diff options
author | Igor Murashkin <iam@google.com> | 2014-10-24 14:22:12 -0700 |
---|---|---|
committer | Jeff Hao <jeffhao@google.com> | 2014-11-10 12:54:51 -0800 |
commit | 3df12275639c44d3c3623240d27a5d82d65b7421 (patch) | |
tree | 1892474eb7a7996e9707c54c711477731c430861 | |
parent | 7cd346a70eecf45363e3368ba99b728832b9a902 (diff) | |
download | sepolicy-3df12275639c44d3c3623240d27a5d82d65b7421.tar.gz |
zygote/dex2oat: Grant additional symlink permissions
* zygote needs to be able to symlink from dalvik cache to system
to avoid having to copy boot.oat
(when the boot.oat file was built with --compile-pic)
* dex2oat needs to be able to read the symlink in the dalvik cache
(the one that zygote creates)
(cherry-picked from AOSP master
83c5612e69fa05610baf4f4d237fe0995a79cde5)
Bug: 18035729
(cherry picked from commit f7ccfd003c07cf14159740748ab8aedfdeebc6b8)
Change-Id: I5dca27241f46f481515b96e968fb2bef7866c89b
-rw-r--r-- | dex2oat.te | 2 | ||||
-rw-r--r-- | zygote.te | 2 |
2 files changed, 4 insertions, 0 deletions
@@ -3,6 +3,8 @@ type dex2oat, domain; type dex2oat_exec, exec_type, file_type; allow dex2oat dalvikcache_data_file:file write; +# Read symlinks in /data/dalvik-cache +allow dex2oat dalvikcache_data_file:lnk_file read; allow dex2oat installd:fd use; # Read already open asec_apk_file file descriptors passed by installd. @@ -27,6 +27,8 @@ allow zygote keychain_data_file:file r_file_perms; # Write to /data/dalvik-cache. allow zygote dalvikcache_data_file:dir create_dir_perms; allow zygote dalvikcache_data_file:file create_file_perms; +# Create symlinks in /data/dalvik-cache +allow zygote dalvikcache_data_file:lnk_file create_file_perms; # Write to /data/resource-cache allow zygote resourcecache_data_file:dir rw_dir_perms; allow zygote resourcecache_data_file:file create_file_perms; |