Allow zygote to create fds and map executable.
This is so that zygote can create the JIT cache with memfd_create (or ashmem when memfd is not available). Test: boot Bug: 119800099 Change-Id: I88f1f6b1c930a8d22985b306a238f60b4af59f9c
This commit is contained in:
Nicolas Geoffray
parent
1eb45b5606
commit
f77e8c1b0c
1 changed files with 3 additions and 0 deletions
|
|
@ -3,6 +3,7 @@ typeattribute zygote coredomain;
|
|||
typeattribute zygote mlstrustedsubject;
|
||||
|
||||
init_daemon_domain(zygote)
|
||||
tmpfs_domain(zygote)
|
||||
|
||||
read_runtime_log_tags(zygote)
|
||||
|
||||
|
|
@ -51,6 +52,8 @@ allow zygote dalvikcache_data_file:file execute;
|
|||
|
||||
# Allow zygote to create JIT memory.
|
||||
allow zygote self:process execmem;
|
||||
allow zygote zygote_tmpfs:file execute;
|
||||
allow zygote ashmem_device:chr_file execute;
|
||||
|
||||
# Execute idmap and dex2oat within zygote's own domain.
|
||||
# TODO: Should either of these be transitioned to the same domain
|
||||
|
|
|
|||
Loading…
Reference in a new issue