Searched refs:allow (Results 1 – 25 of 1057) sorted by relevance
12345678910>>...43
11 allow system_server self:process execmem;12 allow system_server ashmem_device:chr_file execute;13 allow system_server system_server_tmpfs:file execute;16 allow system_server dalvikcache_data_file:file execute;17 allow system_server dalvikcache_data_file:dir r_dir_perms;20 allow system_server resourcecache_data_file:file r_file_perms;21 allow system_server resourcecache_data_file:dir r_dir_perms;24 allow system_server self:process ptrace;27 allow system_server zygote:fd use;28 allow system_server zygote:process sigchld;[all …]
19 allow vold self:process setexec;22 allow vold shell_exec:file rx_file_perms;25 allow vold self:process setfscreate;26 allow vold system_file:file x_file_perms;27 allow vold block_device:dir create_dir_perms;28 allow vold block_device:blk_file create_file_perms;30 allow vold device:dir write;31 allow vold devpts:chr_file rw_file_perms;32 allow vold rootfs:dir mounton;33 allow vold sdcard_type:dir mounton; # TODO: deprecated in M[all …]
17 allow mediaserver self:process execmem;18 allow mediaserver kernel:system module_request;19 allow mediaserver media_data_file:dir create_dir_perms;20 allow mediaserver media_data_file:file create_file_perms;21 allow mediaserver app_data_file:dir search;22 allow mediaserver app_data_file:file rw_file_perms;23 allow mediaserver sdcard_type:file write;24 allow mediaserver gpu_device:chr_file rw_file_perms;25 allow mediaserver video_device:dir r_dir_perms;26 allow mediaserver video_device:chr_file rw_file_perms;[all …]
9 allow init tmpfs:chr_file create_file_perms;15 allow init { device socket_device }:dir relabelto;17 allow init tmpfs:file relabelfrom;18 allow init properties_device:file relabelto;21 allow init self:capability sys_resource;24 allow init tmpfs:file unlink;27 allow init devpts:chr_file { read write open };30 allow init fscklogs:file create_file_perms;33 allow init tmpfs:chr_file write;36 allow init console_device:chr_file rw_file_perms;[all …]
7 allow rild self:netlink_route_socket nlmsg_write;8 allow rild kernel:system module_request;9 allow rild self:capability { setuid net_admin net_raw };10 allow rild alarm_device:chr_file rw_file_perms;11 allow rild cgroup:dir create_dir_perms;12 allow rild radio_device:chr_file rw_file_perms;13 allow rild radio_device:blk_file r_file_perms;14 allow rild mtd_device:dir search;15 allow rild efs_file:dir create_dir_perms;16 allow rild efs_file:file create_file_perms;[all …]
16 allow shell pstorefs:dir search;17 allow shell pstorefs:file r_file_perms;19 allow shell misc_logd_file:dir r_dir_perms;20 allow shell misc_logd_file:file r_file_perms;23 allow shell anr_data_file:dir r_dir_perms;24 allow shell anr_data_file:file r_file_perms;27 allow shell shell_data_file:dir create_dir_perms;28 allow shell shell_data_file:file create_file_perms;29 allow shell shell_data_file:file rx_file_perms;30 allow shell shell_data_file:lnk_file create_file_perms;[all …]
7 allow installd self:capability { chown dac_override fowner fsetid setgid setuid };10 allow installd dalvikcache_data_file:dir relabelto;11 allow installd dalvikcache_data_file:file { relabelto link };14 allow installd apk_data_file:dir { create_dir_perms relabelfrom };15 allow installd apk_data_file:file { create_file_perms relabelfrom link };16 allow installd apk_data_file:lnk_file { create read unlink };18 allow installd asec_apk_file:file r_file_perms;19 allow installd apk_tmp_file:file { r_file_perms unlink };20 allow installd apk_tmp_file:dir { relabelfrom create_dir_perms };21 allow installd oemfs:dir r_dir_perms;[all …]
11 allow dumpstate self:capability { setuid setgid sys_resource };17 allow dumpstate self:capability kill;23 allow dumpstate system_file:file execute_no_trans;26 allow dumpstate self:capability { dac_override chown fowner fsetid };27 allow dumpstate anr_data_file:dir { rw_dir_perms relabelto };28 allow dumpstate anr_data_file:file create_file_perms;29 allow dumpstate system_data_file:dir { create_dir_perms relabelfrom };33 allow dumpstate system_data_file:file r_file_perms;36 allow dumpstate self:capability2 syslog;37 allow dumpstate kernel:system syslog_read;[all …]
6 allow adbd self:process setcurrent;7 allow adbd su:process dyntransition;13 allow adbd shell:process noatsecure;16 allow adbd self:capability { setuid setgid };19 allow adbd self:capability setpcap;25 allow adbd adb_device:chr_file rw_file_perms;26 allow adbd functionfs:dir search;27 allow adbd functionfs:file rw_file_perms;30 allow adbd devpts:chr_file rw_file_perms;33 allow adbd shell_data_file:dir create_dir_perms;[all …]
8 allow zygote self:capability { dac_override setgid setuid fowner chown };10 allow zygote self:capability setpcap;12 allow zygote self:process setcurrent;13 allow zygote system_server:process dyntransition;14 allow zygote appdomain:process dyntransition;16 allow zygote appdomain:dir { getattr search };17 allow zygote appdomain:file { r_file_perms };19 allow zygote system_server:process { getpgid setpgid };20 allow zygote appdomain:process { getpgid setpgid };22 allow zygote system_data_file:dir r_dir_perms;[all …]
7 # But the allow rules are only included in the recovery policy.10 …allow recovery self:capability { chown dac_override fowner fsetid setfcap setuid setgid sys_admin …13 allow recovery self:capability2 mac_admin;16 allow recovery rootfs:file execute_no_trans;17 allow recovery system_file:file execute_no_trans;20 allow recovery rootfs:dir mounton;21 allow recovery fs_type:filesystem ~relabelto;22 allow recovery unlabeled:filesystem ~relabelto;23 allow recovery contextmount_type:filesystem relabelto;26 allow recovery exec_type:{ file lnk_file } { create_file_perms relabelfrom relabelto };[all …]
12 allow platform_app shell_data_file:dir search;13 allow platform_app shell_data_file:file { open getattr read };16 allow platform_app { apk_tmp_file apk_private_tmp_file }:dir rw_dir_perms;17 allow platform_app { apk_tmp_file apk_private_tmp_file }:file rw_file_perms;18 allow platform_app apk_private_data_file:dir search;20 allow platform_app asec_apk_file:dir create_dir_perms;21 allow platform_app asec_apk_file:file create_file_perms;24 allow platform_app media_rw_data_file:dir create_dir_perms;25 allow platform_app media_rw_data_file:file create_file_perms;28 allow platform_app cache_file:dir create_dir_perms;[all …]
11 allow $1 $2:file { getattr open read execute };12 allow $1 $3:process transition;14 allow $3 $2:file { entrypoint open read execute getattr };16 allow $3 $1:process sigchld;20 allow $1 $3:process { siginh rlimitinh };45 allow $1 $2:dir ra_dir_perms;47 allow $1 $3:notdevfile_class_set create_file_perms;48 allow $1 $3:dir create_dir_perms;69 allow $1 $2:dir r_dir_perms;70 allow $1 $2:{ file lnk_file } r_file_perms;[all …]
7 allow debuggerd self:capability { dac_override sys_ptrace chown kill fowner };8 allow debuggerd self:capability2 { syslog };9 allow debuggerd domain:dir r_dir_perms;10 allow debuggerd domain:file r_file_perms;11 allow debuggerd domain:lnk_file read;12 allow debuggerd { domain -init -ueventd -watchdogd -healthd -adbd -keystore }:process { ptrace geta…14 allow debuggerd system_data_file:dir create_dir_perms;15 allow debuggerd system_data_file:dir relabelfrom;16 allow debuggerd tombstone_data_file:dir relabelto;17 allow debuggerd tombstone_data_file:dir create_dir_perms;[all …]
7 allow hostapd self:capability { net_admin net_raw setuid setgid };8 allow hostapd self:netlink_socket create_socket_perms;9 allow hostapd self:packet_socket create_socket_perms;10 allow hostapd self:netlink_route_socket nlmsg_write;12 allow hostapd wifi_data_file:file rw_file_perms;13 allow hostapd wifi_data_file:dir create_dir_perms;16 allow hostapd wpa_socket:dir create_dir_perms;17 allow hostapd wpa_socket:sock_file create_file_perms;18 allow hostapd netd:fd use;19 allow hostapd netd:udp_socket { read write };[all …]
4 allow sdcardd cgroup:dir create_dir_perms;5 allow sdcardd fuse_device:chr_file rw_file_perms;6 allow sdcardd rootfs:dir mounton; # TODO: deprecated in M7 allow sdcardd mnt_media_rw_file:dir r_dir_perms;8 allow sdcardd storage_file:dir search;9 allow sdcardd storage_stub_file:dir { search mounton };10 allow sdcardd sdcard_type:filesystem { mount unmount };11 allow sdcardd self:capability { setuid setgid dac_override sys_admin sys_resource };13 allow sdcardd sdcard_type:dir create_dir_perms;14 allow sdcardd sdcard_type:file create_file_perms;[all …]
9 allow ueventd klog_device:chr_file { create open write unlink };12 allow ueventd init:process sigchld;13 allow ueventd self:capability { chown mknod net_admin setgid fsetid sys_rawio dac_override fowner };14 allow ueventd device:file create_file_perms;15 allow ueventd device:chr_file rw_file_perms;16 allow ueventd sysfs:file rw_file_perms;17 allow ueventd sysfs_type:{ file lnk_file } { relabelfrom relabelto setattr getattr };18 allow ueventd sysfs_type:dir { relabelfrom relabelto setattr r_dir_perms };19 allow ueventd sysfs_devices_system_cpu:file rw_file_perms;20 allow ueventd tmpfs:chr_file rw_file_perms;[all …]
11 allow appdomain self:process execmem;12 allow appdomain ashmem_device:chr_file execute;15 allow appdomain zygote:fd use;19 allow appdomain zygote_exec:file rx_file_perms;22 allow appdomain self:process ptrace;25 allow appdomain zygote_tmpfs:file read;28 allow appdomain zygote:process sigchld;32 allow appdomain zygote:fifo_file write;36 allow appdomain shell:process sigchld;37 allow appdomain adbd:process sigchld;[all …]
6 allow healthd kmsg_device:chr_file rw_file_perms;8 allow healthd self:capability { net_admin sys_tty_config };10 allow healthd self:netlink_kobject_uevent_socket create_socket_perms;17 allow healthd sysfs:file write;26 allow healthd pstorefs:dir r_dir_perms;27 allow healthd pstorefs:file r_file_perms;29 allow healthd graphics_device:dir r_dir_perms;30 allow healthd graphics_device:chr_file rw_file_perms;31 allow healthd input_device:dir r_dir_perms;32 allow healthd input_device:chr_file r_file_perms;[all …]
19 allow drmserver sdcard_type:dir search;20 allow drmserver drm_data_file:dir create_dir_perms;21 allow drmserver drm_data_file:file create_file_perms;22 allow drmserver tee_device:chr_file rw_file_perms;23 allow drmserver app_data_file:file { read write getattr };24 allow drmserver sdcard_type:file { read write getattr };31 allow drmserver apk_data_file:dir rw_dir_perms;33 allow drmserver drmserver_socket:sock_file create_file_perms;34 allow drmserver tee:unix_stream_socket connectto;36 allow drmserver apk_data_file:sock_file unlink;[all …]
4 allow domain init:process sigchld;7 allow domain kernel:fd use;8 allow domain tmpfs:file { read getattr };9 allow domain tmpfs:lnk_file { read getattr };12 allow domain tmpfs:dir r_dir_perms;15 allow domain self:process {32 allow domain self:fd use;33 allow domain self:dir r_dir_perms;34 allow domain self:lnk_file r_file_perms;35 allow domain self:{ fifo_file file } rw_file_perms;[all …]
8 allow dhcp cgroup:dir { create write add_name };9 allow dhcp self:capability { setgid setuid net_admin net_raw net_bind_service };10 allow dhcp self:packet_socket create_socket_perms;11 allow dhcp self:netlink_route_socket nlmsg_write;12 allow dhcp shell_exec:file rx_file_perms;13 allow dhcp system_file:file rx_file_perms;15 allow dhcp proc_net:file write;21 allow dhcp dhcp_data_file:dir create_dir_perms;22 allow dhcp dhcp_data_file:file create_file_perms;25 allow dhcp netd:fd use;[all …]
14 (allow TYPE self (CLASS (PERM)))28 (allow t1b self (CLASS (PERM1)))33 (allow t1a self (CLASS (PERM1)))37 (allow t1a self (CLASS (PERM2)))38 (allow b1.t1a self (CLASS (PERM3)))39 (allow .b1.t1a self (CLASS (PERM4)))41 (allow t1b self (CLASS (PERM2)))42 (allow b1.t1b self (CLASS (PERM3)))43 (allow .b1.t1b self (CLASS (PERM4)))50 (allow t2b self (CLASS (PERM1)))[all …]
14 (allow TYPE self (CLASS (PERM)))27 (allow t0 self (CLASS (PERM1)))28 (allow .t0 self (CLASS (PERM2)))34 (allow t1a self (CLASS (PERM)))35 (allow b1b.t1b self (CLASS (PERM)))38 (allow t1a self (CLASS (PERM1)))39 (allow t1b self (CLASS (PERM1)))40 (allow .b1a.t1a self (CLASS (PERM2)))41 (allow .b1a.b1b.t1b self (CLASS (PERM2)))44 (allow b1a.t1a self (CLASS (PERM3)))[all …]
977 allow bin_t fs_t:filesystem associate;978 allow bin_t noxattrfs:filesystem associate;980 allow sbin_t fs_t:filesystem associate;981 allow sbin_t noxattrfs:filesystem associate;983 allow ls_exec_t fs_t:filesystem associate;984 allow ls_exec_t noxattrfs:filesystem associate;987 allow shell_exec_t fs_t:filesystem associate;988 allow shell_exec_t noxattrfs:filesystem associate;990 allow chroot_exec_t fs_t:filesystem associate;991 allow chroot_exec_t noxattrfs:filesystem associate;[all …]