tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

asan_extract: add system_file_type to asan_extract_exec

Browse source 
This is on the system partition and thus must be system_file_type:

neverallow check failed at out/target/product/vsoc_x86/obj_asan/ETC/userdebug_plat_sepolicy.cil_intermediates/userdebug_plat_sepolicy.cil.tmp:7703 from system/sepolicy/public/domain.te:950
  (neverallow coredomain base_typeattr_272 (file (entrypoint)))
      <root>
          allow at out/target/product/vsoc_x86/obj_asan/ETC/userdebug_plat_sepolicy.cil_intermediates/userdebug_plat_sepolicy.cil.tmp:16250
	        (allow asan_extract asan_extract_exec (file (read getattr map execute open entrypoint)))

Bug: 155905226
Test: build without above neverallow error
Change-Id: I6987582fcc013c95efe7e6758d96ec089168ea9d
This commit is contained in:
Tom Cherry 2020-05-06 13:25:28 -07:00
parent c83029bee7
commit b5ac55a444
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
public/asan_extract.te
View file

@ -5,7 +5,7 @@
with_asan(`
type asan_extract, domain, coredomain;
type asan_extract_exec, exec_type, file_type;
type asan_extract_exec, exec_type, file_type, system_file_type;
# Allow asan_extract to execute itself using #!/system/bin/sh
allow asan_extract shell_exec:file rx_file_perms;