blob: 3375bc9ea2fb5f04cef4e95e9a30e5c4e655bc1a [file] [log] [blame]
dcashmancc39f632016-07-22 13:13:11 -07001# type_transition must be private policy the domain_trans rules could stay
2# public, but conceptually should go with this
3# Define and allow access to our own type for ashmem regions.
4# Label ashmem objects with our own unique type.
Chad Brubaker06cf31e2016-10-06 13:15:44 -07005tmpfs_domain(ephemeral_app)
dcashman2e00e632016-10-12 14:58:09 -07006# TODO: deal with tmpfs_domain pub/priv split properly
7# Map with PROT_EXEC.
8allow ephemeral_app ephemeral_app_tmpfs:file execute;
9
10# Read system properties managed by zygote.
11allow ephemeral_app zygote_tmpfs:file read;