tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow zygote to create fds and map executable." am: 3a9a6f51c1

Browse source 
am: db0279bf5c

Change-Id: Ie238fa5903393a9ac842fee381d8f0e8bf1cf5bb
This commit is contained in:
Nicolas Geoffray 2019-06-18 00:15:43 -07:00 committed by android-build-merger
commit 2cb1a28193
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
private/zygote.te
View file

@ -3,6 +3,7 @@ typeattribute zygote coredomain;
typeattribute zygote mlstrustedsubject;
init_daemon_domain(zygote)
tmpfs_domain(zygote)
read_runtime_log_tags(zygote)
@ -51,6 +52,8 @@ allow zygote dalvikcache_data_file:file execute;
# Allow zygote to create JIT memory.
allow zygote self:process execmem;
allow zygote zygote_tmpfs:file execute;
allow zygote ashmem_device:chr_file execute;
# Execute idmap and dex2oat within zygote's own domain.
# TODO: Should either of these be transitioned to the same domain