access_vectors
|
Define wake_alarm and block_suspect capabilities.
|
2012-08-10 09:23:21 -04:00 |
adbd.te
|
Allow adbd to access the qemu device and label /dev/eac correctly.
|
2012-04-03 15:30:28 -04:00 |
Android.mk
|
Add mac_permissions.xml file.
|
2012-07-30 09:33:03 -04:00 |
app.te
|
Additions for grouper/JB
|
2012-08-10 06:25:52 -04:00 |
attributes
|
Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps.
|
2012-07-27 11:07:09 -04:00 |
bluetooth.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
bluetoothd.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
cts.te
|
read permission over lnk_file to devices when android_cts enabled
|
2012-07-30 16:02:36 -04:00 |
dbusd.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
debuggerd.te
|
Additions for grouper/JB
|
2012-08-10 06:25:52 -04:00 |
device.te
|
Target the denials/policies over qtaguid file and device: 1. Relabel /proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device.
|
2012-07-19 16:11:24 -04:00 |
domain.te
|
Allow debugfs access and setsched for mediaserver.
|
2012-08-09 08:36:10 -04:00 |
drmserver.te
|
Trusted Execution Environment policy.
|
2012-08-13 06:09:39 -04:00 |
file.te
|
New asec container labeling.
|
2012-07-30 14:20:40 -04:00 |
file_contexts
|
New asec container labeling.
|
2012-07-30 14:20:40 -04:00 |
fs_use
|
Support for ocontexts per device.
|
2012-07-12 10:02:45 -04:00 |
genfs_contexts
|
Target the denials/policies over qtaguid file and device: 1. Relabel /proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device.
|
2012-07-19 16:11:24 -04:00 |
global_macros
|
Add key_socket class to socket_class_set macro. Allow system to trigger module auto-loading and to write to sockets created under /dev.
|
2012-06-28 14:28:24 -04:00 |
gpsd.te
|
Trusted Execution Environment policy.
|
2012-08-13 06:09:39 -04:00 |
hci_attach.te
|
Policy for hci_attach service.
|
2012-05-31 09:40:12 -04:00 |
init.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
initial_sid_contexts
|
Restore devnull initial sid context.
|
2012-07-12 10:14:38 -04:00 |
initial_sids
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
installd.te
|
installd unlink platform_app_data_file
|
2012-07-27 16:16:39 -04:00 |
kernel.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
keystore.te
|
Trusted Execution Environment policy.
|
2012-08-13 06:09:39 -04:00 |
mac_permissions.xml
|
Add mac_permissions.xml file.
|
2012-07-30 09:33:03 -04:00 |
mediaserver.te
|
Trusted Execution Environment policy.
|
2012-08-13 06:09:39 -04:00 |
mls
|
Rewrite MLS constraints to only constrain open for app_data_file, not read/write.
|
2012-03-19 10:32:24 -04:00 |
mls_macros
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
net.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
netd.te
|
Further policy for Motorola Xoom.
|
2012-01-06 10:25:53 -05:00 |
nfc.te
|
Remove all denials caused by rild on tuna devices.
|
2012-06-07 11:52:51 -04:00 |
NOTICE
|
Public domain notice
|
2012-06-19 07:29:55 -04:00 |
policy_capabilities
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
port_contexts
|
Support for ocontexts per device.
|
2012-07-12 10:02:45 -04:00 |
property.te
|
Add policy for property service.
|
2012-04-04 10:11:16 -04:00 |
property_contexts
|
Add persist.mac_enforcing_mode context
|
2012-06-28 10:51:25 -04:00 |
qemud.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
radio.te
|
Add policy for property service.
|
2012-04-04 10:11:16 -04:00 |
rild.te
|
Corrected denials for LocationManager when accessing gps over uart.
|
2012-07-12 09:27:40 -04:00 |
roles
|
Add explicit role declaration for newer checkpolicy versions.
|
2012-01-12 09:58:37 -05:00 |
sdcardd.te
|
Address various denials introduced by JB/4.1.
|
2012-07-12 13:26:15 -04:00 |
seapp_contexts
|
seinfo can be used to select types, and sebool is now supported.
|
2012-07-27 17:08:21 -04:00 |
security_classes
|
Add policy for property service.
|
2012-04-04 10:11:16 -04:00 |
selinux-network.sh
|
Add selinux network script to policy
|
2012-06-21 09:19:43 -04:00 |
servicemanager.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
shell.te
|
Add policy for property service.
|
2012-04-04 10:11:16 -04:00 |
su.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
surfaceflinger.te
|
Address various denials introduced by JB/4.1.
|
2012-07-12 13:26:15 -04:00 |
system.te
|
Allow debugfs access and setsched for mediaserver.
|
2012-08-09 08:36:10 -04:00 |
te_macros
|
Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps.
|
2012-07-27 11:07:09 -04:00 |
tee.te
|
Trusted Execution Environment policy.
|
2012-08-13 06:09:39 -04:00 |
ueventd.te
|
Remove all denials caused by rild on tuna devices.
|
2012-06-07 11:52:51 -04:00 |
unconfined.te
|
Add policy for property service.
|
2012-04-04 10:11:16 -04:00 |
users
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |
vold.te
|
Address various denials introduced by JB/4.1.
|
2012-07-12 13:26:15 -04:00 |
wpa_supplicant.te
|
Additions for grouper/JB
|
2012-08-10 06:25:52 -04:00 |
zygote.te
|
SE Android policy.
|
2012-01-04 12:33:27 -05:00 |