Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

zygote: don't drop CAP_SYS_PTRACE from the bounding set.

Browse Source 
crash_dump needs to acquire CAP_SYS_PTRACE to be able to ptrace
processes with capabilities. selinux should hopefully be sufficient for
restricting ptrace to processes that should do it.

Bug: http://b/34694637
Test: debuggerd `pidof system_server`
Change-Id: If46f0b9baa54529780f7767f309f76b102a42ab4
This commit is contained in:
Josh Gao
2017-01-25 11:45:58 -08:00
parent 35c715332f
commit 59972218f8
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
core/jni/com_android_internal_os_Zygote.cpp
View File

@@ -247,6 +247,11 @@ static void EnableKeepCapabilities(JNIEnv* env) {
static void DropCapabilitiesBoundingSet(JNIEnv* env) {
for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {
// Keep CAP_SYS_PTRACE in our bounding set so crash_dump can gain it.
if (i == CAP_SYS_PTRACE) {
continue;
}
int rc = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
if (rc == -1) {
if (errno == EINVAL) {