Merge branch 'cm-11.0' into stable/cm-11.0cm-11.0-XNPH05Q-tomato-9828f8e9cccm-11.0-XNPH05Q-bacon-5229c4ef56stable/cm-11.0-XNF9Xstable/cm-11.0-XNF8Ystable/cm-11.0shipping/cm-11.0

2 files changed, 11 insertions, 0 deletions

diff --git a/app.te b/app.te
index c7e8c57..0ffe502 100644
--- a/app.te
+++ b/app.te
@@ -13,6 +13,13 @@ unix_socket_connect(appdomain, keystore, keystore)
 # Receive and use open file descriptors inherited from zygote.
 allow appdomain zygote:fd use;
 
+# gdbserver for ndk-gdb reads the zygote.
+# valgrind needs mmap exec for zygote
+allow appdomain zygote_exec:file rx_file_perms;
+
+# gdbserver for ndk-gdb ptrace attaches to app process.
+allow appdomain self:process ptrace;
+
 # Read system properties managed by zygote.
 allow appdomain zygote_tmpfs:file read;
 
diff --git a/system.te b/system.te
index 18e0a7b..f53121a 100644
--- a/system.te
+++ b/system.te
@@ -8,6 +8,10 @@ permissive system;
 unconfined_domain(system);
 relabelto_domain(system);
 
+# Relabel /data/anr.
+allow system system_data_file:dir relabelfrom;
+allow system anr_data_file:dir relabelto;
+
 # Create a socket for receiving info from wpa.
 type_transition system wifi_data_file:sock_file system_wpa_socket;
 allow system self:zygote { specifyids specifyrlimits specifyseinfo };