- Mar 21, 2014
-
-
Stephen Smalley authoredResolves denials such as: avc: denied { read } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file avc: denied { open } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file avc: denied { search } for pid=752 comm="ActivityManager" name="214" dev="proc" ino=1568 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=dir avc: denied { read } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file avc: denied { call } for pid=187 comm="Binder_2" scontext=u:r:inputflinger:s0 tcontext=u:r:system_server:s0 tclass=binder Change-Id: I099d7dacf7116efa73163245597c3de629d358c1 Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
-
- Feb 11, 2014
-
-
Stephen Smalley authored
Otherwise we'll never see denials in userdebug or eng builds and never make progress on confining it. Of course we cannot truly test until it is released into AOSP, but this prepares the way and potentially allows for internal testing and collection of denials. Change-Id: I800ab23baee1c84b7c4cf7399b17611a62ca6804 Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>
-
- Dec 16, 2013
-
-
Nick Kralevich authored
Add a placeholder domain for inputflinger. Mark it initially unconfined and enforcing. Change-Id: I433fd9e1954486136cb8abb084b4e19bb7fc2f19
-