From 23e68780be581a1bb05110f16ad56d1da2bed1e9 Mon Sep 17 00:00:00 2001
From: Narayan Kamath <narayan@google.com>
Date: Fri, 16 Jan 2015 17:22:41 +0000
Subject: Fix handling of wrapped processes [part 2]

Drop privileges only if we're root. Zygote.preloadClasses can
be called from a non-root uid / gid in the case of wrapped classes,
so we shouldn't die from the resulting EPERM.

Change-Id: Ie3fbe50a17ec49bcbcb875c3a2ee1e1a3a62e88d
---
 core/java/com/android/internal/os/ZygoteInit.java | 36 +++++++++++++++--------
 1 file changed, 24 insertions(+), 12 deletions(-)

(limited to 'core/java')

diff --git a/core/java/com/android/internal/os/ZygoteInit.java b/core/java/com/android/internal/os/ZygoteInit.java
index 0fa9a97..e6f3c0a 100644
--- a/core/java/com/android/internal/os/ZygoteInit.java
+++ b/core/java/com/android/internal/os/ZygoteInit.java
@@ -17,7 +17,6 @@
 package com.android.internal.os;
 
 import static android.system.OsConstants.POLLIN;
-import static android.system.OsConstants.POLLOUT;
 import static android.system.OsConstants.S_IRWXG;
 import static android.system.OsConstants.S_IRWXO;
 
@@ -276,11 +275,22 @@ public class ZygoteInit {
         long startTime = SystemClock.uptimeMillis();
 
         // Drop root perms while running static initializers.
-        try {
-            Os.setregid(ROOT_GID, UNPRIVILEGED_GID);
-            Os.setreuid(ROOT_UID, UNPRIVILEGED_UID);
-        } catch (ErrnoException ex) {
-            throw new RuntimeException("Failed to drop root", ex);
+        final int reuid = Os.getuid();
+        final int regid = Os.getgid();
+
+        // We need to drop root perms only if we're already root. In the case of "wrapped"
+        // processes (see WrapperInit), this function is called from an unprivileged uid
+        // and gid.
+        boolean droppedPriviliges = false;
+        if (reuid == ROOT_UID && regid == ROOT_GID) {
+            try {
+                Os.setregid(ROOT_GID, UNPRIVILEGED_GID);
+                Os.setreuid(ROOT_UID, UNPRIVILEGED_UID);
+            } catch (ErrnoException ex) {
+                throw new RuntimeException("Failed to drop root", ex);
+            }
+
+            droppedPriviliges = true;
         }
 
         // Alter the target heap utilization.  With explicit GCs this
@@ -335,12 +345,14 @@ public class ZygoteInit {
             // Fill in dex caches with classes, fields, and methods brought in by preloading.
             runtime.preloadDexCaches();
 
-            // Bring back root. We'll need it later.
-            try {
-                Os.setreuid(ROOT_UID, ROOT_UID);
-                Os.setregid(ROOT_GID, ROOT_GID);
-            } catch (ErrnoException ex) {
-                throw new RuntimeException("Failed to restore root", ex);
+            // Bring back root. We'll need it later if we're in the zygote.
+            if (droppedPriviliges) {
+                try {
+                    Os.setreuid(ROOT_UID, ROOT_UID);
+                    Os.setregid(ROOT_GID, ROOT_GID);
+                } catch (ErrnoException ex) {
+                    throw new RuntimeException("Failed to restore root", ex);
+                }
             }
         }
     }
-- 
cgit v1.1