..
compat
Merge "Add a new system property persist.graphics.egl"
2023-04-13 18:49:26 +00:00
access_vectors
Add SELinux Policy For io_uring
2023-01-27 11:44:59 -05:00
adbd.te
Blocks untrusted apps to access /dev/socket/mdnsd from U
2023-01-20 15:25:46 +09:00
aidl_lazy_test_server.te
apex_test_prepostinstall.te
apexd.te
Modifed sepolicy for new apex ready prop
2022-09-01 22:20:10 +00:00
apexd_derive_classpath.te
app.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
app_neverallows.te
Merge changes from topic "iso_compute"
2023-02-01 17:33:59 +00:00
app_zygote.te
sepolicy: rework perfetto producer/profiler rules for "user" builds
2023-02-03 15:05:14 +00:00
artd.te
Allow artd to create dirs and files for artifacts before restorecon.
2023-01-18 01:07:49 +08:00
asan_extract.te
atrace.te
attributes
audioserver.te
Add SELinux policy for accessing the AudioService
2022-07-27 12:11:50 +00:00
auditctl.te
automotive_display_service.te
binderservicedomain.te
Allow service managers access to apex data.
2022-09-23 21:33:58 +00:00
blank_screen.te
blkid.te
blkid_untrusted.te
bluetooth.te
bluetoothdomain.te
bootanim.te
bootstat.te
boringssl_self_test.te
bpfdomain.te
refactor: get_prop(bpfdomain, bpf_progs_loaded_prop)
2023-01-06 10:09:33 +00:00
bpfloader.te
netd/netutils_wrapper/network_stack/system_server - allow getattr on bpf progs/maps
2023-03-28 03:11:42 +00:00
bufferhubd.te
bug_map
Remove netd entries in bug_map
2023-03-22 10:02:37 +11:00
cameraserver.te
canhalconfigurator.te
SEPolicy for AIDL CAN HAL
2022-12-09 11:00:10 -08:00
charger.te
charger_type.te
clatd.te
clatd.te - no longer need netlink
2023-03-16 10:53:18 +00:00
compos_fd_server.te
compos_verify.te
Allow compos_verify to write VM logs
2022-06-17 13:41:51 +01:00
composd.te
Allow system server to set dynamic ART properties.
2023-03-31 11:46:05 +01:00
coredomain.te
Add a new system property persist.graphics.egl
2023-04-13 04:38:46 +00:00
cppreopts.te
crash_dump.te
[dice] Remove all the sepolicy relating the hal service dice
2023-02-24 08:34:26 +00:00
credstore.te
Remove RemoteProvisioner and remoteprovisioning services
2023-03-14 15:45:35 -07:00
crosvm.te
Introduce vm_manager_device_type for crosvm
2023-03-29 10:19:06 -07:00
derive_classpath.te
derive_sdk.te
Allow dumpstate to exec derive_sdk
2022-09-28 14:26:46 +02:00
device_as_webcam.te
Add selinux permissions for DeviceAsWebcam Service
2023-02-02 12:26:33 -08:00
dex2oat.te
Additional sepolicy rules for dex2oat
2023-01-17 15:43:58 +00:00
dexoptanalyzer.te
dontaudit dexoptanalyzer's DM file check on secondary dex files.
2023-01-30 07:56:10 +00:00
dhcp.te
dmesgd.te
dnsmasq.te
domain.te
Merge "Allow virtualizationmanager to open test artifacts in shell_data_file"
2023-04-17 04:00:16 +00:00
drmserver.te
dumpstate.te
Don't emit audit logs for dumpstate->keystore
2023-03-21 09:16:47 +00:00
ephemeral_app.te
sepolicy: rework perfetto producer/profiler rules for "user" builds
2023-02-03 15:05:14 +00:00
evsmanagerd.te
extra_free_kbytes.te
Add policies for ro.kernel.watermark_scale_factor property
2022-09-08 19:35:34 +00:00
fastbootd.te
Add SELinux Policy For io_uring
2023-01-27 11:44:59 -05:00
file.te
Introduce vm_manager_device_type for crosvm
2023-03-29 10:19:06 -07:00
file_contexts
Merge changes from topic "b268128589" am: d073bd4209 am: cf5963c6a8 am: cfe9c14ada
2023-04-18 23:43:59 +00:00
file_contexts_asan
file_contexts_overlayfs
fingerprintd.te
flags_health_check.te
Add SELinux policy for edgetpu_native device_config prop
2023-02-13 21:55:57 +00:00
fs_use
fsck.te
fsck_untrusted.te
fsverity_init.te
Clean up proc_fs_verity which is no longer used
2022-12-06 09:10:41 -08:00
fuseblkd.te
Adds support for fuseblk binaries.
2023-02-02 15:32:39 +01:00
fuseblkd_untrusted.te
Adds support for fuseblk binaries.
2023-02-02 15:32:39 +01:00
fwk_bufferhub.te
gatekeeperd.te
genfs_contexts
SEPolicy for trace event suspend_resume_minimal
2023-04-05 07:55:43 +00:00
gki_apex_prepostinstall.te
gmscore_app.te
Allow GMSCore to read RKP properties.
2023-02-08 17:14:47 -08:00
gpuservice.te
Allow gpuservice to query permission
2023-04-17 04:12:43 +00:00
gsid.te
hal_allocator_default.te
hal_lazy_test.te
halclientdomain.te
halserverdomain.te
healthd.te
heapprofd.te
[dice] Remove all the sepolicy relating the hal service dice
2023-02-24 08:34:26 +00:00
hidl_lazy_test_server.te
hwservice.te
hwservice_contexts
Revert "Add sepolicies for CPU HAL."
2022-11-09 16:47:07 +00:00
hwservicemanager.te
Allow service managers access to apex data.
2022-09-23 21:33:58 +00:00
idmap.te
incident.te
incident_helper.te
incidentd.te
Add build properties for attestation feature
2023-02-02 18:52:35 +08:00
init.te
Introduce vm_manager_device_type for crosvm
2023-03-29 10:19:06 -07:00
initial_sid_contexts
initial_sids
inputflinger.te
installd.te
Allow installd to kill profman.
2023-01-30 11:09:08 +00:00
isolated_app.te
sepolicy: rework perfetto producer/profiler rules for "user" builds
2023-02-03 15:05:14 +00:00
isolated_app_all.te
Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf
2023-03-01 14:45:57 -08:00
isolated_compute_app.te
Fix attribute plurals for isolated_compute_allowed
2023-04-20 16:39:39 +00:00
iw.te
kernel.te
Supress permissive audit messages post OTA reboot
2022-10-10 21:58:41 +00:00
keys.conf
keystore.te
Merge "Allow service managers access to apex data."
2022-10-14 18:04:46 +00:00
keystore2_key_contexts
keystore_keys.te
linkerconfig.te
Allow linkerconfig to use pseudo tty
2023-04-10 11:07:11 +09:00
llkd.te
[dice] Remove all the sepolicy relating the hal service dice
2023-02-24 08:34:26 +00:00
lmkd.te
logd.te
logpersist.te
lpdumpd.te
mac_permissions.xml
mdnsd.te
mediadrmserver.te
mediaextractor.te
mediametrics.te
mediaprovider.te
mediaprovider_app.te
Adds support for fuseblk binaries.
2023-02-02 15:32:39 +01:00
mediaserver.te
Allow communication between mediaserver & statsd
2023-02-01 22:33:28 +00:00
mediaswcodec.te
mediatranscoding.te
mediatuner.te
Add properties to configure whether the lazy tuner is enabled.
2022-08-23 07:01:05 +00:00
migrate_legacy_obb_data.te
mls
mls_decl
mls_macros
mlstrustedsubject.te
Update SELinux policy to allow artd to perform secondary dex compilation
2022-10-24 16:07:01 +01:00
mm_events.te
modprobe.te
mtectrl.te
[MTE] ignore mtectrl selinux error for device tree.
2022-09-29 22:53:58 +00:00
mtp.te
net.te
netd.te
netd/netutils_wrapper/network_stack/system_server - allow getattr on bpf progs/maps
2023-03-28 03:11:42 +00:00
netutils_wrapper.te
netd/netutils_wrapper/network_stack/system_server - allow getattr on bpf progs/maps
2023-03-28 03:11:42 +00:00
network_stack.te
netd/netutils_wrapper/network_stack/system_server - allow getattr on bpf progs/maps
2023-03-28 03:11:42 +00:00
nfc.te
odrefresh.te
odsign.te
otapreopt_chroot.te
otapreopt_slot.te
perfetto.te
Allow perfetto to write into perfetto_traces_bugreport_data_file
2023-03-28 11:34:58 +00:00
performanced.te
permissioncontroller_app.te
platform_app.te
Add persist.sysui.notification.builder_extras_ovrd
2023-03-29 16:35:39 +00:00
policy_capabilities
port_contexts
postinstall.te
postinstall_dexopt.te
ppp.te
preloads_copy.te
preopt2cachename.te
priv_app.te
sepolicy: rework perfetto producer/profiler rules for "user" builds
2023-02-03 15:05:14 +00:00
prng_seeder.te
Add SEPolicy for PRNG seeder daemon.
2022-11-15 01:50:22 +00:00
profcollectd.te
profman.te
Update SELinux policy for app compilation CUJ.
2022-07-29 14:07:52 +00:00
property.te
Merge "Add persist.sysui.notification.builder_extras_ovrd"
2023-04-03 13:47:09 +00:00
property_contexts
Merge "Add a new system property persist.graphics.egl"
2023-04-13 18:49:26 +00:00
racoon.te
radio.te
recovery.te
recovery_persist.te
recovery_refresh.te
remount.te
rkpd.te
Add SELinux policies for remote_key_provisioning_native namespace.
2022-09-29 21:32:58 +00:00
rkpd_app.te
Add set property permissions to RKPD application.
2023-03-16 18:05:10 +00:00
roles_decl
rs.te
rss_hwm_reset.te
runas.te
runas_app.te
runas_app: allow sigkill of untrusted_app
2023-01-20 09:02:19 +01:00
sdcardd.te
sdk_sandbox.te
Add persist.sysui.notification.builder_extras_ovrd
2023-04-19 18:29:04 +00:00
seapp_contexts
Remove RemoteProvisioner and remoteprovisioning services
2023-03-14 15:45:35 -07:00
secure_element.te
security_classes
Add SELinux Policy For io_uring
2023-01-27 11:44:59 -05:00
service.te
SELinux policy changes for Wearable Sensing APIs.
2022-12-05 09:20:14 -08:00
service_contexts
Merge "Define sepolicy for ivn HAL." am: 9861e84085 am: 506e69012d am: 78ca38f285
2023-04-12 02:44:59 +00:00
servicemanager.te
Allow service managers access to apex data.
2022-09-23 21:33:58 +00:00
sgdisk.te
shared_relro.te
shell.te
Add persist.sysui.notification.builder_extras_ovrd
2023-03-29 16:35:39 +00:00
simpleperf.te
simpleperf_app_runner.te
simpleperf_boot.te
slideshow.te
snapshotctl.te
snapuserd.te
Add SELinux Policy For io_uring
2023-01-27 11:44:59 -05:00
stats.te
Allow traced_probes to subscribe to statsd atoms
2023-03-22 19:53:34 +00:00
statsd.te
storaged.te
su.te
Start using virtmgr for running VMs
2023-01-05 17:39:39 +00:00
surfaceflinger.te
Grant surfaceflinger and graphics allocator access to the secure heap
2023-01-19 09:02:56 +00:00
system_app.te
tm-qpr backport: allow perfetto profiling of system_server and sys/platform apps
2023-03-13 17:13:54 +00:00
system_server.te
Fix denial for ioctl FS Verity am: af6035c64f
2023-04-20 15:50:40 +00:00
system_server_startup.te
system_suspend.te
suspend: Allow access to /sys/power/wake_[un]lock
2023-01-25 16:39:05 -08:00
technical_debt.cil
Enable NNAPI for isolated compute app
2023-03-01 20:27:13 +00:00
tombstoned.te
toolbox.te
traced.te
Allow perfetto to write into perfetto_traces_bugreport_data_file
2023-03-28 11:34:58 +00:00
traced_perf.te
[dice] Remove all the sepolicy relating the hal service dice
2023-02-24 08:34:26 +00:00
traced_probes.te
Merge "traced_probes: allow traced_probes to access diskstats info"
2023-04-04 01:25:18 +00:00
traceur_app.te
ueventd.te
uncrypt.te
untrusted_app.te
Blocks untrusted apps to access /dev/socket/mdnsd from U
2023-01-20 15:25:46 +09:00
untrusted_app_25.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
untrusted_app_27.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
untrusted_app_29.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
untrusted_app_30.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
untrusted_app_32.te
Disallow watch and watch_reads on apk_data_file for apps
2023-04-25 15:20:45 +02:00
untrusted_app_all.te
sepolicy: rework perfetto producer/profiler rules for "user" builds
2023-02-03 15:05:14 +00:00
update_engine.te
update_engine_common.te
update_verifier.te
Allow update_verifier to connect to snapuserd daemon
2023-01-09 13:19:20 -08:00
usbd.te
users
vdc.te
vehicle_binding_util.te
vendor_init.te
Introduce vm_manager_device_type for crosvm
2023-03-29 10:19:06 -07:00
viewcompiler.te
virtual_touchpad.te
virtualizationmanager.te
Allow virtualizationmanager to open test artifacts in shell_data_file
2023-04-03 15:46:26 +09:00
virtualizationservice.te
virtualizationservice: Allow checking permissions
2023-01-12 21:10:33 +00:00
vold.te
Adds support for fuseblk binaries.
2023-02-02 15:32:39 +01:00
vold_prepare_subdirs.te
vzwomatrigger_app.te
wait_for_keymaster.te
watchdogd.te
webview_zygote.te
wificond.te
zygote.te
Add persist.sysui.notification.builder_extras_ovrd
2023-04-19 18:29:04 +00:00
f9a774f1ae