Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Merge "Drop supplementary groups for child zygotes." into rvc-dev am: 1a0813171f am: 81a1af6475" into rvc-d1-dev-plus-aosp

Browse Source
This commit is contained in:
Automerger Merge Worker
2020-06-03 06:49:46 +00:00
committed by Android (Google) Code Review
parent 3e8b5e8f5c 3cd32cb175
commit 5c4047db10
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core/jni/com_android_internal_os_Zygote.cpp
View File

@@ -531,8 +531,16 @@ static void UnsetChldSignalHandler() {
// Calls POSIX setgroups() using the int[] object as an argument. // Calls POSIX setgroups() using the int[] object as an argument.
// A nullptr argument is tolerated. // A nullptr argument is tolerated.
static void SetGids(JNIEnv* env, jintArray managed_gids, fail_fn_t fail_fn) { static void SetGids(JNIEnv* env, jintArray managed_gids, jboolean is_child_zygote,
fail_fn_t fail_fn) {
if (managed_gids == nullptr) { if (managed_gids == nullptr) {
if (is_child_zygote) {
// For child zygotes like webview and app zygote, we want to clear out
// any supplemental groups the parent zygote had.
if (setgroups(0, NULL) == -1) {
fail_fn(CREATE_ERROR("Failed to remove supplementary groups for child zygote"));
}
}
return; return;
} }
@@ -1692,7 +1700,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,
} }
} }
SetGids(env, gids, fail_fn); SetGids(env, gids, is_child_zygote, fail_fn);
SetRLimits(env, rlimits, fail_fn); SetRLimits(env, rlimits, fail_fn);
if (need_pre_initialize_native_bridge) { if (need_pre_initialize_native_bridge) {