Remove rules for starting the webview_zygote as a child of init. The webview_zygote is now launched as a child-zygote process from the main zygote process. Bug: 63749735 Test: m Test: Launch "Third-party licenses" activity from Settings, and it renders correctly via the WebView. Merged-In: I9c948b58a969d35d5a5add4b6ab62b8f990645d1 Change-Id: I153476642cf14883b0dfea0d9f5b3b5e30ac1c08

commit: 869562e9e30933b6e7342205b9eccd9fd769f5d9 [log] [tgz]
author: Robert Sesek <rsesek@google.com> Tue Jan 30 10:54:33 2018 -0500
committer: Robert Sesek <rsesek@google.com> Fri Feb 23 10:55:22 2018 -0500
tree: f9c9b88e957cd2fb682e1be98e963b2f2fa8e9a0
parent: 7636d6071a2381fd21f13304b7dda4432cabc54a [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 6e6212e..a52c5c7 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -153,7 +153,6 @@
 unix_socket_connect(system_server, mtpd, mtp)
 unix_socket_connect(system_server, netd, netd)
 unix_socket_connect(system_server, vold, vold)
-unix_socket_connect(system_server, webview_zygote, webview_zygote)
 unix_socket_connect(system_server, zygote, zygote)
 unix_socket_connect(system_server, racoon, racoon)
 unix_socket_connect(system_server, uncrypt, uncrypt)
@@ -161,6 +160,9 @@
 # Communicate over a socket created by surfaceflinger.
 allow system_server surfaceflinger:unix_stream_socket { read write setopt };
 
+# Communicate over a socket created by webview_zygote.
+allow system_server webview_zygote:unix_stream_socket { read write connectto setopt };
+
 # Perform Binder IPC.
 binder_use(system_server)
 binder_call(system_server, appdomain)
commit	869562e9e30933b6e7342205b9eccd9fd769f5d9	[log] [tgz]
author	Robert Sesek <rsesek@google.com>	Tue Jan 30 10:54:33 2018 -0500
committer	Robert Sesek <rsesek@google.com>	Fri Feb 23 10:55:22 2018 -0500
tree	f9c9b88e957cd2fb682e1be98e963b2f2fa8e9a0
parent	7636d6071a2381fd21f13304b7dda4432cabc54a [diff] [blame]