aboutsummaryrefslogtreecommitdiffstats
path: root/te_macros
Commit message (Expand)AuthorAgeFilesLines
* Further restrict socket ioctls available to appsJeff Vander Stoep2016-05-271-1/+1
* Remove service_manager_local_audit_domain.dcashman2015-06-081-8/+0
* Allow /dev/klog access, drop mknod and __null__ accessNick Kralevich2015-06-081-11/+0
* Replace unix_socket_connect() and explicit property sets with macroWilliam Roberts2015-05-071-0/+20
* logd: allow access to system filesMark Salyzyn2015-03-111-3/+0
* Allow platform_app access to keystore.dcashman2015-03-021-0/+1
* Delete unconfined domainNick Kralevich2015-02-281-22/+0
* Make system_server_service an attribute.dcashman2015-01-141-1/+0
* selinux: add pstoreMark Salyzyn2015-01-141-0/+1
* Dependencies for new goldfish service domains.Stephen Smalley2014-09-271-1/+2
* Add fine grained access control to DrmManagerService.Riley Spahn2014-07-241-0/+10
* Add access control for each service_manager action.Riley Spahn2014-07-141-0/+13
* Adding policies for KeyStore MAC.Riley Spahn2014-06-261-0/+12
* Eliminate some duplicated rules.Stephen Smalley2014-06-171-17/+0
* Don't grant domain device:dir rw_dir_permsNick Kralevich2014-06-041-4/+1
* Create a separate recovery policy.Stephen Smalley2014-05-301-0/+6
* Introduce wakelock_use()Nick Kralevich2014-05-231-0/+10
* Drop relabelto_domain() macro and its associated definitions.Stephen Smalley2014-05-091-7/+0
* Coalesce shared_app, media_app, release_app into untrusted_app.Stephen Smalley2014-04-041-8/+0
* Allow domains to stat and open their entrypoint executables.Stephen Smalley2014-03-261-1/+1
* sepolicy: Add write_logd, read_logd & control_logdMark Salyzyn2014-02-041-9/+32
* Support forcing permissive domains to unconfined.Nick Kralevich2014-01-111-0/+11
* Create new conditional userdebug_or_engNick Kralevich2014-01-091-0/+6
* Only allow PROT_EXEC for ashmem where required.Stephen Smalley2014-01-021-4/+3
* Restrict the ability to set SELinux enforcing mode to init.Stephen Smalley2013-12-021-6/+2
* Allow write access to ashmem allocated regionsNick Kralevich2013-11-271-1/+1
* Clarify the expectations for the unconfined template.Nick Kralevich2013-10-211-1/+3
* Isolate untrusted app ptys from other domains.Stephen Smalley2013-09-271-0/+14
* write_klog also requires write permission to the directory.Stephen Smalley2013-09-101-1/+1
* Allow access to /data/security/current symbolic link.Stephen Smalley2013-09-101-1/+3
* domain.te: Add backwards compatibility for unlabeled filesNick Kralevich2013-07-101-0/+7
* am 50e37b93: Move domains into per-domain permissive mode.gcondra@google.com2013-05-151-0/+1
|\
| * Move domains into per-domain permissive mode.repo sync2013-05-141-0/+1
* | resolved conflicts for merge of 77ec892b to jb-mr2-dev-plus-aospAlex Klyubin2013-05-091-0/+11
|\|
| * SELinux policy for users of libcutils klog_write.Alex Klyubin2013-05-091-0/+11
| * Give domains read access to security_file domain.William Roberts2013-04-051-3/+1
* | Add non_system_app_setWilliam Roberts2013-05-021-0/+5
* | Give domains read access to security_file domain.William Roberts2013-04-051-3/+1
|/
* Move policy filesWilliam Roberts2013-03-221-0/+62
* Update binder-related policy.Stephen Smalley2013-03-191-13/+6
* Only enforce per-app process and file isolation via SELinux for third party a...Stephen Smalley2012-07-271-0/+8
* Policy changes to support running the latest CTS.Stephen Smalley2012-03-071-3/+0
* Allow Settings to set enforcing and booleans if settings_manage_selinux is true.Stephen Smalley2012-02-021-0/+18
* Allow reading of properties area, which is now created before init has switch...Stephen Smalley2012-01-121-0/+3
* SE Android policy.Stephen Smalley2012-01-041-0/+207
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 22:31:20 +0000