Home | History | Annotate | Download | only in private 
      1 # FLASK
      2 
      3 #
      4 # Define the security object classes
      5 #
      6 
      7 # Classes marked as userspace are classes
      8 # for userspace object managers
      9 
     10 class security
     11 class process
     12 class system
     13 class capability
     14 
     15 # file-related classes
     16 class filesystem
     17 class file
     18 class dir
     19 class fd
     20 class lnk_file
     21 class chr_file
     22 class blk_file
     23 class sock_file
     24 class fifo_file
     25 
     26 # network-related classes
     27 class socket
     28 class tcp_socket
     29 class udp_socket
     30 class rawip_socket
     31 class node
     32 class netif
     33 class netlink_socket
     34 class packet_socket
     35 class key_socket
     36 class unix_stream_socket
     37 class unix_dgram_socket
     38 
     39 # sysv-ipc-related classes
     40 class sem
     41 class msg
     42 class msgq
     43 class shm
     44 class ipc
     45 
     46 # extended netlink sockets
     47 class netlink_route_socket
     48 class netlink_tcpdiag_socket
     49 class netlink_nflog_socket
     50 class netlink_xfrm_socket
     51 class netlink_selinux_socket
     52 class netlink_audit_socket
     53 class netlink_dnrt_socket
     54 
     55 # IPSec association
     56 class association
     57 
     58 # Updated Netlink class for KOBJECT_UEVENT family.
     59 class netlink_kobject_uevent_socket
     60 
     61 class appletalk_socket
     62 
     63 class packet
     64 
     65 # Kernel access key retention
     66 class key
     67 
     68 class dccp_socket
     69 
     70 class memprotect
     71 
     72 # network peer labels
     73 class peer
     74 
     75 # Capabilities >= 32
     76 class capability2
     77 
     78 # kernel services that need to override task security, e.g. cachefiles
     79 class kernel_service
     80 
     81 class tun_socket
     82 
     83 class binder
     84 
     85 # Updated netlink classes for more recent netlink protocols.
     86 class netlink_iscsi_socket
     87 class netlink_fib_lookup_socket
     88 class netlink_connector_socket
     89 class netlink_netfilter_socket
     90 class netlink_generic_socket
     91 class netlink_scsitransport_socket
     92 class netlink_rdma_socket
     93 class netlink_crypto_socket
     94 
     95 # Capability checks when on a non-init user namespace
     96 class cap_userns
     97 class cap2_userns
     98 
     99 # New socket classes introduced by extended_socket_class policy capability.
    100 # These two were previously mapped to rawip_socket.
    101 class sctp_socket
    102 class icmp_socket
    103 # These were previously mapped to socket.
    104 class ax25_socket
    105 class ipx_socket
    106 class netrom_socket
    107 class atmpvc_socket
    108 class x25_socket
    109 class rose_socket
    110 class decnet_socket
    111 class atmsvc_socket
    112 class rds_socket
    113 class irda_socket
    114 class pppox_socket
    115 class llc_socket
    116 class can_socket
    117 class tipc_socket
    118 class bluetooth_socket
    119 class iucv_socket
    120 class rxrpc_socket
    121 class isdn_socket
    122 class phonet_socket
    123 class ieee802154_socket
    124 class caif_socket
    125 class alg_socket
    126 class nfc_socket
    127 class vsock_socket
    128 class kcm_socket
    129 class qipcrtr_socket
    130 class smc_socket
    131 
    132 # Property service
    133 class property_service          # userspace
    134 
    135 # Service manager
    136 class service_manager           # userspace
    137 
    138 # hardware service manager      # userspace
    139 class hwservice_manager
    140 
    141 # Keystore Key
    142 class keystore_key              # userspace
    143 
    144 class drmservice                # userspace
    145 # FLASK
    146