Home
last modified time | relevance | path

Searched refs:sepolicy (Results 1 – 25 of 63) sorted by relevance

123

/system/sepolicy/tools/
Dcheckfc.c43 } sepolicy; member
93 int bit_pos = get_attr_bit(global_state.sepolicy.pdb, *attributes); in ebitmap_attribute_assertion_init()
159 int rc = sepol_context_from_string(global_state.sepolicy.handle, context, in validate()
166 rc = sepol_context_check(global_state.sepolicy.handle, in validate()
167 global_state.sepolicy.sdb, ctx); in validate()
176 res = !is_type_of_attribute_set(global_state.sepolicy.pdb, type_name, in validate()
213 if (global_state.sepolicy.file) { in cleanup()
214 fclose(global_state.sepolicy.file); in cleanup()
217 if (global_state.sepolicy.sdb) { in cleanup()
218 sepol_policydb_free(global_state.sepolicy.sdb); in cleanup()
[all …]
DREADME18 build to validate both files. Requires the sepolicy file as an
23 checkfc sepolicy file_contexts
24 checkfc -p sepolicy property_contexts
43 checkseapp -p sepolicy input_seapp_contexts0 [input_seapp_contexts1...] -o seapp_contexts
48 script is described further in the top-level sepolicy/README.
63 sepolicy-check
64 A tool for auditing a sepolicy file for any allow rule that grants
68sepolicy-check -s <domain> -t <type> -c <class> -p <permission> -P out/target/product/<board>/root…
70 sepolicy-analyze
71 A tool for performing various kinds of analysis on a sepolicy
DAndroid.bp51 name: "sepolicy-check",
53 srcs: ["sepolicy-check.c"],
Dbuild_policies.sh78 OUT_DIR=$out_dir/out.$target mmma -j$mmma_jobs system/sepolicy &>> $my_out_file
/system/sepolicy/tools/sepolicy-analyze/
DREADME1 sepolicy-analyze
3 sepolicy file. The current kinds of analysis that are currently
7 sepolicy-analyze out/target/product/<board>/root/sepolicy typecmp -e
28 sepolicy-analyze out/target/product/<board>/root/sepolicy typecmp -d
35 sepolicy-analyze out/target/product/<board>/root/sepolicy dups
49 sepolicy-analyze out/target/product/<board>/root/sepolicy permissive
57 sepolicy-analyze out/target/product/<board>/root/sepolicy booleans
64 sepolicy-analyze out/target/product/<board>/root/sepolicy attribute <name>
68 sepolicy-analyze out/target/product/<board>/root/sepolicy attribute -r <name>
72 sepolicy-analyze out/target/product/<board>/root/sepolicy attribute -l
[all …]
DAndroid.bp10 name: "sepolicy-analyze",
14 "sepolicy-analyze.c",
/system/sepolicy/
DAndroid.mk395 sepolicy \
421 cannot be set before system/sepolicy freezes.)
666 $(HOST_OUT_EXECUTABLES)/checkpolicy $(HOST_OUT_EXECUTABLES)/sepolicy-analyze
670 $(hide) $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $@.tmp neverallow -w -f $(PRIVATE_SEPOLICY_2) || \
743 $(HOST_OUT_EXECUTABLES)/checkpolicy $(HOST_OUT_EXECUTABLES)/sepolicy-analyze
747 $(hide) $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $@.tmp neverallow -w -f $(PRIVATE_SEPOLICY_2) || \
1009 LOCAL_MODULE := sepolicy
1048 $(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/secilc $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $(al…
1052 $(hide) $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $@.tmp permissive > $@.permissivedomains
1071 LOCAL_MODULE := sepolicy.recovery
[all …]
DREADME4 separate device/<vendor>/<board>/sepolicy subdirectory and linked
35 BOARD_VENDOR_SEPOLICY_DIRS += device/samsung/tuna/sepolicy
37 Alongside vendor sepolicy dirs, OEMs can also amend the public and private
40 SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/systemext/public
41 SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/systemext/private
42 PRODUCT_PUBLIC_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/product/public
43 PRODUCT_PRIVATE_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/product/private
Dcompat.mk50 $(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/secilc $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $(al…
DNOTICE1 This configuration (sepolicy) is public domain, i.e. not copyrighted.
/system/sepolicy/public/
Dotapreopt_chroot.te3 # TODO: Only present to allow mediatek/wembley-sepolicy to see it for validation reasons.
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
Dpostinstall.te3 # files needed by the specific device on your device's sepolicy directory.
/system/sepolicy/prebuilts/api/31.0/public/
Dotapreopt_chroot.te3 # TODO: Only present to allow mediatek/wembley-sepolicy to see it for validation reasons.
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
/system/sepolicy/prebuilts/api/26.0/public/
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
Dpostinstall.te3 # files needed by the specific device on your device's sepolicy directory.
/system/sepolicy/prebuilts/api/27.0/public/
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
Dpostinstall.te3 # files needed by the specific device on your device's sepolicy directory.
/system/sepolicy/prebuilts/api/29.0/public/
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
/system/sepolicy/prebuilts/api/28.0/public/
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
Dpostinstall.te3 # files needed by the specific device on your device's sepolicy directory.
/system/sepolicy/private/
Dkernel.te12 # OTA. Once sepolicy is loaded, snapuserd must be re-launched in the correct
/system/sepolicy/prebuilts/api/30.0/public/
Dtoolbox.te17 # device/<vendor>/<product>/sepolicy/file_contexts file.
/system/sepolicy/prebuilts/api/31.0/private/
Dkernel.te12 # OTA. Once sepolicy is loaded, snapuserd must be re-launched in the correct

123