PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow untrusted_app_all system_linker_exec:file execute_no_trans

Browse Source 
Chrome Crashpad uses the the dynamic linker to load native executables
from an APK (b/112050209, crbug.com/928422)

Addresses the following denial:

  avc: denied { execute_no_trans } for comm="Chrome_IOThread" path="/bionic/bin/linker" dev="loop5" ino=24 scontext=u:r:untrusted_app_27:s0:c106,c256,c512,c768 tcontext=u:object_r:system_linker_exec:s0 tclass=file permissive=0 app=com.android.chrome

Test: compiles and builds.
Change-Id: I14f80592a74c36754c28313e94399258b2c42170
This commit is contained in:
Nick Kralevich 2019-02-06 13:19:19 -08:00
parent bdabddfe12
commit 9ea8c0701d
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
private/untrusted_app_all.te
View File

@ -25,6 +25,10 @@
allow untrusted_app_all privapp_data_file:file { r_file_perms execute };
allow untrusted_app_all app_data_file:file { r_file_perms execute };
# Chrome Crashpad uses the the dynamic linker to load native executables
# from an APK (b/112050209, crbug.com/928422)
allow untrusted_app_all system_linker_exec:file execute_no_trans;
# Follow priv-app symlinks. This is used for dynamite functionality.
allow untrusted_app_all privapp_data_file:lnk_file r_file_perms;