Allow priv_app system_linker_exec:file execute_no_trans Chrome Crashpad uses the the dynamic linker to load native executables from an APK (b/112050209, crbug.com/928422) We made the equivalent change to untrusted_app_all in 9ea8c0701d162ec40d30b079778723d908e0edca but webview also runs in priv_app contexts. Bug: http://b/112050209 Test: treehugger Change-Id: I19bbadc7f9c9e668e2c6d932c7da24f18e7731bd

commit: 25cb9046efb2d1b8b3322f3e11ef7915010befad [log] [tgz]
author: Elliott Hughes <enh@google.com> Wed Feb 10 10:07:45 2021 -0800
committer: Elliott Hughes <enh@google.com> Wed Feb 10 10:32:44 2021 -0800
tree: 71ab5750644e032334ca3da8cf11a66b777e02ec
parent: 0137685e553c2080f4ce1a033d22ee2246180c6b [diff] [blame]
diff --git a/private/priv_app.te b/private/priv_app.te
index 4b0218e..6ac095b 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te

@@ -25,6 +25,10 @@
 # TODO: Tighten (b/112357170)
 allow priv_app privapp_data_file:file execute;
 
+# Chrome Crashpad uses the the dynamic linker to load native executables
+# from an APK (b/112050209, crbug.com/928422)
+allow priv_app system_linker_exec:file execute_no_trans;
+
 allow priv_app privapp_data_file:lnk_file create_file_perms;
 
 # Priv apps can find services that expose both @SystemAPI and normal APIs.
commit	25cb9046efb2d1b8b3322f3e11ef7915010befad	[log] [tgz]
author	Elliott Hughes <enh@google.com>	Wed Feb 10 10:07:45 2021 -0800
committer	Elliott Hughes <enh@google.com>	Wed Feb 10 10:32:44 2021 -0800
tree	71ab5750644e032334ca3da8cf11a66b777e02ec
parent	0137685e553c2080f4ce1a033d22ee2246180c6b [diff] [blame]