Merge "Audit execution of app_data_file native code."

344e87cc · Alan Stokes · Gerrit Code Review · f0b4fedc · 89041472 · 344e87cc
Commit 344e87cc authored 6 years ago by Alan Stokes Committed by Gerrit Code Review 6 years ago
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te
@@ -49,6 +49,7 @@ allow untrusted_app_25 { apk_data_file app_data_file asec_public_file }:file exe
 # directories for targetApi<=25. This is also allowed for targetAPIs 26,
 # 27, and 28 in untrusted_app_27.te.
 allow untrusted_app_25 app_data_file:file { execute execute_no_trans };
+userdebug_or_eng(`auditallow untrusted_app_25 app_data_file:file { execute execute_no_trans };')

 # The ability to invoke dex2oat. Historically required by ART, now only
 # allowed for targetApi<=28 for compat reasons.

--- a/private/untrusted_app_27.te
+++ b/private/untrusted_app_27.te
@@ -30,6 +30,7 @@ bluetooth_domain(untrusted_app_27)
 # The ability to call exec() or dlopen() on files in the apps home
 # directories for targetApi 26, 27, and 28.
 allow untrusted_app_27 app_data_file:file { execute execute_no_trans };
+userdebug_or_eng(`auditallow untrusted_app_27 app_data_file:file { execute execute_no_trans };')

 # The ability to invoke dex2oat. Historically required by ART, now only
 # allowed for targetApi<=28 for compat reasons.