0f326f3c47
Allow the shared_relro creation process to make calls to PackageManager, so that it can create a classloader corresponding to the current WebView implementation. This avoids needing to pass an absolute path to the native library to the process, which required that the calling code duplicate existing logic in the framework to find the library and resulted in bugs and inconsistencies. Bug: 110790153 Test: WebView-related CTS and GTS tests Change-Id: I9902bb0400e2a800021dac06278151c8541d458f
11 lines
521 B
Text
11 lines
521 B
Text
# Process which creates/updates shared RELRO files to be used by other apps.
|
|
type shared_relro, domain;
|
|
|
|
# Grant write access to the shared relro files/directory.
|
|
allow shared_relro shared_relro_file:dir rw_dir_perms;
|
|
allow shared_relro shared_relro_file:file create_file_perms;
|
|
|
|
# Needs to contact the "webviewupdate" and "activity" services
|
|
allow shared_relro activity_service:service_manager find;
|
|
allow shared_relro webviewupdate_service:service_manager find;
|
|
allow shared_relro package_service:service_manager find;
|