commit 86121904163354fe2bab6d48c6a461b48c37dde8
author Mark White <anothermark@google.com> Sat Mar 01 06:57:02 2025 -0800
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Sat Mar 01 06:57:02 2025 -0800
tree bdce326e6d9edb3448a02eb5c665d7b2ec01526b
parent efcc887a4506b951c150a1c237ed9a7bb1f88133
parent 2427b19a3efa31d06c4039b928fe490e2ee73fd4

Merge "Legacy app compatibility workaround" into main

private/domain.te

diff --git a/private/domain.te b/private/domain.te
index 8db40a5..b3d72e0 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -2146,6 +2146,7 @@
   -init
   -otapreopt_chroot
   userdebug_or_eng(`-overlay_remounter')
+  userdebug_or_eng(`-zygote')
 } {
   system_file_type
   vendor_file_type

private/zygote.te

diff --git a/private/zygote.te b/private/zygote.te
index 4815ecc..62312cc 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -80,6 +80,11 @@
     properties_device
 }:dir { mounton search };
 
+# Legacy app compat
+userdebug_or_eng(`
+    allow zygote system_file:dir { mounton };
+')
+
 # Traverse /data_mirror to get to the above directories while their normal paths
 # are hidden, in order to bind-mount allowlisted per-app directories.
 allow zygote mirror_data_file:dir search;