Loading core/java/com/android/internal/os/Zygote.java +1 −18 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import android.content.pm.ApplicationInfo; import android.net.Credentials; import android.net.LocalServerSocket; import android.net.LocalSocket; import android.os.Build; import android.os.FactoryTest; import android.os.IVold; import android.os.Process; Loading Loading @@ -254,16 +253,13 @@ public final class Zygote { */ public static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir, int targetSdkVersion) { int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir) { ZygoteHooks.preFork(); int pid = nativeForkAndSpecialize( uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose, fdsToIgnore, startChildZygote, instructionSet, appDataDir); if (pid == 0) { Zygote.disableExecuteOnly(targetSdkVersion); // Note that this event ends at the end of handleChildProc, Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork"); } Loading Loading @@ -649,8 +645,6 @@ public final class Zygote { args.mSeInfo, args.mNiceName, args.mStartChildZygote, args.mInstructionSet, args.mAppDataDir); disableExecuteOnly(args.mTargetSdkVersion); Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER); return ZygoteInit.zygoteInit(args.mTargetSdkVersion, Loading Loading @@ -729,17 +723,6 @@ public final class Zygote { } } /** * Mark execute-only segments of libraries read+execute for apps with targetSdkVersion<Q. */ protected static void disableExecuteOnly(int targetSdkVersion) { if ((targetSdkVersion < Build.VERSION_CODES.Q) && !nativeDisableExecuteOnly()) { Log.e("Zygote", "Failed to set libraries to read+execute."); } } private static native boolean nativeDisableExecuteOnly(); /** * @return Raw file descriptors for the read-end of USAP reporting pipes. */ Loading core/java/com/android/internal/os/ZygoteConnection.java +1 −1 Original line number Diff line number Diff line Loading @@ -257,7 +257,7 @@ class ZygoteConnection { pid = Zygote.forkAndSpecialize(parsedArgs.mUid, parsedArgs.mGid, parsedArgs.mGids, parsedArgs.mRuntimeFlags, rlimits, parsedArgs.mMountExternal, parsedArgs.mSeInfo, parsedArgs.mNiceName, fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote, parsedArgs.mInstructionSet, parsedArgs.mAppDataDir, parsedArgs.mTargetSdkVersion); parsedArgs.mInstructionSet, parsedArgs.mAppDataDir); try { if (pid == 0) { Loading core/jni/com_android_internal_os_Zygote.cpp +0 −31 Original line number Diff line number Diff line Loading @@ -46,7 +46,6 @@ #include <fcntl.h> #include <grp.h> #include <inttypes.h> #include <link.h> #include <malloc.h> #include <mntent.h> #include <paths.h> Loading @@ -55,7 +54,6 @@ #include <sys/capability.h> #include <sys/cdefs.h> #include <sys/eventfd.h> #include <sys/mman.h> #include <sys/personality.h> #include <sys/prctl.h> #include <sys/resource.h> Loading @@ -72,10 +70,8 @@ #include <android-base/properties.h> #include <android-base/file.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> #include <android-base/unique_fd.h> #include <bionic/malloc.h> #include <bionic/page.h> #include <cutils/fs.h> #include <cutils/multiuser.h> #include <private/android_filesystem_config.h> Loading Loading @@ -1783,31 +1779,6 @@ static void com_android_internal_os_Zygote_nativeEmptyUsapPool(JNIEnv* env, jcla } } static int disable_execute_only(struct dl_phdr_info *info, size_t size, void *data) { // Search for any execute-only segments and mark them read+execute. for (int i = 0; i < info->dlpi_phnum; i++) { const auto& phdr = info->dlpi_phdr[i]; if ((phdr.p_type == PT_LOAD) && (phdr.p_flags == PF_X)) { auto addr = reinterpret_cast<void*>(info->dlpi_addr + PAGE_START(phdr.p_vaddr)); size_t len = PAGE_OFFSET(phdr.p_vaddr) + phdr.p_memsz; if (mprotect(addr, len, PROT_READ | PROT_EXEC) == -1) { ALOGE("mprotect(%p, %zu, PROT_READ | PROT_EXEC) failed: %m", addr, len); return -1; } } } // Return non-zero to exit dl_iterate_phdr. return 0; } /** * @param env Managed runtime environment * @return True if disable was successful. */ static jboolean com_android_internal_os_Zygote_nativeDisableExecuteOnly(JNIEnv* env, jclass) { return dl_iterate_phdr(disable_execute_only, nullptr) == 0; } static void com_android_internal_os_Zygote_nativeBlockSigTerm(JNIEnv* env, jclass) { auto fail_fn = std::bind(ZygoteFailure, env, "usap", nullptr, _1); BlockSignal(SIGTERM, fail_fn); Loading Loading @@ -1889,8 +1860,6 @@ static const JNINativeMethod gMethods[] = { (void *) com_android_internal_os_Zygote_nativeGetUsapPoolCount }, { "nativeEmptyUsapPool", "()V", (void *) com_android_internal_os_Zygote_nativeEmptyUsapPool }, { "nativeDisableExecuteOnly", "()Z", (void *) com_android_internal_os_Zygote_nativeDisableExecuteOnly }, { "nativeBlockSigTerm", "()V", (void* ) com_android_internal_os_Zygote_nativeBlockSigTerm }, { "nativeUnblockSigTerm", "()V", Loading Loading
core/java/com/android/internal/os/Zygote.java +1 −18 Original line number Diff line number Diff line Loading @@ -24,7 +24,6 @@ import android.content.pm.ApplicationInfo; import android.net.Credentials; import android.net.LocalServerSocket; import android.net.LocalSocket; import android.os.Build; import android.os.FactoryTest; import android.os.IVold; import android.os.Process; Loading Loading @@ -254,16 +253,13 @@ public final class Zygote { */ public static int forkAndSpecialize(int uid, int gid, int[] gids, int runtimeFlags, int[][] rlimits, int mountExternal, String seInfo, String niceName, int[] fdsToClose, int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir, int targetSdkVersion) { int[] fdsToIgnore, boolean startChildZygote, String instructionSet, String appDataDir) { ZygoteHooks.preFork(); int pid = nativeForkAndSpecialize( uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, fdsToClose, fdsToIgnore, startChildZygote, instructionSet, appDataDir); if (pid == 0) { Zygote.disableExecuteOnly(targetSdkVersion); // Note that this event ends at the end of handleChildProc, Trace.traceBegin(Trace.TRACE_TAG_ACTIVITY_MANAGER, "PostFork"); } Loading Loading @@ -649,8 +645,6 @@ public final class Zygote { args.mSeInfo, args.mNiceName, args.mStartChildZygote, args.mInstructionSet, args.mAppDataDir); disableExecuteOnly(args.mTargetSdkVersion); Trace.traceEnd(Trace.TRACE_TAG_ACTIVITY_MANAGER); return ZygoteInit.zygoteInit(args.mTargetSdkVersion, Loading Loading @@ -729,17 +723,6 @@ public final class Zygote { } } /** * Mark execute-only segments of libraries read+execute for apps with targetSdkVersion<Q. */ protected static void disableExecuteOnly(int targetSdkVersion) { if ((targetSdkVersion < Build.VERSION_CODES.Q) && !nativeDisableExecuteOnly()) { Log.e("Zygote", "Failed to set libraries to read+execute."); } } private static native boolean nativeDisableExecuteOnly(); /** * @return Raw file descriptors for the read-end of USAP reporting pipes. */ Loading
core/java/com/android/internal/os/ZygoteConnection.java +1 −1 Original line number Diff line number Diff line Loading @@ -257,7 +257,7 @@ class ZygoteConnection { pid = Zygote.forkAndSpecialize(parsedArgs.mUid, parsedArgs.mGid, parsedArgs.mGids, parsedArgs.mRuntimeFlags, rlimits, parsedArgs.mMountExternal, parsedArgs.mSeInfo, parsedArgs.mNiceName, fdsToClose, fdsToIgnore, parsedArgs.mStartChildZygote, parsedArgs.mInstructionSet, parsedArgs.mAppDataDir, parsedArgs.mTargetSdkVersion); parsedArgs.mInstructionSet, parsedArgs.mAppDataDir); try { if (pid == 0) { Loading
core/jni/com_android_internal_os_Zygote.cpp +0 −31 Original line number Diff line number Diff line Loading @@ -46,7 +46,6 @@ #include <fcntl.h> #include <grp.h> #include <inttypes.h> #include <link.h> #include <malloc.h> #include <mntent.h> #include <paths.h> Loading @@ -55,7 +54,6 @@ #include <sys/capability.h> #include <sys/cdefs.h> #include <sys/eventfd.h> #include <sys/mman.h> #include <sys/personality.h> #include <sys/prctl.h> #include <sys/resource.h> Loading @@ -72,10 +70,8 @@ #include <android-base/properties.h> #include <android-base/file.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> #include <android-base/unique_fd.h> #include <bionic/malloc.h> #include <bionic/page.h> #include <cutils/fs.h> #include <cutils/multiuser.h> #include <private/android_filesystem_config.h> Loading Loading @@ -1783,31 +1779,6 @@ static void com_android_internal_os_Zygote_nativeEmptyUsapPool(JNIEnv* env, jcla } } static int disable_execute_only(struct dl_phdr_info *info, size_t size, void *data) { // Search for any execute-only segments and mark them read+execute. for (int i = 0; i < info->dlpi_phnum; i++) { const auto& phdr = info->dlpi_phdr[i]; if ((phdr.p_type == PT_LOAD) && (phdr.p_flags == PF_X)) { auto addr = reinterpret_cast<void*>(info->dlpi_addr + PAGE_START(phdr.p_vaddr)); size_t len = PAGE_OFFSET(phdr.p_vaddr) + phdr.p_memsz; if (mprotect(addr, len, PROT_READ | PROT_EXEC) == -1) { ALOGE("mprotect(%p, %zu, PROT_READ | PROT_EXEC) failed: %m", addr, len); return -1; } } } // Return non-zero to exit dl_iterate_phdr. return 0; } /** * @param env Managed runtime environment * @return True if disable was successful. */ static jboolean com_android_internal_os_Zygote_nativeDisableExecuteOnly(JNIEnv* env, jclass) { return dl_iterate_phdr(disable_execute_only, nullptr) == 0; } static void com_android_internal_os_Zygote_nativeBlockSigTerm(JNIEnv* env, jclass) { auto fail_fn = std::bind(ZygoteFailure, env, "usap", nullptr, _1); BlockSignal(SIGTERM, fail_fn); Loading Loading @@ -1889,8 +1860,6 @@ static const JNINativeMethod gMethods[] = { (void *) com_android_internal_os_Zygote_nativeGetUsapPoolCount }, { "nativeEmptyUsapPool", "()V", (void *) com_android_internal_os_Zygote_nativeEmptyUsapPool }, { "nativeDisableExecuteOnly", "()Z", (void *) com_android_internal_os_Zygote_nativeDisableExecuteOnly }, { "nativeBlockSigTerm", "()V", (void* ) com_android_internal_os_Zygote_nativeBlockSigTerm }, { "nativeUnblockSigTerm", "()V", Loading
