Audit native code loading on user builds. Extend the auditing of native code loading from non-priv app home directories to user builds. Only applies to apps targeting SDK <= 28. Bug: 111338677 Test: Builds Change-Id: I6fbbd80626a1c87dd7ece689f9fecd7c0a1a59d6

commit: 3f63dbf372199d731cb855b8dfe2f521f6cf22cc [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Mon Jan 28 10:33:08 2019 +0000
committer: Alan Stokes <alanstokes@google.com> Mon Jan 28 14:15:48 2019 +0000
tree: 5c5945b044e39f749c942afe1271630a03976dc6
parent: d97c99e4aa620a9249d87acb1a6c743b13da9f62 [diff] [blame]
diff --git a/private/untrusted_app_27.te b/private/untrusted_app_27.te
index be155c9..0c9c684 100644
--- a/private/untrusted_app_27.te
+++ b/private/untrusted_app_27.te

@@ -30,7 +30,7 @@
 # The ability to call exec() on files in the apps home directories
 # for targetApi 26, 27, and 28.
 allow untrusted_app_27 app_data_file:file execute_no_trans;
-userdebug_or_eng(`auditallow untrusted_app_27 app_data_file:file { execute execute_no_trans };')
+auditallow untrusted_app_27 app_data_file:file { execute execute_no_trans };
 
 # The ability to invoke dex2oat. Historically required by ART, now only
 # allowed for targetApi<=28 for compat reasons.
commit	3f63dbf372199d731cb855b8dfe2f521f6cf22cc	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Mon Jan 28 10:33:08 2019 +0000
committer	Alan Stokes <alanstokes@google.com>	Mon Jan 28 14:15:48 2019 +0000
tree	5c5945b044e39f749c942afe1271630a03976dc6
parent	d97c99e4aa620a9249d87acb1a6c743b13da9f62 [diff] [blame]