Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Use GID "wakelock" to control access to kernel wakelock"

Browse Source 
am: 60d142c54b

* commit '60d142c54b16be08d8352c7fd1510538014839f7':
  Use GID "wakelock" to control access to kernel wakelock
This commit is contained in:
Pavlin Radoslavov
2015-12-29 01:31:16 +00:00
committed by android-build-merger
parent f59c02a65e 60d142c54b
commit 91fc6d1f9c
3 changed files with 24 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/com/android/internal/os/ZygoteInit.java
View File

@@ -519,7 +519,7 @@ public class ZygoteInit {
String args[] = {
"--setuid=1000",
"--setgid=1000",
"--setgroups=1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1018,1021,1032,3001,3002,3003,3006,3007,3009",
"--setgroups=1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1018,1021,1032,3001,3002,3003,3006,3007,3009,3010",
"--capabilities=" + capabilities + "," + capabilities,
"--nice-name=system_server",
"--runtime-args",

44
core/jni/com_android_internal_os_Zygote.cpp
View File

@@ -606,31 +606,31 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize(
jint mount_external, jstring se_info, jstring se_name,
jintArray fdsToClose, jstring instructionSet, jstring appDataDir) {
jlong capabilities = 0;
// Grant CAP_WAKE_ALARM to the Bluetooth process.
if (uid == AID_BLUETOOTH) {
// Grant CAP_WAKE_ALARM and CAP_BLOCK_SUSPEND to the Bluetooth process.
capabilities |= (1LL << CAP_WAKE_ALARM);
capabilities |= (1LL << CAP_BLOCK_SUSPEND);
capabilities |= (1LL << CAP_WAKE_ALARM);
}
// Add the Bluetooth process to the system group.
jsize length = env->GetArrayLength(reinterpret_cast<jarray>(gids));
jintArray gids_with_system = env->NewIntArray(length + 1);
if (!gids_with_system) {
RuntimeAbort(env, __LINE__, "could not allocate java array for gids");
// Grant CAP_BLOCK_SUSPEND to processes that belong to GID "wakelock"
bool gid_wakelock_found = false;
if (gid == AID_WAKELOCK) {
gid_wakelock_found = true;
} else if (gids != NULL) {
jsize gids_num = env->GetArrayLength(gids);
ScopedIntArrayRO ar(env, gids);
if (ar.get() == NULL) {
RuntimeAbort(env, __LINE__, "Bad gids array");
}
for (int i = 0; i < gids_num; i++) {
if (ar[i] == AID_WAKELOCK) {
gid_wakelock_found = true;
break;
}
jint *gids_elements = env->GetIntArrayElements(gids, NULL);
jint *gids_with_system_elements = env->GetIntArrayElements(gids_with_system, NULL);
if (!gids_elements || !gids_with_system_elements) {
RuntimeAbort(env, __LINE__, "could not allocate arrays for gids");
}
gids_with_system_elements[0] = AID_SYSTEM;
memcpy(&gids_with_system_elements[1], &gids_elements[0], length * sizeof(jint));
env->ReleaseIntArrayElements(gids, gids_elements, JNI_ABORT);
env->ReleaseIntArrayElements(gids_with_system, gids_with_system_elements, 0);
gids = gids_with_system;
}
}
if (gid_wakelock_found) {
capabilities |= (1LL << CAP_BLOCK_SUSPEND);
}
return ForkAndSpecializeCommon(env, uid, gid, gids, debug_flags,

1
data/etc/platform.xml
View File

@@ -44,6 +44,7 @@
<permission name="android.permission.BLUETOOTH_STACK" >
<group gid="net_bt_stack" />
<group gid="wakelock" />
</permission>
<permission name="android.permission.NET_TUNNELING" >