Home
last modified time | relevance | path

Searched refs:rule (Results 1 – 25 of 140) sorted by relevance

123456

/system/sepolicy/build/soong/
Dselinux_contexts.go248 rule := android.NewRuleBuilder(pctx, ctx)
252 rule.Command().Text("echo").FlagWithOutput("> ", newlineFile)
253 rule.Temporary(newlineFile)
260 rule.Command().
268 rule.Temporary(builtContext)
272 rule.Command().
281 rule.Temporary(builtContext)
285 rule.Command().
294 rule.Temporary(builtContext)
295 rule.Command().Text("cp").Input(builtContext).Output(ret)
[all …]
Dpolicy.go213 rule := android.NewRuleBuilder(pctx, ctx)
220 rule.Command().Tool(ctx.Config().PrebuiltBuildTool(ctx, "m4")).
242 rule.Build("conf", "Transform policy to conf: "+ctx.ModuleName())
344 rule := android.NewRuleBuilder(pctx, ctx)
345 checkpolicyCmd := rule.Command().BuiltTool("checkpolicy").
357 rule.Command().BuiltTool("build_sepolicy").
365 rule.Command().Text("cat").
371 rule.Command().Text("grep -v").
382 secilcCmd := rule.Command().BuiltTool("secilc").
397 rule.Build("cil", "Building cil for "+ctx.ModuleName())
[all …]
Dsepolicy_neverallow.go146 rule := android.NewRuleBuilder(pctx, ctx)
150 rule.Command().BuiltTool("checkpolicy").
155 rule.Build("neverallow_checkpolicy", "Neverallow check: "+ctx.ModuleName())
159 rule = android.NewRuleBuilder(pctx, ctx)
164 rule.Command().BuiltTool("sepolicy-analyze").
174 rule.Command().Text("touch").Output(n.testTimestamp)
175 rule.Build("neverallow_sepolicy-analyze", "Neverallow check: "+ctx.ModuleName())
Dvalidate_bindings.go86 rule := android.NewRuleBuilder(pctx, ctx)
88 rule.Command().BuiltTool(tool).Flag("-s").Inputs(srcs).Flag("-b").Input(rootPath)
92 rule.Command().Text("touch").Output(m.testTimestamp)
93 rule.Build("fuzzer_bindings_test", "running service:fuzzer bindings test: "+ctx.ModuleName())
Dsepolicy_freeze.go90 rule := android.NewRuleBuilder(pctx, ctx)
93 rule.Command().Text("diff").
101 rule.Command().Text("touch").
105 rule.Build("sepolicy_freeze_test", "sepolicy_freeze_test")
Dversioned_policy.go107 rule := android.NewRuleBuilder(pctx, ctx)
114 versionCmd := rule.Command().BuiltTool("version_policy").
134 rule.Command().BuiltTool("build_sepolicy").
142 rule.Command().BuiltTool("secilc").
154 rule.Build("mapping", "Versioning mapping file "+ctx.ModuleName())
Dmac_permissions.go97 rule := android.NewRuleBuilder(pctx, ctx)
98 rule.Command().
107rule.Command().Text("DEFAULT_SYSTEM_DEV_CERTIFICATE="+ctx.Config().DefaultAppCertificateDir(ctx).S…
115 rule.Build("mac_permission", "build "+m.Name())
Dsepolicy_vers.go81 rule := android.NewRuleBuilder(pctx, ctx)
82 rule.Command().Text("echo").Text(ver).Text(">").Output(out)
83 rule.Build("sepolicy_vers", v.Name())
Dcompat_cil.go231 rule := android.NewRuleBuilder(pctx, ctx)
232 rule.Command().Text("touch").Output(f.compatTestTimestamp).Implicits(inputs)
233 rule.Build("compat", "compat test timestamp for: "+f.Name())
/system/logging/logd/
DPruneList.cpp176 for (const auto& rule : low_priority_prune_) { in Format() local
177 prune_rules.emplace_back(rule.Format()); in Format()
179 for (const auto& rule : high_priority_prune_) { in Format() local
180 prune_rules.emplace_back("~" + rule.Format()); in Format()
186 for (const auto& rule : high_priority_prune_) { in IsHighPriority() local
187 if (rule.Matches(element)) { in IsHighPriority()
195 for (const auto& rule : low_priority_prune_) { in IsLowPriority() local
196 if (rule.Matches(element)) { in IsLowPriority()
/system/sepolicy/tests/
Dapex_sepolicy_tests.py82 def check_rule(pol, path: str, tcontext: str, rule: Rule) -> List[str]:
84 match rule:
129 for matcher, rule in rules:
131 errors.extend(check_rule(pol, path, tcontext, rule))
Dtreble_sepolicy_tests.py383 basePermissionSet = set([":".join([rule.tctx, rule.tclass, perm])
384 for rule in baseRules for perm in rule.perms])
388 typePermissionSet = set([":".join([rule.tctx, rule.tclass, perm])
389 for rule in currentTypeRule for perm in rule.perms
390 if not rule.tctx in [subType, subType + "_userfaultfd"]])
/system/netd/server/
DFirewallController.cpp121 int FirewallController::setInterfaceRule(const char* iface, FirewallRule rule) { in setInterfaceRule() argument
136 if (rule == ALLOW && mIfaceRules.find(iface) == mIfaceRules.end()) { in setInterfaceRule()
139 } else if (rule == DENY && mIfaceRules.find(iface) != mIfaceRules.end()) { in setInterfaceRule()
DNetlinkCommands.cpp195 rtmsg rule = { in rtNetlinkFlush() local
200 { &rule, sizeof(rule) }, in rtNetlinkFlush()
DControllers.cpp142 std::string rule; in findExistingChildChains() local
143 while (std::getline(stream, rule, '\n')) { in findExistingChildChains()
144 if (std::regex_search(rule, matches, CHILD_CHAIN_REGEX) && matches[1] == parentChain) { in findExistingChildChains()
DBandwidthController.cpp737 std::string rule; in parseAndFlushCostlyTables() local
742 while (std::getline(stream, rule, '\n')) { in parseAndFlushCostlyTables()
743 if (!StartsWith(rule, NEW_CHAIN_COMMAND)) continue; in parseAndFlushCostlyTables()
744 chainName = rule.substr(NEW_CHAIN_COMMAND.size()); in parseAndFlushCostlyTables()
745 ALOGV("parse chainName=<%s> orig line=<%s>", chainName.c_str(), rule.c_str()); in parseAndFlushCostlyTables()
/system/hardware/interfaces/net/netd/testutils/
DVtsHalNetNetdTestUtils.cpp79 for (const auto& rule : rules) { in countMatchingIpRules() local
80 if (std::regex_search(rule, regex)) { in countMatchingIpRules()
/system/netd/tests/
Dtest_utils.cpp83 for (const auto& rule : rules) { in iptablesRuleExists() local
84 if (rule.find(expectedRule) != std::string::npos) { in iptablesRuleExists()
/system/sepolicy/tools/sepolicy-analyze/
DREADME38 grant the same permissions where one allow rule is written
40 terms of attributes associated with those same types. The rule
41 with individual types is a candidate for removal. The rule with
87 quickly checking an individual expanded rule or group of rules. If there are
93 classes, or permissions from a neverallow rule that could not be resolved
/system/sepolicy/prebuilts/api/30.0/private/
Dstoraged.te33 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
34 # Remove after no logs are seen for this rule.
/system/sepolicy/prebuilts/api/31.0/private/
Dstoraged.te35 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
36 # Remove after no logs are seen for this rule.
/system/sepolicy/prebuilts/api/32.0/private/
Dstoraged.te35 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
36 # Remove after no logs are seen for this rule.
/system/sepolicy/prebuilts/api/34.0/private/
Dstoraged.te35 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
36 # Remove after no logs are seen for this rule.
/system/sepolicy/prebuilts/api/33.0/private/
Dstoraged.te35 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
36 # Remove after no logs are seen for this rule.
/system/sepolicy/private/
Dstoraged.te35 # b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own doma…
36 # Remove after no logs are seen for this rule.

123456