Loading core/jni/com_android_internal_os_Zygote.cpp +20 −0 Original line number Diff line number Diff line Loading @@ -706,6 +706,26 @@ static pid_t ForkAndSpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArra fail_fn(CREATE_ERROR("setresuid(%d) failed: %s", uid, strerror(errno))); } // The "dumpable" flag of a process, which controls core dump generation, is // overwritten by the value in /proc/sys/fs/suid_dumpable when the effective // user or group ID changes. See proc(5) for possible values. In most cases, // the value is 0, so core dumps are disabled for zygote children. However, // when running in a Chrome OS container, the value is already set to 2, // which allows the external crash reporter to collect all core dumps. Since // only system crashes are interested, core dump is disabled for app // processes. This also ensures compliance with CTS. int dumpable = prctl(PR_GET_DUMPABLE); if (dumpable == -1) { ALOGE("prctl(PR_GET_DUMPABLE) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "prctl(PR_GET_DUMPABLE) failed"); } if (dumpable == 2 && uid >= AID_APP) { if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0) == -1) { ALOGE("prctl(PR_SET_DUMPABLE, 0) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "prctl(PR_SET_DUMPABLE, 0) failed"); } } if (NeedsNoRandomizeWorkaround()) { // Work around ARM kernel ASLR lossage (http://b/5817320). int old_personality = personality(0xffffffff); Loading Loading
core/jni/com_android_internal_os_Zygote.cpp +20 −0 Original line number Diff line number Diff line Loading @@ -706,6 +706,26 @@ static pid_t ForkAndSpecializeCommon(JNIEnv* env, uid_t uid, gid_t gid, jintArra fail_fn(CREATE_ERROR("setresuid(%d) failed: %s", uid, strerror(errno))); } // The "dumpable" flag of a process, which controls core dump generation, is // overwritten by the value in /proc/sys/fs/suid_dumpable when the effective // user or group ID changes. See proc(5) for possible values. In most cases, // the value is 0, so core dumps are disabled for zygote children. However, // when running in a Chrome OS container, the value is already set to 2, // which allows the external crash reporter to collect all core dumps. Since // only system crashes are interested, core dump is disabled for app // processes. This also ensures compliance with CTS. int dumpable = prctl(PR_GET_DUMPABLE); if (dumpable == -1) { ALOGE("prctl(PR_GET_DUMPABLE) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "prctl(PR_GET_DUMPABLE) failed"); } if (dumpable == 2 && uid >= AID_APP) { if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0) == -1) { ALOGE("prctl(PR_SET_DUMPABLE, 0) failed: %s", strerror(errno)); RuntimeAbort(env, __LINE__, "prctl(PR_SET_DUMPABLE, 0) failed"); } } if (NeedsNoRandomizeWorkaround()) { // Work around ARM kernel ASLR lossage (http://b/5817320). int old_personality = personality(0xffffffff); Loading
