Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-15 / private / domain.te
  1. e4adb48 Merge tag 'android-15.0.0_r32' of https://android.googlesource.com/platform/system/sepolicy into HEAD by micky387 · 4 months ago android-15
  2. 79ae2b3 Merge tag 'android-15.0.0_r6' of https://android.googlesource.com/platform/system/sepolicy into HEAD by micky387 · 9 months ago
  3. 3d38997 Merge "SELinux update to support aconfigd_mainline process" into main by Dennis Shen · 9 months ago
  4. 2778369 SELinux update to support aconfigd_mainline process by Dennis Shen · 11 months ago
  5. e7cd0eb Sepolicy setting for crosvm virtiofs mounts by Akilesh Kailash · 9 months ago
  6. 10e3d1f Remove new storage test mission marker file code now that new storage is by Dennis Shen · 9 months ago
  7. f3ed14b Merge "Resolve neverallow in retrofit devices" into main by Treehugger Robot · 9 months ago
  8. 2fd9806 Revert "Add sepolicy for terminal app for composite disk and disk resizing" by Jiyong Park · 9 months ago
  9. 4d105f3 Merge "Add update provider to SELinux policy" into main by Treehugger Robot · 10 months ago
  10. 6b6aae4 Add update provider to SELinux policy by Brian Daniels · 10 months ago
  11. 1f1e4ca Add sepolicy for terminal app for composite disk and disk resizing by Mu-Le Lee · 10 months ago
  12. 6a8e53d sepolicy for crosvm to support virtiofs by Akilesh Kailash · 10 months ago
  13. 44688e6 Merge "Allow vendor domain to access bootstrap bionic libs" into main by Yi-Yo Chiang · 10 months ago
  14. ad4802f Allow vendor domain to access bootstrap bionic libs by Yi-Yo Chiang · 11 months ago
  15. cc8b099 Merge changes I7cc45fd9,I8c2b554f into main by T.J. Mercier · 11 months ago
  16. b1c28c1 Merge "Allow access to cgroups.json files" into main by T.J. Mercier · 11 months ago
  17. d85b55d Collapse task_profiles_api_file into task_profiles_file by T.J. Mercier · 11 months ago
  18. 55c17f2 Collapse cgroup_desc_api_file into cgroup_desc_file by T.J. Mercier · 11 months ago
  19. 71481bf Add tradeinmode sepolicy. by David Anderson · 11 months ago
  20. 3fce5ad Add an adb_tradeinmode type for restricted adbd. by David Anderson · 11 months ago
  21. c5c9753 Resolve neverallow in retrofit devices by Michael Bestas · 1 year, 3 months ago
  22. 852d19b Allow access to cgroups.json files by T.J. Mercier · 11 months ago
  23. 041b53e Revert "Allow system to access all cgroups.json files" by Priyanka Advani (xWF) · 11 months ago
  24. 051406b Allow system to access all cgroups.json files by T.J. Mercier · 1 year, 1 month ago
  25. a4fddc0 Allow apexd to rename files in /data/apex/decompressed by Jooyung Han · 12 months ago
  26. 1b2f74f sepolicy: allow update angine and syslog read by Marko Man · 5 years ago
  27. 994245a Hide ro.debuggable and ro.secure from app zygote by Han Wang · 12 months ago
  28. 9f12753 Merge "dontaudit permissions to check for the presence of hwservicemanager binary" into main by Treehugger Robot · 1 year ago
  29. f3fb64a sepolicy: add rules for bionic.linker.16kb.app_compat.enabled by Kalesh Singh · 1 year ago
  30. cd79a43 dontaudit permissions to check for the presence of hwservicemanager binary by Devin Moore · 1 year, 1 month ago
  31. 9b12ddd Remove SELinux rules for dexoptanalyzer. by Jiakai Zhang · 1 year, 2 months ago
  32. f7dcc53 Add neverallow rules to ensure successful kill by artd. by Jiakai Zhang · 1 year, 2 months ago
  33. d2c9226 Merge "Revert^2 "Allow anyone to read aconfig test mission file"" into main by Treehugger Robot · 1 year, 2 months ago
  34. eaeb65f Revert^2 "Allow anyone to read aconfig test mission file" by Ted Bauer · 1 year, 2 months ago
  35. 57076f9 Merge "Revert "Allow anyone to read aconfig test mission file"" into main by Liana Kazanova · 1 year, 2 months ago
  36. 229b78b Revert "Allow anyone to read aconfig test mission file" by Liana Kazanova · 1 year, 2 months ago
  37. 8def2aa Merge "Allow anyone to read aconfig test mission file" into main by Treehugger Robot · 1 year, 2 months ago
  38. c2e0234 Allow anyone to read aconfig test mission file by Ted Bauer · 1 year, 2 months ago
  39. 1cf6c42 Disallow relabeling vsock by Alan Stokes · 1 year, 3 months ago
  40. 33bc92d selinux: allow everybody to read flags from RO flag storage file by Dennis Shen · 1 year, 3 months ago
  41. 248f0e0 Update transaction log permissions. by Steven Moreland · 1 year, 4 months ago
  42. 5f805d0 Merge "sepolicy: Add rules for /sys/kernel/mm/pgsize_migration/enabled" into main by Kalesh Singh · 1 year, 4 months ago
  43. 3a4c68d sepolicy: Add rules for /sys/kernel/mm/pgsize_migration/enabled by Kalesh Singh · 1 year, 5 months ago
  44. b071882 Allow system app and update_engine to read OTA from /vendor by Pawan Wagh · 1 year, 4 months ago
  45. 27b515e Add SELinux policy for storage areas by Ellen Arteca · 1 year, 4 months ago
  46. ba5998d Merge "Let system server set permissions on marker file" into main by Ted Bauer · 1 year, 5 months ago
  47. 8640553 Let system server set permissions on marker file by Ted Bauer · 1 year, 5 months ago
  48. abf12e1 Remove sepolicy for viewcompiler by Jared Duke · 1 year, 11 months ago
  49. dfc018f Merge "Allow system_server to read binderfs state file" into main by Devin Moore · 1 year, 5 months ago
  50. 9645657 Allow system_server to read binderfs state file by Devin Moore · 1 year, 7 months ago
  51. 75806ef Minimize public policy by Inseob Kim · 1 year, 5 months ago
  52. e98c6d2 Merge "Update SELinux policy for Pre-reboot Dexopt." into main by Jiakai Zhang · 1 year, 5 months ago
  53. 4acd073 Update SELinux policy for Pre-reboot Dexopt. by Jiakai Zhang · 1 year, 6 months ago
  54. a2b17ab Make system_aconfig_storage_file domain-readable by Ted Bauer · 1 year, 6 months ago
  55. 9a5b2f5 allow domain search for /metadata dir by Dennis Shen · 1 year, 6 months ago
  56. cd560f1 allow all domain search permission for aconfig_storage_metadata_file dir by Dennis Shen · 1 year, 6 months ago
  57. 30fdc75 Merge "update aconfigd selinux policy" into main by Dennis Shen · 1 year, 6 months ago
  58. 89a2c69 update aconfigd selinux policy by Dennis Shen · 1 year, 6 months ago
  59. 662d5e6 allow system server to search into /metadata/aconfig dir by Dennis Shen · 1 year, 6 months ago
  60. 6b9aa6d kcmdlinectrl: define system property for kcmdlinectrl by Alice Ryhl · 1 year, 7 months ago
  61. f008c29 aconfig_storage: setup RO partitions aconfig storage files SELinux policy by Dennis Shen · 1 year, 6 months ago
  62. 2659257 aconfigd: create aconfig daemon selinux policy by Dennis Shen · 1 year, 6 months ago
  63. 9fca326 Merge changes from topic "misctrl" into main by Steven Moreland · 1 year, 7 months ago
  64. 66c5bea Allow shell/toolbox for all domains by Jooyung Han · 1 year, 7 months ago
  65. b4f42d4 intro misctrl by Steven Moreland · 1 year, 7 months ago
  66. d2a0892 Introduce vendor_microdroid_file for microdroid vendor image by Seungjae Yoo · 1 year, 10 months ago
  67. cc5cb43 Stop granting permissions on keystore_key class by Eric Biggers · 1 year, 11 months ago
  68. 3e8e8ea Revert "Revert "SELinux policy changes for uprobe."" by Yu-Ting Tseng · 2 years ago
  69. 1064f51 Let incidentd read the wakeup_sources debugfs node for userdebug/eng builds by Isaac J. Manjarres · 2 years ago
  70. 486fa9f Revert "Remove fsverity_init SELinux rules" by Yunkai Lim · 2 years, 1 month ago
  71. 306f510 Remove fsverity_init SELinux rules by Eric Biggers · 2 years, 2 months ago
  72. b6211b8 Introduce vendor_apex_metadata_file by Jooyung Han · 2 years, 3 months ago
  73. 30c25de Merge changes from topic "artsrv-experiment-flag" by Treehugger Robot · 2 years, 3 months ago
  74. 612011b Merge "Relax sepolicy for device_config_runtime_native_*." by Treehugger Robot · 2 years, 4 months ago
  75. e1ac267 Allow the ART boot oneshot service to configure ART config properties. by Martin Stjernholm · 2 years, 4 months ago
  76. 2ae45c5 Create sdk_sandbox_all. by Mugdha Lakhani · 2 years, 4 months ago
  77. 4479b9d Relax sepolicy for device_config_runtime_native_*. by Evgenii Stepanov · 2 years, 4 months ago
  78. 87143bd Revert "Introduce a new sdk_sandbox domain" by Martin Stjernholm · 2 years, 4 months ago
  79. 3049624 Introduce a new sdk_sandbox domain by Mugdha Lakhani · 2 years, 6 months ago
  80. 6e5f8d5 Merge "Allow virtualizationmanager to open test artifacts in shell_data_file" by Treehugger Robot · 2 years, 5 months ago
  81. 0783a9c Allow virtualizationmanager to open test artifacts in shell_data_file by Jaewan Kim · 2 years, 5 months ago
  82. 6b5da95 Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf by Paul Lawrence · 2 years, 6 months ago
  83. 5e94b16 [dice] Remove all the sepolicy relating the hal service dice by Alice Wang · 2 years, 7 months ago
  84. b01c7ad Merge "Allow crash_dump on crosvm" by Frederick Mayle · 2 years, 7 months ago
  85. 17caa22 Correct hal_configstore label used in profiler rules by Ryan Savitski · 2 years, 7 months ago
  86. 4f5390d Allow crash_dump on crosvm by Frederick Mayle · 2 years, 7 months ago
  87. 3926d95 Merge "Add dropbox entries as files to dumpstate ZIP." by Jeff Sharkey · 2 years, 7 months ago
  88. ef5e5c8 Add dropbox entries as files to dumpstate ZIP. by Jeff Sharkey · 2 years, 7 months ago
  89. b9a365a Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" by Ryan Savitski · 2 years, 7 months ago
  90. 941ba72 sepolicy: rework perfetto producer/profiler rules for "user" builds by Ryan Savitski · 2 years, 7 months ago
  91. 7602d0f Non app processes shouldn't be able to peek checkin data by Sumit Bhagwani · 2 years, 7 months ago
  92. cbeec8f Merge "[MTE] Add memory_safety_native_boot namespace" by Florian Mayer · 2 years, 7 months ago
  93. 94926f5 [MTE] Add memory_safety_native_boot namespace by Florian Mayer · 2 years, 7 months ago
  94. ccf8014 Share isolated properties across islolated apps by Charles Chen · 2 years, 8 months ago
  95. 55d808c Start using virtmgr for running VMs by David Brazdil · 2 years, 9 months ago
  96. bc9ce78 Merge "Don't crash_dump crosvm" by Treehugger Robot · 2 years, 9 months ago
  97. 6ed1bd9 Don't crash_dump crosvm by Alan Stokes · 2 years, 9 months ago
  98. 7b843d4 Allow crosvm to open test artifacts in shell_data_file by Jaewan Kim · 2 years, 9 months ago
  99. 24d90e7 Hide ro.debuggable and ro.secure from ephemeral and isolated applications by Alessandra Loro · 2 years, 10 months ago
  100. bcc04e6 Move get_prop rules from public/domain.te to private/domain.te by Sandro · 2 years, 10 months ago