Home
last modified time | relevance | path

Searched refs:domains (Results 1 – 25 of 198) sorted by relevance

12345678

/system/netd/resolv/dns_responder/
Ddns_responder_client.cpp34 void DnsResponderClient::SetupMappings(unsigned num_hosts, const std::vector<std::string>& domains, in SetupMappings() argument
36 mappings->resize(num_hosts * domains.size()); in SetupMappings()
39 for (const auto& domain : domains) { in SetupMappings()
54 const std::vector<std::string>& domains, const std::string& tlsHostname, in makeResolverParamsParcel() argument
76 paramsParcel.domains = domains; in makeResolverParamsParcel()
85 const std::vector<std::string>& domains, const std::vector<int>& params) { in SetResolversForNetwork() argument
87 makeResolverParamsParcel(TEST_NETID, params, servers, domains, "", {}, {}); in SetResolversForNetwork()
93 const std::vector<std::string>& domains, const std::vector<int>& params, in SetResolversWithTls() argument
96 const auto& resolverParams = makeResolverParamsParcel(TEST_NETID, params, servers, domains, in SetResolversWithTls()
/system/sepolicy/prebuilts/api/29.0/public/
Dattributes86 # These properties are not accessible from device-specific domains
121 # All domains that can override MLS restrictions.
129 # All domains used for apps.
135 # All domains used for apps with network access.
138 # All domains used for apps with bluetooth access.
141 # All domains used for binder service domains.
144 # update_engine related domains that need to apply an update and run
149 # All core domains (as opposed to vendor/device-specific domains)
156 # All vendor domains which violate the requirement of not using Binder
161 # All vendor domains which violate the requirement of not using sockets for
[all …]
Dvendor_toolbox.te6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the whitelisted domains.
Dlogpersist.te1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
/system/sepolicy/public/
Dattributes86 # These properties are not accessible from device-specific domains
121 # All domains that can override MLS restrictions.
129 # All domains used for apps.
135 # All domains used for apps with network access.
138 # All domains used for apps with bluetooth access.
141 # All domains used for binder service domains.
144 # update_engine related domains that need to apply an update and run
149 # All core domains (as opposed to vendor/device-specific domains)
156 # All vendor domains which violate the requirement of not using Binder
161 # All vendor domains which violate the requirement of not using sockets for
[all …]
Dvendor_toolbox.te6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the whitelisted domains.
Dlogpersist.te1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
/system/sepolicy/prebuilts/api/28.0/public/
Dattributes75 # These properties are not accessible from device-specific domains
110 # All domains that can override MLS restrictions.
118 # All domains used for apps.
124 # All domains used for apps with network access.
127 # All domains used for apps with bluetooth access.
130 # All domains used for binder service domains.
133 # update_engine related domains that need to apply an update and run
138 # All core domains (as opposed to vendor/device-specific domains)
145 # All vendor domains which violate the requirement of not using Binder
150 # All vendor domains which violate the requirement of not using sockets for
[all …]
Dvendor_toolbox.te6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the whitelisted domains.
Dlogpersist.te1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
Ddomain.te1 # Rules for all domains.
67 # /dev/binder can be accessed by non-vendor domains and by apps
168 # All domains are allowed to open and read directories
182 # All domains get access to /vendor/etc
187 # Allow all domains to be able to follow /system/vendor and/or
196 # Allow reading and executing out of /vendor to all vendor domains
260 # Restrict all domains to a whitelist for common socket types. Additional
261 # ioctl commands may be added to individual domains, but this sets safe
306 # Limit device node creation to these whitelisted domains.
315 # Limit raw I/O to these whitelisted domains. Do not apply to debug builds.
[all …]
/system/sepolicy/prebuilts/api/26.0/public/
Dvendor_toolbox.te6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the whitelisted domains.
Dattributes99 # All domains that can override MLS restrictions.
107 # All domains used for apps.
113 # All domains used for apps with network access.
116 # All domains used for apps with bluetooth access.
119 # All domains used for binder service domains.
122 # update_engine related domains that need to apply an update and run
127 # All core domains (as opposed to vendor/device-specific domains)
133 # All vendor domains which violate the requirement of not using Binder
137 # All vendor domains which violate the requirement of not using sockets for
142 # All vendor domains which violate the requirement of not executing
[all …]
Dlogpersist.te1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
Ddomain.te1 # Rules for all domains.
69 # /dev/binder can be accessed by non-vendor domains and by apps
113 # All domains are allowed to open and read directories
127 # All domains get access to /vendor/etc
132 # Allow all domains to be able to follow /system/vendor symlink
140 # Allow reading and executing out of /vendor to all vendor domains
198 # Restrict all domains to a whitelist for common socket types. Additional
199 # ioctl commands may be added to individual domains, but this sets safe
237 # Limit device node creation to these whitelisted domains.
246 # Limit raw I/O to these whitelisted domains. Do not apply to debug builds.
[all …]
/system/sepolicy/prebuilts/api/27.0/public/
Dvendor_toolbox.te6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the whitelisted domains.
Dattributes100 # All domains that can override MLS restrictions.
108 # All domains used for apps.
114 # All domains used for apps with network access.
117 # All domains used for apps with bluetooth access.
120 # All domains used for binder service domains.
123 # update_engine related domains that need to apply an update and run
128 # All core domains (as opposed to vendor/device-specific domains)
134 # All vendor domains which violate the requirement of not using Binder
139 # All vendor domains which violate the requirement of not using sockets for
145 # All vendor domains which violate the requirement of not executing
[all …]
Dlogpersist.te1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
Ddomain.te1 # Rules for all domains.
69 # /dev/binder can be accessed by non-vendor domains and by apps
113 # All domains are allowed to open and read directories
127 # All domains get access to /vendor/etc
132 # Allow all domains to be able to follow /system/vendor symlink
140 # Allow reading and executing out of /vendor to all vendor domains
198 # Restrict all domains to a whitelist for common socket types. Additional
199 # ioctl commands may be added to individual domains, but this sets safe
240 # Limit device node creation to these whitelisted domains.
249 # Limit raw I/O to these whitelisted domains. Do not apply to debug builds.
[all …]
/system/netd/tests/benchmarks/
Ddns_benchmark.cpp66 std::vector<std::string> domains = { "example.com" }; in SetUp() local
68 dns.SetupMappings(num_hosts, domains, &mappings); in SetUp()
73 dns.SetResolversForNetwork(servers, domains, mDefaultParams_Binder); in SetUp()
/system/netd/resolv/
DResolverController.cpp97 int getDnsInfo(unsigned netId, std::vector<std::string>* servers, std::vector<std::string>* domains, in getDnsInfo() argument
119 domains->clear(); in getDnsInfo()
168 domains->push_back(res_domains[i]); in getDnsInfo()
229 std::string domains_str = android::base::Join(resolverParams.domains, " "); in setResolverConfiguration()
241 << ", numservers = " << resolverParams.domains.size(); in setResolverConfiguration()
248 std::vector<std::string>* domains, in getResolverInfo() argument
256 int ret = getDnsInfo(netId, servers, domains, &res_params, &res_stats, in getResolverInfo()
306 std::vector<std::string> domains; in dump() local
311 int rv = getDnsInfo(netId, &servers, &domains, &params, &stats, in dump()
342 if (domains.empty()) { in dump()
[all …]
/system/sepolicy/prebuilts/api/27.0/private/
Dattributes5 # domains. The goal is to not assign domain_deprecated to new domains
/system/sepolicy/prebuilts/api/26.0/private/
Dattributes5 # domains. The goal is to not assign domain_deprecated to new domains
/system/sepolicy/prebuilts/api/29.0/private/
Ddomain.te41 # Allow all domains to read sys.use_memfd to determine
86 # with other UIDs to these whitelisted domains.
168 # that these files cannot be accessed by other domains to ensure that the files
188 # outside the rootfs or /system partition except for a few whitelisted domains.
276 # Since the kernel checks dac_read_search before dac_override, domains that
278 # denials. Some domains have dac_read_search without having dac_override, so
286 # Limit what domains can mount filesystems or change their mount flags.
287 # sdcard_type / vfat is exempt as a larger set of domains need
288 # this capability, including device-specific domains.
302 # Limit raw I/O to these whitelisted domains. Do not apply to debug builds.
/system/sepolicy/private/
Ddomain.te41 # Allow all domains to read sys.use_memfd to determine
86 # with other UIDs to these whitelisted domains.
168 # that these files cannot be accessed by other domains to ensure that the files
188 # outside the rootfs or /system partition except for a few whitelisted domains.
276 # Since the kernel checks dac_read_search before dac_override, domains that
278 # denials. Some domains have dac_read_search without having dac_override, so
286 # Limit what domains can mount filesystems or change their mount flags.
287 # sdcard_type / vfat is exempt as a larger set of domains need
288 # this capability, including device-specific domains.
302 # Limit raw I/O to these whitelisted domains. Do not apply to debug builds.

12345678