platform_system_sepolicy/private
Jaewan Kim ea3e08d53d Allow shell to read AVF DT nodes
Hostside test needs to check existence of /proc/device-tree/avf/guest
to check whether AVF debug policy is installed.

Bug: 345118393
Test: Verified manually on tangorpro-user
(cherry picked from https://android-review.googlesource.com/q/commit:168e04da79db850714afd018a6e88da983c89579)
Merged-In: I33d6bd1bd7c5513395f162e2bcbbfd15c1b80bcd
Change-Id: I33d6bd1bd7c5513395f162e2bcbbfd15c1b80bcd
2024-06-19 01:06:25 +00:00
..
compat Compatibility for vendor_hidraw_device 2024-06-10 14:59:04 +01:00
access_vectors Define new kernel security classes 2024-05-15 04:45:20 +00:00
aconfigd.te selinux: allow aconfig to read /aepx 2024-05-20 00:44:56 +00:00
adbd.te Minimize public policy 2024-03-28 00:33:46 +00:00
aidl_lazy_test_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
apex_test_prepostinstall.te
apexd.te Minimize public policy 2024-03-28 00:33:46 +00:00
apexd_derive_classpath.te
app.te Add SELinux policy for storage areas 2024-04-30 20:26:55 +00:00
app_neverallows.te Add SELinux policy for storage areas 2024-04-30 20:26:55 +00:00
app_zygote.te Reland "[res] Allow accessing idmap files in all zygotes" 2024-02-20 20:49:37 +00:00
art_boot.te Give art_boot explicit access to experiment flags. 2023-05-16 16:20:50 +01:00
art_exec.te Update SELinux policy for Pre-reboot Dexopt. 2024-03-27 10:53:50 +00:00
artd.te Allow artd to kill subprocesses during Pre-reboot Dexopt. 2024-05-28 19:05:26 +01:00
asan_extract.te Minimize public policy 2024-03-28 00:33:46 +00:00
atrace.te atrace: don't audit debugfs access 2023-06-07 20:29:47 +00:00
attributes Revert^2 "Introduce sdk_sandbox_audit SELinux domain" 2023-11-17 09:54:33 +00:00
audioserver.te Allow native audio server to access the virtual device manager service 2024-05-07 00:21:30 +00:00
auditctl.te
automotive_display_service.te Revert^2 "Updates sepolicy for EVS HAL" 2022-02-10 17:21:54 +00:00
binderservicedomain.te Stop granting permission to get_state of keystore2 2023-10-16 22:22:57 +00:00
blank_screen.te
blkid.te
blkid_untrusted.te
bluetooth.te Allow Bluetooth stack to read security log sysprop 2022-05-25 21:05:02 +00:00
bluetoothdomain.te
bootanim.te Minimize public policy 2024-03-28 00:33:46 +00:00
bootstat.te Minimize public policy 2024-03-28 00:33:46 +00:00
boringssl_self_test.te
bpfdomain.te refactor: get_prop(bpfdomain, bpf_progs_loaded_prop) 2023-01-06 10:09:33 +00:00
bpfloader.te allow non bpfloader creation of bpf maps 2024-05-04 11:02:13 +00:00
bufferhubd.te Minimize public policy 2024-03-28 00:33:46 +00:00
bug_map Update SELinux error 2024-05-29 00:41:07 +00:00
camera_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
cameraserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
canhalconfigurator.te SEPolicy for AIDL CAN HAL 2022-12-09 11:00:10 -08:00
charger.te Minimize public policy 2024-03-28 00:33:46 +00:00
charger_type.te Minimize public policy 2024-03-28 00:33:46 +00:00
charger_vendor.te Minimize public policy 2024-03-28 00:33:46 +00:00
clatd.te clatd.te - no longer need netlink 2023-03-16 10:53:18 +00:00
compos_fd_server.te Delete more unused policies by CompOS 2022-01-25 08:40:46 -08:00
compos_verify.te Revert "Suppress denials for odsign console" 2024-05-24 08:56:37 +00:00
composd.te Allow system server to set dynamic ART properties. 2023-03-31 11:46:05 +01:00
coredomain.te lmkd: Add sepolicy rules around bpf for lmkd 2024-03-19 00:46:47 -07:00
cppreopts.te
crash_dump.te Allow crash_dump to read misctrl properties 2024-05-06 15:40:12 +00:00
credstore.te Minimize public policy 2024-03-28 00:33:46 +00:00
crosvm.te Merge "Sepolicy for crosvm to play audio with aaudio" into main 2024-06-01 01:28:10 +00:00
derive_classpath.te Update SELinux policy for Pre-reboot Dexopt. 2024-03-27 10:53:50 +00:00
derive_sdk.te Introduce vendor_apex_metadata_file 2023-06-05 17:17:51 +09:00
device_as_webcam.te Add selinux permissions for DeviceAsWebcam Service 2023-02-02 12:26:33 -08:00
dex2oat.te Allow dex2oat access to symlinks in APEXes to find DCLA libs. 2023-07-25 00:07:27 +01:00
dexopt_chroot_setup.te Merge "Allow dexopt_chroot_setup to mount/unmount debugfs." into main 2024-06-04 13:54:51 +00:00
dexoptanalyzer.te dontaudit dexoptanalyzer's DM file check on secondary dex files. 2023-01-30 07:56:10 +00:00
dhcp.te Minimize public policy 2024-03-28 00:33:46 +00:00
display_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
dmesgd.te dmesgd: sepolicies 2022-02-10 17:42:52 +00:00
dnsmasq.te Minimize public policy 2024-03-28 00:33:46 +00:00
domain.te selinux: allow everybody to read flags from RO flag storage file 2024-06-04 15:02:56 +00:00
drmserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
dumpstate.te Merge "testNoBugreportDenials fix on user" into main 2024-06-04 01:20:02 +00:00
e2fs.te Minimize public policy 2024-03-28 00:33:46 +00:00
ephemeral_app.te strengthen app_data_file neverallows 2023-05-23 00:01:27 +00:00
evsmanagerd.te Revert^2 "Adds a sepolicy for EVS manager service" 2022-02-10 17:21:14 +00:00
extra_free_kbytes.te Minimize public policy 2024-03-28 00:33:46 +00:00
fastbootd.te Minimize public policy 2024-03-28 00:33:46 +00:00
file.te Define UWB snoop log in sepolicy 2024-05-20 08:42:31 +00:00
file_contexts Add /system/bin/traced_relay to file_contexts 2024-06-13 04:17:37 +00:00
file_contexts_asan Allow app_process to link /data/asan/system_ext/lib/* 2023-06-09 04:43:52 +00:00
file_contexts_overlayfs
fingerprintd.te Minimize public policy 2024-03-28 00:33:46 +00:00
flags_health_check.te Minimize public policy 2024-03-28 00:33:46 +00:00
fs_use
fsck.te Minimize public policy 2024-03-28 00:33:46 +00:00
fsck_untrusted.te Minimize public policy 2024-03-28 00:33:46 +00:00
fsverity_init.te Remove all module_request rules 2023-08-22 16:56:04 +00:00
fuseblkd.te Adds support for fuseblk binaries. 2023-02-02 15:32:39 +01:00
fuseblkd_untrusted.te Adds support for fuseblk binaries. 2023-02-02 15:32:39 +01:00
fwk_bufferhub.te
gatekeeperd.te Minimize public policy 2024-03-28 00:33:46 +00:00
genfs_contexts Update transaction log permissions. 2024-05-17 22:35:55 +00:00
gki_apex_prepostinstall.te
gmscore_app.te SELinux: allow gms core write to aconfigd socket 2024-06-13 18:45:49 +00:00
gpuservice.te Add fifo_file read access to enable gpuservice within device cts 2024-02-15 22:21:30 +00:00
gsid.te Allow gsid to create alternative installation directory 2023-04-28 07:06:02 +00:00
hal_allocator.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_allocator_default.te Allow hidl_allocator_default service to set its own prop 2023-12-19 17:05:59 +00:00
hal_atrace.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_audio.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_audiocontrol.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_authgraph.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_authsecret.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_bluetooth.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_bootctl.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_broadcastradio.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_camera.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_can.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_cas.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_codec2.te Add policies for hal_codec2 2024-05-02 08:22:57 +00:00
hal_configstore.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_confirmationui.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_contexthub.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_drm.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_dumpstate.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_evs.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_face.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_fastboot.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_fingerprint.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_gatekeeper.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_gnss.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_graphics_allocator.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_graphics_composer.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_health.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_health_storage.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_identity.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_input_classifier.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_input_processor.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_ir.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_ivn.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_keymaster.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_keymint.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_lazy_test.te
hal_light.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_lowpan.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_macsec.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_memtrack.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_neuralnetworks.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_neverallows.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_nfc.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_nlinterceptor.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_oemlock.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_omx.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_power.te Grant dalvik_dynamic_prop access to power HAL 2024-05-27 10:04:37 +09:00
hal_power_stats.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_rebootescrow.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_remoteaccess.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_remotelyprovisionedcomponent_avf.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_secretkeeper.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_secure_element.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_sensors.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_telephony.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tetheroffload.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_thermal.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_threadnetwork.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_cec.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_hdmi_cec.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_hdmi_connection.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_hdmi_earc.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_input.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_tv_tuner.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_usb.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_usb_gadget.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_uwb.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_vehicle.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_vibrator.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_vr.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_weaver.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_wifi.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_wifi_hostapd.te Minimize public policy 2024-03-28 00:33:46 +00:00
hal_wifi_supplicant.te Minimize public policy 2024-03-28 00:33:46 +00:00
halclientdomain.te
halserverdomain.te
healthd.te
heapprofd.te strengthen vendor_file neverallows 2023-05-18 00:07:32 +00:00
hidl_lazy_test_server.te
hwservice.te Minimize public policy 2024-03-28 00:33:46 +00:00
hwservice_contexts Revert "Add sepolicies for CPU HAL." 2022-11-09 16:47:07 +00:00
hwservicemanager.te Minimize public policy 2024-03-28 00:33:46 +00:00
idmap.te Minimize public policy 2024-03-28 00:33:46 +00:00
incident.te
incident_helper.te
incidentd.te Let incidentd read the wakeup_sources debugfs node for userdebug/eng builds 2023-09-20 14:06:21 -07:00
init.te Merge "sepolicy: Add rules for /sys/kernel/mm/pgsize_migration/enabled" into main 2024-05-02 19:38:08 +00:00
initial_sid_contexts
initial_sids
inputflinger.te Minimize public policy 2024-03-28 00:33:46 +00:00
installd.te installd renames dirs in /data/app-staging 2024-06-03 14:24:46 +09:00
isolated_app.te sepolicy: rework perfetto producer/profiler rules for "user" builds 2023-02-03 15:05:14 +00:00
isolated_app_all.te sepolicy: Add rules for /sys/kernel/mm/pgsize_migration/enabled 2024-05-02 19:34:36 +00:00
isolated_compute_app.te C2 AIDL sepolicy update 2023-09-06 14:30:26 -07:00
iw.te
kcmdlinectrl.te kcmdlinectrl: define system property for kcmdlinectrl 2024-03-06 12:05:24 +00:00
kernel.te Minimize public policy 2024-03-28 00:33:46 +00:00
keys.conf sepolicy(nfc): Changing selinux policy for signed NFC APK 2024-01-19 10:22:56 -08:00
keystore.te Untrack keystore SELinux denial on AVF RKP Hal 2024-06-10 14:32:19 +00:00
keystore2_key_contexts Stop granting permissions on keystore_key class 2023-10-16 22:22:54 +00:00
keystore_keys.te
linkerconfig.te Update SELinux policy for Pre-reboot Dexopt. 2024-03-27 10:53:50 +00:00
llkd.te [dice] Remove all the sepolicy relating the hal service dice 2023-02-24 08:34:26 +00:00
lmkd.te lmkd: Adding io_uring support 2024-05-05 12:12:01 -07:00
logd.te Minimize public policy 2024-03-28 00:33:46 +00:00
logpersist.te Minimize public policy 2024-03-28 00:33:46 +00:00
lpdumpd.te Allow lpdumpd to read Virtual A/B diagnostics. 2023-07-14 09:08:56 -07:00
mac_permissions.xml sepolicy(nfc): Changing selinux policy for signed NFC APK 2024-01-19 10:22:56 -08:00
mdnsd.te
mediadrmserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaextractor.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediametrics.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaprovider.te
mediaprovider_app.te label boot animations on oem with bootanim_oem_file 2024-02-16 11:08:30 +01:00
mediaserver.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediaswcodec.te Minimize public policy 2024-03-28 00:33:46 +00:00
mediatranscoding.te Adds GPU sepolicy to support devices with DRM gralloc/rendering 2022-04-18 17:30:56 -07:00
mediatuner.te Allow mediatuner to get tuner.server.enable 2023-06-20 17:24:51 +00:00
migrate_legacy_obb_data.te
misctrl.te misctrl: add a property 2024-02-21 18:16:49 +00:00
mls
mls_decl
mls_macros
mlstrustedsubject.te Add SELinux policy for storage areas 2024-04-30 20:26:55 +00:00
mm_events.te
modprobe.te Minimize public policy 2024-03-28 00:33:46 +00:00
mtectrl.te [MTE] ignore mtectrl selinux error for device tree. 2022-09-29 22:53:58 +00:00
net.te Minimize public policy 2024-03-28 00:33:46 +00:00
netd.te allow non bpfloader creation of bpf maps 2024-05-04 11:02:13 +00:00
netutils_wrapper.te Minimize public policy 2024-03-28 00:33:46 +00:00
network_stack.te allow non bpfloader creation of bpf maps 2024-05-04 11:02:13 +00:00
nfc.te
odrefresh.te Update SELinux policy for Pre-reboot Dexopt. 2024-03-27 10:53:50 +00:00
odsign.te Revert "Remove fsverity_init SELinux rules" 2023-07-26 06:21:37 +00:00
ot_ctl.te [Thread] limit ot-daemon socket to ot-ctl 2024-02-29 23:43:34 +08:00
ot_daemon.te [Thread] limit ot-daemon socket to ot-ctl 2024-02-29 23:43:34 +08:00
otapreopt_chroot.te Allow otapreopt_chroot to use stdin and stdout pipes. 2023-08-07 21:21:20 +01:00
otapreopt_slot.te
perfetto.te Changes to allow trace redactor to run 2024-04-03 23:35:36 +00:00
performanced.te Minimize public policy 2024-03-28 00:33:46 +00:00
permissioncontroller_app.te
platform_app.te Enable platform_app to use perfetto/trace_data_file permissions in 2024-02-28 20:31:44 +00:00
policy_capabilities
port_contexts
postinstall.te Minimize public policy 2024-03-28 00:33:46 +00:00
postinstall_dexopt.te Allow vendor_overlay_file from vendor apex 2023-06-09 13:43:11 +09:00
preloads_copy.te
preopt2cachename.te
priv_app.te Allow priv_app to measure fs-verity on tmp apk files 2024-04-26 13:04:00 -07:00
prng_seeder.te Add SEPolicy for PRNG seeder daemon. 2022-11-15 01:50:22 +00:00
profcollectd.te Add profcollectd.etr.probe property and associated permissions 2024-03-15 12:21:44 -07:00
profman.te Minimize public policy 2024-03-28 00:33:46 +00:00
property.te Add system property to disable avf remote attestation 2024-06-10 09:16:24 +00:00
property_contexts Merge "Add system property to disable avf remote attestation" into main 2024-06-10 11:31:52 +00:00
radio.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery_persist.te Minimize public policy 2024-03-28 00:33:46 +00:00
recovery_refresh.te Minimize public policy 2024-03-28 00:33:46 +00:00
remote_provisioning_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
remount.te Allow remount to update the super partition. 2023-12-13 12:09:30 -08:00
rkpd.te Add SELinux policies for remote_key_provisioning_native namespace. 2022-09-29 21:32:58 +00:00
rkpd_app.te Revert^4 "[avf][rkp] Allow virtualizationservice to register RKP HAL" 2023-11-22 08:21:27 +00:00
roles_decl
rootdisk_sysdev.te Minimize public policy 2024-03-28 00:33:46 +00:00
rs.te Add dontaudit for rs fd usage 2023-07-26 12:12:41 +02:00
rss_hwm_reset.te
runas.te Minimize public policy 2024-03-28 00:33:46 +00:00
runas_app.te Don't audit shell_test_data_file for runas_app 2023-08-03 21:28:21 +00:00
scheduler_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
sdcardd.te Minimize public policy 2024-03-28 00:33:46 +00:00
sdk_sandbox_34.te Revert^2 "Introduce sdk_sandbox_audit SELinux domain" 2023-11-17 09:54:33 +00:00
sdk_sandbox_all.te Revert "Restrict SDK sandbox unix_stream_socket connections" 2024-03-20 18:23:46 +00:00
sdk_sandbox_audit.te Revert^2 "Introduce sdk_sandbox_audit SELinux domain" 2023-11-17 09:54:33 +00:00
sdk_sandbox_current.te Revert^2 "Introduce sdk_sandbox_audit SELinux domain" 2023-11-17 09:54:33 +00:00
sdk_sandbox_next.te Add canary restrictions for sdk_sandbox 2023-05-12 20:06:31 +00:00
seapp_contexts add internal vmlauncher into seapp_contexts 2024-04-29 16:17:27 +09:00
secure_element.te Added sepolicy rule for vendor uuid mapping config 2021-11-20 01:08:11 +00:00
security_classes Define new kernel security classes 2024-05-15 04:45:20 +00:00
sensor_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
service.te Revert "Introducing vm_tethering_service as system_server_service" 2024-06-14 17:46:44 +00:00
service_contexts Revert "Introducing vm_tethering_service as system_server_service" 2024-06-14 17:46:44 +00:00
servicemanager.te Minimize public policy 2024-03-28 00:33:46 +00:00
sgdisk.te Minimize public policy 2024-03-28 00:33:46 +00:00
shared_relro.te
shell.te Allow shell to read AVF DT nodes 2024-06-19 01:06:25 +00:00
simpleperf.te
simpleperf_app_runner.te
simpleperf_boot.te Add sepolicy for simpleperf_boot. 2022-01-15 16:12:51 -08:00
slideshow.te Minimize public policy 2024-03-28 00:33:46 +00:00
snapshotctl.te Add rules for snapshotctl map/unmap. 2024-03-11 11:18:50 +00:00
snapuserd.te Add rules for snapshotctl map/unmap. 2024-03-11 11:18:50 +00:00
stats.te stats_service: only disallow untrusted access 2024-02-14 15:07:21 -08:00
stats_service_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
statsd.te Merge "Allow statsd to read file descriptors from any app" into main 2024-06-12 21:14:37 +00:00
storaged.te
su.te Minimize public policy 2024-03-28 00:33:46 +00:00
surfaceflinger.te Revert "sepolicy: allow surfaceflinger to read device_config_aconfig_flags_prop" 2023-09-13 17:11:11 +00:00
system_app.te system_app.te: fix misleading comment 2024-06-07 10:20:18 -07:00
system_server.te Allow system_server to kill artd and its subprocesses. 2024-05-31 19:06:12 +01:00
system_server_startup.te
system_suspend.te Add sepolicy for suspend.debug.wakestats_log.enabled 2024-01-04 15:45:39 -08:00
system_suspend_internal_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
system_suspend_server.te Minimize public policy 2024-03-28 00:33:46 +00:00
technical_debt.cil Create sdk_sandbox_all. 2023-05-10 17:54:07 +00:00
tee.te Minimize public policy 2024-03-28 00:33:46 +00:00
tombstoned.te Minimize public policy 2024-03-28 00:33:46 +00:00
toolbox.te Minimize public policy 2024-03-28 00:33:46 +00:00
trace_redactor.te Changes to allow trace redactor to run 2024-04-03 23:35:36 +00:00
traced.te Enable platform_app to use perfetto/trace_data_file permissions in 2024-02-28 20:31:44 +00:00
traced_perf.te strengthen app_data_file neverallows 2023-05-23 00:01:27 +00:00
traced_probes.te traced_probes: allow perfetto to read /proc/pressure entries 2023-12-15 19:15:57 +00:00
traceur_app.te Minimize public policy 2024-03-28 00:33:46 +00:00
ueventd.te Minimize public policy 2024-03-28 00:33:46 +00:00
uncrypt.te Minimize public policy 2024-03-28 00:33:46 +00:00
untrusted_app.te Blocks untrusted apps to access /dev/socket/mdnsd from U 2023-01-20 15:25:46 +09:00
untrusted_app_25.te Disallow watch and watch_reads on apk_data_file for apps 2023-04-25 15:20:45 +02:00
untrusted_app_27.te Disallow watch and watch_reads on apk_data_file for apps 2023-04-25 15:20:45 +02:00
untrusted_app_29.te Disallow watch and watch_reads on apk_data_file for apps 2023-04-25 15:20:45 +02:00
untrusted_app_30.te Disallow watch and watch_reads on apk_data_file for apps 2023-04-25 15:20:45 +02:00
untrusted_app_32.te Disallow watch and watch_reads on apk_data_file for apps 2023-04-25 15:20:45 +02:00
untrusted_app_all.te Grant lockdown integrity to all processes 2024-02-22 12:20:38 +11:00
update_engine.te Allow system app and update_engine to read OTA from /vendor 2024-05-02 01:14:47 +00:00
update_engine_common.te Minimize public policy 2024-03-28 00:33:46 +00:00
update_verifier.te Minimize public policy 2024-03-28 00:33:46 +00:00
uprobestats.te Merge "Rename uprobe_private to uprobestats for BPFs." into main 2024-01-19 18:15:45 +00:00
usbd.te Minimize public policy 2024-03-28 00:33:46 +00:00
userdata_sysdev.te Minimize public policy 2024-03-28 00:33:46 +00:00
users
vdc.te Minimize public policy 2024-03-28 00:33:46 +00:00
vehicle_binding_util.te Revert "Revert "Allow vehicle_binding_util to access AIDL VHAL. am: d5af7b7cea am: 565699bc61 am: e4ddf119a1 am: 54e7d19e1d am: 3686a43f8f"" 2022-05-11 18:14:06 +00:00
vendor_init.te Revert^2 "Add ro.fstype.data to indicate fs type of /data" 2024-05-30 12:16:42 -07:00
vendor_misc_writer.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_shell.te Minimize public policy 2024-03-28 00:33:46 +00:00
vendor_toolbox.te Minimize public policy 2024-03-28 00:33:46 +00:00
vfio_handler.te Add virtualization_maintenance_service 2024-02-20 17:08:28 +00:00
virtual_camera.te Add missing SELinux rule for accessing GPU 2024-06-13 14:23:22 +00:00
virtual_touchpad.te Minimize public policy 2024-03-28 00:33:46 +00:00
virtualizationmanager.te more vm socket isolation 2024-06-05 23:45:44 +00:00
virtualizationservice.te Revert "Introducing vm_tethering_service as system_server_service" 2024-06-14 17:46:44 +00:00
vmlauncher_app.te Allow vmlauncher_app to create ptys to communicate with shell 2024-05-23 15:03:49 +08:00
vmnic.te Grant TUNGETIFF ioctl and revoke SIOCGIFFLAGS ioctl to vmnic 2024-06-11 13:27:36 +09:00
vold.te Modify permissions to move encryption policy assignment to vold_prepare_subdirs 2024-06-06 17:48:43 +00:00
vold_prepare_subdirs.te Modify permissions to move encryption policy assignment to vold_prepare_subdirs 2024-06-06 17:48:43 +00:00
vzwomatrigger_app.te
wait_for_keymaster.te
watchdogd.te Minimize public policy 2024-03-28 00:33:46 +00:00
webview_zygote.te Reland "[res] Allow accessing idmap files in all zygotes" 2024-02-20 20:49:37 +00:00
wificond.te Minimize public policy 2024-03-28 00:33:46 +00:00
zygote.te Add appcompat override files and contexts to SELinux 2023-10-23 18:34:12 +00:00