Allow the zygote to stat all files it opens.
am: a60342b7a4
Change-Id: I2d7c99660b6bb9b45922f1203cb1eafe90659238
This commit is contained in:
Narayan Kamath
android-build-merger
commit
28e18c3a1b
1 changed files with 6 additions and 0 deletions
|
|
@ -39,6 +39,12 @@ allow zygote dex2oat_exec:file rx_file_perms;
|
|||
# Control cgroups.
|
||||
allow zygote cgroup:dir create_dir_perms;
|
||||
allow zygote self:capability sys_admin;
|
||||
# Allow zygote to stat the files that it opens. The zygote must
|
||||
# be able to inspect them so that it can reopen them on fork
|
||||
# if necessary: b/30963384
|
||||
allow zygote pmsg_device:chr_file { getattr };
|
||||
allow zygote debugfs_trace_marker:file { getattr };
|
||||
|
||||
# Check validity of SELinux context before use.
|
||||
selinux_check_context(zygote)
|
||||
# Check SELinux permissions.
|
||||
|
|
|
|||
Loading…
Reference in a new issue