Lines Matching refs:domain
4 allow domain init:process sigchld;
6 # Intra-domain accesses.
7 allow domain self:process {
24 allow domain self:fd use;
25 allow domain proc:dir r_dir_perms;
26 allow domain proc_net:dir search;
27 r_dir_file(domain, self)
28 allow domain self:{ fifo_file file } rw_file_perms;
29 allow domain self:unix_dgram_socket { create_socket_perms sendto };
30 allow domain self:unix_stream_socket { create_stream_socket_perms connectto };
33 allow domain init:fd use;
37 allow domain su:unix_stream_socket connectto;
38 allow domain su:fd use;
39 allow domain su:unix_stream_socket { getattr getopt read write shutdown };
41 allow { domain -init } su:binder { call transfer };
42 allow { domain -init } su:fd use;
46 allow domain su:fifo_file { write getattr };
49 allow domain su:process sigchld;
52 allow domain coredump_file:file create_file_perms;
53 allow domain coredump_file:dir ra_dir_perms;
57 allow domain rootfs:dir search;
58 allow domain rootfs:lnk_file { read getattr };
61 allow domain device:dir search;
62 allow domain dev_type:lnk_file r_file_perms;
63 allow domain devpts:dir search;
64 allow domain socket_device:dir r_dir_perms;
65 allow domain owntty_device:chr_file rw_file_perms;
66 allow domain null_device:chr_file rw_file_perms;
67 allow domain zero_device:chr_file rw_file_perms;
68 allow domain ashmem_device:chr_file rw_file_perms;
77 not_full_treble(`allow { domain -hwservicemanager -vndservicemanager } binder_device:chr_file rw_fi…
78 allow { domain -servicemanager -vndservicemanager -isolated_app } hwbinder_device:chr_file rw_file_…
79 allow domain ptmx_device:chr_file rw_file_perms;
80 allow domain alarm_device:chr_file r_file_perms;
81 allow domain random_device:chr_file rw_file_perms;
82 allow domain properties_device:dir { search getattr };
83 allow domain properties_serial:file r_file_perms;
87 get_prop(domain, core_property_type)
90 get_prop(domain, log_property_type)
91 dontaudit domain property_type:file audit_access;
92 allow domain property_contexts_file:file r_file_perms;
94 allow domain init:key search;
95 allow domain vold:key search;
98 write_logd(domain)
101 allow domain system_file:dir { search getattr };
102 allow domain system_file:file { execute read open getattr map };
103 allow domain system_file:lnk_file { getattr read };
108 allow domain vendor_file_type:dir { search getattr };
109 allow domain vendor_file_type:file { execute read open getattr map };
110 allow domain vendor_file_type:lnk_file { getattr read };
116 allow domain vendor_hal_file:dir r_dir_perms;
119 allow domain same_process_hal_file:dir r_dir_perms;
120 allow domain same_process_hal_file:file { execute read open getattr map };
124 allow domain vndk_sp_file:dir r_dir_perms;
125 allow domain vndk_sp_file:file { execute read open getattr map };
128 allow domain vendor_configs_file:dir r_dir_perms;
129 allow domain vendor_configs_file:file { read open getattr };
133 allow domain vendor_file:lnk_file { getattr open read };
138 allow domain vendor_file:dir { getattr search };
141 allow { domain -coredomain } vendor_file_type:dir r_dir_perms;
142 allow { domain -coredomain } vendor_file_type:file { read open getattr execute map };
143 allow { domain -coredomain } vendor_file_type:lnk_file { getattr read };
147 allow domain sysfs:lnk_file { getattr read };
151 r_dir_file(domain, zoneinfo_data_file)
154 r_dir_file(domain, sysfs_devices_system_cpu)
156 r_dir_file(domain, sysfs_usb);
159 not_full_treble(`allow domain system_data_file:dir getattr;')
163 allow domain system_data_file:dir search;
166 allow domain proc:lnk_file { getattr read };
169 allow domain proc_cpuinfo:file r_file_perms;
172 allow domain proc_overcommit_memory:file r_file_perms;
175 allow domain proc_perf:file r_file_perms;
178 allow domain selinuxfs:dir search;
179 allow domain selinuxfs:file getattr;
180 allow domain sysfs:dir search;
181 allow domain selinuxfs:filesystem getattr;
184 allow domain cgroup:dir { search write };
185 allow domain cgroup:file w_file_perms;
190 allow domain debugfs:dir search;
191 allow domain debugfs_tracing:dir search;
192 allow domain debugfs_trace_marker:file w_file_perms;
195 allow domain fs_type:filesystem getattr;
196 allow domain fs_type:dir getattr;
200 # defaults for all processes. Note that granting this allowlist to domain does
203 allowxperm domain domain:{ rawip_socket tcp_socket udp_socket }
206 allowxperm domain domain:{ unix_dgram_socket unix_stream_socket }
210 # Note that granting this allowlist to domain does
213 allowxperm domain devpts:chr_file ioctl unpriv_tty_ioctls;
217 allow { domain -domain } hwservice_manager_type:hwservice_manager { add find };
220 allow { domain -domain } vndservice_manager_type:service_manager { add find };
223 with_asan(`allow domain system_data_file:dir getattr;')
230 neverallowxperm domain domain:socket_class_set ioctl { 0 };
237 # Do not allow any domain other than init or recovery to create unlabeled files.
238 neverallow { domain -init -recovery } unlabeled:dir_file_class_set create;
242 domain
251 domain
252 userdebug_or_eng(`-domain')
265 # No domain needs mac_override as it is unused by SELinux.
269 neverallow { domain -recovery } self:capability2 mac_admin;
276 # init starts in kernel domain and switches to init domain via setcon in
280 neverallow { domain -kernel } kernel:security setcheckreqprot;
288 neverallow { domain -init } kernel:security setsecparam;
292 domain
304 domain
312 domain
319 neverallow { domain -init } usermodehelper:file { append write };
320 neverallow { domain -init -ueventd } sysfs_usermodehelper:file { append write };
321 neverallow { domain -init } proc_security:file { append open read write };
323 # No domain should be allowed to ptrace init.
327 # triggered, it's probably due to a service with no SELinux domain.
332 neverallow { domain -kernel -init -recovery } block_device:blk_file { open read write };
341 neverallow domain device:chr_file { open read write };
346 neverallow { domain -kernel -init -recovery -vold -zygote -update_engine -otapreopt_chroot } { fs_t…
353 domain
370 domain
375 neverallow domain { cache_file cache_backup_file cache_private_backup_file cache_recovery_file }:fi…
379 domain
388 neverallow { domain userdebug_or_eng(`-shell') } nativetest_data_file:file no_x_file_perms;
391 neverallow { domain -init } property_data_file:dir no_w_dir_perms;
392 neverallow { domain -init } property_data_file:file { no_w_file_perms no_x_file_perms };
393 neverallow { domain -init } property_type:file { no_w_file_perms no_x_file_perms };
394 neverallow { domain -init } properties_device:file { no_w_file_perms no_x_file_perms };
395 neverallow { domain -init } properties_serial:file { no_w_file_perms no_x_file_perms };
399 domain
408 neverallow { domain -recovery -kernel with_asan(`-asan_extract') } { system_file vendor_file_type e…
412 neverallow { domain -init } { system_file vendor_file_type }:dir_file_class_set mounton;
424 neverallow { domain -recovery } contextmount_type:dir_file_class_set
447 neverallow { domain -init } default_prop:property_service set;
448 neverallow { domain -init } mmc_prop:property_service set;
453 domain
466 neverallow { domain -init -system_server } firstboot_prop:file r_file_perms;
469 domain
480 neverallow { domain -init -recovery -vold } metadata_block_device:blk_file
483 # No domain other than recovery and update_engine can write to system partition(s).
484 neverallow { domain -recovery -update_engine } system_block_device:blk_file write;
487 neverallow { domain -install_recovery -recovery } recovery_block_device:blk_file write;
494 domain
495 userdebug_or_eng(`-domain') # exclude debuggable builds
506 neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr;
516 # domain apps need this because Android framework offers many of its services to apps as Binder
520 domain
526 domain
556 domain
589 # Core domains are not permitted to initiate communications to vendor domain sockets.
599 domain
603 # Vendor domains are not permitted to initiate communications to core domain sockets
605 domain
611 -logd # Logging by writing to logd Unix domain socket is public API
622 domain
630 domain
723 domain
738 domain
749 domain
760 neverallow { domain -zygote -system_server } zygote:unix_stream_socket connectto;
761 neverallow { domain -system_server } zygote_socket:sock_file write;
763 neverallow { domain -system_server -webview_zygote } webview_zygote:unix_stream_socket connectto;
764 neverallow { domain -system_server } webview_zygote_socket:sock_file write;
767 domain
780 neverallow { domain -dumpstate -system_server } tombstoned_intercept_socket:sock_file write;
781 neverallow { domain -dumpstate -system_server } tombstoned_intercept_socket:unix_stream_socket conn…
808 neverallow { domain userdebug_or_eng(`-dumpstate -shell -su') } su_exec:file no_x_file_perms;
829 neverallow { domain -untrusted_app_all } file_type:file execmod;
831 neverallow { domain -init } proc:{ file dir } mounton;
834 # in the domain attribute, so that all allow and neverallow rules
835 # written on domain are applied to all processes.
837 # from a domain to a non-domain type and vice versa.
838 # TODO - rework this: neverallow domain ~domain:process { transition dyntransition };
839 neverallow ~domain domain:process { transition dyntransition };
850 domain
863 domain
878 domain
884 # Only these domains should transition to shell domain. This domain is
886 # script with differing privilege, define a domain and set up a transition.
889 domain
897 neverallow { domain -runas -webview_zygote -zygote } {
904 domain
911 domain
922 domain
932 domain
945 domain
974 # executable file used to enter a domain should be labeled
975 # with its own _exec type, not with the domain type.
978 # type mydaemon, domain;
983 neverallow * domain:file { execute execute_no_trans entrypoint };
989 neverallow { domain -init -system_server -dumpstate } debugfs:file no_rw_file_perms;
994 domain
1007 domain
1012 neverallow domain crash_dump:process noatsecure;