Allow dexoptanalyzer to mmap files with Linux 4.14+ that it can already access.

am: d8a9a493c5 Change-Id: I016d5846fc9bc21c46882c16ff17de535fa5974e
2019-09-13 12:30:17 -07:00 · 2019-09-13 12:30:17 -07:00 · 695e2c15bb
commit 695e2c15bb
parent 3e410d2ca2 d8a9a493c5
1 changed files with 1 additions and 1 deletions
--- a/prebuilts/api/29.0/private/dexoptanalyzer.te
+++ b/prebuilts/api/29.0/private/dexoptanalyzer.te
@ -22,7 +22,7 @@ allow dexoptanalyzer installd:fifo_file { getattr write };
 # Allow reading secondary dex files that were reported by the app to the
 # package manager.
 allow dexoptanalyzer { privapp_data_file app_data_file }:dir { getattr search };
-allow dexoptanalyzer { privapp_data_file app_data_file }:file { getattr read };
+allow dexoptanalyzer { privapp_data_file app_data_file }:file { getattr read map };
 # dexoptanalyzer calls access(2) with W_OK flag on app data. We can use the
 # "dontaudit...audit_access" policy line to suppress the audit access without
 # suppressing denial on actual access.