Skip to content
Snippets Groups Projects
Commit 00252207 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

isolated_app: add mmaps 

Kernel commit 3ba4bf5f1e2c ("selinux: add a map permission check for mmap")
added a map permission check on mmap so that we can
distinguish memory mapped access (since it has different implications
for revocation). system/sepolicy commit
4397f082 introduced the permission to
Android and updated common macros. Since then, we've been adding more
mmap support where it was accidentally omitted.

Add the ability for isolated_apps to mmap() app data files. There's no
reason why this should be blocked. Also fixup sdcard access which has
similar problems.

Bug: 118760652
Bug: https://crbug.com/892014
Test: policy compiles.
Change-Id: I3823f313103c9dcedf3b21d081a22f8fbb271c02
parent caf42d61
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 3 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment