From 684f4883b33856d8d0cd97e33f07b2939957bf96 Mon Sep 17 00:00:00 2001 From: Tom Cherry Date: Wed, 26 Jul 2017 14:17:09 -0700 Subject: [PATCH 1/2] init: only use signed-integer-overflow sanitizer We've blown up twice in init due to the unsigned integer overflow sanitizer despite the overflows in question being both defined and intentional. Bug: 63680332 Test: boot Change-Id: I08effe3202ac1367d858982ff5478b3a088bab37 (cherry picked from commit 2ffd65e1d12940b5e13ea743bb88e94a57e7ca97) --- init/Android.bp | 2 +- init/Android.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/init/Android.bp b/init/Android.bp index 82945981e..aaef7e933 100644 --- a/init/Android.bp +++ b/init/Android.bp @@ -18,7 +18,7 @@ cc_defaults { name: "init_defaults", cpp_std: "experimental", sanitize: { - misc_undefined: ["integer"], + misc_undefined: ["signed-integer-overflow"], }, cppflags: [ "-DLOG_UEVENTS=0", diff --git a/init/Android.mk b/init/Android.mk index c0c490559..161256e9a 100644 --- a/init/Android.mk +++ b/init/Android.mk @@ -96,6 +96,6 @@ LOCAL_POST_INSTALL_CMD := $(hide) mkdir -p $(TARGET_ROOT_OUT)/sbin; \ ln -sf ../init $(TARGET_ROOT_OUT)/sbin/ueventd; \ ln -sf ../init $(TARGET_ROOT_OUT)/sbin/watchdogd -LOCAL_SANITIZE := integer +LOCAL_SANITIZE := signed-integer-overflow LOCAL_CLANG := true include $(BUILD_EXECUTABLE) From 7d7e7cdf3498d0484f85fa69688a79fe3cd7091e Mon Sep 17 00:00:00 2001 From: Ben Fennema Date: Tue, 25 Jul 2017 14:37:21 -0700 Subject: [PATCH 2/2] init: fix type of 2nd argument passed to prctl prctl(PR_SET_SECUREBITS, ...) expects an unsigned long as its 2nd argument. Passing in a int64_t happens to work with a 64-bit kernel, but does not work with a 32-bit kernel. Bug: 63680332 Test: boot 32-bit kernel; verify services with capabilities can successfully set those capabilties Change-Id: I60250d107a77b54b2e9fe3419b4480b921c7e2f8 Signed-off-by: Ben Fennema (cherry picked from commit a72436067d5f88885e4b32fa7c5d22f1ea8c0756) --- init/service.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init/service.cpp b/init/service.cpp index 82dd9b137..fe38ee205 100644 --- a/init/service.cpp +++ b/init/service.cpp @@ -245,8 +245,8 @@ void Service::SetProcessAttributes() { if (capabilities_.any() && uid_) { // If Android is running in a container, some securebits might already // be locked, so don't change those. - int64_t securebits = prctl(PR_GET_SECUREBITS); - if (securebits == -1) { + unsigned long securebits = prctl(PR_GET_SECUREBITS); + if (securebits == -1UL) { PLOG(FATAL) << "prctl(PR_GET_SECUREBITS) failed for " << name_; } securebits |= SECBIT_KEEP_CAPS | SECBIT_KEEP_CAPS_LOCKED;