1*e4a36f41SAndroid Build Coastguard Worker# 2*e4a36f41SAndroid Build Coastguard Worker# Define common prefixes for access vectors 3*e4a36f41SAndroid Build Coastguard Worker# 4*e4a36f41SAndroid Build Coastguard Worker# common common_name { permission_name ... } 5*e4a36f41SAndroid Build Coastguard Worker 6*e4a36f41SAndroid Build Coastguard Worker 7*e4a36f41SAndroid Build Coastguard Worker# 8*e4a36f41SAndroid Build Coastguard Worker# Define a common prefix for file access vectors. 9*e4a36f41SAndroid Build Coastguard Worker# 10*e4a36f41SAndroid Build Coastguard Worker 11*e4a36f41SAndroid Build Coastguard Workercommon file 12*e4a36f41SAndroid Build Coastguard Worker{ 13*e4a36f41SAndroid Build Coastguard Worker ioctl 14*e4a36f41SAndroid Build Coastguard Worker read 15*e4a36f41SAndroid Build Coastguard Worker write 16*e4a36f41SAndroid Build Coastguard Worker create 17*e4a36f41SAndroid Build Coastguard Worker getattr 18*e4a36f41SAndroid Build Coastguard Worker setattr 19*e4a36f41SAndroid Build Coastguard Worker lock 20*e4a36f41SAndroid Build Coastguard Worker relabelfrom 21*e4a36f41SAndroid Build Coastguard Worker relabelto 22*e4a36f41SAndroid Build Coastguard Worker append 23*e4a36f41SAndroid Build Coastguard Worker map 24*e4a36f41SAndroid Build Coastguard Worker unlink 25*e4a36f41SAndroid Build Coastguard Worker link 26*e4a36f41SAndroid Build Coastguard Worker rename 27*e4a36f41SAndroid Build Coastguard Worker execute 28*e4a36f41SAndroid Build Coastguard Worker quotaon 29*e4a36f41SAndroid Build Coastguard Worker mounton 30*e4a36f41SAndroid Build Coastguard Worker audit_access 31*e4a36f41SAndroid Build Coastguard Worker open 32*e4a36f41SAndroid Build Coastguard Worker execmod 33*e4a36f41SAndroid Build Coastguard Worker watch 34*e4a36f41SAndroid Build Coastguard Worker watch_mount 35*e4a36f41SAndroid Build Coastguard Worker watch_sb 36*e4a36f41SAndroid Build Coastguard Worker watch_with_perm 37*e4a36f41SAndroid Build Coastguard Worker watch_reads 38*e4a36f41SAndroid Build Coastguard Worker} 39*e4a36f41SAndroid Build Coastguard Worker 40*e4a36f41SAndroid Build Coastguard Worker 41*e4a36f41SAndroid Build Coastguard Worker# 42*e4a36f41SAndroid Build Coastguard Worker# Define a common prefix for socket access vectors. 43*e4a36f41SAndroid Build Coastguard Worker# 44*e4a36f41SAndroid Build Coastguard Worker 45*e4a36f41SAndroid Build Coastguard Workercommon socket 46*e4a36f41SAndroid Build Coastguard Worker{ 47*e4a36f41SAndroid Build Coastguard Worker# inherited from file 48*e4a36f41SAndroid Build Coastguard Worker ioctl 49*e4a36f41SAndroid Build Coastguard Worker read 50*e4a36f41SAndroid Build Coastguard Worker write 51*e4a36f41SAndroid Build Coastguard Worker create 52*e4a36f41SAndroid Build Coastguard Worker getattr 53*e4a36f41SAndroid Build Coastguard Worker setattr 54*e4a36f41SAndroid Build Coastguard Worker lock 55*e4a36f41SAndroid Build Coastguard Worker relabelfrom 56*e4a36f41SAndroid Build Coastguard Worker relabelto 57*e4a36f41SAndroid Build Coastguard Worker append 58*e4a36f41SAndroid Build Coastguard Worker map 59*e4a36f41SAndroid Build Coastguard Worker# socket-specific 60*e4a36f41SAndroid Build Coastguard Worker bind 61*e4a36f41SAndroid Build Coastguard Worker connect 62*e4a36f41SAndroid Build Coastguard Worker listen 63*e4a36f41SAndroid Build Coastguard Worker accept 64*e4a36f41SAndroid Build Coastguard Worker getopt 65*e4a36f41SAndroid Build Coastguard Worker setopt 66*e4a36f41SAndroid Build Coastguard Worker shutdown 67*e4a36f41SAndroid Build Coastguard Worker recvfrom 68*e4a36f41SAndroid Build Coastguard Worker sendto 69*e4a36f41SAndroid Build Coastguard Worker name_bind 70*e4a36f41SAndroid Build Coastguard Worker} 71*e4a36f41SAndroid Build Coastguard Worker 72*e4a36f41SAndroid Build Coastguard Worker# 73*e4a36f41SAndroid Build Coastguard Worker# Define a common prefix for ipc access vectors. 74*e4a36f41SAndroid Build Coastguard Worker# 75*e4a36f41SAndroid Build Coastguard Worker 76*e4a36f41SAndroid Build Coastguard Workercommon ipc 77*e4a36f41SAndroid Build Coastguard Worker{ 78*e4a36f41SAndroid Build Coastguard Worker create 79*e4a36f41SAndroid Build Coastguard Worker destroy 80*e4a36f41SAndroid Build Coastguard Worker getattr 81*e4a36f41SAndroid Build Coastguard Worker setattr 82*e4a36f41SAndroid Build Coastguard Worker read 83*e4a36f41SAndroid Build Coastguard Worker write 84*e4a36f41SAndroid Build Coastguard Worker associate 85*e4a36f41SAndroid Build Coastguard Worker unix_read 86*e4a36f41SAndroid Build Coastguard Worker unix_write 87*e4a36f41SAndroid Build Coastguard Worker} 88*e4a36f41SAndroid Build Coastguard Worker 89*e4a36f41SAndroid Build Coastguard Worker# 90*e4a36f41SAndroid Build Coastguard Worker# Define a common for capability access vectors. 91*e4a36f41SAndroid Build Coastguard Worker# 92*e4a36f41SAndroid Build Coastguard Workercommon cap 93*e4a36f41SAndroid Build Coastguard Worker{ 94*e4a36f41SAndroid Build Coastguard Worker # The capabilities are defined in include/linux/capability.h 95*e4a36f41SAndroid Build Coastguard Worker # Capabilities >= 32 are defined in the cap2 common. 96*e4a36f41SAndroid Build Coastguard Worker # Care should be taken to ensure that these are consistent with 97*e4a36f41SAndroid Build Coastguard Worker # those definitions. (Order matters) 98*e4a36f41SAndroid Build Coastguard Worker 99*e4a36f41SAndroid Build Coastguard Worker chown 100*e4a36f41SAndroid Build Coastguard Worker dac_override 101*e4a36f41SAndroid Build Coastguard Worker dac_read_search 102*e4a36f41SAndroid Build Coastguard Worker fowner 103*e4a36f41SAndroid Build Coastguard Worker fsetid 104*e4a36f41SAndroid Build Coastguard Worker kill 105*e4a36f41SAndroid Build Coastguard Worker setgid 106*e4a36f41SAndroid Build Coastguard Worker setuid 107*e4a36f41SAndroid Build Coastguard Worker setpcap 108*e4a36f41SAndroid Build Coastguard Worker linux_immutable 109*e4a36f41SAndroid Build Coastguard Worker net_bind_service 110*e4a36f41SAndroid Build Coastguard Worker net_broadcast 111*e4a36f41SAndroid Build Coastguard Worker net_admin 112*e4a36f41SAndroid Build Coastguard Worker net_raw 113*e4a36f41SAndroid Build Coastguard Worker ipc_lock 114*e4a36f41SAndroid Build Coastguard Worker ipc_owner 115*e4a36f41SAndroid Build Coastguard Worker sys_module 116*e4a36f41SAndroid Build Coastguard Worker sys_rawio 117*e4a36f41SAndroid Build Coastguard Worker sys_chroot 118*e4a36f41SAndroid Build Coastguard Worker sys_ptrace 119*e4a36f41SAndroid Build Coastguard Worker sys_pacct 120*e4a36f41SAndroid Build Coastguard Worker sys_admin 121*e4a36f41SAndroid Build Coastguard Worker sys_boot 122*e4a36f41SAndroid Build Coastguard Worker sys_nice 123*e4a36f41SAndroid Build Coastguard Worker sys_resource 124*e4a36f41SAndroid Build Coastguard Worker sys_time 125*e4a36f41SAndroid Build Coastguard Worker sys_tty_config 126*e4a36f41SAndroid Build Coastguard Worker mknod 127*e4a36f41SAndroid Build Coastguard Worker lease 128*e4a36f41SAndroid Build Coastguard Worker audit_write 129*e4a36f41SAndroid Build Coastguard Worker audit_control 130*e4a36f41SAndroid Build Coastguard Worker setfcap 131*e4a36f41SAndroid Build Coastguard Worker} 132*e4a36f41SAndroid Build Coastguard Worker 133*e4a36f41SAndroid Build Coastguard Workercommon cap2 134*e4a36f41SAndroid Build Coastguard Worker{ 135*e4a36f41SAndroid Build Coastguard Worker mac_override # unused by SELinux 136*e4a36f41SAndroid Build Coastguard Worker mac_admin 137*e4a36f41SAndroid Build Coastguard Worker syslog 138*e4a36f41SAndroid Build Coastguard Worker wake_alarm 139*e4a36f41SAndroid Build Coastguard Worker block_suspend 140*e4a36f41SAndroid Build Coastguard Worker audit_read 141*e4a36f41SAndroid Build Coastguard Worker perfmon 142*e4a36f41SAndroid Build Coastguard Worker starting_at_board_api(202504, `checkpoint_restore') 143*e4a36f41SAndroid Build Coastguard Worker starting_at_board_api(202504, `bpf') 144*e4a36f41SAndroid Build Coastguard Worker} 145*e4a36f41SAndroid Build Coastguard Worker 146*e4a36f41SAndroid Build Coastguard Worker# 147*e4a36f41SAndroid Build Coastguard Worker# Define the access vectors. 148*e4a36f41SAndroid Build Coastguard Worker# 149*e4a36f41SAndroid Build Coastguard Worker# class class_name [ inherits common_name ] { permission_name ... } 150*e4a36f41SAndroid Build Coastguard Worker 151*e4a36f41SAndroid Build Coastguard Worker 152*e4a36f41SAndroid Build Coastguard Worker# 153*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for file-related objects. 154*e4a36f41SAndroid Build Coastguard Worker# 155*e4a36f41SAndroid Build Coastguard Worker 156*e4a36f41SAndroid Build Coastguard Workerclass filesystem 157*e4a36f41SAndroid Build Coastguard Worker{ 158*e4a36f41SAndroid Build Coastguard Worker mount 159*e4a36f41SAndroid Build Coastguard Worker remount 160*e4a36f41SAndroid Build Coastguard Worker unmount 161*e4a36f41SAndroid Build Coastguard Worker getattr 162*e4a36f41SAndroid Build Coastguard Worker relabelfrom 163*e4a36f41SAndroid Build Coastguard Worker relabelto 164*e4a36f41SAndroid Build Coastguard Worker associate 165*e4a36f41SAndroid Build Coastguard Worker quotamod 166*e4a36f41SAndroid Build Coastguard Worker quotaget 167*e4a36f41SAndroid Build Coastguard Worker watch 168*e4a36f41SAndroid Build Coastguard Worker} 169*e4a36f41SAndroid Build Coastguard Worker 170*e4a36f41SAndroid Build Coastguard Workerclass dir 171*e4a36f41SAndroid Build Coastguard Workerinherits file 172*e4a36f41SAndroid Build Coastguard Worker{ 173*e4a36f41SAndroid Build Coastguard Worker add_name 174*e4a36f41SAndroid Build Coastguard Worker remove_name 175*e4a36f41SAndroid Build Coastguard Worker reparent 176*e4a36f41SAndroid Build Coastguard Worker search 177*e4a36f41SAndroid Build Coastguard Worker rmdir 178*e4a36f41SAndroid Build Coastguard Worker} 179*e4a36f41SAndroid Build Coastguard Worker 180*e4a36f41SAndroid Build Coastguard Workerclass file 181*e4a36f41SAndroid Build Coastguard Workerinherits file 182*e4a36f41SAndroid Build Coastguard Worker{ 183*e4a36f41SAndroid Build Coastguard Worker execute_no_trans 184*e4a36f41SAndroid Build Coastguard Worker entrypoint 185*e4a36f41SAndroid Build Coastguard Worker} 186*e4a36f41SAndroid Build Coastguard Worker 187*e4a36f41SAndroid Build Coastguard Workerclass anon_inode 188*e4a36f41SAndroid Build Coastguard Workerinherits file 189*e4a36f41SAndroid Build Coastguard Worker 190*e4a36f41SAndroid Build Coastguard Workerclass lnk_file 191*e4a36f41SAndroid Build Coastguard Workerinherits file 192*e4a36f41SAndroid Build Coastguard Worker 193*e4a36f41SAndroid Build Coastguard Workerclass chr_file 194*e4a36f41SAndroid Build Coastguard Workerinherits file 195*e4a36f41SAndroid Build Coastguard Worker{ 196*e4a36f41SAndroid Build Coastguard Worker execute_no_trans 197*e4a36f41SAndroid Build Coastguard Worker entrypoint 198*e4a36f41SAndroid Build Coastguard Worker} 199*e4a36f41SAndroid Build Coastguard Worker 200*e4a36f41SAndroid Build Coastguard Workerclass blk_file 201*e4a36f41SAndroid Build Coastguard Workerinherits file 202*e4a36f41SAndroid Build Coastguard Worker 203*e4a36f41SAndroid Build Coastguard Workerclass sock_file 204*e4a36f41SAndroid Build Coastguard Workerinherits file 205*e4a36f41SAndroid Build Coastguard Worker 206*e4a36f41SAndroid Build Coastguard Workerclass fifo_file 207*e4a36f41SAndroid Build Coastguard Workerinherits file 208*e4a36f41SAndroid Build Coastguard Worker 209*e4a36f41SAndroid Build Coastguard Workerclass fd 210*e4a36f41SAndroid Build Coastguard Worker{ 211*e4a36f41SAndroid Build Coastguard Worker use 212*e4a36f41SAndroid Build Coastguard Worker} 213*e4a36f41SAndroid Build Coastguard Worker 214*e4a36f41SAndroid Build Coastguard Worker 215*e4a36f41SAndroid Build Coastguard Worker# 216*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for network-related objects. 217*e4a36f41SAndroid Build Coastguard Worker# 218*e4a36f41SAndroid Build Coastguard Worker 219*e4a36f41SAndroid Build Coastguard Workerclass socket 220*e4a36f41SAndroid Build Coastguard Workerinherits socket 221*e4a36f41SAndroid Build Coastguard Worker 222*e4a36f41SAndroid Build Coastguard Workerclass tcp_socket 223*e4a36f41SAndroid Build Coastguard Workerinherits socket 224*e4a36f41SAndroid Build Coastguard Worker{ 225*e4a36f41SAndroid Build Coastguard Worker node_bind 226*e4a36f41SAndroid Build Coastguard Worker name_connect 227*e4a36f41SAndroid Build Coastguard Worker} 228*e4a36f41SAndroid Build Coastguard Worker 229*e4a36f41SAndroid Build Coastguard Workerclass udp_socket 230*e4a36f41SAndroid Build Coastguard Workerinherits socket 231*e4a36f41SAndroid Build Coastguard Worker{ 232*e4a36f41SAndroid Build Coastguard Worker node_bind 233*e4a36f41SAndroid Build Coastguard Worker} 234*e4a36f41SAndroid Build Coastguard Worker 235*e4a36f41SAndroid Build Coastguard Workerclass rawip_socket 236*e4a36f41SAndroid Build Coastguard Workerinherits socket 237*e4a36f41SAndroid Build Coastguard Worker{ 238*e4a36f41SAndroid Build Coastguard Worker node_bind 239*e4a36f41SAndroid Build Coastguard Worker} 240*e4a36f41SAndroid Build Coastguard Worker 241*e4a36f41SAndroid Build Coastguard Workerclass node 242*e4a36f41SAndroid Build Coastguard Worker{ 243*e4a36f41SAndroid Build Coastguard Worker recvfrom 244*e4a36f41SAndroid Build Coastguard Worker sendto 245*e4a36f41SAndroid Build Coastguard Worker} 246*e4a36f41SAndroid Build Coastguard Worker 247*e4a36f41SAndroid Build Coastguard Workerclass netif 248*e4a36f41SAndroid Build Coastguard Worker{ 249*e4a36f41SAndroid Build Coastguard Worker ingress 250*e4a36f41SAndroid Build Coastguard Worker egress 251*e4a36f41SAndroid Build Coastguard Worker} 252*e4a36f41SAndroid Build Coastguard Worker 253*e4a36f41SAndroid Build Coastguard Workerclass netlink_socket 254*e4a36f41SAndroid Build Coastguard Workerinherits socket 255*e4a36f41SAndroid Build Coastguard Worker 256*e4a36f41SAndroid Build Coastguard Workerclass packet_socket 257*e4a36f41SAndroid Build Coastguard Workerinherits socket 258*e4a36f41SAndroid Build Coastguard Worker 259*e4a36f41SAndroid Build Coastguard Workerclass key_socket 260*e4a36f41SAndroid Build Coastguard Workerinherits socket 261*e4a36f41SAndroid Build Coastguard Worker 262*e4a36f41SAndroid Build Coastguard Workerclass unix_stream_socket 263*e4a36f41SAndroid Build Coastguard Workerinherits socket 264*e4a36f41SAndroid Build Coastguard Worker{ 265*e4a36f41SAndroid Build Coastguard Worker connectto 266*e4a36f41SAndroid Build Coastguard Worker} 267*e4a36f41SAndroid Build Coastguard Worker 268*e4a36f41SAndroid Build Coastguard Workerclass unix_dgram_socket 269*e4a36f41SAndroid Build Coastguard Workerinherits socket 270*e4a36f41SAndroid Build Coastguard Worker 271*e4a36f41SAndroid Build Coastguard Worker# 272*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for process-related objects 273*e4a36f41SAndroid Build Coastguard Worker# 274*e4a36f41SAndroid Build Coastguard Worker 275*e4a36f41SAndroid Build Coastguard Workerclass process 276*e4a36f41SAndroid Build Coastguard Worker{ 277*e4a36f41SAndroid Build Coastguard Worker fork 278*e4a36f41SAndroid Build Coastguard Worker transition 279*e4a36f41SAndroid Build Coastguard Worker sigchld # commonly granted from child to parent 280*e4a36f41SAndroid Build Coastguard Worker sigkill # cannot be caught or ignored 281*e4a36f41SAndroid Build Coastguard Worker sigstop # cannot be caught or ignored 282*e4a36f41SAndroid Build Coastguard Worker signull # for kill(pid, 0) 283*e4a36f41SAndroid Build Coastguard Worker signal # all other signals 284*e4a36f41SAndroid Build Coastguard Worker ptrace 285*e4a36f41SAndroid Build Coastguard Worker getsched 286*e4a36f41SAndroid Build Coastguard Worker setsched 287*e4a36f41SAndroid Build Coastguard Worker getsession 288*e4a36f41SAndroid Build Coastguard Worker getpgid 289*e4a36f41SAndroid Build Coastguard Worker setpgid 290*e4a36f41SAndroid Build Coastguard Worker getcap 291*e4a36f41SAndroid Build Coastguard Worker setcap 292*e4a36f41SAndroid Build Coastguard Worker share 293*e4a36f41SAndroid Build Coastguard Worker getattr 294*e4a36f41SAndroid Build Coastguard Worker setexec 295*e4a36f41SAndroid Build Coastguard Worker setfscreate 296*e4a36f41SAndroid Build Coastguard Worker noatsecure 297*e4a36f41SAndroid Build Coastguard Worker siginh 298*e4a36f41SAndroid Build Coastguard Worker setrlimit 299*e4a36f41SAndroid Build Coastguard Worker rlimitinh 300*e4a36f41SAndroid Build Coastguard Worker dyntransition 301*e4a36f41SAndroid Build Coastguard Worker setcurrent 302*e4a36f41SAndroid Build Coastguard Worker execmem 303*e4a36f41SAndroid Build Coastguard Worker execstack 304*e4a36f41SAndroid Build Coastguard Worker execheap 305*e4a36f41SAndroid Build Coastguard Worker setkeycreate 306*e4a36f41SAndroid Build Coastguard Worker setsockcreate 307*e4a36f41SAndroid Build Coastguard Worker getrlimit 308*e4a36f41SAndroid Build Coastguard Worker} 309*e4a36f41SAndroid Build Coastguard Worker 310*e4a36f41SAndroid Build Coastguard Workerclass process2 311*e4a36f41SAndroid Build Coastguard Worker{ 312*e4a36f41SAndroid Build Coastguard Worker nnp_transition 313*e4a36f41SAndroid Build Coastguard Worker nosuid_transition 314*e4a36f41SAndroid Build Coastguard Worker} 315*e4a36f41SAndroid Build Coastguard Worker 316*e4a36f41SAndroid Build Coastguard Worker# 317*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for ipc-related objects 318*e4a36f41SAndroid Build Coastguard Worker# 319*e4a36f41SAndroid Build Coastguard Worker 320*e4a36f41SAndroid Build Coastguard Workerclass ipc 321*e4a36f41SAndroid Build Coastguard Workerinherits ipc 322*e4a36f41SAndroid Build Coastguard Worker 323*e4a36f41SAndroid Build Coastguard Workerclass sem 324*e4a36f41SAndroid Build Coastguard Workerinherits ipc 325*e4a36f41SAndroid Build Coastguard Worker 326*e4a36f41SAndroid Build Coastguard Workerclass msgq 327*e4a36f41SAndroid Build Coastguard Workerinherits ipc 328*e4a36f41SAndroid Build Coastguard Worker{ 329*e4a36f41SAndroid Build Coastguard Worker enqueue 330*e4a36f41SAndroid Build Coastguard Worker} 331*e4a36f41SAndroid Build Coastguard Worker 332*e4a36f41SAndroid Build Coastguard Workerclass msg 333*e4a36f41SAndroid Build Coastguard Worker{ 334*e4a36f41SAndroid Build Coastguard Worker send 335*e4a36f41SAndroid Build Coastguard Worker receive 336*e4a36f41SAndroid Build Coastguard Worker} 337*e4a36f41SAndroid Build Coastguard Worker 338*e4a36f41SAndroid Build Coastguard Workerclass shm 339*e4a36f41SAndroid Build Coastguard Workerinherits ipc 340*e4a36f41SAndroid Build Coastguard Worker{ 341*e4a36f41SAndroid Build Coastguard Worker lock 342*e4a36f41SAndroid Build Coastguard Worker} 343*e4a36f41SAndroid Build Coastguard Worker 344*e4a36f41SAndroid Build Coastguard Worker 345*e4a36f41SAndroid Build Coastguard Worker# 346*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for the security server. 347*e4a36f41SAndroid Build Coastguard Worker# 348*e4a36f41SAndroid Build Coastguard Worker 349*e4a36f41SAndroid Build Coastguard Workerclass security 350*e4a36f41SAndroid Build Coastguard Worker{ 351*e4a36f41SAndroid Build Coastguard Worker compute_av 352*e4a36f41SAndroid Build Coastguard Worker compute_create 353*e4a36f41SAndroid Build Coastguard Worker compute_member 354*e4a36f41SAndroid Build Coastguard Worker check_context 355*e4a36f41SAndroid Build Coastguard Worker load_policy 356*e4a36f41SAndroid Build Coastguard Worker compute_relabel 357*e4a36f41SAndroid Build Coastguard Worker compute_user 358*e4a36f41SAndroid Build Coastguard Worker setenforce # was avc_toggle in system class 359*e4a36f41SAndroid Build Coastguard Worker setbool 360*e4a36f41SAndroid Build Coastguard Worker setsecparam 361*e4a36f41SAndroid Build Coastguard Worker setcheckreqprot 362*e4a36f41SAndroid Build Coastguard Worker read_policy 363*e4a36f41SAndroid Build Coastguard Worker validate_trans 364*e4a36f41SAndroid Build Coastguard Worker} 365*e4a36f41SAndroid Build Coastguard Worker 366*e4a36f41SAndroid Build Coastguard Worker 367*e4a36f41SAndroid Build Coastguard Worker# 368*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for system operations. 369*e4a36f41SAndroid Build Coastguard Worker# 370*e4a36f41SAndroid Build Coastguard Worker 371*e4a36f41SAndroid Build Coastguard Workerclass system 372*e4a36f41SAndroid Build Coastguard Worker{ 373*e4a36f41SAndroid Build Coastguard Worker ipc_info 374*e4a36f41SAndroid Build Coastguard Worker syslog_read 375*e4a36f41SAndroid Build Coastguard Worker syslog_mod 376*e4a36f41SAndroid Build Coastguard Worker syslog_console 377*e4a36f41SAndroid Build Coastguard Worker module_request 378*e4a36f41SAndroid Build Coastguard Worker module_load 379*e4a36f41SAndroid Build Coastguard Worker} 380*e4a36f41SAndroid Build Coastguard Worker 381*e4a36f41SAndroid Build Coastguard Worker# 382*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for controlling capabilities 383*e4a36f41SAndroid Build Coastguard Worker# 384*e4a36f41SAndroid Build Coastguard Worker 385*e4a36f41SAndroid Build Coastguard Workerclass capability 386*e4a36f41SAndroid Build Coastguard Workerinherits cap 387*e4a36f41SAndroid Build Coastguard Worker 388*e4a36f41SAndroid Build Coastguard Workerclass capability2 389*e4a36f41SAndroid Build Coastguard Workerinherits cap2 390*e4a36f41SAndroid Build Coastguard Worker 391*e4a36f41SAndroid Build Coastguard Worker# 392*e4a36f41SAndroid Build Coastguard Worker# Extended Netlink classes 393*e4a36f41SAndroid Build Coastguard Worker# 394*e4a36f41SAndroid Build Coastguard Workerclass netlink_route_socket 395*e4a36f41SAndroid Build Coastguard Workerinherits socket 396*e4a36f41SAndroid Build Coastguard Worker{ 397*e4a36f41SAndroid Build Coastguard Worker nlmsg_read 398*e4a36f41SAndroid Build Coastguard Worker nlmsg_write 399*e4a36f41SAndroid Build Coastguard Worker nlmsg_readpriv 400*e4a36f41SAndroid Build Coastguard Worker nlmsg_getneigh 401*e4a36f41SAndroid Build Coastguard Worker} 402*e4a36f41SAndroid Build Coastguard Worker 403*e4a36f41SAndroid Build Coastguard Workerclass netlink_tcpdiag_socket 404*e4a36f41SAndroid Build Coastguard Workerinherits socket 405*e4a36f41SAndroid Build Coastguard Worker{ 406*e4a36f41SAndroid Build Coastguard Worker nlmsg_read 407*e4a36f41SAndroid Build Coastguard Worker nlmsg_write 408*e4a36f41SAndroid Build Coastguard Worker} 409*e4a36f41SAndroid Build Coastguard Worker 410*e4a36f41SAndroid Build Coastguard Workerclass netlink_nflog_socket 411*e4a36f41SAndroid Build Coastguard Workerinherits socket 412*e4a36f41SAndroid Build Coastguard Worker 413*e4a36f41SAndroid Build Coastguard Workerclass netlink_xfrm_socket 414*e4a36f41SAndroid Build Coastguard Workerinherits socket 415*e4a36f41SAndroid Build Coastguard Worker{ 416*e4a36f41SAndroid Build Coastguard Worker nlmsg_read 417*e4a36f41SAndroid Build Coastguard Worker nlmsg_write 418*e4a36f41SAndroid Build Coastguard Worker} 419*e4a36f41SAndroid Build Coastguard Worker 420*e4a36f41SAndroid Build Coastguard Workerclass netlink_selinux_socket 421*e4a36f41SAndroid Build Coastguard Workerinherits socket 422*e4a36f41SAndroid Build Coastguard Worker 423*e4a36f41SAndroid Build Coastguard Workerclass netlink_audit_socket 424*e4a36f41SAndroid Build Coastguard Workerinherits socket 425*e4a36f41SAndroid Build Coastguard Worker{ 426*e4a36f41SAndroid Build Coastguard Worker nlmsg_read 427*e4a36f41SAndroid Build Coastguard Worker nlmsg_write 428*e4a36f41SAndroid Build Coastguard Worker nlmsg_relay 429*e4a36f41SAndroid Build Coastguard Worker nlmsg_readpriv 430*e4a36f41SAndroid Build Coastguard Worker nlmsg_tty_audit 431*e4a36f41SAndroid Build Coastguard Worker} 432*e4a36f41SAndroid Build Coastguard Worker 433*e4a36f41SAndroid Build Coastguard Workerclass netlink_dnrt_socket 434*e4a36f41SAndroid Build Coastguard Workerinherits socket 435*e4a36f41SAndroid Build Coastguard Worker 436*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for controlling 437*e4a36f41SAndroid Build Coastguard Worker# access to IPSec network data by association 438*e4a36f41SAndroid Build Coastguard Worker# 439*e4a36f41SAndroid Build Coastguard Workerclass association 440*e4a36f41SAndroid Build Coastguard Worker{ 441*e4a36f41SAndroid Build Coastguard Worker sendto 442*e4a36f41SAndroid Build Coastguard Worker recvfrom 443*e4a36f41SAndroid Build Coastguard Worker setcontext 444*e4a36f41SAndroid Build Coastguard Worker polmatch 445*e4a36f41SAndroid Build Coastguard Worker} 446*e4a36f41SAndroid Build Coastguard Worker 447*e4a36f41SAndroid Build Coastguard Worker# Updated Netlink class for KOBJECT_UEVENT family. 448*e4a36f41SAndroid Build Coastguard Workerclass netlink_kobject_uevent_socket 449*e4a36f41SAndroid Build Coastguard Workerinherits socket 450*e4a36f41SAndroid Build Coastguard Worker 451*e4a36f41SAndroid Build Coastguard Workerclass appletalk_socket 452*e4a36f41SAndroid Build Coastguard Workerinherits socket 453*e4a36f41SAndroid Build Coastguard Worker 454*e4a36f41SAndroid Build Coastguard Workerclass packet 455*e4a36f41SAndroid Build Coastguard Worker{ 456*e4a36f41SAndroid Build Coastguard Worker send 457*e4a36f41SAndroid Build Coastguard Worker recv 458*e4a36f41SAndroid Build Coastguard Worker relabelto 459*e4a36f41SAndroid Build Coastguard Worker forward_in 460*e4a36f41SAndroid Build Coastguard Worker forward_out 461*e4a36f41SAndroid Build Coastguard Worker} 462*e4a36f41SAndroid Build Coastguard Worker 463*e4a36f41SAndroid Build Coastguard Workerclass key 464*e4a36f41SAndroid Build Coastguard Worker{ 465*e4a36f41SAndroid Build Coastguard Worker view 466*e4a36f41SAndroid Build Coastguard Worker read 467*e4a36f41SAndroid Build Coastguard Worker write 468*e4a36f41SAndroid Build Coastguard Worker search 469*e4a36f41SAndroid Build Coastguard Worker link 470*e4a36f41SAndroid Build Coastguard Worker setattr 471*e4a36f41SAndroid Build Coastguard Worker create 472*e4a36f41SAndroid Build Coastguard Worker} 473*e4a36f41SAndroid Build Coastguard Worker 474*e4a36f41SAndroid Build Coastguard Workerclass dccp_socket 475*e4a36f41SAndroid Build Coastguard Workerinherits socket 476*e4a36f41SAndroid Build Coastguard Worker{ 477*e4a36f41SAndroid Build Coastguard Worker node_bind 478*e4a36f41SAndroid Build Coastguard Worker name_connect 479*e4a36f41SAndroid Build Coastguard Worker} 480*e4a36f41SAndroid Build Coastguard Worker 481*e4a36f41SAndroid Build Coastguard Workerclass memprotect 482*e4a36f41SAndroid Build Coastguard Worker{ 483*e4a36f41SAndroid Build Coastguard Worker mmap_zero 484*e4a36f41SAndroid Build Coastguard Worker} 485*e4a36f41SAndroid Build Coastguard Worker 486*e4a36f41SAndroid Build Coastguard Worker# network peer labels 487*e4a36f41SAndroid Build Coastguard Workerclass peer 488*e4a36f41SAndroid Build Coastguard Worker{ 489*e4a36f41SAndroid Build Coastguard Worker recv 490*e4a36f41SAndroid Build Coastguard Worker} 491*e4a36f41SAndroid Build Coastguard Worker 492*e4a36f41SAndroid Build Coastguard Workerclass kernel_service 493*e4a36f41SAndroid Build Coastguard Worker{ 494*e4a36f41SAndroid Build Coastguard Worker use_as_override 495*e4a36f41SAndroid Build Coastguard Worker create_files_as 496*e4a36f41SAndroid Build Coastguard Worker} 497*e4a36f41SAndroid Build Coastguard Worker 498*e4a36f41SAndroid Build Coastguard Workerclass tun_socket 499*e4a36f41SAndroid Build Coastguard Workerinherits socket 500*e4a36f41SAndroid Build Coastguard Worker{ 501*e4a36f41SAndroid Build Coastguard Worker attach_queue 502*e4a36f41SAndroid Build Coastguard Worker} 503*e4a36f41SAndroid Build Coastguard Worker 504*e4a36f41SAndroid Build Coastguard Workerclass binder 505*e4a36f41SAndroid Build Coastguard Worker{ 506*e4a36f41SAndroid Build Coastguard Worker impersonate 507*e4a36f41SAndroid Build Coastguard Worker call 508*e4a36f41SAndroid Build Coastguard Worker set_context_mgr 509*e4a36f41SAndroid Build Coastguard Worker transfer 510*e4a36f41SAndroid Build Coastguard Worker} 511*e4a36f41SAndroid Build Coastguard Worker 512*e4a36f41SAndroid Build Coastguard Workerclass netlink_iscsi_socket 513*e4a36f41SAndroid Build Coastguard Workerinherits socket 514*e4a36f41SAndroid Build Coastguard Worker 515*e4a36f41SAndroid Build Coastguard Workerclass netlink_fib_lookup_socket 516*e4a36f41SAndroid Build Coastguard Workerinherits socket 517*e4a36f41SAndroid Build Coastguard Worker 518*e4a36f41SAndroid Build Coastguard Workerclass netlink_connector_socket 519*e4a36f41SAndroid Build Coastguard Workerinherits socket 520*e4a36f41SAndroid Build Coastguard Worker 521*e4a36f41SAndroid Build Coastguard Workerclass netlink_netfilter_socket 522*e4a36f41SAndroid Build Coastguard Workerinherits socket 523*e4a36f41SAndroid Build Coastguard Worker 524*e4a36f41SAndroid Build Coastguard Workerclass netlink_generic_socket 525*e4a36f41SAndroid Build Coastguard Workerinherits socket 526*e4a36f41SAndroid Build Coastguard Worker 527*e4a36f41SAndroid Build Coastguard Workerclass netlink_scsitransport_socket 528*e4a36f41SAndroid Build Coastguard Workerinherits socket 529*e4a36f41SAndroid Build Coastguard Worker 530*e4a36f41SAndroid Build Coastguard Workerclass netlink_rdma_socket 531*e4a36f41SAndroid Build Coastguard Workerinherits socket 532*e4a36f41SAndroid Build Coastguard Worker 533*e4a36f41SAndroid Build Coastguard Workerclass netlink_crypto_socket 534*e4a36f41SAndroid Build Coastguard Workerinherits socket 535*e4a36f41SAndroid Build Coastguard Worker 536*e4a36f41SAndroid Build Coastguard Workerclass infiniband_pkey 537*e4a36f41SAndroid Build Coastguard Worker{ 538*e4a36f41SAndroid Build Coastguard Worker access 539*e4a36f41SAndroid Build Coastguard Worker} 540*e4a36f41SAndroid Build Coastguard Worker 541*e4a36f41SAndroid Build Coastguard Workerclass infiniband_endport 542*e4a36f41SAndroid Build Coastguard Worker{ 543*e4a36f41SAndroid Build Coastguard Worker manage_subnet 544*e4a36f41SAndroid Build Coastguard Worker} 545*e4a36f41SAndroid Build Coastguard Worker 546*e4a36f41SAndroid Build Coastguard Worker# 547*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for controlling capabilities 548*e4a36f41SAndroid Build Coastguard Worker# in user namespaces 549*e4a36f41SAndroid Build Coastguard Worker# 550*e4a36f41SAndroid Build Coastguard Worker 551*e4a36f41SAndroid Build Coastguard Workerclass cap_userns 552*e4a36f41SAndroid Build Coastguard Workerinherits cap 553*e4a36f41SAndroid Build Coastguard Worker 554*e4a36f41SAndroid Build Coastguard Workerclass cap2_userns 555*e4a36f41SAndroid Build Coastguard Workerinherits cap2 556*e4a36f41SAndroid Build Coastguard Worker 557*e4a36f41SAndroid Build Coastguard Worker 558*e4a36f41SAndroid Build Coastguard Worker# 559*e4a36f41SAndroid Build Coastguard Worker# Define the access vector interpretation for the new socket classes 560*e4a36f41SAndroid Build Coastguard Worker# enabled by the extended_socket_class policy capability. 561*e4a36f41SAndroid Build Coastguard Worker# 562*e4a36f41SAndroid Build Coastguard Worker 563*e4a36f41SAndroid Build Coastguard Worker# 564*e4a36f41SAndroid Build Coastguard Worker# The next two classes were previously mapped to rawip_socket and therefore 565*e4a36f41SAndroid Build Coastguard Worker# have the same definition as rawip_socket (until further permissions 566*e4a36f41SAndroid Build Coastguard Worker# are defined). 567*e4a36f41SAndroid Build Coastguard Worker# 568*e4a36f41SAndroid Build Coastguard Workerclass sctp_socket 569*e4a36f41SAndroid Build Coastguard Workerinherits socket 570*e4a36f41SAndroid Build Coastguard Worker{ 571*e4a36f41SAndroid Build Coastguard Worker node_bind 572*e4a36f41SAndroid Build Coastguard Worker name_connect 573*e4a36f41SAndroid Build Coastguard Worker association 574*e4a36f41SAndroid Build Coastguard Worker} 575*e4a36f41SAndroid Build Coastguard Worker 576*e4a36f41SAndroid Build Coastguard Workerclass icmp_socket 577*e4a36f41SAndroid Build Coastguard Workerinherits socket 578*e4a36f41SAndroid Build Coastguard Worker{ 579*e4a36f41SAndroid Build Coastguard Worker node_bind 580*e4a36f41SAndroid Build Coastguard Worker} 581*e4a36f41SAndroid Build Coastguard Worker 582*e4a36f41SAndroid Build Coastguard Worker# 583*e4a36f41SAndroid Build Coastguard Worker# The remaining network socket classes were previously 584*e4a36f41SAndroid Build Coastguard Worker# mapped to the socket class and therefore have the 585*e4a36f41SAndroid Build Coastguard Worker# same definition as socket. 586*e4a36f41SAndroid Build Coastguard Worker# 587*e4a36f41SAndroid Build Coastguard Worker 588*e4a36f41SAndroid Build Coastguard Workerclass ax25_socket 589*e4a36f41SAndroid Build Coastguard Workerinherits socket 590*e4a36f41SAndroid Build Coastguard Worker 591*e4a36f41SAndroid Build Coastguard Workerclass ipx_socket 592*e4a36f41SAndroid Build Coastguard Workerinherits socket 593*e4a36f41SAndroid Build Coastguard Worker 594*e4a36f41SAndroid Build Coastguard Workerclass netrom_socket 595*e4a36f41SAndroid Build Coastguard Workerinherits socket 596*e4a36f41SAndroid Build Coastguard Worker 597*e4a36f41SAndroid Build Coastguard Workerclass atmpvc_socket 598*e4a36f41SAndroid Build Coastguard Workerinherits socket 599*e4a36f41SAndroid Build Coastguard Worker 600*e4a36f41SAndroid Build Coastguard Workerclass x25_socket 601*e4a36f41SAndroid Build Coastguard Workerinherits socket 602*e4a36f41SAndroid Build Coastguard Worker 603*e4a36f41SAndroid Build Coastguard Workerclass rose_socket 604*e4a36f41SAndroid Build Coastguard Workerinherits socket 605*e4a36f41SAndroid Build Coastguard Worker 606*e4a36f41SAndroid Build Coastguard Workerclass decnet_socket 607*e4a36f41SAndroid Build Coastguard Workerinherits socket 608*e4a36f41SAndroid Build Coastguard Worker 609*e4a36f41SAndroid Build Coastguard Workerclass atmsvc_socket 610*e4a36f41SAndroid Build Coastguard Workerinherits socket 611*e4a36f41SAndroid Build Coastguard Worker 612*e4a36f41SAndroid Build Coastguard Workerclass rds_socket 613*e4a36f41SAndroid Build Coastguard Workerinherits socket 614*e4a36f41SAndroid Build Coastguard Worker 615*e4a36f41SAndroid Build Coastguard Workerclass irda_socket 616*e4a36f41SAndroid Build Coastguard Workerinherits socket 617*e4a36f41SAndroid Build Coastguard Worker 618*e4a36f41SAndroid Build Coastguard Workerclass pppox_socket 619*e4a36f41SAndroid Build Coastguard Workerinherits socket 620*e4a36f41SAndroid Build Coastguard Worker 621*e4a36f41SAndroid Build Coastguard Workerclass llc_socket 622*e4a36f41SAndroid Build Coastguard Workerinherits socket 623*e4a36f41SAndroid Build Coastguard Worker 624*e4a36f41SAndroid Build Coastguard Workerclass can_socket 625*e4a36f41SAndroid Build Coastguard Workerinherits socket 626*e4a36f41SAndroid Build Coastguard Worker 627*e4a36f41SAndroid Build Coastguard Workerclass tipc_socket 628*e4a36f41SAndroid Build Coastguard Workerinherits socket 629*e4a36f41SAndroid Build Coastguard Worker 630*e4a36f41SAndroid Build Coastguard Workerclass bluetooth_socket 631*e4a36f41SAndroid Build Coastguard Workerinherits socket 632*e4a36f41SAndroid Build Coastguard Worker 633*e4a36f41SAndroid Build Coastguard Workerclass iucv_socket 634*e4a36f41SAndroid Build Coastguard Workerinherits socket 635*e4a36f41SAndroid Build Coastguard Worker 636*e4a36f41SAndroid Build Coastguard Workerclass rxrpc_socket 637*e4a36f41SAndroid Build Coastguard Workerinherits socket 638*e4a36f41SAndroid Build Coastguard Worker 639*e4a36f41SAndroid Build Coastguard Workerclass isdn_socket 640*e4a36f41SAndroid Build Coastguard Workerinherits socket 641*e4a36f41SAndroid Build Coastguard Worker 642*e4a36f41SAndroid Build Coastguard Workerclass phonet_socket 643*e4a36f41SAndroid Build Coastguard Workerinherits socket 644*e4a36f41SAndroid Build Coastguard Worker 645*e4a36f41SAndroid Build Coastguard Workerclass ieee802154_socket 646*e4a36f41SAndroid Build Coastguard Workerinherits socket 647*e4a36f41SAndroid Build Coastguard Worker 648*e4a36f41SAndroid Build Coastguard Workerclass caif_socket 649*e4a36f41SAndroid Build Coastguard Workerinherits socket 650*e4a36f41SAndroid Build Coastguard Worker 651*e4a36f41SAndroid Build Coastguard Workerclass alg_socket 652*e4a36f41SAndroid Build Coastguard Workerinherits socket 653*e4a36f41SAndroid Build Coastguard Worker 654*e4a36f41SAndroid Build Coastguard Workerclass nfc_socket 655*e4a36f41SAndroid Build Coastguard Workerinherits socket 656*e4a36f41SAndroid Build Coastguard Worker 657*e4a36f41SAndroid Build Coastguard Workerclass vsock_socket 658*e4a36f41SAndroid Build Coastguard Workerinherits socket 659*e4a36f41SAndroid Build Coastguard Worker 660*e4a36f41SAndroid Build Coastguard Workerclass kcm_socket 661*e4a36f41SAndroid Build Coastguard Workerinherits socket 662*e4a36f41SAndroid Build Coastguard Worker 663*e4a36f41SAndroid Build Coastguard Workerclass qipcrtr_socket 664*e4a36f41SAndroid Build Coastguard Workerinherits socket 665*e4a36f41SAndroid Build Coastguard Worker 666*e4a36f41SAndroid Build Coastguard Workerclass smc_socket 667*e4a36f41SAndroid Build Coastguard Workerinherits socket 668*e4a36f41SAndroid Build Coastguard Worker 669*e4a36f41SAndroid Build Coastguard Workerclass xdp_socket 670*e4a36f41SAndroid Build Coastguard Workerinherits socket 671*e4a36f41SAndroid Build Coastguard Worker 672*e4a36f41SAndroid Build Coastguard Workerclass mctp_socket 673*e4a36f41SAndroid Build Coastguard Workerinherits socket 674*e4a36f41SAndroid Build Coastguard Worker 675*e4a36f41SAndroid Build Coastguard Workerclass bpf 676*e4a36f41SAndroid Build Coastguard Worker{ 677*e4a36f41SAndroid Build Coastguard Worker map_create 678*e4a36f41SAndroid Build Coastguard Worker map_read 679*e4a36f41SAndroid Build Coastguard Worker map_write 680*e4a36f41SAndroid Build Coastguard Worker prog_load 681*e4a36f41SAndroid Build Coastguard Worker prog_run 682*e4a36f41SAndroid Build Coastguard Worker} 683*e4a36f41SAndroid Build Coastguard Worker 684*e4a36f41SAndroid Build Coastguard Workerclass property_service 685*e4a36f41SAndroid Build Coastguard Worker{ 686*e4a36f41SAndroid Build Coastguard Worker set 687*e4a36f41SAndroid Build Coastguard Worker} 688*e4a36f41SAndroid Build Coastguard Worker 689*e4a36f41SAndroid Build Coastguard Workerclass service_manager 690*e4a36f41SAndroid Build Coastguard Worker{ 691*e4a36f41SAndroid Build Coastguard Worker add 692*e4a36f41SAndroid Build Coastguard Worker find 693*e4a36f41SAndroid Build Coastguard Worker list 694*e4a36f41SAndroid Build Coastguard Worker} 695*e4a36f41SAndroid Build Coastguard Worker 696*e4a36f41SAndroid Build Coastguard Workerclass hwservice_manager 697*e4a36f41SAndroid Build Coastguard Worker{ 698*e4a36f41SAndroid Build Coastguard Worker add 699*e4a36f41SAndroid Build Coastguard Worker find 700*e4a36f41SAndroid Build Coastguard Worker list 701*e4a36f41SAndroid Build Coastguard Worker} 702*e4a36f41SAndroid Build Coastguard Worker 703*e4a36f41SAndroid Build Coastguard Workerclass keystore_key # No longer used 704*e4a36f41SAndroid Build Coastguard Worker{ 705*e4a36f41SAndroid Build Coastguard Worker get_state 706*e4a36f41SAndroid Build Coastguard Worker get 707*e4a36f41SAndroid Build Coastguard Worker insert 708*e4a36f41SAndroid Build Coastguard Worker delete 709*e4a36f41SAndroid Build Coastguard Worker exist 710*e4a36f41SAndroid Build Coastguard Worker list 711*e4a36f41SAndroid Build Coastguard Worker reset 712*e4a36f41SAndroid Build Coastguard Worker password 713*e4a36f41SAndroid Build Coastguard Worker lock 714*e4a36f41SAndroid Build Coastguard Worker unlock 715*e4a36f41SAndroid Build Coastguard Worker is_empty 716*e4a36f41SAndroid Build Coastguard Worker sign 717*e4a36f41SAndroid Build Coastguard Worker verify 718*e4a36f41SAndroid Build Coastguard Worker grant 719*e4a36f41SAndroid Build Coastguard Worker duplicate 720*e4a36f41SAndroid Build Coastguard Worker clear_uid 721*e4a36f41SAndroid Build Coastguard Worker add_auth 722*e4a36f41SAndroid Build Coastguard Worker user_changed 723*e4a36f41SAndroid Build Coastguard Worker gen_unique_id 724*e4a36f41SAndroid Build Coastguard Worker} 725*e4a36f41SAndroid Build Coastguard Worker 726*e4a36f41SAndroid Build Coastguard Workerclass keystore2 727*e4a36f41SAndroid Build Coastguard Worker{ 728*e4a36f41SAndroid Build Coastguard Worker add_auth 729*e4a36f41SAndroid Build Coastguard Worker change_password 730*e4a36f41SAndroid Build Coastguard Worker change_user 731*e4a36f41SAndroid Build Coastguard Worker clear_ns 732*e4a36f41SAndroid Build Coastguard Worker clear_uid 733*e4a36f41SAndroid Build Coastguard Worker delete_all_keys 734*e4a36f41SAndroid Build Coastguard Worker early_boot_ended 735*e4a36f41SAndroid Build Coastguard Worker get_attestation_key 736*e4a36f41SAndroid Build Coastguard Worker get_auth_token 737*e4a36f41SAndroid Build Coastguard Worker get_last_auth_time 738*e4a36f41SAndroid Build Coastguard Worker get_state # No longer used 739*e4a36f41SAndroid Build Coastguard Worker list 740*e4a36f41SAndroid Build Coastguard Worker lock 741*e4a36f41SAndroid Build Coastguard Worker pull_metrics 742*e4a36f41SAndroid Build Coastguard Worker report_off_body # No longer used 743*e4a36f41SAndroid Build Coastguard Worker reset 744*e4a36f41SAndroid Build Coastguard Worker unlock 745*e4a36f41SAndroid Build Coastguard Worker} 746*e4a36f41SAndroid Build Coastguard Worker 747*e4a36f41SAndroid Build Coastguard Workerclass keystore2_key 748*e4a36f41SAndroid Build Coastguard Worker{ 749*e4a36f41SAndroid Build Coastguard Worker convert_storage_key_to_ephemeral 750*e4a36f41SAndroid Build Coastguard Worker delete 751*e4a36f41SAndroid Build Coastguard Worker gen_unique_id 752*e4a36f41SAndroid Build Coastguard Worker get_info 753*e4a36f41SAndroid Build Coastguard Worker grant 754*e4a36f41SAndroid Build Coastguard Worker manage_blob 755*e4a36f41SAndroid Build Coastguard Worker rebind 756*e4a36f41SAndroid Build Coastguard Worker req_forced_op 757*e4a36f41SAndroid Build Coastguard Worker update 758*e4a36f41SAndroid Build Coastguard Worker use 759*e4a36f41SAndroid Build Coastguard Worker use_dev_id 760*e4a36f41SAndroid Build Coastguard Worker} 761*e4a36f41SAndroid Build Coastguard Worker 762*e4a36f41SAndroid Build Coastguard Workerclass diced 763*e4a36f41SAndroid Build Coastguard Worker{ 764*e4a36f41SAndroid Build Coastguard Worker demote 765*e4a36f41SAndroid Build Coastguard Worker demote_self 766*e4a36f41SAndroid Build Coastguard Worker derive 767*e4a36f41SAndroid Build Coastguard Worker get_attestation_chain 768*e4a36f41SAndroid Build Coastguard Worker use_seal 769*e4a36f41SAndroid Build Coastguard Worker use_sign 770*e4a36f41SAndroid Build Coastguard Worker} 771*e4a36f41SAndroid Build Coastguard Worker 772*e4a36f41SAndroid Build Coastguard Workerclass drmservice { 773*e4a36f41SAndroid Build Coastguard Worker consumeRights 774*e4a36f41SAndroid Build Coastguard Worker setPlaybackStatus 775*e4a36f41SAndroid Build Coastguard Worker openDecryptSession 776*e4a36f41SAndroid Build Coastguard Worker closeDecryptSession 777*e4a36f41SAndroid Build Coastguard Worker initializeDecryptUnit 778*e4a36f41SAndroid Build Coastguard Worker decrypt 779*e4a36f41SAndroid Build Coastguard Worker finalizeDecryptUnit 780*e4a36f41SAndroid Build Coastguard Worker pread 781*e4a36f41SAndroid Build Coastguard Worker} 782*e4a36f41SAndroid Build Coastguard Worker 783*e4a36f41SAndroid Build Coastguard Workerclass perf_event 784*e4a36f41SAndroid Build Coastguard Worker{ 785*e4a36f41SAndroid Build Coastguard Worker open 786*e4a36f41SAndroid Build Coastguard Worker cpu 787*e4a36f41SAndroid Build Coastguard Worker kernel 788*e4a36f41SAndroid Build Coastguard Worker tracepoint 789*e4a36f41SAndroid Build Coastguard Worker read 790*e4a36f41SAndroid Build Coastguard Worker write 791*e4a36f41SAndroid Build Coastguard Worker} 792*e4a36f41SAndroid Build Coastguard Worker 793*e4a36f41SAndroid Build Coastguard Workerclass lockdown 794*e4a36f41SAndroid Build Coastguard Worker{ 795*e4a36f41SAndroid Build Coastguard Worker integrity 796*e4a36f41SAndroid Build Coastguard Worker confidentiality 797*e4a36f41SAndroid Build Coastguard Worker} 798*e4a36f41SAndroid Build Coastguard Worker 799*e4a36f41SAndroid Build Coastguard Workerclass io_uring 800*e4a36f41SAndroid Build Coastguard Worker{ 801*e4a36f41SAndroid Build Coastguard Worker override_creds 802*e4a36f41SAndroid Build Coastguard Worker sqpoll 803*e4a36f41SAndroid Build Coastguard Worker cmd 804*e4a36f41SAndroid Build Coastguard Worker} 805*e4a36f41SAndroid Build Coastguard Worker 806*e4a36f41SAndroid Build Coastguard Workerclass user_namespace 807*e4a36f41SAndroid Build Coastguard Worker{ 808*e4a36f41SAndroid Build Coastguard Worker create 809*e4a36f41SAndroid Build Coastguard Worker} 810*e4a36f41SAndroid Build Coastguard Worker 811*e4a36f41SAndroid Build Coastguard Workerclass tee_service 812*e4a36f41SAndroid Build Coastguard Worker{ 813*e4a36f41SAndroid Build Coastguard Worker use 814*e4a36f41SAndroid Build Coastguard Worker} 815