drop "allow healthd self:process execmem;"
The execmem capability indicates that the processes creates anonymous executable memory, which is most commonly used for JITing functionality. All of the healthd executable code comes from the filesystem, and healthd does not rely on JITing or loading code from non-file based sources, so this permission is unnecessary. Bug: 32659667 Test: compiles and boots Change-Id: Ifb2b68625b191cb002dbb134cace6ddd215236e8
This commit is contained in:
Nick Kralevich
parent
7c3f77da18
commit
b192f0e7c7
@ -46,7 +46,6 @@ allow healthd input_device:dir r_dir_perms;
|
||||
allow healthd input_device:chr_file r_file_perms;
|
||||
allow healthd tty_device:chr_file rw_file_perms;
|
||||
allow healthd ashmem_device:chr_file execute;
|
||||
allow healthd self:process execmem;
|
||||
allow healthd proc_sysrq:file rw_file_perms;
|
||||
|
||||
# Healthd needs to tell init to continue the boot
|
||||
|
||||
Loading…
Reference in New Issue
Block a user