Remove rules for starting the webview_zygote as a child of init.
The webview_zygote is now launched as a child-zygote process from the
main zygote process.
Bug: 63749735
Test: m
Test: Launch "Third-party licenses" activity from Settings, and it
renders correctly via the WebView.
Change-Id: I9c948b58a969d35d5a5add4b6ab62b8f990645d1
This commit is contained in:
Robert Sesek
parent
2d0b211245
commit
ca4c4e57b2
7 changed files with 11 additions and 13 deletions
|
|
@ -11,6 +11,7 @@
|
|||
(type tracing_shell_writable)
|
||||
(type tracing_shell_writable_debug)
|
||||
(type vold_socket)
|
||||
(type webview_zygote_socket)
|
||||
|
||||
(typeattributeset accessibility_service_26_0 (accessibility_service))
|
||||
(typeattributeset account_service_26_0 (account_service))
|
||||
|
|
|
|||
|
|
@ -155,7 +155,6 @@
|
|||
/dev/socket/traced_producer u:object_r:traced_producer_socket:s0
|
||||
/dev/socket/traced_consumer u:object_r:traced_consumer_socket:s0
|
||||
/dev/socket/uncrypt u:object_r:uncrypt_socket:s0
|
||||
/dev/socket/webview_zygote u:object_r:webview_zygote_socket:s0
|
||||
/dev/socket/wpa_eth[0-9] u:object_r:wpa_socket:s0
|
||||
/dev/socket/wpa_wlan[0-9] u:object_r:wpa_socket:s0
|
||||
/dev/socket/zygote u:object_r:zygote_socket:s0
|
||||
|
|
@ -274,8 +273,6 @@
|
|||
/system/bin/bspatch u:object_r:update_engine_exec:s0
|
||||
/system/bin/storaged u:object_r:storaged_exec:s0
|
||||
/system/bin/thermalserviced u:object_r:thermalserviced_exec:s0
|
||||
/system/bin/webview_zygote32 u:object_r:webview_zygote_exec:s0
|
||||
/system/bin/webview_zygote64 u:object_r:webview_zygote_exec:s0
|
||||
/system/bin/wpantund u:object_r:wpantund_exec:s0
|
||||
/system/bin/virtual_touchpad u:object_r:virtual_touchpad_exec:s0
|
||||
/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_default_exec:s0
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ neverallow isolated_app sdcard_type:file ~{ read write append getattr lock };
|
|||
neverallow isolated_app { usb_device usbaccessory_device }:chr_file *;
|
||||
|
||||
# Restrict the webview_zygote control socket.
|
||||
neverallow isolated_app webview_zygote_socket:sock_file write;
|
||||
neverallow isolated_app webview_zygote:sock_file write;
|
||||
|
||||
# Limit the /sys files which isolated_app can access. This is important
|
||||
# for controlling isolated_app attack surface.
|
||||
|
|
|
|||
|
|
@ -152,7 +152,6 @@ allow system_server self:tun_socket create_socket_perms_no_ioctl;
|
|||
unix_socket_connect(system_server, lmkd, lmkd)
|
||||
unix_socket_connect(system_server, mtpd, mtp)
|
||||
unix_socket_connect(system_server, netd, netd)
|
||||
unix_socket_connect(system_server, webview_zygote, webview_zygote)
|
||||
unix_socket_connect(system_server, zygote, zygote)
|
||||
unix_socket_connect(system_server, racoon, racoon)
|
||||
unix_socket_connect(system_server, uncrypt, uncrypt)
|
||||
|
|
@ -160,6 +159,9 @@ unix_socket_connect(system_server, uncrypt, uncrypt)
|
|||
# Communicate over a socket created by surfaceflinger.
|
||||
allow system_server surfaceflinger:unix_stream_socket { read write setopt };
|
||||
|
||||
# Communicate over a socket created by webview_zygote.
|
||||
allow system_server webview_zygote:unix_stream_socket { read write connectto setopt };
|
||||
|
||||
# Perform Binder IPC.
|
||||
binder_use(system_server)
|
||||
binder_call(system_server, appdomain)
|
||||
|
|
|
|||
|
|
@ -6,9 +6,9 @@ typeattribute webview_zygote coredomain;
|
|||
# The webview_zygote needs to be able to transition domains.
|
||||
typeattribute webview_zygote mlstrustedsubject;
|
||||
|
||||
# When init launches the WebView zygote's executable, transition the
|
||||
# resulting process into webview_zygote domain.
|
||||
init_daemon_domain(webview_zygote)
|
||||
# Allow access to temporary files, which is normally permitted through
|
||||
# a domain macro.
|
||||
tmpfs_domain(webview_zygote);
|
||||
|
||||
# Allow reading/executing installed binaries to enable preloading the
|
||||
# installed WebView implementation.
|
||||
|
|
@ -84,9 +84,8 @@ neverallow webview_zygote { domain -crash_dump }:process transition;
|
|||
# Having said that, exec() above is not allowed.
|
||||
neverallow webview_zygote *:file execute_no_trans;
|
||||
|
||||
# The only way to enter this domain is for init to exec() us or the zygote
|
||||
# to fork a new webview_zygote child.
|
||||
neverallow { domain -init } webview_zygote:process transition;
|
||||
# The only way to enter this domain is for the zygote to fork a new
|
||||
# webview_zygote child.
|
||||
neverallow { domain -zygote } webview_zygote:process dyntransition;
|
||||
|
||||
# Disallow write access to properties.
|
||||
|
|
|
|||
|
|
@ -993,7 +993,7 @@ neverallow { domain -zygote -system_server } zygote:unix_stream_socket connectto
|
|||
neverallow { domain -system_server } zygote_socket:sock_file write;
|
||||
|
||||
neverallow { domain -system_server -webview_zygote } webview_zygote:unix_stream_socket connectto;
|
||||
neverallow { domain -system_server } webview_zygote_socket:sock_file write;
|
||||
neverallow { domain -system_server } webview_zygote:sock_file write;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
|
|
|
|||
|
|
@ -332,7 +332,6 @@ type tombstoned_intercept_socket, file_type, coredomain_socket;
|
|||
type traced_producer_socket, file_type, coredomain_socket;
|
||||
type traced_consumer_socket, file_type, coredomain_socket;
|
||||
type uncrypt_socket, file_type, coredomain_socket;
|
||||
type webview_zygote_socket, file_type, coredomain_socket;
|
||||
type wpa_socket, file_type, data_file_type, core_data_file_type;
|
||||
type zygote_socket, file_type, coredomain_socket;
|
||||
# UART (for GPS) control proc file
|
||||
|
|
|
|||
Loading…
Reference in a new issue