Merge "Merge "Drop supplementary groups for child zygotes." into rvc-dev am:... (5c4047db) · Commits · e / os / android_frameworks_base

core/jni/com_android_internal_os_Zygote.cpp

+10 −2

Original line number	Diff line number	Diff line
		@@ -531,8 +531,16 @@ static void UnsetChldSignalHandler() {

		// Calls POSIX setgroups() using the int[] object as an argument.
		// A nullptr argument is tolerated.
		static void SetGids(JNIEnv* env, jintArray managed_gids, fail_fn_t fail_fn) {
		static void SetGids(JNIEnv* env, jintArray managed_gids, jboolean is_child_zygote,
		fail_fn_t fail_fn) {
		if (managed_gids == nullptr) {
		if (is_child_zygote) {
		// For child zygotes like webview and app zygote, we want to clear out
		// any supplemental groups the parent zygote had.
		if (setgroups(0, NULL) == -1) {
		fail_fn(CREATE_ERROR("Failed to remove supplementary groups for child zygote"));
		}
		}
		return;
		}

		@@ -1692,7 +1700,7 @@ static void SpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArray gids,
		}
		}

		SetGids(env, gids, fail_fn);
		SetGids(env, gids, is_child_zygote, fail_fn);
		SetRLimits(env, rlimits, fail_fn);

		if (need_pre_initialize_native_bridge) {