From a8f13667c299b1ccee4087aa5933fffe55648bf8 Mon Sep 17 00:00:00 2001
From: Ryan Mitchell <rtmitchell@google.com>
Date: Wed, 26 Jun 2019 15:39:52 -0700
Subject: Set idmap2 binary uid and gid after forking

The file permissions of the idmap2 binary are currently not set
correctly when the system forks and execs the idmap binary during
zygote. This chnages sets the uid and gid after forking to the same uid
and gid of the parent process.

Bug: 134897503
Test: device boots and generates idmap
Change-Id: Ic7fac49e5982f3c47713603b905c3a6be117a05b
---
 libs/androidfw/PosixUtils.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'libs/androidfw/PosixUtils.cpp')

diff --git a/libs/androidfw/PosixUtils.cpp b/libs/androidfw/PosixUtils.cpp
index df0dd7ce463d..f1ab1493012a 100644
--- a/libs/androidfw/PosixUtils.cpp
+++ b/libs/androidfw/PosixUtils.cpp
@@ -64,6 +64,9 @@ std::unique_ptr<ProcResult> ExecuteBinary(const std::vector<std::string>& argv)
     return nullptr;
   }
 
+  auto gid = getgid();
+  auto uid = getuid();
+
   char const** argv0 = (char const**)malloc(sizeof(char*) * (argv.size() + 1));
   for (size_t i = 0; i < argv.size(); i++) {
     argv0[i] = argv[i].c_str();
@@ -75,6 +78,16 @@ std::unique_ptr<ProcResult> ExecuteBinary(const std::vector<std::string>& argv)
       PLOG(ERROR) << "fork";
       return nullptr;
     case 0: // child
+      if (setgid(gid) != 0) {
+        PLOG(ERROR) << "setgid";
+        exit(1);
+      }
+
+      if (setuid(uid) != 0) {
+        PLOG(ERROR) << "setuid";
+        exit(1);
+      }
+
       close(stdout[0]);
       if (dup2(stdout[1], STDOUT_FILENO) == -1) {
         abort();
-- 
cgit v1.2.3-59-g8ed1b