Merge changes from topic 'kill_debuggerd' (cfb19e3a) · Commits · e / os / android_frameworks_base

cmds/app_process/app_main.cpp

+0 −4

Original line number	Diff line number	Diff line
		@@ -184,10 +184,6 @@ static const char ZYGOTE_NICE_NAME[] = "zygote";

		int main(int argc, char* const argv[])
		{
		if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
		LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
		}

		if (!LOG_NDEBUG) {
		String8 argv_String;
		for (int i = 0; i < argc; ++i) {

core/jni/Android.mk

+1 −0

Original line number	Diff line number	Diff line
		@@ -223,6 +223,7 @@ LOCAL_SHARED_LIBRARIES := \
		libnativehelper \
		liblog \
		libcutils \
		libdebuggerd_client \
		libutils \
		libbinder \
		libnetutils \

core/jni/android_os_Debug.cpp

+1 −1

Original line number	Diff line number	Diff line
		@@ -33,7 +33,7 @@
		#include <string>

		#include <android-base/stringprintf.h>
		#include <cutils/debugger.h>
		#include <debuggerd/client.h>
		#include <log/log.h>
		#include <utils/misc.h>
		#include <utils/String8.h>

services/core/java/com/android/server/am/NativeCrashListener.java

+13 −14

Original line number	Diff line number	Diff line
		@@ -20,7 +20,6 @@ import android.app.ApplicationErrorReport.CrashInfo;
		import android.system.ErrnoException;
		import android.system.Os;
		import android.system.StructTimeval;
		import android.system.StructUcred;
		import android.system.UnixSocketAddress;
		import android.util.Slog;

		@@ -105,9 +104,9 @@ final class NativeCrashListener extends Thread {

		if (DEBUG) Slog.i(TAG, "Starting up");

		// The file system entity for this socket is created with 0700 perms, owned
		// by system:system. debuggerd runs as root, so is capable of connecting to
		// it, but 3rd party apps cannot.
		// The file system entity for this socket is created with 0777 perms, owned
		// by system:system. selinux restricts things so that only crash_dump can
		// access it.
		{
		File socketFile = new File(DEBUGGERD_SOCKET_PATH);
		if (socketFile.exists()) {
		@@ -121,6 +120,7 @@ final class NativeCrashListener extends Thread {
		DEBUGGERD_SOCKET_PATH);
		Os.bind(serverFd, sockAddr);
		Os.listen(serverFd, 1);
		Os.chmod(DEBUGGERD_SOCKET_PATH, 0777);

		while (true) {
		FileDescriptor peerFd = null;
		@@ -129,19 +129,14 @@ final class NativeCrashListener extends Thread {
		peerFd = Os.accept(serverFd, null /* peerAddress */);
		if (MORE_DEBUG) Slog.v(TAG, "Got debuggerd socket " + peerFd);
		if (peerFd != null) {
		// Only the superuser is allowed to talk to us over this socket
		StructUcred credentials =
		Os.getsockoptUcred(peerFd, SOL_SOCKET, SO_PEERCRED);
		if (credentials.uid == 0) {
		// the reporting thread may take responsibility for
		// acking the debugger; make sure we play along.
		consumeNativeCrashData(peerFd);
		}
		}
		} catch (Exception e) {
		Slog.w(TAG, "Error handling connection", e);
		} finally {
		// Always ack debuggerd's connection to us. The actual
		// Always ack crash_dump's connection to us. The actual
		// byte written is irrelevant.
		if (peerFd != null) {
		try {
		@@ -194,7 +189,7 @@ final class NativeCrashListener extends Thread {
		return totalRead;
		}

		// Read the crash report from the debuggerd connection
		// Read a crash report from the connection
		void consumeNativeCrashData(FileDescriptor fd) {
		if (MORE_DEBUG) Slog.i(TAG, "debuggerd connected");
		final byte[] buf = new byte[4096];
		@@ -205,6 +200,10 @@ final class NativeCrashListener extends Thread {
		Os.setsockoptTimeval(fd, SOL_SOCKET, SO_RCVTIMEO, timeout);
		Os.setsockoptTimeval(fd, SOL_SOCKET, SO_SNDTIMEO, timeout);

		// The socket is guarded by an selinux neverallow rule that only
		// permits crash_dump to connect to it. This allows us to trust the
		// received values.

		// first, the pid and signal number
		int headerBytes = readExactly(fd, buf, 0, 8);
		if (headerBytes != 8) {