Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / b192f0e7c7214db5dcabbcdb8ef377d8fe2e3638
commitb192f0e7c7214db5dcabbcdb8ef377d8fe2e3638[log] [tgz]
authorNick Kralevich <nnk@google.com>Thu May 23 11:17:21 2019 -0700
committerNick Kralevich <nnk@google.com>Thu May 23 11:17:21 2019 -0700
tree5378d1b90d934b897b37528b5604f7129ceb36f2
parent7c3f77da182b7083af4c5c16b8dbd4999a0d4998 [diff]
drop "allow healthd self:process execmem;"

The execmem capability indicates that the processes creates anonymous
executable memory, which is most commonly used for JITing functionality.
All of the healthd executable code comes from the filesystem, and
healthd does not rely on JITing or loading code from non-file based
sources, so this permission is unnecessary.

Bug: 32659667
Test: compiles and boots
Change-Id: Ifb2b68625b191cb002dbb134cace6ddd215236e8
1 file changed
tree: 5378d1b90d934b897b37528b5604f7129ceb36f2
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. compat.mk
  15. contexts_tests.mk
  16. definitions.mk
  17. mac_permissions.mk
  18. MODULE_LICENSE_PUBLIC_DOMAIN
  19. NOTICE
  20. OWNERS
  21. policy_version.mk
  22. PREUPLOAD.cfg
  23. README
  24. seapp_contexts.mk
  25. treble_sepolicy_tests_for_release.mk