41a2abfc0d
This is being done in preparation for the migration from ashmem to
memfd. In order for tmpfs objects to be usable across the Treble
boundary, they need to be declared in public policy whereas, they're
currently all declared in private policy as part of the
tmpfs_domain() macro. Remove the type declaration from the
macro, and remove tmpfs_domain() from the init_daemon_domain() macro
to avoid having to declare the *_tmpfs types for all init launched
domains. tmpfs is mostly used by apps and the media frameworks.
Bug: 122854450
Test: Boot Taimen and blueline. Watch videos, make phone calls, browse
internet, send text, install angry birds...play angry birds, keep
playing angry birds...
Change-Id: I20a47d2bb22e61b16187015c7bc7ca10accf6358
Merged-In: I20a47d2bb22e61b16187015c7bc7ca10accf6358
(cherry picked from commit e16fb9109c)
25 lines
1 KiB
Text
25 lines
1 KiB
Text
# viewcompiler
|
|
type viewcompiler, domain, coredomain, mlstrustedsubject;
|
|
type viewcompiler_exec, system_file_type, exec_type, file_type;
|
|
type viewcompiler_tmpfs, file_type;
|
|
|
|
# Reading an APK opens a ZipArchive, which unpack to tmpfs.
|
|
# Use tmpfs_domain() which will give tmpfs files created by viewcompiler their
|
|
# own label, which differs from other labels created by other processes.
|
|
# This allows to distinguish in policy files created by viewcompiler vs other
|
|
# processes.
|
|
tmpfs_domain(viewcompiler)
|
|
|
|
allow viewcompiler installd:fd use;
|
|
|
|
# Include write permission for app data files so viewcompiler can generate
|
|
# compiled layout dex files
|
|
allow viewcompiler app_data_file:file { getattr write };
|
|
|
|
# Allow the view compiler to read resources from the apps APK.
|
|
allow viewcompiler apk_data_file:file read;
|
|
|
|
# priv-apps are moving to a world where they can only execute
|
|
# signed code. Make sure viewcompiler never can write to privapp
|
|
# directories to avoid introducing unsigned executable code
|
|
neverallow viewcompiler privapp_data_file:file no_w_file_perms;
|