Add capabilities to Zygote to fix valgrind.
Bug: 10455872 Change-Id: I98885e8cd1e4f9ab0d3e2af6d79b078a000db539
This commit is contained in:
parent
29d0d40668
commit
e03626021e
@ -11,6 +11,9 @@ allow zygote self:capability setpcap;
|
||||
# Switch SELinux context to app domains.
|
||||
allow zygote system:process dyntransition;
|
||||
allow zygote appdomain:process dyntransition;
|
||||
# Allow zygote to read app data dirs (b/10455872)
|
||||
allow zygote appdomain:dir search;
|
||||
allow zygote appdomain:file { r_file_perms };
|
||||
# Move children into the peer process group.
|
||||
allow zygote system:process { getpgid setpgid };
|
||||
allow zygote appdomain:process { getpgid setpgid };
|
||||
|
Loading…
Reference in New Issue
Block a user