Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / d385346ada5fbccbd4ee0b10821780b461773bbf^2..d385346ada5fbccbd4ee0b10821780b461773bbf / .
commitd385346ada5fbccbd4ee0b10821780b461773bbf[log] [tgz]
authorPrzemyslaw Szczepaniak <pszczepaniak@google.com>Wed Apr 03 08:51:53 2019 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Wed Apr 03 08:51:53 2019 +0000
tree2b7b3162cf5be87a9a961702b3326bde01f711df
parent61f28b33a477ce3be0e086753bf8e1c3b00e9f53 [diff]
parent62a22ce5d6b72ff0ed5a5803e9977706bb6f8f93 [diff]
Merge "NNAPI property to disable extensions use on GSI/AOSP product partition."
diff --git a/private/rs.te b/private/rs.te
index 7fbea8c..bf10841 100644
--- a/private/rs.te
+++ b/private/rs.te

@@ -27,7 +27,7 @@
 allow rs same_process_hal_file:file { r_file_perms execute };
 
 # File descriptors passed from app to renderscript
-allow rs untrusted_app_all:fd use;
+allow rs { untrusted_app_all ephemeral_app }:fd use;
 
 # rs can access app data, so ensure it can only be entered via an app domain and cannot have
 # CAP_DAC_OVERRIDE.

diff --git a/private/untrusted_app_25.te b/private/untrusted_app_25.te
index 96ae0e8..a35d81b 100644
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te

@@ -42,7 +42,7 @@
 # This will go away in a future Android release
 allow untrusted_app_25 proc_tty_drivers:file r_file_perms;
 
-# Text relocation support for API < 23
+# Text relocation support for API < 23. This is now disallowed for targetSdkVersion>=Q.
 # https://android.googlesource.com/platform/bionic/+/master/android-changes-for-ndk-developers.md#text-relocations-enforced-for-api-level-23
 allow untrusted_app_25 { apk_data_file app_data_file asec_public_file }:file execmod;
 

diff --git a/private/untrusted_app_27.te b/private/untrusted_app_27.te
index f9cd460..eaa1791 100644
--- a/private/untrusted_app_27.te
+++ b/private/untrusted_app_27.te

@@ -27,6 +27,10 @@
 net_domain(untrusted_app_27)
 bluetooth_domain(untrusted_app_27)
 
+# Text relocation support for API < 23. This is now disallowed for targetSdkVersion>=Q.
+# https://android.googlesource.com/platform/bionic/+/master/android-changes-for-ndk-developers.md#text-relocations-enforced-for-api-level-23
+allow untrusted_app_27 { apk_data_file app_data_file asec_public_file }:file execmod;
+
 # The ability to call exec() on files in the apps home directories
 # for targetApi 26, 27, and 28.
 allow untrusted_app_27 app_data_file:file execute_no_trans;

diff --git a/public/domain.te b/public/domain.te
index 5a964c9..634a5c5 100644
--- a/public/domain.te
+++ b/public/domain.te

@@ -1118,7 +1118,7 @@
 
 # Do not allow the introduction of new execmod rules. Text relocations
 # and modification of executable pages are unsafe.
-neverallow { domain -untrusted_app_25 } file_type:file execmod;
+neverallow { domain -untrusted_app_25 -untrusted_app_27 } file_type:file execmod;
 
 neverallow { domain -init } proc:{ file dir } mounton;