Searched refs:domains (Results 1 – 25 of 269) sorted by relevance
1234567891011
| /system/sepolicy/prebuilts/api/29.0/public/ |
| D | attributes | 86 # These properties are not accessible from device-specific domains
121 # All domains that can override MLS restrictions.
129 # All domains used for apps.
135 # All domains used for apps with network access.
138 # All domains used for apps with bluetooth access.
141 # All domains used for binder service domains.
144 # update_engine related domains that need to apply an update and run
149 # All core domains (as opposed to vendor/device-specific domains)
156 # All vendor domains which violate the requirement of not using Binder
161 # All vendor domains which violate the requirement of not using sockets for
[all …]
|
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | logpersist.te | 1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
|
| /system/sepolicy/prebuilts/api/28.0/public/ |
| D | attributes | 75 # These properties are not accessible from device-specific domains
110 # All domains that can override MLS restrictions.
118 # All domains used for apps.
124 # All domains used for apps with network access.
127 # All domains used for apps with bluetooth access.
130 # All domains used for binder service domains.
133 # update_engine related domains that need to apply an update and run
138 # All core domains (as opposed to vendor/device-specific domains)
145 # All vendor domains which violate the requirement of not using Binder
150 # All vendor domains which violate the requirement of not using sockets for
[all …]
|
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | logpersist.te | 1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
|
| /system/sepolicy/prebuilts/api/31.0/public/ |
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | attributes | 100 # These properties are not accessible from device-specific domains
193 # All domains that can override MLS restrictions.
201 # All domains used for apps.
207 # All domains used for apps with network access.
210 # All domains used for apps with bluetooth access.
213 # All domains used for binder service domains.
216 # update_engine related domains that need to apply an update and run
221 # All core domains (as opposed to vendor/device-specific domains)
231 # All vendor domains which violate the requirement of not using sockets for
237 # All vendor domains which violate the requirement of not executing
[all …]
|
| /system/sepolicy/prebuilts/api/27.0/public/ |
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | attributes | 100 # All domains that can override MLS restrictions.
108 # All domains used for apps.
114 # All domains used for apps with network access.
117 # All domains used for apps with bluetooth access.
120 # All domains used for binder service domains.
123 # update_engine related domains that need to apply an update and run
128 # All core domains (as opposed to vendor/device-specific domains)
134 # All vendor domains which violate the requirement of not using Binder
139 # All vendor domains which violate the requirement of not using sockets for
145 # All vendor domains which violate the requirement of not executing
[all …]
|
| D | logpersist.te | 1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
|
| D | domain.te | 1 # Rules for all domains.
69 # /dev/binder can be accessed by non-vendor domains and by apps
113 # All domains are allowed to open and read directories
127 # All domains get access to /vendor/etc
132 # Allow all domains to be able to follow /system/vendor symlink
140 # Allow reading and executing out of /vendor to all vendor domains
198 # Restrict all domains to a allowlist for common socket types. Additional
199 # ioctl commands may be added to individual domains, but this sets safe
240 # Limit device node creation to these allowlisted domains.
249 # Limit raw I/O to these allowlisted domains. Do not apply to debug builds.
[all …]
|
| /system/sepolicy/prebuilts/api/30.0/public/ |
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | attributes | 86 # These properties are not accessible from device-specific domains
165 # All domains that can override MLS restrictions.
173 # All domains used for apps.
179 # All domains used for apps with network access.
182 # All domains used for apps with bluetooth access.
185 # All domains used for binder service domains.
188 # update_engine related domains that need to apply an update and run
193 # All core domains (as opposed to vendor/device-specific domains)
200 # All vendor domains which violate the requirement of not using Binder
205 # All vendor domains which violate the requirement of not using sockets for
[all …]
|
| D | logpersist.te | 1 # android debug logging, logpersist domains
23 # Following is a list of debug domains we know that transition to logpersist
|
| /system/sepolicy/prebuilts/api/26.0/public/ |
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | attributes | 99 # All domains that can override MLS restrictions.
107 # All domains used for apps.
113 # All domains used for apps with network access.
116 # All domains used for apps with bluetooth access.
119 # All domains used for binder service domains.
122 # update_engine related domains that need to apply an update and run
127 # All core domains (as opposed to vendor/device-specific domains)
133 # All vendor domains which violate the requirement of not using Binder
137 # All vendor domains which violate the requirement of not using sockets for
142 # All vendor domains which violate the requirement of not executing
[all …]
|
| D | logpersist.te | 1 # android debug logging, logpersist domains
19 # Following is a list of debug domains we know that transition to logpersist
|
| D | domain.te | 1 # Rules for all domains.
69 # /dev/binder can be accessed by non-vendor domains and by apps
113 # All domains are allowed to open and read directories
127 # All domains get access to /vendor/etc
132 # Allow all domains to be able to follow /system/vendor symlink
140 # Allow reading and executing out of /vendor to all vendor domains
198 # Restrict all domains to a allowlist for common socket types. Additional
199 # ioctl commands may be added to individual domains, but this sets safe
237 # Limit device node creation to these allowlisted domains.
246 # Limit raw I/O to these allowlisted domains. Do not apply to debug builds.
[all …]
|
| /system/sepolicy/public/ |
| D | vendor_toolbox.te | 6 # Do not allow domains to transition to vendor toolbox
9 # Do not allow non-vendor domains to transition
10 # to vendor toolbox except for the allowlisted domains.
|
| D | attributes | 100 # These properties are not accessible from device-specific domains
193 # All domains that can override MLS restrictions.
201 # All domains used for apps.
207 # All domains used for apps with network access.
210 # All domains used for apps with bluetooth access.
213 # All domains used for binder service domains.
216 # update_engine related domains that need to apply an update and run
221 # All core domains (as opposed to vendor/device-specific domains)
231 # All vendor domains which violate the requirement of not using sockets for
237 # All vendor domains which violate the requirement of not executing
[all …]
|
| /system/netd/tests/benchmarks/ |
| D | dns_benchmark.cpp | 65 std::vector<std::string> domains = { "example.com" }; in SetUp() local
67 dns.SetupMappings(num_hosts, domains, &mappings); in SetUp()
72 dns.SetResolversForNetwork(servers, domains, mDefaultParams_Binder); in SetUp()
|
| /system/sepolicy/prebuilts/api/26.0/private/ |
| D | attributes | 5 # domains. The goal is to not assign domain_deprecated to new domains
|
| /system/sepolicy/prebuilts/api/27.0/private/ |
| D | attributes | 5 # domains. The goal is to not assign domain_deprecated to new domains
|
| /system/sepolicy/prebuilts/api/29.0/private/ |
| D | domain.te | 41 # Allow all domains to read sys.use_memfd to determine
86 # with other UIDs to these allowlisted domains.
168 # that these files cannot be accessed by other domains to ensure that the files
188 # outside the rootfs or /system partition except for a few allowlisted domains.
276 # Since the kernel checks dac_read_search before dac_override, domains that
278 # denials. Some domains have dac_read_search without having dac_override, so
286 # Limit what domains can mount filesystems or change their mount flags.
287 # sdcard_type / vfat is exempt as a larger set of domains need
288 # this capability, including device-specific domains.
302 # Limit raw I/O to these allowlisted domains. Do not apply to debug builds.
|
1234567891011