Merge "dontaudit denial on the odex file of location provider."

This commit is contained in:
Treehugger Robot 2022-02-17 10:25:22 +00:00 committed by Gerrit Code Review
commit c1e11bbea5
2 changed files with 6 additions and 1 deletions

View file

@ -25,7 +25,6 @@ netd untrusted_app_25 unix_stream_socket b/77870037
netd untrusted_app_27 unix_stream_socket b/77870037
netd untrusted_app_29 unix_stream_socket b/77870037
platform_app nfc_data_file dir b/74331887
system_server apex_art_data_file file b/194054685
system_server crash_dump process b/73128755
system_server overlayfs_file file b/142390309
system_server sdcardfs file b/77856826

View file

@ -76,6 +76,12 @@ allow system_server sysfs_fs_f2fs:file r_file_perms;
allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
# Ignore the denial on `system@framework@com.android.location.provider.jar@classes.odex`.
# `com.android.location.provider.jar` happens to be both a jar on system server classpath and a
# shared library used by a system server app. The odex file is loaded fine by Zygote when it forks
# system_server. It fails to be loaded when the jar is used as a shared library, which is expected.
dontaudit system_server apex_art_data_file:file execute;
# For release odex/vdex compress blocks
allowxperm system_server dalvikcache_data_file:file ioctl {
F2FS_IOC_RELEASE_COMPRESS_BLOCKS