Skip to content
Snippets Groups Projects
Commit 5d9913c6 authored by Stephen Smalley's avatar Stephen Smalley Committed by Android Git Automerger
Browse files

am ad7df7bb: Remove execmem permission from domain, add to appdomain. 

* commit 'ad7df7bb':
  Remove execmem permission from domain, add to appdomain.
parents 411d940e ad7df7bb
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app.te
+ 3
0
View file @ 5d9913c6
...@@ -7,6 +7,9 @@ ...@@ -7,6 +7,9 @@
### zygote spawned apps should be added here. ### zygote spawned apps should be added here.
### ###
# Dalvik Compiler JIT Mapping.
allow appdomain self:process execmem;
# Allow apps to connect to the keystore # Allow apps to connect to the keystore
unix_socket_connect(appdomain, keystore, keystore) unix_socket_connect(appdomain, keystore, keystore)
......
domain.te
+ 1
1
View file @ 5d9913c6
...@@ -11,7 +11,7 @@ allow domain tmpfs:file { read getattr }; ...@@ -11,7 +11,7 @@ allow domain tmpfs:file { read getattr };
allow domain tmpfs:dir r_dir_perms; allow domain tmpfs:dir r_dir_perms;
# Intra-domain accesses. # Intra-domain accesses.
allow domain self:process ~{ execstack execheap ptrace }; allow domain self:process ~{ execmem execstack execheap ptrace };
allow domain self:fd use; allow domain self:fd use;
allow domain self:dir r_dir_perms; allow domain self:dir r_dir_perms;
allow domain self:lnk_file r_file_perms; allow domain self:lnk_file r_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment