..
adbd.te
Add shell_test_data_file for /data/local/tests
2020-09-01 11:17:19 -07:00
aidl_lazy_test_server.te
Add aidl_lazy_test_server
2020-01-07 15:11:03 -08:00
apexd.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
app.te
Split user_profile_data_file label.
2020-12-11 17:35:06 +00:00
app_zygote.te
asan_extract.te
asan_extract: add system_file_type to asan_extract_exec
2020-05-06 13:25:28 -07:00
atrace.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
attributes
sepolicy: set expandattribute false for dmabuf_heap_device_type
2020-12-23 05:14:31 +00:00
audioserver.te
audioserver: allow audioserver to generate audio HAL tombstones
2019-11-04 18:05:28 -08:00
blkid.te
blkid_untrusted.te
bluetooth.te
bootanim.te
Allow the boot animation to receive display events
2020-05-27 12:57:51 +02:00
bootstat.te
Enable incidentd access to ro.boot.bootreason
2020-04-22 17:55:18 +00:00
bufferhubd.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
camera_service_server.te
Abstract use of cameraserver behind an attribute
2019-03-01 14:02:59 -08:00
cameraserver.te
Properly define hal_codec2 and related policies
2019-05-23 03:53:47 -07:00
charger.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
crash_dump.te
credstore.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
device.te
Allow coredomain access to only approved categories of vendor heaps
2020-12-16 10:08:54 -08:00
dhcp.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
display_service_server.te
dnsmasq.te
add dontaudit dnsmasq kernel:system module_request
2020-01-18 18:22:12 -08:00
domain.te
[MTE] Add memtag sysprop sepolicy.
2021-01-11 08:35:58 -08:00
drmserver.te
drmserver: audit permissions for /data/app
2020-12-09 09:16:51 +01:00
dumpstate.te
Split user_profile_data_file label.
2020-12-11 17:35:06 +00:00
e2fs.te
ephemeral_app.te
fastbootd.te
Support TCP based fastbootd in recovery mode.
2020-05-19 19:12:25 +00:00
file.te
Add new selinux type for radio process
2020-12-24 15:11:15 +08:00
fingerprintd.te
Make Keystore equivalent policy for Keystore2
2020-08-05 16:11:48 +00:00
flags_health_check.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
fsck.te
fsck_untrusted.te
fwk_bufferhub.te
gatekeeperd.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
global_macros
global_macros: trim back various watch* permissions
2019-08-28 12:36:58 -07:00
gmscore_app.te
Create a separate SELinux domain for gmscore
2019-11-22 10:39:19 -08:00
gpuservice.te
hal_allocator.te
hal_atrace.te
hal_audio.te
Move ro.audio.* props to audio_config_prop
2020-06-23 23:52:55 +09:00
hal_audiocontrol.te
hal_audiocontrol: use hal_attribute_service
2020-12-23 01:26:58 +00:00
hal_authsecret.te
hal_bluetooth.te
Add rules for accessing the related bluetooth_audio_hal_prop
2019-03-20 03:12:25 +00:00
hal_bootctl.te
hal_broadcastradio.te
Allow radio server to client binder callback
2019-03-29 15:22:16 -07:00
hal_camera.te
hal_can.te
Revert "hal_can_*: use hal_attribute_service"
2020-12-29 22:53:29 +00:00
hal_cas.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
hal_codec2.te
Allow XML file paths to be customized with sysprop
2020-03-18 22:55:36 +00:00
hal_configstore.te
debug builds: allow perf profiling of most domains
2020-01-22 22:04:02 +00:00
hal_confirmationui.te
hal_contexthub.te
hal_drm.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
hal_dumpstate.te
Replace hal_dumpstate with hal_dumpstate_server
2020-08-26 10:23:05 +00:00
hal_evs.te
Update sepolicy for EVS v1.x
2019-07-30 13:22:03 -07:00
hal_face.te
Add sepolicy for IFace
2020-09-28 15:57:59 -07:00
hal_fingerprint.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
hal_gatekeeper.te
hal_gnss.te
Add GNSS AIDL interfaces (system/sepolicy)
2020-09-24 12:03:30 -07:00
hal_graphics_allocator.te
hal_graphics_composer.te
hal_health.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
hal_health_storage.te
hal_identity.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
hal_input_classifier.te
hal_ir.te
hal_keymaster.te
hal_keymint.te
Clean up keymint service policy.
2020-12-16 08:59:09 -08:00
hal_light.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
hal_lowpan.te
hal_memtrack.te
Reland: Memtrack HAL stable aidl sepolicy
2020-12-22 16:08:53 -05:00
hal_neuralnetworks.te
Allow neuralnetworks hal service to read files from /sdcard
2020-05-06 14:20:21 +01:00
hal_neverallows.te
SEPolicy rules for CAN bus HAL
2019-08-01 10:24:00 -07:00
hal_nfc.te
hal_oemlock.te
hal_omx.te
Allow XML file paths to be customized with sysprop
2020-03-18 22:55:36 +00:00
hal_power.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
hal_power_stats.te
hal_power_stats: use hal_attribute_service
2020-12-23 01:38:03 +00:00
hal_rebootescrow.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
hal_secure_element.te
hal_sensors.te
hal_telephony.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
hal_tetheroffload.te
hal_thermal.te
hal_tv_cec.te
hal_tv_input.te
hal_tv_tuner.te
Tuner Hal 1.0 Enable ITuner service
2019-08-14 11:22:09 -07:00
hal_usb.te
hal_usb_gadget.te
hal_vehicle.te
hal_vibrator.te
Make AIDL HAL client attribute an exclusive client.
2020-09-11 00:02:00 +00:00
hal_vr.te
hal_weaver.te
hal_wifi.te
Fix a sepolicy violation error for hal_wifi
2020-11-25 10:24:41 +09:00
hal_wifi_hostapd.te
hal_wifi_supplicant.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
healthd.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
heapprofd.te
hwservice.te
Remove thermalcallback_hwservice.
2020-09-16 21:57:05 +00:00
hwservicemanager.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
idmap.te
idmap: add binderservice permissions
2019-09-18 13:47:09 +02:00
incident.te
incident_helper.te
incidentd.te
init.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
inputflinger.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
installd.te
Split user_profile_data_file label.
2020-12-11 17:35:06 +00:00
ioctl_defines
Add F2FS_IOC_SEC_TRIM_FILE ioctl code
2020-10-07 17:39:46 +00:00
ioctl_macros
Add TCSETSF to unpriv_tty_ioctls.
2020-11-09 00:19:01 +00:00
iorap_inode2filename.te
Split user_profile_data_file label.
2020-12-11 17:35:06 +00:00
iorap_prefetcherd.te
Split user_profile_data_file label.
2020-12-11 17:35:06 +00:00
iorapd.te
selinux: Allow system_server to access files in iorapd dir.
2020-06-09 00:19:41 +00:00
isolated_app.te
kernel.te
Allow kernel to write to update_engine_data_file
2020-02-18 23:43:00 -08:00
keystore.te
Add policy for the security compatibility hal service.
2020-12-15 08:23:52 -08:00
llkd.te
lmkd.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
logd.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
logpersist.te
logpersist is now a shell script, so give it the appropriate permissions
2019-10-30 13:54:35 -07:00
mdnsd.te
mediadrmserver.te
mediaextractor.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
mediametrics.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
mediaprovider.te
mediaserver.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
mediaswcodec.te
Add permissions required for new DMA-BUF heap allocator
2020-09-16 13:21:50 -07:00
modprobe.te
allow modprobe to read /proc/cmdline
2020-05-07 11:28:50 -07:00
mtp.te
mtp: support using pppox_socket family
2019-05-08 06:01:58 -07:00
net.te
untrusted_app: disallow bind RTM_ROUTE socket
2020-01-28 10:49:50 +01:00
netd.te
Introduce app_data_file_type attribute.
2020-11-11 14:43:36 +00:00
netutils_wrapper.te
network_stack.te
neverallow_macros
neverallow_macros: add watch* perms
2019-09-05 09:54:43 -07:00
nfc.te
perfetto.te
performanced.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
platform_app.te
postinstall.te
ppp.te
ppp: support using pppox_socket family
2019-05-06 14:11:02 -07:00
priv_app.te
profman.te
property.te
[MTE] Add memtag sysprop sepolicy.
2021-01-11 08:35:58 -08:00
racoon.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
radio.te
Add new selinux type for radio process
2020-12-24 15:11:15 +08:00
recovery.te
Support TCP based fastbootd in recovery mode.
2020-05-19 19:12:25 +00:00
recovery_persist.te
recovery_refresh.te
roles
rs.te
rss_hwm_reset.te
runas.te
Relabel /data/system/packages.list to new type.
2019-03-28 10:27:43 +00:00
runas_app.te
scheduler_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
sdcardd.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
secure_element.te
sensor_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
service.te
Add SEPolicy rules for game service.
2020-12-24 18:46:25 -08:00
servicemanager.te
sepolicy: label vendor_service_contexts as vendor_service_contexts_file
2020-06-15 17:09:46 +08:00
sgdisk.te
Allow sgdisk to use BLKPBSZGET ioctl
2020-05-17 12:32:44 -07:00
shared_relro.te
Add shared_relro dontaudit.
2020-12-17 14:10:07 +00:00
shell.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
simpleperf.te
perf_event: rules for system and simpleperf domain
2020-01-15 16:56:41 +00:00
simpleperf_app_runner.te
Relabel /data/system/packages.list to new type.
2019-03-28 10:27:43 +00:00
slideshow.te
stats_service_server.te
Treble-ize sepolicy for fwk HIDL services.
2019-04-22 17:07:06 -07:00
statsd.te
Remove perfprofd references.
2019-07-19 11:15:12 -07:00
su.te
Make Keystore equivalent policy for Keystore2
2020-08-05 16:11:48 +00:00
surfaceflinger.te
system_app.te
system_server.te
Define power.battery_input.suspended property
2020-09-10 22:33:24 -07:00
system_suspend_server.te
Decouple system_suspend from hal attributes.
2019-02-26 18:10:28 -08:00
te_macros
Add policy for the android protected confirmation service.
2020-12-10 10:58:11 -08:00
tee.te
tombstoned.te
toolbox.te
Allow setattr for chattr
2020-02-03 17:57:03 -08:00
traced.te
traced_perf.te
initial policy for traced_perf daemon (perf profiler)
2020-01-22 22:04:01 +00:00
traced_probes.te
traceur_app.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
tzdatacheck.te
ueventd.te
Allow ueventd to read apex mount directories.
2020-09-18 15:21:37 +09:00
uncrypt.te
Uncrypt: Allow uncrypt to write on ota_package_file.
2020-07-07 00:03:11 +00:00
untrusted_app.te
reland: untrusted_app_29: add new targetSdk domain
2020-01-22 09:47:53 +00:00
update_engine.te
Add update_engine_stable_service
2020-07-31 15:49:10 -07:00
update_engine_common.te
Add sepolicy for starting the snapuserd daemon through init.
2020-11-19 21:03:30 +00:00
update_verifier.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
usbd.te
Move system property rules to private
2020-03-18 16:46:04 +00:00
vdc.te
Allow to getattr kmsg_device
2019-03-25 10:14:20 -07:00
vendor_init.te
Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy"
2020-12-04 03:12:59 +00:00
vendor_misc_writer.te
Suppress errors that are not needed
2020-10-07 08:52:51 +00:00
vendor_shell.te
sepolicy(hal_wifi): Allow wifi HAL to access persist.vendor.debug properties
2020-11-12 18:22:47 -08:00
vendor_toolbox.te
Update language to comply with Android's inclusive language guidance
2020-07-31 12:28:11 -06:00
virtual_touchpad.te
vndservice.te
Allow vndservicemanager to self-register.
2020-03-06 16:35:52 -08:00
vndservicemanager.te
vold.te
Allow vold to run make_f2fs
2021-01-05 18:06:18 -08:00
vold_prepare_subdirs.te
vr_hwc.te
watchdogd.te
webview_zygote.te
wificond.te
DO NOT MERGE Add fake 30.0 prebuilts
2020-05-11 13:18:52 +09:00
wpantund.te
zygote.te
eaf1404d8a