Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am af40649e: Merge "Set NO_NEW_PRIVS on zygote init"

Browse Source 
* commit 'af40649e4ad506e312b53518cd2b9f2b58dee3ba':
  Set NO_NEW_PRIVS on zygote init
This commit is contained in:
Nick Kralevich
2014-04-29 22:24:32 +00:00
committed by Android Git Automerger
parent c23f5651fd af40649e4a
commit 1866e5dc8b
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cmds/app_process/app_main.cpp
View File

@@ -19,6 +19,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/prctl.h>
namespace android {
@@ -146,6 +147,15 @@ static const char ZYGOTE_NICE_NAME[] = "zygote";
int main(int argc, char* const argv[])
{
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
// Older kernels don't understand PR_SET_NO_NEW_PRIVS and return
// EINVAL. Don't die on such kernels.
if (errno != EINVAL) {
LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
return 12;
}
}
AppRuntime runtime(argv[0], computeArgBlockSize(argc, argv));
// Process command line arguments
// ignore argv[0]