Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 246338f9 authored by Jiyong Park's avatar Jiyong Park Committed by Jae Shin
Browse files

Make default namespace for system processes isolated 

The default namespace for system process now becomes isolated, which
means it can load only the libs that are in search.paths and under
permitted.paths.

/system/framework, /system/app, /system/priv-app, /vendor/app, /data,
etc are added to the permitted paths since libart should be able to
dlopen odex files under the locations.

Following directories become unavailable:
/system/lib/vndk
/system/lib/vndk-sp

Bug: 37013858
Bug: 64888291
Bug: 64950640
Test: 2017 pixel devices builds and boots
Test: android.jni.cts.JniStaticTest#test_linker_namespaces passes
Merged-In: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13
Change-Id: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13
(cherry picked from commit 55f05d79)
parent b5ddc5ae
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment