Searched refs:su (Results 1 – 25 of 152) sorted by relevance
1234567
/system/sepolicy/prebuilts/api/30.0/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su { kernel file_type }:system *; [all …]
|
D | cameraserver.te | 71 allow cameraserver su:fd use; 72 allow cameraserver su:fifo_file { read write }; 73 allow cameraserver su:unix_stream_socket { read write };
|
/system/sepolicy/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su { kernel file_type }:system *; [all …]
|
/system/sepolicy/prebuilts/api/28.0/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su kernel:system *; [all …]
|
D | cameraserver.te | 62 allow cameraserver su:fd use; 63 allow cameraserver su:fifo_file { read write }; 64 allow cameraserver su:unix_stream_socket { read write };
|
/system/sepolicy/prebuilts/api/29.0/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su { kernel file_type }:system *; [all …]
|
D | cameraserver.te | 71 allow cameraserver su:fd use; 72 allow cameraserver su:fifo_file { read write }; 73 allow cameraserver su:unix_stream_socket { read write };
|
/system/sepolicy/prebuilts/api/27.0/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su kernel:system *; [all …]
|
/system/sepolicy/prebuilts/api/26.0/public/ |
D | su.te | 3 type su, domain; 9 # Domain used for su processes, as well as for adbd and adb shell 12 typeattribute su mlstrustedsubject; 14 # Add su to various domains 15 net_domain(su) 17 # grant su access to vndbinder 18 vndbinder_use(su) 20 dontaudit su self:capability_class_set *; 21 dontaudit su kernel:security *; 22 dontaudit su kernel:system *; [all …]
|
/system/sepolicy/prebuilts/api/27.0/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 16 # su is also permissive to permit setenforce. 17 permissive su; 19 app_domain(su)
|
/system/sepolicy/prebuilts/api/26.0/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 16 # su is also permissive to permit setenforce. 17 permissive su; 19 app_domain(su)
|
/system/sepolicy/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 17 domain_auto_trans(su, perfetto_exec, perfetto) 19 # su is also permissive to permit setenforce. 20 permissive su; [all …]
|
D | init.te | 28 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng 29 allow init su:process transition; 30 dontaudit init su:process noatsecure; 31 allow init su:process { siginh rlimitinh };
|
D | perfetto.te | 30 allow perfetto { statsd shell su }:fd use; 31 allow perfetto { statsd shell su }:fifo_file { getattr read write }; 54 # As above, when adbd is running in "su" domain (only the ioctl is denied in 56 dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
|
/system/sepolicy/prebuilts/api/30.0/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 17 domain_auto_trans(su, perfetto_exec, perfetto) 19 # su is also permissive to permit setenforce. 20 permissive su; [all …]
|
D | init.te | 28 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng 29 allow init su:process transition; 30 dontaudit init su:process noatsecure; 31 allow init su:process { siginh rlimitinh };
|
D | app.te | 30 # Exception for the shell and su domains, can transition to runas, etc. 34 neverallow { appdomain -shell userdebug_or_eng(`-su') } 36 neverallow { appdomain -shell userdebug_or_eng(`-su') }
|
D | perfetto.te | 30 allow perfetto { statsd shell su }:fd use; 31 allow perfetto { statsd shell su }:fifo_file { getattr read write }; 54 # As above, when adbd is running in "su" domain (only the ioctl is denied in 56 dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
|
/system/sepolicy/prebuilts/api/29.0/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 17 domain_auto_trans(su, perfetto_exec, perfetto) 19 # su is also permissive to permit setenforce. 20 permissive su; [all …]
|
D | init.te | 27 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng 28 allow init su:process transition; 29 dontaudit init su:process noatsecure; 30 allow init su:process { siginh rlimitinh };
|
D | app.te | 10 # Exception for the shell and su domains, can transition to runas, etc. 14 neverallow { appdomain -shell userdebug_or_eng(`-su') } 16 neverallow { appdomain -shell userdebug_or_eng(`-su') }
|
/system/sepolicy/prebuilts/api/28.0/private/ |
D | su.te | 2 typeattribute su coredomain; 4 domain_auto_trans(shell, su_exec, su) 5 # Allow dumpstate to call su on userdebug / eng builds to collect 7 domain_auto_trans(dumpstate, su_exec, su) 9 # Make sure that dumpstate runs the same from the "su" domain as 11 domain_auto_trans(su, dumpstate_exec, dumpstate) 14 domain_auto_trans(su, incident_exec, incident) 17 domain_auto_trans(su, perfetto_exec, perfetto) 19 # su is also permissive to permit setenforce. 20 permissive su; [all …]
|
D | perfprofd.te | 6 # Only servicemanager, statsd, su and systemserver can communicate. 8 neverallow perfprofd { domain userdebug_or_eng(`-servicemanager -statsd -su -system_server') }:bind…
|
/system/extras/su/ |
D | Android.mk | 6 LOCAL_SRC_FILES:= su.cpp 8 LOCAL_MODULE:= su
|
/system/apex/tests/testdata/ |
D | trigger_watchdog.rc | 5 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_watchdog.sh 11 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_reboot.sh 16 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_reboot.sh
|
1234567