diff options
| author | 2022-04-21 19:18:20 +0000 | |
|---|---|---|
| committer | 2022-04-21 19:18:20 +0000 | |
| commit | ecaeb5a153b153936ccf48a04cba3f0d99e87f93 (patch) | |
| tree | 78db2fc8bdbf3fba18a2fb438a2930df5e3c7ae0 | |
| parent | 18a113c42d64cc5c76975367380300ad2fc0e4ec (diff) | |
| parent | a94d0a79cef1c55752b21d674ab7ace377403f8a (diff) | |
Merge "[GWP-ASan] Use new GWP-ASan android_mallopt()" am: a50c4137e3 am: 65b39e8f66 am: a94d0a79ce
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2040626
Change-Id: If42e3edea739733272fa9b1ecfc8f5bfb73b8490
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
| -rw-r--r-- | core/jni/com_android_internal_os_Zygote.cpp | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/core/jni/com_android_internal_os_Zygote.cpp b/core/jni/com_android_internal_os_Zygote.cpp index 7bc69055292d..21bbac0b0a7d 100644 --- a/core/jni/com_android_internal_os_Zygote.cpp +++ b/core/jni/com_android_internal_os_Zygote.cpp @@ -110,6 +110,8 @@ using android::base::GetBoolProperty; using android::zygote::ZygoteFailure; +using Action = android_mallopt_gwp_asan_options_t::Action; + // This type is duplicated in fd_utils.h typedef const std::function<void(std::string)>& fail_fn_t; @@ -1717,16 +1719,24 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, // runtime. runtime_flags &= ~RuntimeFlags::NATIVE_HEAP_ZERO_INIT_ENABLED; - bool forceEnableGwpAsan = false; + const char* nice_name_ptr = nice_name.has_value() ? nice_name.value().c_str() : nullptr; + android_mallopt_gwp_asan_options_t gwp_asan_options; + // The system server doesn't have its nice name set by the time SpecializeCommon is called. + gwp_asan_options.program_name = nice_name_ptr ?: process_name; switch (runtime_flags & RuntimeFlags::GWP_ASAN_LEVEL_MASK) { default: case RuntimeFlags::GWP_ASAN_LEVEL_NEVER: + gwp_asan_options.desire = Action::DONT_TURN_ON_UNLESS_OVERRIDDEN; + android_mallopt(M_INITIALIZE_GWP_ASAN, &gwp_asan_options, sizeof(gwp_asan_options)); break; case RuntimeFlags::GWP_ASAN_LEVEL_ALWAYS: - forceEnableGwpAsan = true; - [[fallthrough]]; + gwp_asan_options.desire = Action::TURN_ON_FOR_APP; + android_mallopt(M_INITIALIZE_GWP_ASAN, &gwp_asan_options, sizeof(gwp_asan_options)); + break; case RuntimeFlags::GWP_ASAN_LEVEL_LOTTERY: - android_mallopt(M_INITIALIZE_GWP_ASAN, &forceEnableGwpAsan, sizeof(forceEnableGwpAsan)); + gwp_asan_options.desire = Action::TURN_ON_WITH_SAMPLING; + android_mallopt(M_INITIALIZE_GWP_ASAN, &gwp_asan_options, sizeof(gwp_asan_options)); + break; } // Now that we've used the flag, clear it so that we don't pass unknown flags to the ART // runtime. @@ -1739,7 +1749,6 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids, AStatsSocket_close(); const char* se_info_ptr = se_info.has_value() ? se_info.value().c_str() : nullptr; - const char* nice_name_ptr = nice_name.has_value() ? nice_name.value().c_str() : nullptr; if (selinux_android_setcontext(uid, is_system_server, se_info_ptr, nice_name_ptr) == -1) { fail_fn(CREATE_ERROR("selinux_android_setcontext(%d, %d, \"%s\", \"%s\") failed", uid, |