index
:
android_external_sepolicy
caf/cm-12.0
caf/cm-12.1
cm-10.1
cm-10.2
cm-11.0
cm-12.0
cm-12.1
cm-13.0
jellybean
jellybean-stable
mr1.1-staging
shipping/cm-11.0
stable/cm-10.2
stable/cm-11.0
stable/cm-11.0-XNF8Y
stable/cm-11.0-XNF9X
stable/cm-11.0-XNG2S
stable/cm-11.0-XNG3C
stable/cm-12.0-YNG1I
stable/cm-12.0-YNG1T
stable/cm-12.0-YNG1TA
stable/cm-12.0-YNG3C
stable/cm-12.0-YNG4N
stable/cm-12.1-YOG3C
stable/cm-12.1-YOG4P
stable/cm-12.1-YOG7D
stable/cm-13.0-ZNH0E
stable/cm-13.0-ZNH2K
stable/cm-13.0-ZNH2KB
stable/cm-13.0-ZNH5Y
staging/cm-12.0-caf
staging/cm-12.1
staging/cm-13.0+r22
Unnamed repository; edit this file 'description' to name the repository.
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
Commit message (
Expand
)
Author
Age
Files
Lines
*
Update readme to reflect addition of SEPOLICY_IGNORE.
dcashman
2014-07-22
1
-1
/
+1
*
Remove auditallow statements causing log spam.
Riley Spahn
2014-07-01
2
-2
/
+0
*
Merge "Add imms service and system_app_service type."
Nick Kralevich
2014-07-01
3
-0
/
+4
|
\
|
*
Add imms service and system_app_service type.
Riley Spahn
2014-07-01
3
-0
/
+4
*
|
Remove catchall for unregistered services.
Riley Spahn
2014-06-30
1
-4
/
+0
|
/
*
Merge "Preemptively adding services for pending commits."
Nick Kralevich
2014-06-26
1
-0
/
+9
|
\
|
*
Preemptively adding services for pending commits.
Riley Spahn
2014-06-27
1
-0
/
+9
*
|
Allow setopt on bluetooth's unix_stream_socket.
Sérgio Faria
2014-06-30
1
-1
/
+1
*
|
isolated_app: allow app_data_file execute
Nick Kralevich
2014-06-27
1
-0
/
+6
|
/
*
Merge "Adding policies for KeyStore MAC."
Nick Kralevich
2014-06-26
10
-2
/
+136
|
\
|
*
Adding policies for KeyStore MAC.
Riley Spahn
2014-06-26
10
-2
/
+136
*
|
Merge "Add missing services to service_contexts."
Nick Kralevich
2014-06-26
2
-0
/
+8
|
\
\
|
*
|
Add missing services to service_contexts.
Riley Spahn
2014-06-26
2
-0
/
+8
*
|
|
dumpstate: transition into vdc domain
Nick Kralevich
2014-06-25
2
-2
/
+15
|
|
/
|
/
|
*
|
Allow system_server to read all /proc files
Nick Kralevich
2014-06-25
1
-9
/
+4
|
/
*
Allow kernel sdcard read access as well for MTP sync.
Stephen Smalley
2014-06-24
1
-1
/
+1
*
Allow kernel sdcard access for MTP sync.
Stephen Smalley
2014-06-24
1
-0
/
+3
*
Merge "Give healthd permission to write sys properties to allow quick boot fr...
Riley Andrews
2014-06-20
1
-1
/
+5
|
\
|
*
Give healthd permission to write sys properties to allow quick boot from char...
Riley Andrews
2014-06-23
1
-1
/
+5
*
|
Align SELinux property policy with init property_perms.
Stephen Smalley
2014-06-23
11
-18
/
+37
*
|
unconfined: remove internet access
Nick Kralevich
2014-06-23
2
-4
/
+21
*
|
Remove execmod access to system_file and exec_type.
Stephen Smalley
2014-06-23
1
-2
/
+2
*
|
Merge "Create vdc domain"
Nick Kralevich
2014-06-23
2
-0
/
+11
|
\
\
|
*
|
Create vdc domain
Nick Kralevich
2014-06-21
2
-0
/
+11
*
|
|
Merge "Allow init to relabel rootfs files."
Nick Kralevich
2014-06-23
2
-1
/
+4
|
\
\
\
|
*
|
|
Allow init to relabel rootfs files.
Stephen Smalley
2014-06-23
2
-1
/
+4
|
|
/
/
*
/
/
Allow dumpsys from serial console
Nick Kralevich
2014-06-21
1
-1
/
+2
|
/
/
*
|
Merge "Only allow app domains to access SDcard via fuse mount."
Nick Kralevich
2014-06-20
1
-3
/
+3
|
\
\
|
*
|
Only allow app domains to access SDcard via fuse mount.
Stephen Smalley
2014-06-20
1
-3
/
+3
|
|
/
*
|
Remove sdcard_type access from unconfineddomain.
Stephen Smalley
2014-06-20
1
-1
/
+2
*
|
Remove app_data_file access from unconfineddomain.
Stephen Smalley
2014-06-20
1
-0
/
+2
|
/
*
Remove write access to rootfs files.
Stephen Smalley
2014-06-19
2
-0
/
+4
*
Remove execute_no_trans from unconfineddomain.
Stephen Smalley
2014-06-19
5
-5
/
+35
*
Address recovery denials.
Stephen Smalley
2014-06-19
1
-2
/
+9
*
Allow Bluetooth app to initiate DHCP service on bt-pan interface.
Paul Jensen
2014-06-19
5
-0
/
+8
*
system_server: allow open /dev/snd and read files
Nick Kralevich
2014-06-18
1
-0
/
+2
*
Prevent adding transitions to kernel or init domains.
Stephen Smalley
2014-06-18
3
-1
/
+35
*
Allow mounting of usbfs.
Stephen Smalley
2014-06-18
1
-0
/
+3
*
Merge "Remove clatd's dac_override abilities."
Lorenzo Colitti
2014-06-17
1
-3
/
+0
|
\
|
*
Remove clatd's dac_override abilities.
Lorenzo Colitti
2014-06-13
1
-3
/
+0
*
|
Merge "entrypoint should always be explicitly allowed."
Nick Kralevich
2014-06-17
1
-4
/
+7
|
\
\
|
*
|
entrypoint should always be explicitly allowed.
Stephen Smalley
2014-06-17
1
-4
/
+7
*
|
|
Eliminate some duplicated rules.
Stephen Smalley
2014-06-17
6
-22
/
+2
|
/
/
*
|
Refine sepolicy-analyze -D / dup detection.
Stephen Smalley
2014-06-17
1
-4
/
+25
*
|
Force logwrapper to system_file
Nick Kralevich
2014-06-17
1
-0
/
+1
*
|
Merge "Add missing services to service_contexts."
Nick Kralevich
2014-06-17
1
-0
/
+5
|
\
\
|
*
|
Add missing services to service_contexts.
Riley Spahn
2014-06-17
1
-0
/
+5
*
|
|
Merge "Fix SELinux policies to allow resource overlays."
Nick Kralevich
2014-06-17
6
-0
/
+18
|
\
\
\
|
*
|
|
Fix SELinux policies to allow resource overlays.
Nick Kralevich
2014-06-16
6
-0
/
+18
*
|
|
|
Restrict use of context= mount options.
Stephen Smalley
2014-06-16
4
-6
/
+34
|
/
/
/
[next]