Merge "Enable hidepid=2 on /proc"

    // AID_SDCARD_R to allow reading from the SD card

    // AID_SDCARD_RW to allow writing to the SD card

    // AID_NET_BW_STATS to read out qtaguid statistics

    // AID_READPROC for reading /proc entries across UID boundaries

    gid_t groups[] = {AID_ADB,      AID_LOG,       AID_INPUT,

                      AID_INET,     AID_NET_BT,    AID_NET_BT_ADMIN,

                      AID_SDCARD_R, AID_SDCARD_RW, AID_NET_BW_STATS};

                      AID_SDCARD_R, AID_SDCARD_RW, AID_NET_BW_STATS,

                      AID_READPROC };

    if (setgroups(sizeof(groups) / sizeof(groups[0]), groups) != 0) {

        PLOG(FATAL) << "Could not set supplental groups";

    }

service debuggerd /system/bin/debuggerd

    class main

    group root readproc

    writepid /dev/cpuset/system-background/tasks

service debuggerd64 /system/bin/debuggerd64

    class main

    group root readproc

    writepid /dev/cpuset/system-background/tasks

#define AID_NET_BW_STATS  3006  /* read bandwidth statistics */

#define AID_NET_BW_ACCT   3007  /* change bandwidth statistics accounting */

#define AID_NET_BT_STACK  3008  /* bluetooth: access config files */

#define AID_READPROC      3009  /* Allow /proc read access */

/* The range 5000-5999 is also reserved for OEM, and must never be used here. */

#define AID_OEM_RESERVED_2_START 5000

    { "net_bw_stats",  AID_NET_BW_STATS, },

    { "net_bw_acct",   AID_NET_BW_ACCT, },

    { "net_bt_stack",  AID_NET_BT_STACK, },

    { "readproc",      AID_READPROC, },

    { "everybody",     AID_EVERYBODY, },

    { "misc",          AID_MISC, },

        mkdir("/dev/pts", 0755);

        mkdir("/dev/socket", 0755);

        mount("devpts", "/dev/pts", "devpts", 0, NULL);

        mount("proc", "/proc", "proc", 0, NULL);

        #define MAKE_STR(x) __STRING(x)

        mount("proc", "/proc", "proc", 0, "hidepid=2,gid=" MAKE_STR(AID_READPROC));

        mount("sysfs", "/sys", "sysfs", 0, NULL);

    }