allow access to vendor_framework_file to dex2oat and appdomain

We should give appdomain the access to the /vendor/framework directory since the jar in the directory is not dexopt-ed.AFAIK, jars which are not in the bootclasspath are not dexopt-ed by default. Bug: b/37129319 Test: built and confirmed that embms.apk not crashed Change-Id: Ic2b1eef472f2fba53e26403dde8ad9ede8105a03

allow access to vendor_framework_file to dex2oat and appdomain
We should give appdomain the access to the /vendor/framework directory since the jar in the directory is not dexopt-ed.AFAIK, jars which are not in the bootclasspath are not dexopt-ed by default. Bug: b/37129319 Test: built and confirmed that embms.apk not crashed Change-Id: Ic2b1eef472f2fba53e26403dde8ad9ede8105a03
5377be65 · Jaesoo Lee · Sandeep Patil · 42424f13 · 5377be65
Commit 5377be65 authored 8 years ago by Jaesoo Lee Committed by Sandeep Patil 8 years ago
--- a/private/app.te
+++ b/private/app.te
@@ -101,6 +101,10 @@ r_dir_file({ appdomain -ephemeral_app -untrusted_v2_app }, vendor_app_file)
 # Allow apps access to /vendor/overlay
 r_dir_file(appdomain, vendor_overlay_file)

+# Allow apps access to /vendor/framework
+# for vendor provided libraries.
+r_dir_file(appdomain, vendor_framework_file)
+
 # Execute dex2oat when apps call dexclassloader
 allow appdomain dex2oat_exec:file rx_file_perms;