Warning, /frameworks/syntax-highlighting/autotests/reference/test.cil.ref is written in an unsupported language. File is not indexed.
0001 <Comment>;; SELinux CIL Policy Example</Comment><br/>
0002 <Normal Text></Normal Text><br/>
0003 <Comment>;; </Comment><Alert Level 3>NOTE</Alert Level 3><Comment>: This file is not functional, but</Comment><br/>
0004 <Comment>;; is designed to test syntax highlighting.</Comment><br/>
0005 <Normal Text></Normal Text><br/>
0006 <Comment>; Brackets colors</Comment><br/>
0007 <Brackets Level 1>(</Brackets Level 1><Brackets Level 2>(</Brackets Level 2><Brackets Level 3>(</Brackets Level 3><Brackets Level 4>(</Brackets Level 4><Brackets Level 5>(</Brackets Level 5><Brackets Level 6>(</Brackets Level 6><Brackets Level 1>(</Brackets Level 1><Brackets Level 2>(</Brackets Level 2><Brackets Level 3>(</Brackets Level 3><Brackets Level 4>(</Brackets Level 4><Brackets Level 5>(</Brackets Level 5><Brackets Level 6>(</Brackets Level 6><Brackets Level 1>(</Brackets Level 1><Normal Text> </Normal Text><Brackets Level 1>)</Brackets Level 1><Brackets Level 6>)</Brackets Level 6><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><Brackets Level 6>)</Brackets Level 6><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Error>))</Error><br/>
0008 <Normal Text></Normal Text><br/>
0009 <Comment>; Statements</Comment><br/>
0010 <Brackets Level 1>(</Brackets Level 1><Policy Config. Statements>policycap</Policy Config. Statements><Normal Text> </Normal Text><Policy Capability>open_perms</Policy Capability><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; Policy config. statement</Comment><br/>
0011 <Brackets Level 1>(</Brackets Level 1><Policy Config. Statements>mls</Policy Config. Statements><Normal Text> </Normal Text><Booleans>true</Booleans><Brackets Level 1>)</Brackets Level 1><br/>
0012 <Brackets Level 1>(</Brackets Level 1><Policy Config. Statements>handleunknown</Policy Config. Statements><Normal Text> </Normal Text><Access Keys>allow</Access Keys><Brackets Level 1>)</Brackets Level 1><br/>
0013 <Normal Text></Normal Text><br/>
0014 <Brackets Level 1>(</Brackets Level 1><Type Statements>sid</Type Statements><Normal Text> kernel</Normal Text><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; Declaration type statement</Comment><br/>
0015 <Brackets Level 1>(</Brackets Level 1><Statements>classpermissionset</Statements><Normal Text> char_w </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>char </Normal Text><Brackets Level 3>(</Brackets Level 3><AV Permissions>write</AV Permissions><Normal Text> </Normal Text><AV Permissions>setattr</AV Permissions><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; Other statements</Comment><br/>
0016 <Normal Text></Normal Text><br/>
0017 <Brackets Level 1>(</Brackets Level 1><Type Statements>user</Type Statements><Normal Text> user</Normal Text><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; Declare identifier 'user' of user type</Comment><br/>
0018 <Brackets Level 1>(</Brackets Level 1><Type Statements>role</Type Statements><Normal Text> role</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0019 <Brackets Level 1>(</Brackets Level 1><Type Statements>type</Type Statements><Normal Text> type</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0020 <Brackets Level 1>(</Brackets Level 1><Access Keys>allow</Access Keys><Normal Text> allow</Normal Text><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Brackets Level 1>(</Brackets Level 1><Booleans>true</Booleans><Normal Text> </Normal Text><Booleans>true</Booleans><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Brackets Level 1>(</Brackets Level 1><Statements>in</Statements><Normal Text> in</Normal Text><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Brackets Level 1>(</Brackets Level 1><Expression Keys>xor</Expression Keys><Normal Text> xor</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0021 <Normal Text></Normal Text><br/>
0022 <Comment>; List of permissions</Comment><br/>
0023 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> security </Normal Text><Brackets Level 2>(</Brackets Level 2><AV Permissions>compute_av</AV Permissions><Normal Text> </Normal Text><AV Permissions>compute_create</AV Permissions><Normal Text> </Normal Text><AV Permissions>compute_member</AV Permissions><Normal Text> </Normal Text><AV Permissions>check_context</AV Permissions><Normal Text> </Normal Text><AV Permissions>load_policy</AV Permissions><Normal Text> </Normal Text><AV Permissions>compute_relabel</AV Permissions><Normal Text> </Normal Text><AV Permissions>compute_user</AV Permissions><Normal Text> </Normal Text><AV Permissions>setenforce</AV Permissions><Normal Text> </Normal Text><AV Permissions>setbool</AV Permissions><Normal Text> </Normal Text><AV Permissions>setsecparam</AV Permissions><Normal Text> </Normal Text><AV Permissions>setcheckreqprot</AV Permissions><Normal Text> </Normal Text><AV Permissions>read_policy</AV Permissions><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0024 <Normal Text></Normal Text><br/>
0025 <Comment>; Highlighting permissions only if there is not a statement keyword</Comment><br/>
0026 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> binder </Normal Text><Brackets Level 2>(</Brackets Level 2><AV Permissions>impersonate</AV Permissions><Normal Text> </Normal Text><AV Permissions>call</AV Permissions><Normal Text> </Normal Text><AV Permissions>set_context_mgr</AV Permissions><Normal Text> </Normal Text><AV Permissions>transfer</AV Permissions><Normal Text> </Normal Text><AV Permissions>receive</AV Permissions><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0027 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> binder </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>classcommon</Statements><Normal Text> impersonate call set_context_mgr transfer receive</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0028 <Brackets Level 1>(</Brackets Level 1><AV Permissions>impersonate</AV Permissions><Normal Text> </Normal Text><AV Permissions>call</AV Permissions><Normal Text> </Normal Text><AV Permissions>set_context_mgr</AV Permissions><Normal Text> </Normal Text><AV Permissions>transfer</AV Permissions><Normal Text> </Normal Text><AV Permissions>receive</AV Permissions><Brackets Level 1>)</Brackets Level 1><br/>
0029 <Brackets Level 1>(</Brackets Level 1><Statements>tunableif</Statements><Normal Text> impersonate call set_context_mgr transfer receive</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0030 <Normal Text></Normal Text><br/>
0031 <Comment>; This is allowed by the CIL compiler</Comment><br/>
0032 <Brackets Level 1>(</Brackets Level 1><Normal Text> </Normal Text><Type Statements>typeattribute</Type Statements><Comment>;comment</Comment><br/>
0033 <Normal Text> all_fs_type_except_usermodehelper_and_proc_security</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0034 <Brackets Level 1>(</Brackets Level 1><Comment>;comment</Comment><br/>
0035 <Normal Text> </Normal Text><Type Statements>typeattribute</Type Statements><Normal Text> all_fs_type_except_usermodehelper_and_proc_security</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0036 <Brackets Level 1>(</Brackets Level 1><Normal Text> </Normal Text><Comment>;comment</Comment><br/>
0037 <Normal Text> </Normal Text><Comment>;more comments</Comment><br/>
0038 <Normal Text> </Normal Text><Type Statements>typeattribute</Type Statements><Normal Text> all_fs_type_except_usermodehelper_and_proc_security</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0039 <Normal Text> </Normal Text><br/>
0040 <Comment>; Paths</Comment><br/>
0041 <Brackets Level 1>(</Brackets Level 1><Booleans>true</Booleans><Normal Text> </Normal Text><Booleans>true</Booleans><Normal Text> </Normal Text><Path>/true</Path><Normal Text> </Normal Text><Booleans>true</Booleans><Normal Text> </Normal Text><Path>/true/true/</Path><Normal Text> </Normal Text><Booleans>true</Booleans><Normal Text> </Normal Text><Booleans>true</Booleans><Path>/true</Path><Normal Text> </Normal Text><Text Quoted>"true"</Text Quoted><Brackets Level 1>)</Brackets Level 1><br/>
0042 <Comment>; Global namespace</Comment><br/>
0043 <Brackets Level 1>(</Brackets Level 1><Booleans>true</Booleans><Normal Text> </Normal Text><Booleans>true</Booleans><Normal Text> .true </Normal Text><Booleans>true</Booleans><Normal Text> true.true </Normal Text><Booleans>true</Booleans><Normal Text> .true.true true.true.true</Normal Text><br/>
0044 <Normal Text> .</Normal Text><Booleans>true</Booleans><Normal Text>. </Normal Text><Booleans>true</Booleans><Normal Text>. </Normal Text><Booleans>true</Booleans><Normal Text>.</Normal Text><Booleans>true</Booleans><Normal Text>. </Normal Text><Comment>; invalid</Comment><br/>
0045 <Brackets Level 1>)</Brackets Level 1><br/>
0046 <Normal Text></Normal Text><br/>
0047 <Comment>; Keywords in some rules</Comment><br/>
0048 <Normal Text></Normal Text><br/>
0049 <Comment>; filecon</Comment><br/>
0050 <Brackets Level 1>(</Brackets Level 1><Statements>filecon</Statements><Normal Text> </Normal Text><Text Quoted>"/system/bin/run-as"</Text Quoted><Normal Text> </Normal Text><Types>file</Types><Normal Text> runas_exec_context</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0051 <Brackets Level 1>(</Brackets Level 1><Statements>filecon</Statements><Normal Text> </Normal Text><Text Quoted>"/dev/socket/wpa_wlan</Text Quoted><RegExp Brackets>[</RegExp Brackets><RegExp Brackets Content>0-9</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Text Quoted>"</Text Quoted><Normal Text> </Normal Text><Types>any</Types><Normal Text> </Normal Text><File Contexts>u</File Contexts><Normal Text>:</Normal Text><File Contexts>object_r</File Contexts><Normal Text>:</Normal Text><File Contexts (Type Enforcement)>wpa.socket</File Contexts (Type Enforcement)><Normal Text>:</Normal Text><File Contexts>s0</File Contexts><Normal Text>-</Normal Text><File Contexts>s0</File Contexts><Brackets Level 1>)</Brackets Level 1><br/>
0052 <Brackets Level 1>(</Brackets Level 1><Statements>filecon</Statements><Normal Text> </Normal Text><Text Quoted>"/data/local/mine"</Text Quoted><Normal Text> </Normal Text><Types>dir</Types><Normal Text> </Normal Text><Brackets Level 2>()</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0053 <Brackets Level 1>(</Brackets Level 1><Statements>classcommon</Statements><Normal Text> file any dir</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0054 <Brackets Level 1>(</Brackets Level 1><Normal Text>file any dir</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0055 <Comment>; portcon</Comment><br/>
0056 <Brackets Level 1>(</Brackets Level 1><Statements>portcon</Statements><Normal Text> </Normal Text><Types>sctp</Types><Normal Text> </Normal Text><Number>3333</Number><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>unconfined.user </Normal Text><Other Keywords>object_r</Other Keywords><Normal Text> unconfined.object levelrange_1</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0057 <Brackets Level 1>(</Brackets Level 1><Statements>portcon</Statements><Normal Text> </Normal Text><Types>udp</Types><Normal Text> </Normal Text><Number>4444</Number><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>unconfined.user </Normal Text><Other Keywords>object_r</Other Keywords><Normal Text> unconfined.object </Normal Text><Brackets Level 3>(</Brackets Level 3><Brackets Level 4>(</Brackets Level 4><Normal Text>s0</Normal Text><Brackets Level 4>)</Brackets Level 4><Normal Text> level_2</Normal Text><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0058 <Brackets Level 1>(</Brackets Level 1><Statements>defaultrole</Statements><Normal Text> tcp udp</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0059 <Brackets Level 1>(</Brackets Level 1><Normal Text>tcp udp</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0060 <Comment>; fsuse</Comment><br/>
0061 <Brackets Level 1>(</Brackets Level 1><Statements>fsuse</Statements><Normal Text> </Normal Text><Types>xattr</Types><Normal Text> </Normal Text><Filesystem>ext4</Filesystem><Normal Text> file.labeledfs_context</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0062 <Brackets Level 1>(</Brackets Level 1><Statements>fsuse</Statements><Normal Text> </Normal Text><Types>task</Types><Normal Text> </Normal Text><Filesystem>pipefs</Filesystem><Normal Text> file.pipefs_context</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0063 <Brackets Level 1>(</Brackets Level 1><Statements>fsuse</Statements><Normal Text> </Normal Text><Types>trans</Types><Normal Text> </Normal Text><Filesystem>tmpfs</Filesystem><Normal Text> file.tmpfs_context</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0064 <Brackets Level 1>(</Brackets Level 1><Statements>typemember</Statements><Normal Text> xattr task trans</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0065 <Brackets Level 1>(</Brackets Level 1><Normal Text>xattr task trans</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0066 <Normal Text></Normal Text><br/>
0067 <Brackets Level 1>(</Brackets Level 1><Access Keys>allow</Access Keys><Normal Text> unconfined.process </Normal Text><Special Keys>self</Special Keys><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>file </Normal Text><Brackets Level 3>(</Brackets Level 3><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0068 <Brackets Level 1>(</Brackets Level 1><Access Keys>allow</Access Keys><Normal Text> process httpd.object </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>file </Normal Text><Brackets Level 3>(</Brackets Level 3><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0069 <Normal Text></Normal Text><br/>
0070 <Brackets Level 1>(</Brackets Level 1><Statements>defaultrange</Statements><Normal Text> db_table </Normal Text><Other Keywords>glblub</Other Keywords><Brackets Level 1>)</Brackets Level 1><br/>
0071 <Normal Text></Normal Text><br/>
0072 <Comment>; Paths</Comment><br/>
0073 <Text Quoted>"/system/</Text Quoted><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>foo</RegExp Brackets Content><Special Char of Brackets>|</Special Char of Brackets><RegExp Brackets Content>bar</RegExp Brackets Content><RegExp Brackets>)</RegExp Brackets><Text Quoted>/</Text Quoted><RegExp Brackets>[</RegExp Brackets><Special Char of Brackets>^</Special Char of Brackets><RegExp Brackets Content>/</RegExp Brackets Content><RegExp Brackets>]</RegExp Brackets><Special Char>*</Special Char><Text Quoted>/</Text Quoted><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>hi</RegExp Brackets Content><RegExp Brackets>){</RegExp Brackets><RegExp Brackets Content>2</RegExp Brackets Content><Special Char of Brackets>,</Special Char of Brackets><RegExp Brackets Content>6</RegExp Brackets Content><RegExp Brackets>}(</RegExp Brackets><Special Char>.*</Special Char><RegExp Brackets>)</RegExp Brackets><Special Char>?</Special Char><Text Quoted>"</Text Quoted><br/>
0074 <Text Quoted>"/pa</Text Quoted><Escape Char>\12</Escape Char><Text Quoted>th</Text Quoted><Special Char>.*</Special Char><Text Quoted>a</Text Quoted><Special Char>+</Special Char><Text Quoted>b</Text Quoted><Special Char>?</Special Char><Text Quoted>"</Text Quoted><br/>
0075 <Path>/usr/hi</Path><Escape Char>\"</Escape Char><Path>esc</Path><Escape Char>\032</Escape Char><Path>esc</Path><Escape Char>\*</Escape Char><Path>3es</Path><RegExp Brackets>{</RegExp Brackets><RegExp Brackets Content>2</RegExp Brackets Content><Special Char of Brackets>,</Special Char of Brackets><RegExp Brackets Content>2</RegExp Brackets Content><RegExp Brackets>}</RegExp Brackets><Path>ds</Path><br/>
0076 <Text Quoted>"/data/</Text Quoted><RegExp Brackets>(</RegExp Brackets><RegExp Brackets Content>ope</RegExp Brackets Content><Open RegExp Brackets>n</Open RegExp Brackets><RegExp Brackets Content> </RegExp Brackets Content><Text Quoted>"</Text Quoted><br/>
0077 <Text Quoted>"/data/</Text Quoted><RegExp Brackets>[</RegExp Brackets><RegExp Brackets Content>ope</RegExp Brackets Content><Open RegExp Brackets>n</Open RegExp Brackets><RegExp Brackets Content> </RegExp Brackets Content><Text Quoted>"</Text Quoted><br/>
0078 <Normal Text></Normal Text><br/>
0079 <Normal Text></Normal Text><br/>
0080 <Comment>; Some rules</Comment><br/>
0081 <Normal Text></Normal Text><br/>
0082 <Brackets Level 1>(</Brackets Level 1><Statements>call</Statements><Normal Text> macro1</Normal Text><Brackets Level 2>(</Brackets Level 2><Text Quoted>"__kmsg__"</Text Quoted><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0083 <Brackets Level 1>(</Brackets Level 1><Type Statements>macro</Type Statements><Normal Text> macro1 </Normal Text><Brackets Level 2>(</Brackets Level 2><Brackets Level 3>(</Brackets Level 3><Type Name Statements>string</Type Name Statements><Normal Text> ARG1</Normal Text><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0084 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>typetransition</Statements><Normal Text> audit.process device.device chr_file ARG1 device.klog_device</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0085 <Brackets Level 1>)</Brackets Level 1><br/>
0086 <Normal Text></Normal Text><br/>
0087 <Brackets Level 1>(</Brackets Level 1><Access Keys>allow</Access Keys><Normal Text> unconfined.process </Normal Text><Special Keys>self</Special Keys><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>file </Normal Text><Brackets Level 3>(</Brackets Level 3><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0088 <Brackets Level 1>(</Brackets Level 1><Access Keys>auditallow</Access Keys><Normal Text> release_app.process secmark_demo.browser_packet </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>packet </Normal Text><Brackets Level 3>(</Brackets Level 3><AV Permissions>send</AV Permissions><Normal Text> </Normal Text><AV Permissions>recv</AV Permissions><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0089 <Brackets Level 1>(</Brackets Level 1><Access Keys>allowx</Access Keys><Normal Text> type_1 type_2 </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>ioctl</Type Name Statements><Normal Text> tcp_socket </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x2000</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x20FF</Hexadecimal><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0090 <Brackets Level 1>(</Brackets Level 1><Statements>permissionx</Statements><Normal Text> ioctl_nodebug </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>ioctl</Type Name Statements><Normal Text> udp_socket </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>not</Expression Keys><Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x4000</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x4010</Hexadecimal><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0091 <Brackets Level 1>(</Brackets Level 1><Access Keys>allowx</Access Keys><Normal Text> type_3 type_4 ioctl_nodebug</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0092 <Brackets Level 1>(</Brackets Level 1><Access Keys>dontauditx</Access Keys><Normal Text> type_1 type_2 </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>ioctl</Type Name Statements><Normal Text> tcp_socket </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x3000</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x30FF</Hexadecimal><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0093 <Normal Text></Normal Text><br/>
0094 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> property_service </Normal Text><Brackets Level 2>(</Brackets Level 2><Android AV Permissions>set</Android AV Permissions><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0095 <Brackets Level 1>(</Brackets Level 1><Type Statements>block</Type Statements><Normal Text> av_rules</Normal Text><br/>
0096 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>type</Type Statements><Normal Text> type_1</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0097 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>type</Type Statements><Normal Text> type_2</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0098 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>typeattribute</Type Statements><Normal Text> all_types</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0099 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>typeattributeset</Statements><Normal Text> all_types </Normal Text><Brackets Level 3>(</Brackets Level 3><Brackets Level 4>(</Brackets Level 4><Expression Keys>all</Expression Keys><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0100 <Normal Text></Normal Text><br/>
0101 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Access Keys>neverallow</Access Keys><Normal Text> type_2 all_types </Normal Text><Brackets Level 3>(</Brackets Level 3><Normal Text>property_service </Normal Text><Brackets Level 4>(</Brackets Level 4><Android AV Permissions>set</Android AV Permissions><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0102 <Brackets Level 1>)</Brackets Level 1><br/>
0103 <Brackets Level 1>(</Brackets Level 1><Type Statements>macro</Type Statements><Normal Text> binder_call </Normal Text><Brackets Level 2>(</Brackets Level 2><Brackets Level 3>(</Brackets Level 3><Type Statements>type</Type Statements><Normal Text> ARG1</Normal Text><Brackets Level 3>)</Brackets Level 3><Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Type Statements>type</Type Statements><Normal Text> ARG2</Normal Text><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0104 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Access Keys>allow</Access Keys><Normal Text> ARG1 ARG2 </Normal Text><Brackets Level 3>(</Brackets Level 3><Normal Text>binder </Normal Text><Brackets Level 4>(</Brackets Level 4><AV Permissions>transfer</AV Permissions><Normal Text> </Normal Text><AV Permissions>call</AV Permissions><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0105 <Brackets Level 1>)</Brackets Level 1><br/>
0106 <Brackets Level 1>(</Brackets Level 1><Type Statements>ipaddr</Type Statements><Normal Text> netmask_1 </Normal Text><IP Address>255.255.255.0</IP Address><Brackets Level 1>)</Brackets Level 1><br/>
0107 <Normal Text></Normal Text><br/>
0108 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> dir</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0109 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> foo</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0110 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> bar</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0111 <Brackets Level 1>(</Brackets Level 1><Type Statements>class</Type Statements><Normal Text> baz</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0112 <Brackets Level 1>(</Brackets Level 1><Statements>classorder</Statements><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>dir foo</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0113 <Brackets Level 1>(</Brackets Level 1><Statements>classorder</Statements><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>unordered</Type Name Statements><Normal Text> bar foo baz</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0114 <Normal Text></Normal Text><br/>
0115 <Brackets Level 1>(</Brackets Level 1><Type Statements>classpermission</Type Statements><Normal Text> zygote_2</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0116 <Brackets Level 1>(</Brackets Level 1><Statements>classpermissionset</Statements><Normal Text> zygote_2 </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>zygote</Normal Text><br/>
0117 <Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>and</Expression Keys><br/>
0118 <Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Expression Keys>all</Expression Keys><Brackets Level 4>)</Brackets Level 4><br/>
0119 <Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Expression Keys>not</Expression Keys><Normal Text> </Normal Text><Brackets Level 5>(</Brackets Level 5><Normal Text>specifyinvokewith specifyseinfo</Normal Text><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><br/>
0120 <Normal Text> </Normal Text><Brackets Level 3>)</Brackets Level 3><br/>
0121 <Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0122 <Normal Text></Normal Text><br/>
0123 <Brackets Level 1>(</Brackets Level 1><Statements>permissionx</Statements><Normal Text> ioctl_3 </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>ioctl</Type Name Statements><Normal Text> tcp_socket </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>and</Expression Keys><Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x8000</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x90FF</Hexadecimal><Brackets Level 4>)</Brackets Level 4><Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Expression Keys>not</Expression Keys><Normal Text> </Normal Text><Brackets Level 5>(</Brackets Level 5><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x8100</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x82FF</Hexadecimal><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0124 <Brackets Level 1>(</Brackets Level 1><Type Statements>boolean</Type Statements><Normal Text> disableAudioCapture </Normal Text><Booleans>false</Booleans><Brackets Level 1>)</Brackets Level 1><br/>
0125 <Brackets Level 1>(</Brackets Level 1><Statements>booleanif</Statements><Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Expression Keys>and</Expression Keys><Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>not</Expression Keys><Normal Text> disableAudio</Normal Text><Brackets Level 3>)</Brackets Level 3><Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>not</Expression Keys><Normal Text> disableAudioCapture</Normal Text><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0126 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Booleans>true</Booleans><br/>
0127 <Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Access Keys>allow</Access Keys><Normal Text> process mediaserver.audio_capture_device </Normal Text><Brackets Level 4>(</Brackets Level 4><Normal Text>chr_file_set </Normal Text><Brackets Level 5>(</Brackets Level 5><Normal Text>rw_file_perms</Normal Text><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><br/>
0128 <Normal Text> </Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0129 <Brackets Level 1>)</Brackets Level 1><br/>
0130 <Brackets Level 1>(</Brackets Level 1><Type Statements>tunable</Type Statements><Normal Text> range_trans_rule </Normal Text><Booleans>false</Booleans><Brackets Level 1>)</Brackets Level 1><br/>
0131 <Normal Text></Normal Text><br/>
0132 <Brackets Level 1>(</Brackets Level 1><Type Statements>block</Type Statements><Normal Text> init</Normal Text><br/>
0133 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>class</Type Statements><Normal Text> process </Normal Text><Brackets Level 3>(</Brackets Level 3><Normal Text>process</Normal Text><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><br/>
0134 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>type</Type Statements><Normal Text> process</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0135 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>tunableif</Statements><Normal Text> range_trans_rule</Normal Text><br/>
0136 <Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Booleans>true</Booleans><br/>
0137 <Normal Text> </Normal Text><Brackets Level 4>(</Brackets Level 4><Statements>rangetransition</Statements><Normal Text> process sshd.exec process low_high</Normal Text><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0138 <Normal Text></Normal Text><br/>
0139 <Brackets Level 1>(</Brackets Level 1><Statements>validatetrans</Statements><Normal Text> file </Normal Text><Brackets Level 2>(</Brackets Level 2><Expression Keys>eq</Expression Keys><Normal Text> </Normal Text><Other Keywords>t1</Other Keywords><Normal Text> unconfined.process</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0140 <Brackets Level 1>(</Brackets Level 1><Type Statements>block</Type Statements><Normal Text> ext_gateway</Normal Text><br/>
0141 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Statements>optional</Type Statements><Normal Text> move_file</Normal Text><br/>
0142 <Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Statements>typetransition</Statements><Normal Text> process msg_filter.move_file.in_queue file msg_filter.move_file.in_file</Normal Text><Brackets Level 3>)</Brackets Level 3><br/>
0143 <Normal Text> </Normal Text><Brackets Level 3>(</Brackets Level 3><Access Keys>allow</Access Keys><Normal Text> process msg_filter.move_file.in_queue </Normal Text><Brackets Level 4>(</Brackets Level 4><Normal Text>dir </Normal Text><Brackets Level 5>(</Brackets Level 5><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><AV Permissions>getattr</AV Permissions><Normal Text> </Normal Text><AV Permissions>write</AV Permissions><Normal Text> </Normal Text><AV Permissions>search</AV Permissions><Normal Text> </Normal Text><AV Permissions>add_name</AV Permissions><Brackets Level 5>)</Brackets Level 5><Brackets Level 4>)</Brackets Level 4><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0144 <Normal Text></Normal Text><br/>
0145 <Brackets Level 1>(</Brackets Level 1><Type Statements>context</Type Statements><Normal Text> runas_exec_context </Normal Text><Brackets Level 2>(</Brackets Level 2><Normal Text>u </Normal Text><Other Keywords>object_r</Other Keywords><Normal Text> exec low_low</Normal Text><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><br/>
0146 <Brackets Level 1>(</Brackets Level 1><Statements>filecon</Statements><Normal Text> </Normal Text><Text Quoted>"/system/bin/run-as"</Text Quoted><Normal Text> </Normal Text><Types>file</Types><Normal Text> runas_exec_context</Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0147 <Normal Text></Normal Text><br/>
0148 <Brackets Level 1>(</Brackets Level 1><Statements>in</Statements><Normal Text> file</Normal Text><br/>
0149 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>rootfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> rootfs_context</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0150 <Normal Text> </Normal Text><Brackets Level 2>(</Brackets Level 2><Statements>genfscon</Statements><Normal Text> </Normal Text><Filesystem>selinuxfs</Filesystem><Normal Text> </Normal Text><Path>/</Path><Normal Text> selinuxfs_context</Normal Text><Brackets Level 2>)</Brackets Level 2><br/>
0151 <Brackets Level 1>)</Brackets Level 1><br/>
0152 <Normal Text></Normal Text><br/>
0153 <Comment>; ioctl & call: due to the way in which the highlighter treats the parenthesis blocks</Comment><br/>
0154 <Comment>; (each level of different color), it is not possible to differentiate between statement and permission.</Comment><br/>
0155 <Brackets Level 1>(</Brackets Level 1><Access Keys>allowx</Access Keys><Normal Text> x bin_t </Normal Text><Brackets Level 2>(</Brackets Level 2><Type Name Statements>ioctl</Type Name Statements><Normal Text> policy.file </Normal Text><Brackets Level 3>(</Brackets Level 3><Expression Keys>range</Expression Keys><Normal Text> </Normal Text><Hexadecimal>0x1000</Hexadecimal><Normal Text> </Normal Text><Hexadecimal>0x11FF</Hexadecimal><Brackets Level 3>)</Brackets Level 3><Brackets Level 2>)</Brackets Level 2><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; ioctl kind</Comment><br/>
0156 <Brackets Level 1>(</Brackets Level 1><Type Name Statements>ioctl</Type Name Statements><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><br/>
0157 <Normal Text> </Normal Text><Android AV Permissions>find</Android AV Permissions><Normal Text> </Normal Text><AV Permissions>connectto</AV Permissions><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; kind or permission?</Comment><br/>
0158 <Brackets Level 1>(</Brackets Level 1><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><Android AV Permissions>find</Android AV Permissions><Normal Text> </Normal Text><AV Permissions>connectto</AV Permissions><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; ioctl permission</Comment><br/>
0159 <Brackets Level 1>(</Brackets Level 1><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><Brackets Level 1>)</Brackets Level 1><br/>
0160 <Brackets Level 1>(</Brackets Level 1><Statements>call</Statements><Normal Text> </Normal Text><AV Permissions>ioctl</AV Permissions><Normal Text> </Normal Text><AV Permissions>read</AV Permissions><Normal Text> </Normal Text><Android AV Permissions>find</Android AV Permissions><Normal Text> </Normal Text><AV Permissions>connectto</AV Permissions><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; statement or permission?</Comment><br/>
0161 <Brackets Level 1>(</Brackets Level 1><Normal Text> </Normal Text><AV Permissions>call</AV Permissions><Normal Text> </Normal Text><Brackets Level 1>)</Brackets Level 1><Normal Text> </Normal Text><Comment>; call permission</Comment><br/>