Skip to content
Snippets Groups Projects
Commit 4af6d81b authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Allow the zygote to stat all files it opens." into nyc-mr1-dev

parents ce84793b 63203a01
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 6 additions and 0 deletions
zygote.te
+ 6
0
View file @ 4af6d81b
......@@ -39,6 +39,12 @@ allow zygote dex2oat_exec:file rx_file_perms;
# Control cgroups.
allow zygote cgroup:dir create_dir_perms;
allow zygote self:capability sys_admin;
# Allow zygote to stat the files that it opens. The zygote must
# be able to inspect them so that it can reopen them on fork
# if necessary: b/30963384
allow zygote pmsg_device:chr_file { getattr };
allow zygote debugfs_trace_marker:file { getattr };
# Check validity of SELinux context before use.
selinux_check_context(zygote)
# Check SELinux permissions.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment