Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 55f05d79 authored by Jiyong Park's avatar Jiyong Park
Browse files

Make default namespace for system processes isolated 

The default namespace for system process now becomes isolated, which
means it can load only the libs that are in search.paths and under
permitted.paths.

/system/framework, /system/app, /system/priv-app, /vendor/app, /data,
etc are added to the permitted paths since libart should be able to
dlopen odex files under the locations.

Following directories become unavailable:
/system/lib/vndk
/system/lib/vndk-sp

Bug: 37013858
Bug: 64888291
Bug: 64950640
Test: 2017 pixel devices builds and boots
Test: android.jni.cts.JniStaticTest#test_linker_namespaces passes
Change-Id: I2bbe9cc19940c3633c2fb901f9bf8ab813e38c13
parent a2f13358
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment