Home | History | Annotate | Download | only in sepolicy 
      1 # FLASK
      2 
      3 #
      4 # Define the security object classes
      5 #
      6 
      7 # Classes marked as userspace are classes
      8 # for userspace object managers
      9 
     10 class security
     11 class process
     12 class system
     13 class capability
     14 
     15 # file-related classes
     16 class filesystem
     17 class file
     18 class dir
     19 class fd
     20 class lnk_file
     21 class chr_file
     22 class blk_file
     23 class sock_file
     24 class fifo_file
     25 
     26 # network-related classes
     27 class socket
     28 class tcp_socket
     29 class udp_socket
     30 class rawip_socket
     31 class node
     32 class netif
     33 class netlink_socket
     34 class packet_socket
     35 class key_socket
     36 class unix_stream_socket
     37 class unix_dgram_socket
     38 
     39 # sysv-ipc-related classes
     40 class sem
     41 class msg
     42 class msgq
     43 class shm
     44 class ipc
     45 
     46 # extended netlink sockets
     47 class netlink_route_socket
     48 class netlink_firewall_socket
     49 class netlink_tcpdiag_socket
     50 class netlink_nflog_socket
     51 class netlink_xfrm_socket
     52 class netlink_selinux_socket
     53 class netlink_audit_socket
     54 class netlink_ip6fw_socket
     55 class netlink_dnrt_socket
     56 
     57 # IPSec association
     58 class association
     59 
     60 # Updated Netlink class for KOBJECT_UEVENT family.
     61 class netlink_kobject_uevent_socket
     62 
     63 class appletalk_socket
     64 
     65 class packet
     66 
     67 # Kernel access key retention
     68 class key
     69 
     70 class dccp_socket
     71 
     72 class memprotect
     73 
     74 # network peer labels
     75 class peer
     76 
     77 # Capabilities >= 32
     78 class capability2
     79 
     80 # kernel services that need to override task security, e.g. cachefiles
     81 class kernel_service
     82 
     83 class tun_socket
     84 
     85 class binder
     86 
     87 # Updated netlink classes for more recent netlink protocols.
     88 class netlink_iscsi_socket
     89 class netlink_fib_lookup_socket
     90 class netlink_connector_socket
     91 class netlink_netfilter_socket
     92 class netlink_generic_socket
     93 class netlink_scsitransport_socket
     94 class netlink_rdma_socket
     95 class netlink_crypto_socket
     96 
     97 # Property service
     98 class property_service          # userspace
     99 
    100 # Service manager
    101 class service_manager           # userspace
    102 
    103 # Keystore Key
    104 class keystore_key              # userspace
    105 
    106 # debuggerd service
    107 class debuggerd                 # userspace
    108 
    109 class drmservice                # userspace
    110 # FLASK
    111