logd: allow logd to write to /dev/cpuset files

Required by logd on devices with USE_CPUSETS defined.

Make /dev/cpuset/background, /dev/cpuset/foreground and
/dev/cpuset/task writeable by system gid. Add logd to system
group for writing to cpuset files and to root group to avoid
regressions. When dropping privs, also drop supplementary groups.

Bug: 22699101
Change-Id: Icc01769b18b5e1f1649623da8325a8bfabc3a3f0

2 files changed, 8 insertions, 3 deletions

diff --git a/logd/main.cpp b/logd/main.cpp
index 9b88983..a3241d0 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -103,6 +103,10 @@ static int drop_privs() {
         return -1;
     }
 
+    if (setgroups(0, NULL) == -1) {
+        return -1;
+    }
+
     if (setgid(AID_LOGD) != 0) {
         return -1;
     }
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 7af2b77..2ac182b 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -145,9 +145,9 @@ on init
     chown system system /dev/cpuset/tasks
     chown system system /dev/cpuset/foreground/tasks
     chown system system /dev/cpuset/background/tasks
-    chmod 0644 /dev/cpuset/foreground/tasks
-    chmod 0644 /dev/cpuset/background/tasks
-    chmod 0644 /dev/cpuset/tasks
+    chmod 0664 /dev/cpuset/foreground/tasks
+    chmod 0664 /dev/cpuset/background/tasks
+    chmod 0664 /dev/cpuset/tasks
 
 
     # qtaguid will limit access to specific data based on group memberships.
@@ -523,6 +523,7 @@ service logd /system/bin/logd
     socket logd stream 0666 logd logd
     socket logdr seqpacket 0666 logd logd
     socket logdw dgram 0222 logd logd
+    group root system
 
 service logd-reinit /system/bin/logd --reinit
     oneshot