PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add dex2oat permissions to open and read the tmp apk.

Browse Source 
The PackageManager now passes previous code paths to dex2oat as shared
libraries. dex2oat needs extra permissions in order to access and open
the oat files of these libraries (if they were compiled).

Part of a multi-project change.

Bug: 34169257
Test: cts-tradefed run singleCommand cts -d --module
CtsAppSecurityHostTestCases -t android.appsecurity.cts.SplitTests

Change-Id: I7b9cfd7f3c3509f3e41f0590ab650bd85faab340
This commit is contained in:
Jeff Hao 2017-04-05 15:49:05 -07:00
parent f30f07e82a
commit 1103f963a7
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
public/dex2oat.te
View File

@ -27,7 +27,8 @@ allow dex2oat system_file:file lock;
allow dex2oat asec_apk_file:file read;
allow dex2oat unlabeled:file read;
allow dex2oat oemfs:file read;
allow dex2oat apk_tmp_file:file read;
allow dex2oat apk_tmp_file:dir search;
allow dex2oat apk_tmp_file:file r_file_perms;
allow dex2oat user_profile_data_file:file { getattr read lock };
# Allow dex2oat to compile app's secondary dex files which were reported back to