diff options
| author | Igor Murashkin <iam@google.com> | 2014-10-24 14:22:12 -0700 |
|---|---|---|
| committer | Igor Murashkin <iam@google.com> | 2014-10-31 10:21:48 -0700 |
| commit | f7ccfd003c07cf14159740748ab8aedfdeebc6b8 (patch) | |
| tree | a396df03a29a44a72f0beaff7bdb3d338f6a3a8b | |
| parent | 491c5368f7cdae8f7b94ed620706ed61c092e8d1 (diff) | |
| download | android_external_sepolicy-f7ccfd003c07cf14159740748ab8aedfdeebc6b8.tar.gz android_external_sepolicy-f7ccfd003c07cf14159740748ab8aedfdeebc6b8.tar.bz2 android_external_sepolicy-f7ccfd003c07cf14159740748ab8aedfdeebc6b8.zip | |
zygote/dex2oat: Grant additional symlink permissions
* zygote needs to be able to symlink from dalvik cache to system
to avoid having to copy boot.oat
(when the boot.oat file was built with --compile-pic)
* dex2oat needs to be able to read the symlink in the dalvik cache
(the one that zygote creates)
(cherry-picked from AOSP master
83c5612e69fa05610baf4f4d237fe0995a79cde5)
Bug: 18035729
Change-Id: Ie1acad81a0fd8b2f24e1f3f07a06e6fdb548be62
| -rw-r--r-- | dex2oat.te | 2 | ||||
| -rw-r--r-- | zygote.te | 2 |
2 files changed, 4 insertions, 0 deletions
@@ -3,6 +3,8 @@ type dex2oat, domain; type dex2oat_exec, exec_type, file_type; allow dex2oat dalvikcache_data_file:file write; +# Read symlinks in /data/dalvik-cache +allow dex2oat dalvikcache_data_file:lnk_file read; allow dex2oat installd:fd use; # Read already open asec_apk_file file descriptors passed by installd. @@ -24,6 +24,8 @@ allow zygote system_data_file:file r_file_perms; # Write to /data/dalvik-cache. allow zygote dalvikcache_data_file:dir create_dir_perms; allow zygote dalvikcache_data_file:file create_file_perms; +# Create symlinks in /data/dalvik-cache +allow zygote dalvikcache_data_file:lnk_file create_file_perms; # Write to /data/resource-cache allow zygote resourcecache_data_file:dir rw_dir_perms; allow zygote resourcecache_data_file:file create_file_perms; |