Commits · 8f81dcad5bb322a75bc61c8b42f8287e2afeaddc · Werner Sembach / AndroidSystemSEPolicy · GitLab

Snippets Groups Projects

Mar 09, 2015
- Only allow system_server to send commands to zygote. · 8f81dcad
  dcashman authored 10 years ago
  8f81dcad
- system_server: allow handling app generated unix_stream_sockets · 0560e75e
  Nick Kralevich authored 10 years ago
  0560e75e
Mar 07, 2015
- installd: drop noatsecure for dex2oat · 0d0d5aa9
  Nick Kralevich authored 10 years ago
  0d0d5aa9
Mar 06, 2015
- Record observed bluetooth service access. · bb3cef44
  dcashman authored 10 years ago
  bb3cef44
- allow untrusted_app read /data/anr/traces.txt · 1aafc4c7
  Nick Kralevich authored 10 years ago
  1aafc4c7
Mar 05, 2015
- move untrusted_app statement to the correct file. · 8be3e779
  Nick Kralevich authored 10 years ago
  8be3e779
- Merge "update isolated_app service_manager rules" · ee66ba8c
  Nick Kralevich authored 10 years ago
  
  ee66ba8c
- recovery: remove auditallow for exec_type:dir writes · b76966d6
  Nick Kralevich authored 10 years ago
  b76966d6
- Eliminate CAP_SYS_MODULE from system_server · 92b10ddb
  Nick Kralevich authored 10 years ago
  92b10ddb
- update isolated_app service_manager rules · 75f34dc3
  Nick Kralevich authored 10 years ago
  75f34dc3
- Merge "Allow init to set up dm-verity" · 723e31ef
  Sami Tolvanen authored 10 years ago
  
  723e31ef
- Allow init to set up dm-verity · 35f537c7
  Sami Tolvanen authored 10 years ago
  35f537c7
- Revert "Drop special handling of app_data_file in mls constraints." · 60cfe79f
  dcashman authored 10 years ago
  60cfe79f
Mar 03, 2015
- Record observed system_server servicemanager service requests. · 23f33615
  dcashman authored 10 years ago
  23f33615
- neverallow ueventd to set properties · 3e113edf
  Nick Kralevich authored 10 years ago
  3e113edf
Mar 02, 2015
- Merge "Allow platform_app access to keystore." · 19eecd2d
  dcashman authored 10 years ago
  
  19eecd2d
- Allow platform_app access to keystore. · 6a2451b5
  dcashman authored 10 years ago
  6a2451b5
- Merge "Remove read access from mls constraints." · e8df21b2
  dcashman authored 10 years ago
  
  e8df21b2
- Merge "Delete unconfined domain" · e4da594d
  Nick Kralevich authored 10 years ago
  
  e4da594d
Feb 28, 2015
- Delete unconfined domain · f435a8e5
  Nick Kralevich authored 10 years ago
  f435a8e5
- init: drop read_policy permission · 07e73489
  Nick Kralevich authored 10 years ago
  07e73489
- init: remove permissive_or_unconfined() · ed532c06
  Stephen Smalley authored 10 years ago
  ed532c06
- Create boot_block_device and allow install_recovery read access · a8e073cd
  Nick Kralevich authored 10 years ago
  a8e073cd
- Remove read access from mls constraints. · e8f95b36
  dcashman authored 10 years ago
  e8f95b36
Feb 27, 2015
- allow init tmpfs:dir relabelfrom · 543faccc
  Nick Kralevich authored 10 years ago
  543faccc
- Merge "Revert "Allow ueventd to set verity.* properties"" · a4b82264
  Sami Tolvanen authored 10 years ago
  
  a4b82264
- Revert "Allow ueventd to set verity.* properties" · 9f0682dc
  Sami Tolvanen authored 10 years ago
  9f0682dc
- Merge "dontaudit clatd self:capability ipc_lock" · 006ede39
  Nick Kralevich authored 10 years ago
  
  006ede39
- Merge "kernel.te: fix MTP sync" · a3364dfd
  Nick Kralevich authored 10 years ago
  
  a3364dfd
- kernel.te: fix MTP sync · 1025d138
  Nick Kralevich authored 10 years ago
  1025d138
- dontaudit clatd self:capability ipc_lock · b4c4424c
  Nick Kralevich authored 10 years ago
  b4c4424c
Feb 26, 2015
- Allow init to execute /sbin/slideshow · 9d87c647
  Sami Tolvanen authored 10 years ago
  9d87c647
- Merge "Revert /proc/net related changes" · d99ea5a8
  Nick Kralevich authored 10 years ago
  
  d99ea5a8
Feb 25, 2015
- allow kernel to use vold file descriptors · 9fe810b7
  Nick Kralevich authored 10 years ago
  9fe810b7
- fs_use: Enabled loading security xattrs for squashfs · ab4be88e
  Mohamad Ayyash authored 10 years ago
  ab4be88e
- Revert /proc/net related changes · 5cf3994d
  Nick Kralevich authored 10 years ago
  5cf3994d
- su: don't auditallow service_manager for su · 28ddd104
  Nick Kralevich authored 10 years ago
  28ddd104
- kernel: make kernel an mlstrustedsubject · 4308ce8c
  Nick Kralevich authored 10 years ago
  4308ce8c
Feb 24, 2015
- Merge "kernel: remove permissive_or_unconfined()" · f95858ed
  Nick Kralevich authored 10 years ago
  
  f95858ed
- Merge "sepolicy: remove block_device access from install_recovery" · f70fcbd8
  Nick Kralevich authored 10 years ago
  
  f70fcbd8