HomeSort by relevance Sort by last modified time
    Searched refs:neverallow (Results 1 - 12 of 12) sorted by null

  /cts/tools/selinux/
SELinuxNeverallowTestFrame.py 38 * Neverallow Rules SELinux tests.
86 /* run sepolicy-analyze neverallow check on policy file using given neverallow rules */
88 devicePolicyFile.getAbsolutePath(), "neverallow", "-n",
102 + "neverallow rule:\\n" + neverallowRule + "\\n" + errorString,
  /external/sepolicy/
isolated_app.te 25 ##### Neverallow
29 neverallow isolated_app app_data_file:file open;
34 neverallow isolated_app {
41 neverallow isolated_app gpu_device:chr_file { rw_file_perms execute };
app.te 209 ### Neverallow rules
216 neverallow { appdomain -bluetooth } self:capability *;
217 neverallow { appdomain -bluetooth } self:capability2 *;
220 neverallow appdomain dev_type:blk_file { read write };
223 neverallow appdomain {
233 neverallow { untrusted_app isolated_app shell } graphics_device:chr_file { read write };
235 neverallow { appdomain -nfc } nfc_device:chr_file
237 neverallow { appdomain -bluetooth } hci_attach_dev:chr_file
239 neverallow appdomain tee_device:chr_file { read write };
242 neverallow appdomai
    [all...]
untrusted_app.te 116 ### neverallow rules
120 neverallow untrusted_app domain:netlink_kobject_uevent_socket *;
123 neverallow untrusted_app domain:netlink_socket *;
127 neverallow untrusted_app debugfs:file read;
132 neverallow untrusted_app service_manager_type:service_manager add;
136 neverallow untrusted_app property_socket:sock_file write;
137 neverallow untrusted_app init:unix_stream_socket connectto;
138 neverallow untrusted_app property_type:property_service set;
143 # constraints. As there is no direct way to specify a neverallow
148 neverallow untrusted_app mlstrustedsubject:process fork
    [all...]
system_server.te 434 ### Neverallow rules
440 neverallow system_server sdcard_type:dir { open read write };
441 neverallow system_server sdcard_type:file rw_file_perms;
448 neverallow system_server { bluetooth_data_file nfc_data_file shell_data_file app_data_file }:file open;
454 neverallow system_server dex2oat_exec:file no_x_file_perms;
459 neverallow system_server { dev_type -frp_block_device }:blk_file no_rw_file_perms;
  /external/sepolicy/tools/sepolicy-analyze/
Android.mk 10 LOCAL_SRC_FILES := sepolicy-analyze.c dups.c neverallow.c perm.c typecmp.c booleans.c attribute.c utils.c
sepolicy-analyze.c 6 #include "neverallow.h"
23 COMP(neverallow),
  /external/selinux/checkpolicy/
policy_scan.l 135 NEVERALLOW |
136 neverallow { return(NEVERALLOW); }
  /prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/setoolsgui/apol/
terulequery.py 121 self.neverallow.setChecked(value)
244 if self.neverallow.isChecked():
245 rule_types.append("neverallow")
  /external/selinux/policycoreutils/sepolicy/
search.c 883 bool neverallow,
902 cmd_opts.nallow = neverallow;
1013 int neverallow = Dict_ContainsInt(dict, "neverallow"); variable
1028 return search(allow, neverallow, auditallow, dontaudit, transition, role_allow, src_name, tgt_name, class_name, permlist);
  /external/selinux/libsepol/tests/policies/test-cond/
refpolicy-base.conf 1153 neverallow ~memory_raw_read memory_device_t:{ chr_file blk_file } read;
1154 neverallow ~memory_raw_write memory_device_t:{ chr_file blk_file } { append write };
    [all...]
  /external/selinux/libsepol/cil/src/
cil_binary.c 93 struct cil_neverallow *neverallow = i->data; local
94 cil_list_for_each(j, neverallow->rules) {
98 cil_list_destroy(&neverallow->rules, CIL_FALSE);
99 free(neverallow);
1329 struct cil_neverallow *neverallow = neverallows->head->data; local
1387 struct cil_neverallow *neverallow = curr->data; local
    [all...]

Completed in 1361 milliseconds