/system/sepolicy/prebuilts/api/28.0/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:global_capability_class_set sys_nice; 7 r_dir_file(kernel, rootfs) 8 allow kernel proc_cmdline:file r_file_perms; 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
/system/sepolicy/prebuilts/api/27.0/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:capability sys_nice; 7 r_dir_file(kernel, rootfs) 8 r_dir_file(kernel, proc) 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
D | performanced.te | 16 # Performanced also shields unbound kernel threads. It scans every task in the 17 # root cpu set, but only affects the kernel threads. 18 r_dir_file(performanced, { appdomain bufferhubd kernel surfaceflinger }) 20 allow performanced { appdomain bufferhubd kernel surfaceflinger }:process setsched;
|
/system/sepolicy/prebuilts/api/29.0/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:global_capability_class_set sys_nice; 7 r_dir_file(kernel, rootfs) 8 allow kernel proc_cmdline:file r_file_perms; 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
/system/sepolicy/prebuilts/api/26.0/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:capability sys_nice; 7 r_dir_file(kernel, rootfs) 8 r_dir_file(kernel, proc) 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
D | performanced.te | 11 # Performanced also shields unbound kernel threads. It scans every task in the 12 # root cpu set, but only affects the kernel threads. 13 r_dir_file(performanced, { appdomain bufferhubd kernel surfaceflinger }) 15 allow performanced { appdomain bufferhubd kernel surfaceflinger }:process setsched;
|
/system/sepolicy/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:global_capability_class_set sys_nice; 7 r_dir_file(kernel, rootfs) 8 allow kernel proc_cmdline:file r_file_perms; 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
D | performanced.te | 16 # Performanced also shields unbound kernel threads. It scans every task in the 17 # root cpu set, but only affects the kernel threads. 18 r_dir_file(performanced, { appdomain bufferhubd kernel surfaceflinger }) 20 allow performanced { appdomain bufferhubd kernel surfaceflinger }:process setsched;
|
/system/sepolicy/prebuilts/api/30.0/public/ |
D | kernel.te | 1 # Life begins with the kernel. 2 type kernel, domain, mlstrustedsubject; 4 allow kernel self:global_capability_class_set sys_nice; 7 r_dir_file(kernel, rootfs) 8 allow kernel proc_cmdline:file r_file_perms; 11 allow kernel selinuxfs:dir r_dir_perms; 12 allow kernel selinuxfs:file r_file_perms; 15 allow kernel file_contexts_file:file r_file_perms; 18 allow kernel rootfs:file relabelfrom; 19 allow kernel init_exec:file relabelto; [all …]
|
/system/netd/ |
D | TEST_MAPPING | 11 "keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]}, 13 "keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]}, 15 "keywords": ["netd-device-kernel-4.9", "netd-device-kernel-4.14"]}
|
/system/connectivity/wificond/net/kernel-header-latest/ |
D | README.txt | 3 This folder contains any wifi kernel header updates to the kernels running on 4 the latest devices, but not present in external/kernel-headers. 5 external/kernel-headers has the headers from the stable kernel tree which is generally 9 cp <kernel-dir>/private/msm-google/include/uapi/linux/nl80211.h 10 <android-source-dir>/system/connectivity/wificond/net/kernel-header-latest/nl80211.h 12 Last update from kernel branch: `p-dev-msm-bluecross-4.9`
|
/system/sepolicy/prebuilts/api/30.0/private/ |
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init) 5 # Allow the kernel to read otapreopt_chroot's file descriptors and files under 7 allow kernel otapreopt_chroot:fd use; 8 allow kernel postinstall_file:file read;
|
D | fsverity_init.te | 9 # Kernel only prints the keys that can be accessed and only kernel keyring is needed here. 12 allow fsverity_init kernel:key { view search write setattr }; 18 # When kernel requests an algorithm, the crypto API first looks for an 19 # already registered algorithm with that name. If it fails, the kernel creates 21 dontaudit fsverity_init kernel:system module_request;
|
/system/sepolicy/private/ |
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init) 5 # Allow the kernel to read otapreopt_chroot's file descriptors and files under 7 allow kernel otapreopt_chroot:fd use; 8 allow kernel postinstall_file:file read;
|
D | fsverity_init.te | 9 # Kernel only prints the keys that can be accessed and only kernel keyring is needed here. 12 allow fsverity_init kernel:key { view search write setattr }; 18 # When kernel requests an algorithm, the crypto API first looks for an 19 # already registered algorithm with that name. If it fails, the kernel creates 21 dontaudit fsverity_init kernel:system module_request;
|
/system/sepolicy/prebuilts/api/29.0/private/ |
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init) 5 # Allow the kernel to read otapreopt_chroot's file descriptors and files under 7 allow kernel otapreopt_chroot:fd use; 8 allow kernel postinstall_file:file read;
|
D | fsverity_init.te | 13 # Kernel only prints the keys that can be accessed and only kernel keyring is needed here. 16 allow fsverity_init kernel:key { view search write setattr }; 22 # When kernel requests an algorithm, the crypto API first looks for an 23 # already registered algorithm with that name. If it fails, the kernel creates 25 dontaudit fsverity_init kernel:system module_request;
|
/system/core/fastboot/ |
D | bootimg_utils.cpp | 50 static boot_img_hdr_v3* mkbootimg_v3(const std::vector<char>& kernel, in mkbootimg_v3() argument 55 int64_t kernel_actual = (kernel.size() + page_mask) & (~page_mask); in mkbootimg_v3() 64 hdr->kernel_size = kernel.size(); in mkbootimg_v3() 70 memcpy(hdr->magic + V3_PAGE_SIZE, kernel.data(), kernel.size()); in mkbootimg_v3() 76 boot_img_hdr_v2* mkbootimg(const std::vector<char>& kernel, const std::vector<char>& ramdisk, in mkbootimg() argument 83 return reinterpret_cast<boot_img_hdr_v2*>(mkbootimg_v3(kernel, ramdisk, src, out)); in mkbootimg() 88 int64_t kernel_actual = (kernel.size() + page_mask) & (~page_mask); in mkbootimg() 102 hdr->kernel_size = kernel.size(); in mkbootimg() 119 memcpy(hdr->magic + hdr->page_size, kernel.data(), kernel.size()); in mkbootimg()
|
/system/core/llkd/ |
D | llkd.rc | 26 write /proc/sys/kernel/hung_task_timeout_secs ${ro.khungtask.timeout:-720} 27 write /proc/sys/kernel/hung_task_warnings 65535 28 write /proc/sys/kernel/hung_task_check_count 65535 29 write /proc/sys/kernel/hung_task_panic 1 32 write /proc/sys/kernel/hung_task_panic 0
|
/system/libvintf/ |
D | CompatibilityMatrix.cpp | 34 bool CompatibilityMatrix::addKernel(MatrixKernel&& kernel, std::string* error) { in addKernel() argument 42 if (kernel.getSourceMatrixLevel() == Level::UNSPECIFIED) { in addKernel() 43 kernel.setSourceMatrixLevel(level()); in addKernel() 48 if (it->getSourceMatrixLevel() != kernel.getSourceMatrixLevel()) { in addKernel() 51 if (it->minLts() == kernel.minLts()) { in addKernel() 54 if (it->minLts().dropMinor() == kernel.minLts().dropMinor()) { in addKernel() 57 to_string(kernel.getSourceMatrixLevel()) + ", cannot add " + in addKernel() 58 to_string(kernel.minLts()) + " because " + to_string(it->minLts()) + in addKernel() 70 if (kernel.conditions().empty()) { in addKernel() 74 const auto& configs = kernel.configs(); in addKernel() [all …]
|
/system/sepolicy/prebuilts/api/26.0/private/ |
D | genfs_contexts | 20 genfscon proc /sys/kernel/core_pattern u:object_r:usermodehelper:s0 21 genfscon proc /sys/kernel/dmesg_restrict u:object_r:proc_security:s0 22 genfscon proc /sys/kernel/hotplug u:object_r:usermodehelper:s0 23 genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0 24 genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0 25 genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0 26 genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0 27 genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0 28 genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0 29 genfscon proc /sys/kernel/usermodehelper u:object_r:usermodehelper:s0
|
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init)
|
/system/sepolicy/prebuilts/api/27.0/private/ |
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init)
|
/system/sepolicy/prebuilts/api/28.0/private/ |
D | kernel.te | 1 typeattribute kernel coredomain; 3 domain_auto_trans(kernel, init_exec, init)
|
/system/extras/boottime_tools/bootio/sepolicy/ |
D | domain.te | 1 # dontaudit bootio kernel:system module_request; 2 allow bootio kernel:fd use;
|