapd: add tmpfs type 2019-01-26 12:55:13 -08:00
isolated_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
kernel.te Sepolicy: Move otapreopt_chroot to private 2019-03-18 10:54:42 -07:00
keystore.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
llkd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
lmkd.te Allow lmkd to setched kernel threads 2019-03-20 23:06:32 +00:00
logd.te Relabel /data/system/packages.list to new type. 2019-03-28 10:27:43 +00:00
logpersist.te Start partitioning off privapp_data_file from app_data_file 2018-08-02 16:29:02 -07:00
mdnsd.te
mediadrmserver.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
mediaextractor.te SEPolicy updates for adding native flag namespace(media). 2019-01-31 10:06:32 -08:00
mediametrics.te Allow mediametrics to log records to statsd 2019-02-25 20:09:54 -08:00
mediaprovider.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
mediaserver.te Allow mediaserver to find "audio" service 2019-04-23 09:49:33 -07:00
mediaswcodec.te SEPolicy updates for adding native flag namespace(media). 2019-01-31 10:06:32 -08:00
modprobe.te modprobe: shouldn't load kernel modules from /system 2018-03-23 14:16:25 -07:00
mtp.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
net.te netdomain: allow node_bind for ping sockets 2019-01-14 16:59:03 +00:00
netd.te Add sepolicy for resolver service 2019-03-05 15:49:33 +00:00
netutils_wrapper.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
network_stack.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
neverallow_macros
nfc.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
perfetto.te Allow to signal perfetto from shell. 2018-12-13 10:46:42 +00:00
performanced.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
perfprofd.te same_process_hal_file: access to individual coredomains 2018-10-26 18:03:01 +00:00
platform_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
postinstall.te Allow postinstall scripts to trigger F2FS GC 2019-02-20 22:40:53 +00:00
ppp.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
priv_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
profman.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
property.te NNAPI property to disable extensions use on GSI/AOSP product partition. 2019-04-02 20:23:40 +01:00
property_contexts Merge "wifi: Add a new property to indicate active wifi iface" am: 849ac8020d am: 09b3e95f62 2019-04-03 10:48:37 -07:00
racoon.te racoon: allow ioctl TUNSETIFF 2018-11-15 10:32:45 -08:00
radio.te Radio: allow to read kernel command line. 2019-02-12 23:36:51 +00:00
recovery.te recovery: Address the ioctl denials during wiping. 2019-01-15 16:08:09 -08:00
recovery_persist.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
recovery_refresh.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
roles
rs.te sepolicy: Add "rs" and "rs_exec" to public policy 2018-12-21 17:47:54 +00:00
rss_hwm_reset.te SELinux policy for rss_hwm_reset 2018-12-15 10:13:03 +00:00
runas.te Relabel /data/system/packages.list to new type. 2019-03-28 10:27:43 +00:00
runas_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
sdcardd.te Relabel /data/system/packages.list to new type. 2019-03-28 10:27:43 +00:00
secure_element.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
service.te Merge "revert ipmemorystore selinux policy." am: f99aa3cb66 am: a2d7ab7f4b 2019-04-01 21:19:40 -07:00
servicemanager.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
sgdisk.te sgdisk: allow BLKRRPART 2018-11-02 14:26:23 -07:00
shared_relro.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
shell.te Restrict access to suspend control 2019-03-07 18:31:58 +00:00
simpleperf_app_runner.te Relabel /data/system/packages.list to new type. 2019-03-28 10:27:43 +00:00
slideshow.te sepolicy: Add rules for non-init namespaces 2017-11-21 08:34:32 -07:00
statsd.te Game Driver Metrics: allow statsd to find GpuService 2019-03-01 17:51:12 -08:00
su.te Decouple system_suspend from hal attributes. 2019-02-26 18:10:28 -08:00
surfaceflinger.te Initial selinux policy support for memfd 2019-01-30 19:11:49 +00:00
swcodec_service_server.te add mediaswcodec service 2018-10-11 15:10:17 -07:00
system_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
system_server.te Initial selinux policy support for memfd 2019-01-30 19:11:49 +00:00
system_suspend_server.te Decouple system_suspend from hal attributes. 2019-02-26 18:10:28 -08:00
te_macros Allow profilable domains to use heapprofd fd and tmpfs. 2019-03-04 12:05:35 +00:00
tee.te Revert "Add placeholder iris and face policy for vold data directory" 2018-11-19 15:00:19 -08:00
tombstoned.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
toolbox.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
traced.te Allow iorapd to access perfetto 2019-01-23 22:43:47 +00:00
traced_probes.te Make traced_probes mlstrustedsubject. 2018-04-17 18:12:28 +00:00
traceur_app.te revert ipmemorystore selinux policy. 2019-04-01 16:37:25 +09:00
tzdatacheck.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
ueventd.te Allow bootstrap bionic only to init, ueventd, and apexd 2019-04-11 13:04:19 +09:00
uncrypt.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
untrusted_app.te Remove unused *_tmpfs types 2019-01-30 21:54:40 +00:00
update_engine.te Allow to getattr kmsg_device 2019-03-25 10:14:20 -07:00
update_engine_common.te super_block_device -> super_block_device_type 2019-03-28 18:08:19 +00:00
update_verifier.te Allow to getattr kmsg_device 2019-03-25 10:14:20 -07:00
usbd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
vdc.te Allow to getattr kmsg_device 2019-03-25 10:14:20 -07:00
vendor_init.te Allow bootstrap bionic only to init, ueventd, and apexd 2019-04-11 13:04:19 +09:00
vendor_shell.te Allow shell to start vendor shell 2018-01-16 18:28:51 +00:00
vendor_toolbox.te
virtual_touchpad.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
vndservice.te
vndservicemanager.te
vold.te sepolicy: add sepolicy rules for vold to write sysfs gc_urgent 2019-03-24 13:19:46 +08:00
vold_prepare_subdirs.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
vr_hwc.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
watchdogd.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
webview_zygote.te Properly Treble-ize tmpfs access 2019-01-26 17:30:41 +00:00
wificond.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
wpantund.te Introduce system_file_type 2018-09-27 12:52:09 -07:00
zygote.te Properly Treble-ize tmpfs access 2019-01-26 17:30:41 +00:00