Skip to content
Snippets Groups Projects
user avatar
Vishwath Mohan authored
This CL changes the policy for ASAN files on-disk to support the
changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/

which refactor the on-disk layout of sanitized libraries in the following
manner -
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*

There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.

(cherry picked from commit 33ebdda8)

Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*,
and have the right SELinux permissions.

Change-Id: Ib08e360cecc8d77754a768a9af0f7db35d6921a9
063de1e0
History
Name Last commit Last update
..
access_vectors
adbd.te
app.te
app_neverallows.te
atrace.te
audioserver.te
binder_in_vendor_violators.te
binderservicedomain.te
blkid.te
blkid_untrusted.te
bluetooth.te
bluetoothdomain.te
bootanim.te
bootstat.te
bufferhubd.te
cameraserver.te
charger.te
clatd.te
cppreopts.te
crash_dump.te
dex2oat.te
dexoptanalyzer.te
dhcp.te
dnsmasq.te
domain.te
drmserver.te
dumpstate.te
ephemeral_app.te
file.te
file_contexts
file_contexts_asan
fingerprintd.te
fs_use
fsck.te
fsck_untrusted.te
gatekeeperd.te
genfs_contexts
hal_allocator_default.te
halclientdomain.te
halserverdomain.te
healthd.te
hwservicemanager.te
idmap.te
incident.te
incidentd.te
init.te
initial_sid_contexts
initial_sids
inputflinger.te
install_recovery.te
installd.te
isolated_app.te
kernel.te
keys.conf
keystore.te
lmkd.te
logd.te
logpersist.te
mac_permissions.xml
mdnsd.te
mediadrmserver.te
mediaextractor.te
mediametrics.te
mediaserver.te
mls
mls_decl
mls_macros
modprobe.te
mtp.te
net.te
netd.te
nfc.te
otapreopt_chroot.te
otapreopt_slot.te
performanced.te
perfprofd.te
platform_app.te
policy_capabilities
port_contexts
postinstall.te
postinstall_dexopt.te
ppp.te
preopt2cachename.te
priv_app.te
profman.te
property_contexts
racoon.te
radio.te
recovery.te
recovery_persist.te
recovery_refresh.te
roles_decl
runas.te
sdcardd.te
seapp_contexts
security_classes
sensord.te
service_contexts
servicemanager.te
sgdisk.te