Skip to content
Snippets Groups Projects
Commit 221938cb authored by Narayan Kamath's avatar Narayan Kamath Committed by Jeff Vander Stoep
Browse files

Allow the zygote to stat all files it opens. 

(cherry picked from commit 63203a01)

bug: 30963384
Change-Id: I62b5ffd43469dbb0bba67e1bb1d3416e7354f9e5
parent bff98015
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 6 additions and 0 deletions
zygote.te
+ 6
0
View file @ 221938cb
...@@ -40,6 +40,12 @@ allow zygote dex2oat_exec:file rx_file_perms; ...@@ -40,6 +40,12 @@ allow zygote dex2oat_exec:file rx_file_perms;
allow zygote cgroup:dir create_dir_perms; allow zygote cgroup:dir create_dir_perms;
allow zygote cgroup:{ file lnk_file } r_file_perms; allow zygote cgroup:{ file lnk_file } r_file_perms;
allow zygote self:capability sys_admin; allow zygote self:capability sys_admin;
# Allow zygote to stat the files that it opens. The zygote must
# be able to inspect them so that it can reopen them on fork
# if necessary: b/30963384
allow zygote pmsg_device:chr_file { getattr };
allow zygote debugfs_trace_marker:file { getattr };
# Check validity of SELinux context before use. # Check validity of SELinux context before use.
selinux_check_context(zygote) selinux_check_context(zygote)
# Check SELinux permissions. # Check SELinux permissions.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment