init: Put init in group AID_READPROC

bootcharts currently only show root's processes, which isn't very
useful. To investigate and track boot duration issues, we need a way for
init to see all the pids. Add init to GID 3009 (aka AID_READPROC)

Ensure that init's children don't inherit this GID by always clearing
supplementary group IDs on fork.

Bug: 32506197
Test: Device boots and /proc/1/status says init is in gid 3009
Test: zygote starts and the Group: line in /proc/ZYGOTEPID/status is empty
Change-Id: Iba90717aaa591f1d6030a379a272aee003600c0a
Not-Tested: bootchart actually works. Speculative fix.

init/init.cpp

@@ -585,6 +585,8 @@ int main(int argc, char** argv) {
         mount("devpts", "/dev/pts", "devpts", 0, NULL);
         #define MAKE_STR(x) __STRING(x)
         mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));
+        gid_t groups[] = { AID_READPROC };
+        setgroups(arraysize(groups), groups);
         mount("sysfs", "/sys", "sysfs", 0, NULL);
         mount("selinuxfs", "/sys/fs/selinux", "selinuxfs", 0, NULL);
         mknod("/dev/kmsg", S_IFCHR | 0600, makedev(1, 11));

init/service.cpp

@@ -233,10 +233,8 @@ void Service::SetProcessAttributes() {
             PLOG(FATAL) << "setgid failed for " << name_;
         }
     }
-    if (!supp_gids_.empty()) {
-        if (setgroups(supp_gids_.size(), &supp_gids_[0]) != 0) {
-            PLOG(FATAL) << "setgroups failed for " << name_;
-        }
+    if (setgroups(supp_gids_.size(), &supp_gids_[0]) != 0) {
+        PLOG(FATAL) << "setgroups failed for " << name_;
     }
     if (uid_) {
         if (setuid(uid_) != 0) {