1. bf69632 DO NOT MERGE: Remove service_manager audit_allows. by Riley Spahn · 10 years ago
  2. 344fc10 Add access control for each service_manager action. by Riley Spahn · 10 years ago
  3. 1196d2a Adding policies for KeyStore MAC. by Riley Spahn · 10 years ago
  4. 00b180d Eliminate some duplicated rules. by Stephen Smalley · 10 years ago
  5. 2bcea0a Don't grant domain device:dir rw_dir_perms by Nick Kralevich · 10 years ago
  6. e60723a Create a separate recovery policy. by Stephen Smalley · 10 years ago
  7. 8599e34 Introduce wakelock_use() by Nick Kralevich · 10 years ago
  8. 02dac03 Drop relabelto_domain() macro and its associated definitions. by Stephen Smalley · 10 years ago
  9. 9ba844f Coalesce shared_app, media_app, release_app into untrusted_app. by Stephen Smalley · 10 years ago
  10. ea219e3 Allow domains to stat and open their entrypoint executables. by Stephen Smalley · 10 years ago
  11. 8ed750e sepolicy: Add write_logd, read_logd & control_logd by Mark Salyzyn · 11 years ago
  12. 623975f Support forcing permissive domains to unconfined. by Nick Kralevich · 10 years ago
  13. 88ce951 Create new conditional userdebug_or_eng by Nick Kralevich · 10 years ago
  14. e7ec2f5 Only allow PROT_EXEC for ashmem where required. by Stephen Smalley · 10 years ago
  15. d99e6d5 Restrict the ability to set SELinux enforcing mode to init. by Stephen Smalley · 11 years ago
  16. 4768553 Allow write access to ashmem allocated regions by Nick Kralevich · 11 years ago
  17. 84d8831 Clarify the expectations for the unconfined template. by Nick Kralevich · 11 years ago
  18. 2dc4acf Isolate untrusted app ptys from other domains. by Stephen Smalley · 11 years ago
  19. a473e29 write_klog also requires write permission to the directory. by Stephen Smalley · 11 years ago
  20. 79e084f Allow access to /data/security/current symbolic link. by Stephen Smalley · 11 years ago
  21. 0c9708b domain.te: Add backwards compatibility for unlabeled files by Nick Kralevich · 11 years ago
  22. 92b8f14 am 50e37b93: Move domains into per-domain permissive mode. by gcondra@google.com · 11 years ago
  23. 50e37b9 Move domains into per-domain permissive mode. by repo sync · 11 years ago
  24. e5e98ae resolved conflicts for merge of 77ec892b to jb-mr2-dev-plus-aosp by Alex Klyubin · 11 years ago
  25. 77ec892 SELinux policy for users of libcutils klog_write. by Alex Klyubin · 11 years ago
  26. 8cd20ef Add non_system_app_set by William Roberts · 11 years ago
  27. 7bb2a55 Give domains read access to security_file domain. by William Roberts · 11 years ago
  28. 6c4c27e Give domains read access to security_file domain. by William Roberts · 11 years ago
  29. 9e70c8b Move policy files by William Roberts · 11 years ago
  30. 9ce99e3 Update binder-related policy. by Stephen Smalley · 12 years ago
  31. b9760aa Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps. by Stephen Smalley · 12 years ago
  32. c83d008 Policy changes to support running the latest CTS. by Stephen Smalley · 12 years ago
  33. 4c6f1ce Allow Settings to set enforcing and booleans if settings_manage_selinux is true. by Stephen Smalley · 12 years ago
  34. 6261d6d Allow reading of properties area, which is now created before init has switched contexts. Revisit this later - we should explicitly label the properties file. by Stephen Smalley · 12 years ago
  35. 2dd4e51 SE Android policy. by Stephen Smalley · 12 years ago