Lines Matching refs:domain

2 type bpfloader, domain;
20 neverallow { domain -init -vendor_init } fs_bpf:dir setattr;
21 neverallow { domain -bpfloader } fs_bpf:dir { write add_name };
22 neverallow domain fs_bpf:dir { reparent rename rmdir };
25 neverallow { domain -bpfloader -init -vendor_init } fs_bpf:file setattr;
26 neverallow { domain -bpfloader } fs_bpf:file create;
27 neverallow domain fs_bpf:file { rename unlink };
29 neverallow { domain -bpfloader } *:bpf { map_create prog_load };
30 neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -system_server } *:bpf prog_run;
31 neverallow { domain -bpfloader -gpuservice -netd -system_server } *:bpf { map_read map_write };
33 neverallow { domain -bpfloader -init } bpfloader_exec:file { execute execute_no_trans };
35 neverallow bpfloader domain:{ tcp_socket udp_socket rawip_socket } *;
37 # No domain should be allowed to ptrace bpfloader
38 neverallow { domain userdebug_or_eng(`-llkd') } bpfloader:process ptrace;