Loading cmds/installd/dexopt.cpp +42 −28 Original line number Diff line number Diff line Loading @@ -1820,14 +1820,25 @@ bool reconcile_secondary_dex_file(const std::string& dex_path, return false; } // As a security measure we want to unlink art artifacts with the reduced capabilities // of the package user id. So we fork and drop capabilities in the child. pid_t pid = fork(); if (pid == 0) { // The secondary dex does not exist anymore. Clear any generated files. char oat_path[PKG_PATH_MAX]; char oat_dir[PKG_PATH_MAX]; char oat_isa_dir[PKG_PATH_MAX]; bool result = true; /* child -- drop privileges before continuing */ drop_capabilities(uid); for (size_t i = 0; i < isas.size(); i++) { if (!create_secondary_dex_oat_layout(dex_path, isas[i], oat_dir, oat_isa_dir, oat_path)) { LOG(ERROR) << "Could not create secondary odex layout: " << dex_path; if (!create_secondary_dex_oat_layout(dex_path, isas[i], oat_dir, oat_isa_dir, oat_path)) { LOG(ERROR) << "Could not create secondary odex layout: " << dex_path; result = false; continue; } Loading @@ -1854,8 +1865,11 @@ bool reconcile_secondary_dex_file(const std::string& dex_path, result = rmdir_if_empty(oat_isa_dir) && result; result = rmdir_if_empty(oat_dir) && result; } result ? _exit(0) : _exit(1); } return result; int return_code = wait_child(pid); return return_code == 0; } // Helper for move_ab, so that we can have common failure-case cleanup. Loading Loading
cmds/installd/dexopt.cpp +42 −28 Original line number Diff line number Diff line Loading @@ -1820,14 +1820,25 @@ bool reconcile_secondary_dex_file(const std::string& dex_path, return false; } // As a security measure we want to unlink art artifacts with the reduced capabilities // of the package user id. So we fork and drop capabilities in the child. pid_t pid = fork(); if (pid == 0) { // The secondary dex does not exist anymore. Clear any generated files. char oat_path[PKG_PATH_MAX]; char oat_dir[PKG_PATH_MAX]; char oat_isa_dir[PKG_PATH_MAX]; bool result = true; /* child -- drop privileges before continuing */ drop_capabilities(uid); for (size_t i = 0; i < isas.size(); i++) { if (!create_secondary_dex_oat_layout(dex_path, isas[i], oat_dir, oat_isa_dir, oat_path)) { LOG(ERROR) << "Could not create secondary odex layout: " << dex_path; if (!create_secondary_dex_oat_layout(dex_path, isas[i], oat_dir, oat_isa_dir, oat_path)) { LOG(ERROR) << "Could not create secondary odex layout: " << dex_path; result = false; continue; } Loading @@ -1854,8 +1865,11 @@ bool reconcile_secondary_dex_file(const std::string& dex_path, result = rmdir_if_empty(oat_isa_dir) && result; result = rmdir_if_empty(oat_dir) && result; } result ? _exit(0) : _exit(1); } return result; int return_code = wait_child(pid); return return_code == 0; } // Helper for move_ab, so that we can have common failure-case cleanup. Loading
