Merge "Allow app_zygote to open vendor_overlay_file from vendor apex" am: 9f254ba368 am: e930e1de6b am: 260b8ae48d

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2618492

Change-Id: Ic1436426d8d5d3fc1488e56065cb58f8f03cc04a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Treehugger Robot 2023-06-09 02:46:32 +00:00 committed by Automerger Merge Worker
commit 96b1043fd3

View file

@ -74,6 +74,8 @@ allow app_zygote oemfs:dir search;
# Allow app_zygote access to /vendor/overlay # Allow app_zygote access to /vendor/overlay
r_dir_file(app_zygote, vendor_overlay_file) r_dir_file(app_zygote, vendor_overlay_file)
# Allow app_zygote to read vendor_overlay_file from vendor apex as well
allow app_zygote vendor_apex_metadata_file:dir { getattr search };
allow app_zygote system_data_file:lnk_file r_file_perms; allow app_zygote system_data_file:lnk_file r_file_perms;
allow app_zygote system_data_file:file { getattr read map }; allow app_zygote system_data_file:file { getattr read map };