openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

adbd: make a PR_CAPBSET_DROP error fatal. 

Back in 080427e4e2, we said:

  If the kernel doesn't support file capabilities, we ignore
  a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could
  become a fatal error.

Make it a fatal error. With SELinux support, all devices are
required to support file capabilities.

Change-Id: I0ce0c4cb9387c42e325cbf1a63c5d82e6aab530c
This commit is contained in:
Nick Kralevich 2015-12-15 16:51:49 -08:00
parent 7c20ab3e73
commit 9f75a03571
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
adb/daemon/main.cpp
View File

@ -54,11 +54,7 @@ static void drop_capabilities_bounding_set_if_needed() {
}
int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
// Some kernels don't have file capabilities compiled in, and
// prctl(PR_CAPBSET_DROP) returns EINVAL. Don't automatically
// die when we see such misconfigured kernels.
if ((err < 0) && (errno != EINVAL)) {
if (err < 0) {
PLOG(FATAL) << "Could not drop capabilities";
}
}