Lines Matching full:selinux
1 page.title=Implementing SELinux
27 <p>SELinux is set up to default-deny, which means that every single access for
30 rules, types, classes, permissions, and more. A full consideration of SELinux
33 great deal of information available regarding SELinux already. See <a
39 <p>Here is a brief summary of the steps needed to implement SELinux on your
43 <li>Add SELinux support in the kernel and configuration.
64 <p>SELinux for Android is accompanied by everything you need to enable SELinux
71 <p>Those files when compiled comprise the SELinux kernel security policy and cover
76 <p>Here are the files you must create or edit in order to implement SELinux:</p>
79 <li><em>New SELinux policy source (*.te) files</em> - Located in the <root>/device/manufacturer/device-name/sepolicy directory. These files define domains and their labels. The new policy files get
81 SELinux kernel policy file.
106 <p>After rebuilding your device, it is enabled with SELinux. You can now either
107 customize your SELinux policies to accommodate your own additions to the
118 software and associated SELinux policies:</p>
127 with SELinux.</p>
134 <p>With SELinux, you can identify those files as system server data files.
153 SELinux to protect your devices:</p>
156 <li>Enable SELinux in the kernel:
159 <code>BOARD_KERNEL_CMDLINE := androidboot.selinux=permissive</code>
182 <li> Go through each denial and create SELinux policy to properly handle each. See
