Lines Matching refs:neverallow
1153 neverallow ~memory_raw_read memory_device_t:{ chr_file blk_file } read;
1154 neverallow ~memory_raw_write memory_device_t:{ chr_file blk_file } { append write };
1235 neverallow domain ~domain:process { transition dyntransition };
1236 neverallow { domain -set_curr_context } self:process setcurrent;
1237 neverallow { domain unlabeled_t } ~{ domain unlabeled_t }:process *;
1238 neverallow ~{ domain unlabeled_t } *:process *;
1391 neverallow ~can_load_kernmodule self:capability sys_module;
1417 neverallow ~can_receive_kernel_messages proc_kmsg_t:file ~getattr;
1418 neverallow { domain -kern_unconfined } proc_kcore_t:file ~getattr;
1596 neverallow ~can_load_policy security_t:security load_policy;
1597 neverallow ~can_setenforce security_t:security setenforce;
1598 neverallow ~can_setsecparam security_t:security setsecparam;
