4 commits

Author	SHA1	Message	Date
Igor Murashkin	83c5612e69	zygote/dex2oat: Grant additional symlink permissions ... * zygote needs to be able to symlink from dalvik cache to system to avoid having to copy boot.oat (when the boot.oat file was built with --compile-pic) * dex2oat needs to be able to read the symlink in the dalvik cache (the one that zygote creates) Bug: 18035729 Change-Id: Ie1acad81a0fd8b2f24e1f3f07a06e6fdb548be62	2014-10-27 17:22:40 -07:00
Nick Kralevich	270be6e86a	dex2oat: fix forward-locked upgrades with unlabeled asecs ... dex2oat fails when upgrading unlabeled asec containers. Steps to reproduce: 1) Install a forward locked app on Android 4.1 adb install -l foo.apk 2) Upgrade to tip-of-tree Addresses the following denial: <4>[ 379.886665] type=1400 audit(1405549869.210:4): avc: denied { read } for pid=2389 comm="dex2oat" path="/mnt/asec/jackpal.androidterm-1/pkg.apk" dev=dm-0 ino=12 scontext=u:r:dex2oat:s0 tcontext=u:object_r:unlabeled:s0 tclass=file Change-Id: I58dc6ebe61a5b5840434077a55f1afbeed602137	2014-07-16 15:34:06 -07:00
Nick Kralevich	5259c5e616	dex2oat: fix forward locked apps ... dex2oat can't access file descriptors associated with asec_apk_files. This breaks installing forward locked apps, and generates the following denial: type=1400 audit(0.0:18): avc: denied { read } for path="/mnt/asec/com.example.android.simplejni-1/pkg.apk" dev="dm-0" ino=12 scontext=u:r:dex2oat:s0 tcontext=u:object_r:asec_apk_file:s0 tclass=file Steps to reproduce: $ adb install -r -l SimpleJNI.apk Expected: app installs Actual: app fails to install. Change-Id: I5a468508014e9963460d13d78e1c4867187322b3 Bug: 16328233	2014-07-16 09:41:51 -07:00
Nick Kralevich	75d63fcfd2	Put dex2oat in it's own sandbox ... Currently, dex2oat runs in the installd sandbox, and has all the SELinux capabilities that installd does. That's too excessive. dex2oat handles untrusted user data, so we want to put it in it's own tighter sandbox. Bug: 15358102 Change-Id: I08083b84b9769e24d6dad6dbd12401987cb006be	2014-07-10 15:33:11 -07:00