te_macros - OpenGrok cross reference for /external/sepolicy/te

Lines Matching refs:allow
11 allow $1 $2:file { getattr open read execute };
12 allow $1 $3:process transition;
14 allow $3 $2:file { entrypoint open read execute getattr };
16 allow $3 $1:process sigchld;
20 allow $1 $3:process { siginh rlimitinh };
45 allow $1 $2:dir ra_dir_perms;
47 allow $1 $3:notdevfile_class_set create_file_perms;
48 allow $1 $3:dir create_dir_perms;
69 allow $1 $2:dir r_dir_perms;
70 allow $1 $2:{ file lnk_file } r_file_perms;
75 # Define and allow access to a unique type for
80 allow $1 $1_tmpfs:file { read write };
100 allow $1 $1_tmpfs:file execute;
123 # following allow rules:
124 # allow clientdomain property_socket:sock_file write;
125 # allow clientdomain init:unix_stream_socket connectto;
126 # allow clientdomain something_prop:property_service set;
132 allow $1 $2_socket:sock_file write;
133 allow $1 $3:unix_stream_socket connectto;
143 allow $1 $2:property_service set;
151 allow $1 $2_socket:sock_file write;
152 allow $1 $3:unix_dgram_socket sendto;
160 allow $1 servicemanager:binder { call transfer };
162 allow servicemanager $1:dir search;
163 allow servicemanager $1:file { read open };
164 allow servicemanager $1:process getattr;
174 allow $1 $2:binder { call transfer };
176 allow $2 $1:binder transfer;
178 allow $1 $2:fd use;
184 # Used to allow binder IPC to the various system services.
194 allow $1 sysfs_wake_lock:file rw_file_perms;
196 allow $1 self:capability2 block_suspend;
203 allow $1 selinuxfs:file rw_file_perms;
204 allow $1 kernel:security compute_av;
205 allow $1 self:netlink_selinux_socket { read write create getattr setattr lock relabelfrom relabelto…
212 allow $1 selinuxfs:file rw_file_perms;
213 allow $1 kernel:security check_context;
220 allow $1 selinuxfs:file rw_file_perms;
221 allow $1 kernel:security setenforce;
228 allow $1 selinuxfs:file rw_file_perms;
229 allow $1 kernel:security setbool;
237 allow $1 security_file:dir r_dir_perms;
238 allow $1 security_file:file r_file_perms;
248 allow $1 security_file:dir create_dir_perms;
249 allow $1 security_file:file create_file_perms;
250 allow $1 security_file:lnk_file { create rename unlink };
251 allow $1 security_prop:property_service set;
261 allow $1 security_file:dir create_dir_perms;
262 allow $1 security_file:file create_file_perms;
263 allow $1 security_file:lnk_file { create rename unlink };
264 allow $1 security_prop:property_service set;
274 allow $1 kernel:system syslog_read;
286 allow $1 $1_devpts:chr_file { open getattr read write ioctl };
314 allow $1 pmsg_device:chr_file w_file_perms;
322 allow $1 logcat_exec:file rx_file_perms;
342   allow keystore $1:dir search;
343   allow keystore $1:file { read open };
344   allow keystore $1:process getattr;
345   allow $1 keystore_service:service_manager find;
354   allow drmserver $1:dir search;
355   allow drmserver $1:file { read open };
356   allow drmserver $1:process getattr;