Home | History | Annotate | Download | only in private 
      1 # FLASK
      2 
      3 #
      4 # Define the security object classes
      5 #
      6 
      7 # Classes marked as userspace are classes
      8 # for userspace object managers
      9 
     10 class security
     11 class process
     12 class system
     13 class capability
     14 
     15 # file-related classes
     16 class filesystem
     17 class file
     18 class dir
     19 class fd
     20 class lnk_file
     21 class chr_file
     22 class blk_file
     23 class sock_file
     24 class fifo_file
     25 
     26 # network-related classes
     27 class socket
     28 class tcp_socket
     29 class udp_socket
     30 class rawip_socket
     31 class node
     32 class netif
     33 class netlink_socket
     34 class packet_socket
     35 class key_socket
     36 class unix_stream_socket
     37 class unix_dgram_socket
     38 class bpf
     39 
     40 # sysv-ipc-related classes
     41 class sem
     42 class msg
     43 class msgq
     44 class shm
     45 class ipc
     46 
     47 # extended netlink sockets
     48 class netlink_route_socket
     49 class netlink_tcpdiag_socket
     50 class netlink_nflog_socket
     51 class netlink_xfrm_socket
     52 class netlink_selinux_socket
     53 class netlink_audit_socket
     54 class netlink_dnrt_socket
     55 
     56 # IPSec association
     57 class association
     58 
     59 # Updated Netlink class for KOBJECT_UEVENT family.
     60 class netlink_kobject_uevent_socket
     61 
     62 class appletalk_socket
     63 
     64 class packet
     65 
     66 # Kernel access key retention
     67 class key
     68 
     69 class dccp_socket
     70 
     71 class memprotect
     72 
     73 # network peer labels
     74 class peer
     75 
     76 # Capabilities >= 32
     77 class capability2
     78 
     79 # kernel services that need to override task security, e.g. cachefiles
     80 class kernel_service
     81 
     82 class tun_socket
     83 
     84 class binder
     85 
     86 # Updated netlink classes for more recent netlink protocols.
     87 class netlink_iscsi_socket
     88 class netlink_fib_lookup_socket
     89 class netlink_connector_socket
     90 class netlink_netfilter_socket
     91 class netlink_generic_socket
     92 class netlink_scsitransport_socket
     93 class netlink_rdma_socket
     94 class netlink_crypto_socket
     95 
     96 # Capability checks when on a non-init user namespace
     97 class cap_userns
     98 class cap2_userns
     99 
    100 # New socket classes introduced by extended_socket_class policy capability.
    101 # These two were previously mapped to rawip_socket.
    102 class sctp_socket
    103 class icmp_socket
    104 # These were previously mapped to socket.
    105 class ax25_socket
    106 class ipx_socket
    107 class netrom_socket
    108 class atmpvc_socket
    109 class x25_socket
    110 class rose_socket
    111 class decnet_socket
    112 class atmsvc_socket
    113 class rds_socket
    114 class irda_socket
    115 class pppox_socket
    116 class llc_socket
    117 class can_socket
    118 class tipc_socket
    119 class bluetooth_socket
    120 class iucv_socket
    121 class rxrpc_socket
    122 class isdn_socket
    123 class phonet_socket
    124 class ieee802154_socket
    125 class caif_socket
    126 class alg_socket
    127 class nfc_socket
    128 class vsock_socket
    129 class kcm_socket
    130 class qipcrtr_socket
    131 class smc_socket
    132 
    133 # Property service
    134 class property_service          # userspace
    135 
    136 # Service manager
    137 class service_manager           # userspace
    138 
    139 # hardware service manager      # userspace
    140 class hwservice_manager
    141 
    142 # Keystore Key
    143 class keystore_key              # userspace
    144 
    145 class drmservice                # userspace
    146 # FLASK
    147