-
Roland Levillain authored
SELinux has a separate file mmap permission in 4.14+ kernels. Add this to dexoptanalyzer(d) in cases where it could already access files (in particular, secondary dex files). Addresses denials of the form: avc: denied { map } for […] path="/data/data/[…]" […] scontext=u:r:dexoptanalyzer:s0 tcontext=u:object_r:app_data_file:s0 (cherry picked from commit c72b7d17310499f6bd6545e0e509fd603045d329) Test: Reproduce steps in bug 138683603 on a device with a 4.14+ kernel and check the absence of SELinux denials Bug: 138683603 Change-Id: Ieba53eb431c0ba3914dcb5e5abdae667bd063555d8a9a493
dexoptanalyzer.te 1.56 KiB