Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / sepolicy / refs/tags/fp2-sibon-18.02.0 / te_macros
  1. 90ccbcf Further restrict socket ioctls available to apps by Jeff Vander Stoep · 8 years ago
  2. 4b4b2b9 Remove service_manager_local_audit_domain. by dcashman · 9 years ago
  3. e265197 Allow /dev/klog access, drop mknod and __null__ access by Nick Kralevich · 9 years ago
  4. 2f5a6a9 Replace unix_socket_connect() and explicit property sets with macro by William Roberts · 9 years ago
  5. 61d665a logd: allow access to system files by Mark Salyzyn · 9 years ago
  6. 6a2451b Allow platform_app access to keystore. by dcashman · 9 years ago
  7. f435a8e Delete unconfined domain by Nick Kralevich · 9 years ago
  8. 4a89cdf Make system_server_service an attribute. by dcashman · 9 years ago
  9. 34d32ea selinux: add pstore by Mark Salyzyn · 9 years ago
  10. 54e9bc4 Dependencies for new goldfish service domains. by Stephen Smalley · 10 years ago
  11. 70f75ce Add fine grained access control to DrmManagerService. by Riley Spahn · 10 years ago
  12. b8511e0 Add access control for each service_manager action. by Riley Spahn · 10 years ago
  13. 1196d2a Adding policies for KeyStore MAC. by Riley Spahn · 10 years ago
  14. 00b180d Eliminate some duplicated rules. by Stephen Smalley · 10 years ago
  15. 2bcea0a Don't grant domain device:dir rw_dir_perms by Nick Kralevich · 10 years ago
  16. e60723a Create a separate recovery policy. by Stephen Smalley · 10 years ago
  17. 8599e34 Introduce wakelock_use() by Nick Kralevich · 10 years ago
  18. 02dac03 Drop relabelto_domain() macro and its associated definitions. by Stephen Smalley · 10 years ago
  19. 9ba844f Coalesce shared_app, media_app, release_app into untrusted_app. by Stephen Smalley · 10 years ago
  20. ea219e3 Allow domains to stat and open their entrypoint executables. by Stephen Smalley · 10 years ago
  21. 8ed750e sepolicy: Add write_logd, read_logd & control_logd by Mark Salyzyn · 11 years ago
  22. 623975f Support forcing permissive domains to unconfined. by Nick Kralevich · 10 years ago
  23. 88ce951 Create new conditional userdebug_or_eng by Nick Kralevich · 10 years ago
  24. e7ec2f5 Only allow PROT_EXEC for ashmem where required. by Stephen Smalley · 10 years ago
  25. d99e6d5 Restrict the ability to set SELinux enforcing mode to init. by Stephen Smalley · 11 years ago
  26. 4768553 Allow write access to ashmem allocated regions by Nick Kralevich · 11 years ago
  27. 84d8831 Clarify the expectations for the unconfined template. by Nick Kralevich · 11 years ago
  28. 2dc4acf Isolate untrusted app ptys from other domains. by Stephen Smalley · 11 years ago
  29. a473e29 write_klog also requires write permission to the directory. by Stephen Smalley · 11 years ago
  30. 79e084f Allow access to /data/security/current symbolic link. by Stephen Smalley · 11 years ago
  31. 0c9708b domain.te: Add backwards compatibility for unlabeled files by Nick Kralevich · 11 years ago
  32. 92b8f14 am 50e37b93: Move domains into per-domain permissive mode. by gcondra@google.com · 11 years ago
  33. 50e37b9 Move domains into per-domain permissive mode. by repo sync · 11 years ago
  34. e5e98ae resolved conflicts for merge of 77ec892b to jb-mr2-dev-plus-aosp by Alex Klyubin · 11 years ago
  35. 77ec892 SELinux policy for users of libcutils klog_write. by Alex Klyubin · 11 years ago
  36. 8cd20ef Add non_system_app_set by William Roberts · 11 years ago
  37. 7bb2a55 Give domains read access to security_file domain. by William Roberts · 11 years ago
  38. 6c4c27e Give domains read access to security_file domain. by William Roberts · 11 years ago
  39. 9e70c8b Move policy files by William Roberts · 11 years ago
  40. 9ce99e3 Update binder-related policy. by Stephen Smalley · 12 years ago
  41. b9760aa Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps. by Stephen Smalley · 12 years ago
  42. c83d008 Policy changes to support running the latest CTS. by Stephen Smalley · 12 years ago
  43. 4c6f1ce Allow Settings to set enforcing and booleans if settings_manage_selinux is true. by Stephen Smalley · 12 years ago
  44. 6261d6d Allow reading of properties area, which is now created before init has switched contexts. Revisit this later - we should explicitly label the properties file. by Stephen Smalley · 12 years ago
  45. 2dd4e51 SE Android policy. by Stephen Smalley · 12 years ago