Searched refs:audit (Results 1 – 22 of 22) sorted by relevance
/system/core/logd/ |
D | README.auditd | 3 The audit daemon is a simplified version of its desktop 4 counterpart designed to gather the audit logs from the 5 audit kernel subsystem. The audit subsystem of the kernel 8 To enable the audit subsystem, you must add this to your
|
D | LogAudit.cpp | 419 char* audit = strstr(buf, " audit("); in log() local 420 if (!audit || (audit >= &buf[len])) { in log() 424 *audit = '\0'; in log() 429 rc = logPrint("%s %s", type, audit + 1); in log() 431 rc = logPrint("%s", audit + 1); in log() 433 *audit = ' '; in log()
|
D | README.property | 4 ro.logd.auditd bool true Enable selinux audit daemon 5 ro.logd.auditd.dmesg bool true selinux audit messages sent to dmesg. 6 ro.logd.auditd.main bool true selinux audit messages sent to main. 7 ro.logd.auditd.events bool true selinux audit messages sent to events.
|
/system/sepolicy/vendor/ |
D | hal_wifi_supplicant_default.te | 23 # Write to security logs for audit.
|
/system/sepolicy/private/ |
D | dexoptanalyzer.te | 25 # "dontaudit...audit_access" policy line to suppress the audit access without
|
/system/sepolicy/prebuilts/api/27.0/private/ |
D | dexoptanalyzer.te | 25 # "dontaudit...audit_access" policy line to suppress the audit access without
|
/system/sepolicy/prebuilts/api/28.0/private/ |
D | dexoptanalyzer.te | 25 # "dontaudit...audit_access" policy line to suppress the audit access without
|
/system/sepolicy/prebuilts/api/26.0/public/ |
D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
D | init.te | 336 # Send an SELinux userspace denial to the kernel audit subsystem,
|
/system/sepolicy/prebuilts/api/27.0/public/ |
D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
D | init.te | 341 # Send an SELinux userspace denial to the kernel audit subsystem,
|
/system/sepolicy/prebuilts/api/28.0/public/ |
D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
D | property.te | 141 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear 142 # in the audit log
|
D | init.te | 412 # Send an SELinux userspace denial to the kernel audit subsystem,
|
/system/sepolicy/public/ |
D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
D | property.te | 141 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear 142 # in the audit log
|
D | init.te | 412 # Send an SELinux userspace denial to the kernel audit subsystem,
|
/system/sepolicy/tools/sepolicy-analyze/ |
D | README | 18 conditional rules, audit-related rules (auditallow or dontaudit),
|
/system/tpm/trunks/generator/ |
D | raw_commands.txt | 1037 audit will follow the handles used for authorization. 1356 authorization sessions, or the audit session, or a session may be added for the single 1360 authorization sessions, or the audit session if present, ora session may be added for the 1695 audit data and will return a 10-octet response packet. 1724 Additionally, if the command is being audited by Command Audit, the audit digest is updated with the 2042 audit and session contexts will be updated if the command response is TPM_RC_SUCCESS; and 2649 // Restore/Initialize command audit information 2724 the command audit digest and count. 3617 the session is not an audit session; and 11810 authorization or audit of this command requires computation of a cpHash and an rpHash, the Name [all …]
|
D | raw_commands_fixed.txt | 1037 audit will follow the handles used for authorization. 1356 authorization sessions, or the audit session, or a session may be added for the single 1360 authorization sessions, or the audit session if present, ora session may be added for the 1695 audit data and will return a 10-octet response packet. 1724 Additionally, if the command is being audited by Command Audit, the audit digest is updated with the 2042 audit and session contexts will be updated if the command response is TPM_RC_SUCCESS; and 2649 // Restore/Initialize command audit information 2724 the command audit digest and count. 3617 the session is not an audit session; and 11821 authorization or audit of this command requires computation of a cpHash and an rpHash, the Name [all …]
|
D | raw_structures.txt | 4748 command failed because audit sequence required 6847 the high-order 32 bits of the command audit counter 6853 the low-order 32 bits of the command audit counter 8703 indicates that the session is exclusive. This setting is only allowed if the audit 8705 CLEAR (0): If audit is CLEAR, then this field is reserved but the error is 8713 SET (1): In a command, this setting indicates that the audit digest of the session 8715 CLEAR (0): If audit is CLEAR, then this field is reserved but the error is 8786 SET (1): In a command or response, this setting indicates that the session is for audit 8790 CLEAR (0): Session is not used for audit. 8792 audit [all …]
|
D | raw_structures_fixed.txt | 4742 command failed because audit sequence required 6872 the high-order 32 bits of the command audit counter 6878 the low-order 32 bits of the command audit counter 8731 indicates that the session is exclusive. This setting is only allowed if the audit 8733 CLEAR (0): If audit is CLEAR, then this field is reserved but the error is 8741 SET (1): In a command, this setting indicates that the audit digest of the session 8743 CLEAR (0): If audit is CLEAR, then this field is reserved but the error is 8814 SET (1): In a command or response, this setting indicates that the session is for audit 8818 CLEAR (0): Session is not used for audit. 8820 audit [all …]
|