From 388e05d3abadddf4c28ff3c2ce8324d9da5c5ad7 Mon Sep 17 00:00:00 2001 From: "jungyee.yoo" <jungyee.yoo@lge.com> Date: Thu, 27 Jul 2017 14:57:31 +0900 Subject: [PATCH] Remove platform_app from neverallow execute from /data Apparently some manufacturers sign APKs with the platform key which use renderscript. Renderscript works by compiling the .so file, and placing it in the app's home directory, where the app loads the content. Drop platform_app from the neverallow restriction to allow partners to add rules allowing /data execute for this class of apps. We should revisit this in the future after we have a better solution for apps which use renderscript. (cherry picked from commit c55cf17a6b4a23f8ef66ff816f871d7d9e8de56a) Bug: 29857189 Change-Id: I058a802ad5eb2a67e657b6d759a3ef4e21cbb8cc --- app.te | 1 - 1 file changed, 1 deletion(-) diff --git a/app.te b/app.te index f96f3baa5..e9dd7b39a 100644 --- a/app.te +++ b/app.te @@ -443,7 +443,6 @@ neverallow { bluetooth isolated_app nfc - platform_app radio shared_relro system_app -- GitLab