Lines Matching refs:domain
2 type bpfloader, domain;
23 neverallow { domain -init -vendor_init } { fs_bpf fs_bpf_tethering }:dir { open read setattr };
24 neverallow { domain -bpfloader } { fs_bpf fs_bpf_tethering }:dir { add_name create write };
25 neverallow domain { fs_bpf fs_bpf_tethering }:dir ~{ add_name create getattr mounton open read sear…
28 neverallow { domain -bpfloader -init -vendor_init } { fs_bpf fs_bpf_tethering }:file { map open set…
29 neverallow { domain -bpfloader } { fs_bpf fs_bpf_tethering }:file create;
30 neverallow { domain -bpfloader -gpuservice -init -lmkd -netd -netutils_wrapper -network_stack -syst…
31 neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -network_stack -system_server } …
32 neverallow domain { fs_bpf fs_bpf_tethering }:file ~{ create map open read setattr write };
34 neverallow { domain -bpfloader } *:bpf { map_create prog_load };
35 neverallow { domain -bpfloader -gpuservice -netd -netutils_wrapper -network_stack -system_server } …
36 neverallow { domain -bpfloader -gpuservice -lmkd -netd -network_stack -system_server } *:bpf { map_…
38 neverallow { domain -bpfloader -init } bpfloader_exec:file { execute execute_no_trans };
42 # No domain should be allowed to ptrace bpfloader
43 neverallow { domain userdebug_or_eng(`-llkd') } bpfloader:process ptrace;