zygote: don't drop CAP_SYS_PTRACE from the bounding set.

crash_dump needs to acquire CAP_SYS_PTRACE to be able to ptrace processes with capabilities. selinux should hopefully be sufficient for restricting ptrace to processes that should do it. Bug: http://b/34694637 Test: debuggerd `pidof system_server` Change-Id: If46f0b9baa54529780f7767f309f76b102a42ab4
author: Josh Gao <jmgao@google.com> 2017-01-25 11:45:58 -0800
committer: Josh Gao <jmgao@google.com> 2017-01-25 12:03:02 -0800
commit: 59972218f8c0d397fc50400a2b8b9be92ceeaf93 (patch)
tree: ce3fdda19432e4cce6b34bda9907db04ebf6093a
parent: 35c715332f9c5ea6bd91f4b26c954ef89026e814 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp
index a32dbad7838f..516ab3808079 100644
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -247,6 +247,11 @@ static void EnableKeepCapabilities(JNIEnv* env) {
 
 static void DropCapabilitiesBoundingSet(JNIEnv* env) {
   for (int i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0) >= 0; i++) {
+    // Keep CAP_SYS_PTRACE in our bounding set so crash_dump can gain it.
+    if (i == CAP_SYS_PTRACE) {
+      continue;
+    }
+
     int rc = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
     if (rc == -1) {
       if (errno == EINVAL) {
author	Josh Gao <jmgao@google.com>	2017-01-25 11:45:58 -0800
committer	Josh Gao <jmgao@google.com>	2017-01-25 12:03:02 -0800
commit	59972218f8c0d397fc50400a2b8b9be92ceeaf93 (patch)
tree	ce3fdda19432e4cce6b34bda9907db04ebf6093a
parent	35c715332f9c5ea6bd91f4b26c954ef89026e814 (diff)