Skip to content
Snippets Groups Projects
Commit a545a4c7 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Relax some neverallow rules

Kernels above 4.14 have a new mmap permission. However, neverallow rules
exclude the use of mmap, even when file FDs are passable across the
vendor/non-vendor boundary. Since we allow reading / writing of passed
file descriptors, also allow the use of mmap for passed file
descriptors.

Bug: 112171217
Test: policy compiles

(cherry picked from commit bd3e300a)

Change-Id: Ic519c8fdbb16f883017dbf9a239d56b31b211956
parent d9818a24
Branches
Tags
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment