• Home
  • Raw
  • Download

Lines Matching refs:zygote

1 # zygote
2 type zygote, domain;
5 init_daemon_domain(zygote)
6 typeattribute zygote mlstrustedsubject;
8 allow zygote self:capability { dac_override setgid setuid fowner };
10 allow zygote self:capability setpcap;
12 allow zygote system:process dyntransition;
13 allow zygote appdomain:process dyntransition;
14 # Allow zygote to read + write app data dirs (b/10455872 and b/10498304)
15 allow zygote appdomain:dir { getattr search };
16 allow zygote appdomain:file { r_file_perms write };
18 allow zygote system:process { getpgid setpgid };
19 allow zygote appdomain:process { getpgid setpgid };
21 allow zygote system_data_file:dir rw_dir_perms;
22 allow zygote system_data_file:file create_file_perms;
23 allow zygote dalvikcache_data_file:dir rw_dir_perms;
24 allow zygote dalvikcache_data_file:file { create_file_perms x_file_perms };
26 allow zygote system_file:file x_file_perms;
28 allow zygote cgroup:dir create_dir_perms;
29 allow zygote self:capability sys_admin;
31 selinux_check_context(zygote)
33 selinux_check_access(zygote)
35 security_access_policy(zygote)
38 allow zygote rootfs:dir mounton;
39 allow zygote sdcard_type:dir { write search setattr create add_name mounton };
40 dontaudit zygote self:capability fsetid;
41 allow zygote tmpfs:dir { write create add_name setattr mounton search };
42 allow zygote tmpfs:filesystem mount;
43 allow zygote labeledfs:filesystem remount;
46 allow zygote zygote_exec:file { execute_no_trans open };
49 allow zygote ashmem_device:chr_file execute;
50 allow zygote init:binder call;
51 allow zygote shell_data_file:file { write getattr };
52 allow zygote system:binder { transfer call };
53 allow zygote servicemanager:binder { call };