From 83c5612e69fa05610baf4f4d237fe0995a79cde5 Mon Sep 17 00:00:00 2001 From: Igor Murashkin Date: Fri, 24 Oct 2014 14:22:12 -0700 Subject: [PATCH] zygote/dex2oat: Grant additional symlink permissions * zygote needs to be able to symlink from dalvik cache to system to avoid having to copy boot.oat (when the boot.oat file was built with --compile-pic) * dex2oat needs to be able to read the symlink in the dalvik cache (the one that zygote creates) Bug: 18035729 Change-Id: Ie1acad81a0fd8b2f24e1f3f07a06e6fdb548be62 --- dex2oat.te | 2 ++ zygote.te | 2 ++ 2 files changed, 4 insertions(+) diff --git a/dex2oat.te b/dex2oat.te index 2df9947dd..5fded3670 100644 --- a/dex2oat.te +++ b/dex2oat.te @@ -3,6 +3,8 @@ type dex2oat, domain; type dex2oat_exec, exec_type, file_type; allow dex2oat dalvikcache_data_file:file write; +# Read symlinks in /data/dalvik-cache +allow dex2oat dalvikcache_data_file:lnk_file read; allow dex2oat installd:fd use; # Read already open asec_apk_file file descriptors passed by installd. diff --git a/zygote.te b/zygote.te index 4c6276c8c..adbea06da 100644 --- a/zygote.te +++ b/zygote.te @@ -24,6 +24,8 @@ allow zygote system_data_file:file r_file_perms; # Write to /data/dalvik-cache. allow zygote dalvikcache_data_file:dir create_dir_perms; allow zygote dalvikcache_data_file:file create_file_perms; +# Create symlinks in /data/dalvik-cache +allow zygote dalvikcache_data_file:lnk_file create_file_perms; # Write to /data/resource-cache allow zygote resourcecache_data_file:dir rw_dir_perms; allow zygote resourcecache_data_file:file create_file_perms;