debuggerd_handler: raise ambient capset before execing.
Raise the ambient capability set to match CapEff so that crash_dump can inherit all of the capabilities of the dumped process to be able to ptrace. Note that selinux will prevent crash_dump from actually use any of the capabilities. Bug: http://b/34853272 Test: debuggerd -b `pidof system_server` Test: debuggerd -b `pidof zygote` Change-Id: I1fe69eff54c1c0a5b3ec63f6fa504b2681c47a88
This commit is contained in:
Josh Gao
parent
ac91b0c452
commit
7ae426c731
1 changed files with 6 additions and 0 deletions
|
|
@ -39,6 +39,7 @@
|
|||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/capability.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/prctl.h>
|
||||
#include <sys/socket.h>
|
||||
|
|
@ -205,6 +206,11 @@ static int debuggerd_dispatch_pseudothread(void* arg) {
|
|||
close(pipefds[0]);
|
||||
close(pipefds[1]);
|
||||
|
||||
// Set all of the ambient capability bits we can, so that crash_dump can ptrace us.
|
||||
for (unsigned long i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0); ++i) {
|
||||
prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, i, 0, 0);
|
||||
}
|
||||
|
||||
char buf[10];
|
||||
snprintf(buf, sizeof(buf), "%d", thread_info->crashing_tid);
|
||||
execl(CRASH_DUMP_PATH, CRASH_DUMP_NAME, buf, nullptr);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue