Give bluetooth sufficient capabilities to run DhcpClient

Specifically: CAP_NET_RAW CAP_NET_BIND_SERVICE Bug: 26991160 Change-Id: I2afddc9efa3b613d974afb0ea33703948203d99a
2016-02-18 21:59:31 +09:00
parent 111d55658b
commit b242549166
1 changed files with 4 additions and 0 deletions
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -610,6 +610,10 @@ static jint com_android_internal_os_Zygote_nativeForkAndSpecialize(
        // Grant CAP_WAKE_ALARM and CAP_BLOCK_SUSPEND to the Bluetooth process.
        capabilities |= (1LL << CAP_WAKE_ALARM);
        capabilities |= (1LL << CAP_BLOCK_SUSPEND);
+        // Allow bluetooth to open packet sockets so it can start the DHCP client.
+        // TODO: consider making such functionality an RPC to netd.
+        capabilities |= (1LL << CAP_NET_RAW);
+        capabilities |= (1LL << CAP_NET_BIND_SERVICE);

        // Add the Bluetooth process to the system group.
        jsize length = env->GetArrayLength(reinterpret_cast<jarray>(gids));