| /external/selinux/policycoreutils/restorecond/ |
| watch.c | 18 #include <selinux/selinux.h>
|
| /external/selinux/sepolgen/tests/ |
| test_refpolicy.py | 22 import selinux namespace
49 if selinux.is_selinux_mls_enabled():
|
| /system/core/logd/ |
| README.property | 4 ro.logd.auditd bool true Enable selinux audit daemon
5 ro.logd.auditd.dmesg bool true selinux audit messages duplicated and
|
| /system/sepolicy/ |
| access_vectors | 405 mac_override # unused by SELinux
406 mac_admin # unused by SELinux
|
| /system/vold/ |
| PrivateVolume.cpp | 71 // TODO: figure out better SELinux labels for private volumes
189 // TODO: change reported mountpoint once we have better selinux support
|
| /system/vold/fs/ |
| Ext4.cpp | 45 #include <selinux/selinux.h>
|
| Vfat.cpp | 44 #include <selinux/selinux.h>
|
| /external/selinux/policycoreutils/semanage/ |
| test-semanage.py | 209 import selinux namespace
211 boolean_state = selinux.security_get_boolean_active("httpd_anon_write")
280 import selinux namespace
282 if selinux.security_getenforce() == 1:
298 print("SELinux must be in enforcing mode for this test")
|
| /external/selinux/sepolgen/src/sepolgen/ |
| access.py | 23 SELinux - at the most basic level - represents access as
37 from selinux import audit2why
58 An access vector is the basic unit of access in SELinux.
61 SELinux. It represents the access a source type has to a target
70 done to verify that the strings are valid SELinux identifiers.
|
| /packages/apps/Settings/src/com/android/settings/ |
| DeviceInfoSettings.java | 25 import android.os.SELinux;
61 private static final String PROPERTY_SELINUX_STATUS = "ro.build.selinux";
123 if (!SELinux.isSELinuxEnabled()) {
126 } else if (!SELinux.isSELinuxEnforced()) {
131 // Remove selinux information if property is not present
|
| /prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/sepolgen/ |
| access.py | 23 SELinux - at the most basic level - represents access as
37 from selinux import audit2why
58 An access vector is the basic unit of access in SELinux.
61 SELinux. It represents the access a source type has to a target
70 done to verify that the strings are valid SELinux identifiers.
|
| /system/core/init/ |
| property_service.cpp | 46 #include <selinux/selinux.h>
47 #include <selinux/label.h>
178 if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) {
182 } else if (strcmp("selinux.restorecon_recursive", name) == 0 && valuelen > 0) {
|
| /docs/source.android.com/src/security/bulletin/ |
| 2015-08-01.jd | 213 guarded with SELinux, it does have access to audio and video streams as well as
247 guarded with SELinux, it does have access to audio and video streams as well as
282 guarded with SELinux, it does have access to audio and video streams as well as
318 guarded with SELinux, it does have access to audio and video streams as well as
355 guarded with SELinux, it does have access to audio and video streams as well as
391 guarded with SELinux, it does have access to audio and video streams as well as
426 guarded with SELinux, it does have access to audio and video streams as well as
461 guarded with SELinux, it does have access to audio and video streams as well as
497 mediaserver is guarded with SELinux, it does have access to audio and video
566 <p>- The wpa_supplicant process is tightly constrained by SELinux policy o
[all...] |
| /external/selinux/policycoreutils/sandbox/ |
| seunshare.c | 29 #include <selinux/selinux.h>
30 #include <selinux/context.h> /* for context-mangling functions */
442 /* get selinux context */
513 /* copy selinux context */
708 fprintf(stderr, _("Error: execution context specified, but SELinux is not enabled\n"));
835 /* selinux context */
|
| /external/dbus/doc/ |
| dbus-daemon.1.in | 612 .I "<selinux>"
615 The <selinux> element contains settings related to Security Enhanced Linux.
622 An <associate> element appears below an <selinux> element and
632 short discussion of SELinux below.
651 .SH SELinux
654 See http://www.nsa.gov/selinux/ for full details on SELinux. Some useful excerpts:
665 greater efficiency, the policy enforcement code of SELinux typically
685 D\-Bus performs SELinux security checks in two places.
|
| /bionic/libc/bionic/ |
| libc_init_common.cpp | 129 // init won't have /dev/null available, but SELinux provides an equivalent.
130 dev_null = TEMP_FAILURE_RETRY(open("/sys/fs/selinux/null", O_RDWR));
229 // of executing a setuid program or the result of an SELinux
|
| /external/libselinux/include/selinux/ |
| selinux.h | 11 /* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
13 /* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
230 /* Disable SELinux at runtime (must be done prior to initial policy load). */
|
| /external/ltrace/ |
| configure.ac | 128 AC_CHECK_HEADERS(selinux/selinux.h)
129 AC_CHECK_LIB(selinux, security_get_boolean_active)
|
| /external/selinux/libselinux/src/ |
| audit2why.c | 16 #include <selinux/selinux.h>
214 /* SELinux disabled, must use -p option. */
|
| /external/selinux/libsemanage/src/ |
| handle.c | 24 #include <selinux/selinux.h>
89 /* By default always reload policy after commit if SELinux is enabled. */
|
| /external/selinux/secilc/docs/ |
| cil_introduction.md | 4 The SELinux Common Intermediate Language (CIL) is designed to be a language that sits between one or more high level policy languages (such as the current module language) and the low-level kernel policy representation. The intermediate language provides several benefits:
27 * Don't fix what isn't broken - CIL is an opportunity to make bold changes to SELinux policy, but there is no reason to re-think core concepts that are working well. All changes to existing language constructs need a clear and compelling reason. One key aspect of the current policy to retain is it's order-independent, declarative style.
38 * Policy customization without breaking updates - one of the challenges in SELinux is allowing a system builder or administrator to change the access allowed on a system - including removing unwanted access - while not preventing the application of future policy updates from the vendor. It is desirable, therefore, to allow an administrator to make changes to vendor policy without necessitating the direct modification of the shipped policy files. This is most clearly seen when an administrator wants to remove access allowed by a vendor policy that is not already controlled by a policy boolean.
|
| /external/selinux/secilc/ |
| secilc.c | 53 printf(" -t, --target=<type> specify target architecture. may be selinux or\n");
54 printf(" xen. (default: selinux)\n");
124 if (!strcmp(optarg, "selinux")) {
|
| /system/sepolicy/tools/ |
| checkfc.c | 10 #include <selinux/selinux.h>
11 #include <selinux/label.h>
|
| /external/dbus/ |
| configure.ac | 151 AC_ARG_ENABLE(selinux, AS_HELP_STRING([--enable-selinux],[build with SELinux support]),enable_selinux=$enableval,enable_selinux=auto)
152 AC_ARG_ENABLE(libaudit,AS_HELP_STRING([--enable-libaudit],[build audit daemon support for SELinux]),enable_libaudit=$enableval,enable_libaudit=auto)
986 # SELinux detection
990 # See if we have SELinux library
991 AC_CHECK_LIB(selinux, is_selinux_enabled,
994 # see if we have the SELinux header with the new D-Bus stuff in it
996 AC_MSG_CHECKING([for DBUS Flask permissions in selinux/av_permissions.h])
997 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <selinux/av_permissions.h>]]
[all...] |
| /cts/tests/tests/security/src/android/security/cts/ |
| ServicePermissionsTest.java | 113 // SELinux likely prevented the dump - assume safe
|
