Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 6772c50574d4e7daf4682f0303f8f37c3f600c67^! / . / private / security_classes
commit6772c50574d4e7daf4682f0303f8f37c3f600c67[log] [tgz]
authorThiƩbaud Weksteen <tweek@google.com>Wed May 15 13:12:40 2024 +1000
committerThiƩbaud Weksteen <tweek@google.com>Wed May 15 04:45:20 2024 +0000
tree9f640f14248ae59c4ee491269b26070d6c9c39a2
parent4b79c66714e216a1d918127d8ff6be3a44ba6ba6 [diff] [blame]
Define new kernel security classes

Define new classes and access vectors recognised by the kernel.

Bug: 340491179
Test: boot and check logs for undefined class or permission
Change-Id: I9b32916ea231cf396aa326ed7e08cb14e4eb2c9b

diff --git a/private/security_classes b/private/security_classes
index 99f947f..1d13d9f 100644
--- a/private/security_classes
+++ b/private/security_classes

@@ -133,13 +133,13 @@
 class kcm_socket
 class qipcrtr_socket
 class smc_socket
+class xdp_socket
+class mctp_socket
 
 class process2
 
 class bpf
 
-class xdp_socket
-
 class perf_event
 
 class io_uring
@@ -147,6 +147,8 @@
 # Introduced in https://github.com/torvalds/linux/commit/59438b46471ae6cdfb761afc8c9beaf1e428a331
 class lockdown
 
+class user_namespace
+
 # Property service
 class property_service          # userspace