..
adbd.te
Allow adb start/stop mdnsd via ctl.start/stop
2019-04-16 08:39:33 -07:00
apexd.te
Sepolicy: Allow crash_dump to ptrace apexd in userdebug
2019-03-05 09:59:50 -08:00
app.te
sepolicy: Permission changes for new wifi mainline module
2019-07-16 13:30:15 -07:00
app_zygote.te
Properly Treble-ize tmpfs access
2019-01-26 17:30:41 +00:00
asan_extract.te
Sync internal master and AOSP sepolicy.
2017-09-26 14:38:47 -07:00
ashmem_server.te
Sepolicy for IAshmem HIDL interface
2019-05-29 14:44:47 -07:00
ashmemd.te
Sepolicy for IAshmem HIDL interface
2019-05-29 14:44:47 -07:00
attributes
Access to HALs from untrusted apps is blacklist-based
2019-09-06 14:10:38 +09:00
audioserver.te
Properly Treble-ize tmpfs access
2019-01-26 17:30:41 +00:00
blkid.te
Move blkid policy to private
2017-02-07 23:57:53 +00:00
blkid_untrusted.te
Move blkid policy to private
2017-02-07 23:57:53 +00:00
bluetooth.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
bootanim.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
bootstat.te
Allow zygote to write to statsd and refactor
2018-10-08 13:48:28 -07:00
bufferhubd.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
camera_service_server.te
Abstract use of cameraserver behind an attribute
2019-03-01 14:02:59 -08:00
cameraserver.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
charger.te
Allow charger to read ro.charger.*
2019-07-22 14:32:03 -07:00
crash_dump.te
crash_dump: suppress denials on properties
2019-02-07 08:45:15 -08:00
device.te
Add sepolicy for installing GSIs to external storage.
2019-03-27 17:12:51 -07:00
dhcp.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
display_service_server.te
Add fwk_display_hwservice.
2017-05-17 11:00:28 -07:00
dnsmasq.te
dnsmasq - allow getattr on unix stream sockets
2019-05-10 00:52:12 +00:00
domain.te
Merge "Root of /data belongs to init"
2019-08-29 23:10:42 -07:00
drmserver.te
Allow drmserver to communicate with mediametrics
2019-08-22 11:31:03 -07:00
dumpstate.te
Merge "Allow dumpstate to read /data/misc/logd always"
2019-07-15 16:43:00 -07:00
e2fs.te
Allow e2fs more ioctls to device-mapper devices.
2019-02-05 18:05:50 -08:00
ephemeral_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
fastbootd.te
Allow fastbootd and update_engine to read from sysfs_dm.
2019-07-08 12:20:58 -07:00
file.te
Root of /data belongs to init
2019-08-29 15:08:21 -07:00
fingerprintd.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
flags_health_check.te
Re-add sys_traced prop
2019-04-05 15:53:57 +00:00
fsck.te
fs_mgr: overlayfs support legacy devices (marlin) Part Deux
2019-02-15 15:56:16 +00:00
fsck_untrusted.te
Sync internal master and AOSP sepolicy.
2017-09-27 18:55:47 -07:00
fwk_bufferhub.te
Allow app to conntect to BufferHub service
2019-01-14 10:49:35 -08:00
gatekeeperd.te
Allow gatekeeperd to read ro.gsid.image_running.
2019-02-19 21:08:22 +00:00
global_macros
global_macros: trim back various watch* permissions
2019-08-28 12:36:58 -07:00
gpuservice.te
Game Driver: sepolicy update for plumbing GpuStats into GpuService
2019-02-08 18:15:17 -08:00
hal_allocator.te
same_process_hal_file: access to individual coredomains
2018-10-26 18:03:01 +00:00
hal_atrace.te
Add atrace HAL 1.0 sepolicy
2018-09-27 23:18:29 +00:00
hal_audio.te
sepolicy: allow hal_omx to access audio devices
2019-05-22 10:35:16 -07:00
hal_audiocontrol.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_authsecret.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_bluetooth.te
Add rules for accessing the related bluetooth_audio_hal_prop
2019-03-20 03:12:25 +00:00
hal_bootctl.te
add hal_bootctl to white-list of sys_rawio
2019-02-13 12:38:22 +00:00
hal_broadcastradio.te
Allow radio server to client binder callback
2019-03-29 15:22:16 -07:00
hal_camera.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_can.te
SEPolicy rules for CAN bus HAL
2019-08-01 10:24:00 -07:00
hal_cas.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_codec2.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
hal_configstore.te
In native coverage builds, allow all domains to access /data/misc/trace
2019-06-14 08:31:51 -07:00
hal_confirmationui.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_contexthub.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_drm.te
Give hal_drm_server appdomain fd access.
2019-06-05 10:12:28 -07:00
hal_dumpstate.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_evs.te
Update sepolicy for EVS v1.x
2019-07-30 13:22:03 -07:00
hal_face.te
Revert "Allow hal_face to write to /data/vendor/camera_calibration/*."
2019-06-19 20:15:50 +00:00
hal_fingerprint.te
Revert "Add placeholder iris and face policy for vold data directory"
2018-11-19 15:00:19 -08:00
hal_gatekeeper.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_gnss.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_graphics_allocator.te
same_process_hal_file: access to individual coredomains
2018-10-26 18:03:01 +00:00
hal_graphics_composer.te
Initial selinux policy support for memfd
2019-01-30 19:11:49 +00:00
hal_health.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
hal_health_storage.te
health.filesystem HAL renamed to health.storage
2018-09-20 04:12:45 +00:00
hal_input_classifier.te
Permissions for InputClassifier HAL
2019-01-11 02:08:19 +00:00
hal_ir.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_keymaster.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_light.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_lowpan.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_memtrack.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_neuralnetworks.te
Allow NNAPI HAL services access model files provided by privapp.
2019-04-24 21:15:45 -07:00
hal_neverallows.te
SEPolicy rules for CAN bus HAL
2019-08-01 10:24:00 -07:00
hal_nfc.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_oemlock.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_omx.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
hal_power.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_power_stats.te
Add power.stats HAL 1.0 sepolicy
2018-12-11 00:11:08 +00:00
hal_secure_element.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_sensors.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_telephony.te
Remove sepolicy for /dev/alarm.
2018-12-06 04:23:22 +00:00
hal_tetheroffload.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_thermal.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_tv_cec.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_tv_input.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_tv_tuner.te
Tuner Hal 1.0 Enable ITuner service
2019-08-14 11:22:09 -07:00
hal_usb.te
Allow hal_usb to call getsockopt on uevent socket
2018-12-03 18:37:25 +00:00
hal_usb_gadget.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_vehicle.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_vibrator.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_vr.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_weaver.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_wifi.te
Allow dumpstate to dump wlan hal log on userbuild
2019-03-21 12:27:44 +08:00
hal_wifi_hostapd.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_wifi_offload.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
hal_wifi_supplicant.te
hal_attribute_hwservice_client drop '_client'
2018-06-06 09:30:18 -07:00
healthd.te
drop "allow healthd self:process execmem;"
2019-05-23 11:17:21 -07:00
heapprofd.te
Add userdebug selinux config for heapprofd.
2018-11-14 09:22:07 +00:00
hwservice.te
Access to HALs from untrusted apps is blacklist-based
2019-09-06 14:10:38 +09:00
hwservicemanager.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
idmap.te
DO NOT MERGE: Allow idmap1 to read vmdl*.tmp APK install files
2019-04-25 11:05:07 +00:00
incident.te
Add incident command and incidentd daemon se policy.
2017-02-07 15:52:07 -08:00
incident_helper.te
Selinux permissions for incidentd project
2018-01-23 19:08:49 +00:00
incidentd.te
Add incident command and incidentd daemon se policy.
2017-02-07 15:52:07 -08:00
init.te
Merge "Root of /data belongs to init"
2019-08-29 23:10:42 -07:00
inputflinger.te
SEPolicy for InputFlinger Service.
2018-11-16 21:52:01 +00:00
install_recovery.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
installd.te
Merge "Move layout_version to /data/misc/installd"
2019-08-28 13:35:17 -07:00
ioctl_defines
Allow fs-verity setup within system_server
2019-01-11 12:21:59 -08:00
ioctl_macros
more ioctl work
2018-10-17 11:12:18 -07:00
iorapd.te
iorapd: add tmpfs type
2019-01-26 12:55:13 -08:00
isolated_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
kernel.te
Add permission required by libdm_test
2019-06-17 21:15:34 -07:00
keystore.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
llkd.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
lmkd.te
Add TODOs
2019-05-02 08:29:21 -07:00
logd.te
Relabel /data/system/packages.list to new type.
2019-03-28 10:27:43 +00:00
logpersist.te
Start partitioning off privapp_data_file from app_data_file
2018-08-02 16:29:02 -07:00
mdnsd.te
Move mdnsd policy to private
2017-02-06 15:02:32 -08:00
mediadrmserver.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
mediaextractor.te
Merge "In native coverage builds, allow all domains to access /data/misc/trace" am: 1eb45b5606
2019-06-14 12:05:15 -07:00
mediametrics.te
Allow mediametrics to log records to statsd
2019-02-25 20:09:54 -08:00
mediaprovider.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
mediaserver.te
Remove mediacodec_service.
2019-08-21 01:19:20 +00:00
mediaswcodec.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
modprobe.te
modprobe: shouldn't load kernel modules from /system
2018-03-23 14:16:25 -07:00
mtp.te
mtp: support using pppox_socket family
2019-05-08 06:01:58 -07:00
net.te
netdomain: allow node_bind for ping sockets
2019-01-14 16:59:03 +00:00
netd.te
sepolicy: Permission changes for new wifi mainline module
2019-07-16 13:30:15 -07:00
netutils_wrapper.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
network_stack.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
neverallow_macros
neverallow_macros: add watch* perms
2019-09-05 09:54:43 -07:00
nfc.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
perfetto.te
Allow to signal perfetto from shell.
2018-12-13 10:46:42 +00:00
performanced.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
platform_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
postinstall.te
Allow postinstall scripts to trigger F2FS GC
2019-02-20 22:40:53 +00:00
ppp.te
ppp: support using pppox_socket family
2019-05-06 14:11:02 -07:00
priv_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
profman.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
property.te
Define sepolicy with property for linker
2019-08-14 12:35:15 +09:00
property_contexts
Merge "Fix ext4/metadata/udc problem"
2019-08-27 08:44:48 -07:00
racoon.te
racoon: allow ioctl TUNSETIFF
2018-11-15 10:32:45 -08:00
radio.te
Radio: allow to read kernel command line.
2019-02-12 23:36:51 +00:00
recovery.te
In native coverage builds, allow all domains to access /data/misc/trace
2019-06-14 08:31:51 -07:00
recovery_persist.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
recovery_refresh.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
roles
sepolicy: add version_policy tool and version non-platform policy.
2016-12-06 08:56:02 -08:00
rs.te
sepolicy: Add "rs" and "rs_exec" to public policy
2018-12-21 17:47:54 +00:00
rss_hwm_reset.te
SELinux policy for rss_hwm_reset
2018-12-15 10:13:03 +00:00
runas.te
Relabel /data/system/packages.list to new type.
2019-03-28 10:27:43 +00:00
runas_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
scheduler_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
sdcardd.te
Move layout_version to /data/misc/installd
2019-08-21 10:11:35 -07:00
secure_element.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
sensor_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
service.te
Merge "Remove mediacodec_service."
2019-08-26 21:32:47 +00:00
servicemanager.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
sgdisk.te
sgdisk: allow BLKRRPART
2018-11-02 14:26:23 -07:00
shared_relro.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
shell.te
Sepolicy: add dynamic_system_prop
2019-04-30 18:29:56 +08:00
simpleperf_app_runner.te
Relabel /data/system/packages.list to new type.
2019-03-28 10:27:43 +00:00
slideshow.te
sepolicy: Add rules for non-init namespaces
2017-11-21 08:34:32 -07:00
stats_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
statsd.te
Remove perfprofd references.
2019-07-19 11:15:12 -07:00
su.te
Tuner Hal 1.0 Enable ITuner service
2019-08-14 11:22:09 -07:00
surfaceflinger.te
Initial selinux policy support for memfd
2019-01-30 19:11:49 +00:00
system_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
system_server.te
Initial selinux policy support for memfd
2019-01-30 19:11:49 +00:00
system_suspend_server.te
Decouple system_suspend from hal attributes.
2019-02-26 18:10:28 -08:00
te_macros
Merge "Allow heapprofd to write to /proc/$PID/page_idle."
2019-07-02 12:05:29 +00:00
tee.te
Revert "Add placeholder iris and face policy for vold data directory"
2018-11-19 15:00:19 -08:00
tombstoned.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
toolbox.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
traced.te
Allow iorapd to access perfetto
2019-01-23 22:43:47 +00:00
traced_probes.te
Make traced_probes mlstrustedsubject.
2018-04-17 18:12:28 +00:00
traceur_app.te
Add selinux rule to allow Traceur to enable the traced daemon.
2019-04-26 16:18:56 -07:00
tzdatacheck.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
ueventd.te
Use a property instead of file to communicate cold boot done
2019-06-20 08:37:46 -07:00
uncrypt.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
untrusted_app.te
Remove unused *_tmpfs types
2019-01-30 21:54:40 +00:00
update_engine.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
update_engine_common.te
Allow update_engine to read virtual ab feature flag.
2019-08-05 14:32:15 -07:00
update_verifier.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
usbd.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
vdc.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
vendor_init.te
Define sepolicy with property for linker
2019-08-14 12:35:15 +09:00
vendor_misc_writer.te
Add vendor_misc_writer.
2019-05-21 07:06:31 -07:00
vendor_shell.te
Allow shell to start vendor shell
2018-01-16 18:28:51 +00:00
vendor_toolbox.te
Allow init to run vendor toybox for modprobe
2017-05-24 15:01:20 -07:00
virtual_touchpad.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
vndservice.te
Add default label and mapping for vendor services
2017-04-28 14:56:57 -07:00
vndservicemanager.te
Initial sepolicy for vndservicemanager.
2017-03-23 00:20:43 +00:00
vold.te
Root of /data belongs to init
2019-08-29 15:08:21 -07:00
vold_prepare_subdirs.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
vr_hwc.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
watchdogd.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
webview_zygote.te
Properly Treble-ize tmpfs access
2019-01-26 17:30:41 +00:00
wifi_stack.te
sepolicy: Permission changes for new wifi mainline module
2019-07-16 13:30:15 -07:00
wificond.te
sepolicy: Permission changes for new wifi mainline module
2019-07-16 13:30:15 -07:00
wpantund.te
Introduce system_file_type
2018-09-27 12:52:09 -07:00
zygote.te
Properly Treble-ize tmpfs access
2019-01-26 17:30:41 +00:00
e95c704b6f