Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 11bd126e authored by Shai Barack's avatar Shai Barack Committed by Android Build Cherrypicker Worker
Browse files

Simplify POSIX capabilities to bitmask 

Remove unnecessary overhead and complexity of converting a list of bit offsets to an array of integers, iterating over it, validating the inputs (which are valid, otherwise the device doesn't boot), then doing the bit-shifting.
Just do the bit-shifting.

Flag: EXEMPT refactor
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b5d3ccd6bb47dbe984471bb7832304236110bba2)
Merged-In: Ic5dc21657a997ed000104ff713a96a51b2c06d5f
Change-Id: Ic5dc21657a997ed000104ff713a96a51b2c06d5f
parent 34eacbbf

core/java/com/android/internal/os/ZygoteInit.java

+14 −29
Original line number Diff line number Diff line
@@ -623,21 +623,20 @@ public class ZygoteInit { 
     */

    private static Runnable forkSystemServer(String abiList, String socketName,

            ZygoteServer zygoteServer) {

        long capabilities = posixCapabilitiesAsBits(

                OsConstants.CAP_IPC_LOCK,

                OsConstants.CAP_KILL,

                OsConstants.CAP_NET_ADMIN,

                OsConstants.CAP_NET_BIND_SERVICE,

                OsConstants.CAP_NET_BROADCAST,

                OsConstants.CAP_NET_RAW,

                OsConstants.CAP_SYS_MODULE,

                OsConstants.CAP_SYS_NICE,

                OsConstants.CAP_SYS_PTRACE,

                OsConstants.CAP_SYS_TIME,

                OsConstants.CAP_SYS_TTY_CONFIG,

                OsConstants.CAP_WAKE_ALARM,

                OsConstants.CAP_BLOCK_SUSPEND

        );

        long capabilities =

                (1L << OsConstants.CAP_IPC_LOCK) |

                (1L << OsConstants.CAP_KILL) |

                (1L << OsConstants.CAP_NET_ADMIN) |

                (1L << OsConstants.CAP_NET_BIND_SERVICE) |

                (1L << OsConstants.CAP_NET_BROADCAST) |

                (1L << OsConstants.CAP_NET_RAW) |

                (1L << OsConstants.CAP_SYS_MODULE) |

                (1L << OsConstants.CAP_SYS_NICE) |

                (1L << OsConstants.CAP_SYS_PTRACE) |

                (1L << OsConstants.CAP_SYS_TIME) |

                (1L << OsConstants.CAP_SYS_TTY_CONFIG) |

                (1L << OsConstants.CAP_WAKE_ALARM) |

                (1L << OsConstants.CAP_BLOCK_SUSPEND);

        /* Containers run without some capabilities, so drop any caps that are not available. */

        StructCapUserHeader header = new StructCapUserHeader(

                OsConstants._LINUX_CAPABILITY_VERSION_3, 0);
@@ -733,20 +732,6 @@ public class ZygoteInit { 
        return null;

    }



    /**

     * Gets the bit array representation of the provided list of POSIX capabilities.

     */

    private static long posixCapabilitiesAsBits(int... capabilities) {

        long result = 0;

        for (int capability : capabilities) {

            if ((capability < 0) || (capability > OsConstants.CAP_LAST_CAP)) {

                throw new IllegalArgumentException(String.valueOf(capability));

            }

            result |= (1L << capability);

        }

        return result;

    }



    /**

     * This is the entry point for a Zygote process.  It creates the Zygote server, loads resources,

     * and handles other tasks related to preparing the process for forking into applications.