Searched refs:domain (Results 1 – 25 of 1883) sorted by relevance
12345678910>>...76
| /system/bpf/libbpf_android/include/ |
| D | libbpf_android.h | 40 enum class domain : int { enum
54 static constexpr domain AllDomains[] = {
55 domain::unspecified,
56 domain::platform,
57 domain::tethering,
58 domain::net_private,
59 domain::net_shared,
60 domain::netd_readonly,
61 domain::netd_shared,
62 domain::vendor,
[all …]
|
| /system/sepolicy/microdroid/system/private/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/34.0/private/ |
| D | property.te | 67 neverallow domain {
75 neverallow { domain -coredomain } {
82 neverallow { domain -coredomain } {
107 neverallow domain property_type:file { ioctl lock };
138 domain
145 dontaudit domain {
157 domain
163 domain
168 domain
177 domain
[all …]
|
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
16 domain
57 r_dir_file(domain, sysfs_fs_incfs_features);
60 r_dir_file(domain, sysfs_fs_fuse_features);
63 allow domain cgroup:dir search;
64 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
65 allow { domain -appdomain -rs } cgroup:file w_file_perms;
[all …]
|
| D | bpfloader.te | 32 neverallow { domain } bpffs_type:dir ~{ add_name create getattr mounton remove_name sear…
33 neverallow { domain -bpfloader } bpffs_type:dir { add_name create remove_name write };
35 neverallow { domain } bpffs_type:file ~{ create getattr map open read rename setattr wri…
36 neverallow { domain -bpfloader } bpffs_type:file { create map open rename setattr };
37 neverallow { domain -bpfloader -gpuservice -lmkd -mediaprovider_app -netd -netutils_wrapper …
38 neverallow { domain -bpfloader …
39 neverallow { domain -bpfloader -networ…
40 neverallow { domain -bpfloader -networ…
41 neverallow { domain -bpfloader -netd -networ…
42 neverallow { domain -bpfloader -netd -netutils_wrapper -networ…
[all …]
|
| D | seapp_contexts | 46 # restricted to run in an isolated_app domain. Processes match this selector will
80 # domain (string)
85 # domain= determines the label to be used for the app process; entries
86 # without domain= are ignored for this purpose.
116 neverallow isSystemServer=false domain=system_server
117 neverallow isSystemServer=false domain=system_server_startup
118 neverallow isSystemServer="" domain=system_server
119 neverallow isSystemServer="" domain=system_server_startup
122 neverallow user=((?!system).)* domain=system_app
130 # neverallow shared relro to any other domain
[all …]
|
| /system/sepolicy/private/ |
| D | property.te | 67 neverallow domain {
75 neverallow { domain -coredomain } {
82 neverallow { domain -coredomain } {
107 neverallow domain property_type:file { ioctl lock };
138 domain
145 dontaudit domain {
157 domain
163 domain
168 domain
177 domain
[all …]
|
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
16 domain
57 r_dir_file(domain, sysfs_fs_incfs_features);
60 r_dir_file(domain, sysfs_fs_fuse_features);
63 allow domain cgroup:dir search;
64 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
65 allow { domain -appdomain -rs } cgroup:file w_file_perms;
[all …]
|
| D | bpfloader.te | 32 neverallow { domain } bpffs_type:dir ~{ add_name create getattr mounton remove_name sear…
33 neverallow { domain -bpfloader } bpffs_type:dir { add_name create remove_name write };
35 neverallow { domain } bpffs_type:file ~{ create getattr map open read rename setattr wri…
36 neverallow { domain -bpfloader } bpffs_type:file { create map open rename setattr };
37 neverallow { domain -bpfloader -gpuservice -lmkd -mediaprovider_app -netd -netutils_wrapper …
38 neverallow { domain -bpfloader …
39 neverallow { domain -bpfloader -networ…
40 neverallow { domain -bpfloader -networ…
41 neverallow { domain -bpfloader -netd -networ…
42 neverallow { domain -bpfloader -netd -netutils_wrapper -networ…
[all …]
|
| D | seapp_contexts | 46 # restricted to run in an isolated_app domain. Processes match this selector will
80 # domain (string)
85 # domain= determines the label to be used for the app process; entries
86 # without domain= are ignored for this purpose.
116 neverallow isSystemServer=false domain=system_server
117 neverallow isSystemServer=false domain=system_server_startup
118 neverallow isSystemServer="" domain=system_server
119 neverallow isSystemServer="" domain=system_server_startup
122 neverallow user=((?!system).)* domain=system_app
130 # neverallow shared relro to any other domain
[all …]
|
| /system/sepolicy/prebuilts/api/31.0/private/ |
| D | property.te | 49 neverallow domain {
57 neverallow { domain -coredomain } {
64 neverallow { domain -coredomain } {
89 neverallow domain property_type:file { ioctl lock };
120 domain
127 dontaudit domain {
139 domain
144 domain
153 domain
172 domain
[all …]
|
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
15 domain
35 domain
53 r_dir_file(domain, sysfs_fs_incfs_features);
56 allow domain cgroup:dir search;
57 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
58 allow { domain -appdomain -rs } cgroup:file w_file_perms;
[all …]
|
| /system/sepolicy/prebuilts/api/32.0/private/ |
| D | property.te | 50 neverallow domain {
58 neverallow { domain -coredomain } {
65 neverallow { domain -coredomain } {
90 neverallow domain property_type:file { ioctl lock };
121 domain
128 dontaudit domain {
140 domain
145 domain
154 domain
173 domain
[all …]
|
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
15 domain
35 domain
53 r_dir_file(domain, sysfs_fs_incfs_features);
56 allow domain cgroup:dir search;
57 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
58 allow { domain -appdomain -rs } cgroup:file w_file_perms;
[all …]
|
| /system/sepolicy/prebuilts/api/33.0/private/ |
| D | property.te | 60 neverallow domain {
68 neverallow { domain -coredomain } {
75 neverallow { domain -coredomain } {
100 neverallow domain property_type:file { ioctl lock };
132 domain
139 dontaudit domain {
151 domain
156 domain
165 domain
184 domain
[all …]
|
| /system/sepolicy/prebuilts/api/33.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/31.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/32.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/30.0/private/ |
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
15 domain
35 domain
53 allow domain cgroup:dir search;
54 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
55 allow { domain -appdomain -rs } cgroup:file w_file_perms;
57 allow domain cgroup_rc_file:dir search;
[all …]
|
| D | bpfloader.te | 2 type bpfloader, domain;
20 neverallow { domain -init -vendor_init } fs_bpf:dir setattr;
21 neverallow { domain -bpfloader } fs_bpf:dir { write add_name };
22 neverallow domain fs_bpf:dir { reparent rename rmdir };
25 neverallow { domain -bpfloader -init -vendor_init } fs_bpf:file setattr;
26 neverallow { domain -bpfloader } fs_bpf:file create;
27 neverallow domain fs_bpf:file { rename unlink };
29 neverallow { domain -bpfloader } *:bpf { map_create prog_load };
30 neverallow { domain -bpfloader -netd -netutils_wrapper -system_server } *:bpf prog_run;
31 neverallow { domain -bpfloader -netd -system_server } *:bpf { map_read map_write };
[all …]
|
| /system/sepolicy/prebuilts/api/29.0/private/ |
| D | domain.te | 3 # We do not apply this to the su domain to avoid interfering with
5 domain_auto_trans({ domain userdebug_or_eng(`-su') }, crash_dump_exec, crash_dump);
6 allow domain crash_dump:process sigchld;
12 get_prop(domain, heapprofd_prop);
15 domain
32 allow domain cgroup:dir search;
33 allow { domain -appdomain -rs } cgroup:dir w_dir_perms;
34 allow { domain -appdomain -rs } cgroup:file w_file_perms;
36 allow domain cgroup_rc_file:dir search;
37 allow domain cgroup_rc_file:file r_file_perms;
[all …]
|
| /system/sepolicy/prebuilts/api/30.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/29.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
| /system/sepolicy/prebuilts/api/34.0/public/ |
| D | domain.te | 4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net_type:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
[all …]
|
12345678910>>...76