Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7ae426c7 authored by Josh Gao's avatar Josh Gao
Browse files

debuggerd_handler: raise ambient capset before execing. 

Raise the ambient capability set to match CapEff so that crash_dump can
inherit all of the capabilities of the dumped process to be able to
ptrace. Note that selinux will prevent crash_dump from actually use
any of the capabilities.

Bug: http://b/34853272
Test: debuggerd -b `pidof system_server`
Test: debuggerd -b `pidof zygote`
Change-Id: I1fe69eff54c1c0a5b3ec63f6fa504b2681c47a88
parent ac91b0c4

debuggerd/handler/debuggerd_handler.cpp

+6 −0
Original line number Original line Diff line number Diff line
@@ -39,6 +39,7 @@ 
#include <stdio.h>

#include <stdio.h>

#include <stdlib.h>

#include <stdlib.h>

#include <string.h>

#include <string.h>

#include <sys/capability.h>

#include <sys/mman.h>

#include <sys/mman.h>

#include <sys/prctl.h>

#include <sys/prctl.h>

#include <sys/socket.h>

#include <sys/socket.h>
@@ -205,6 +206,11 @@ static int debuggerd_dispatch_pseudothread(void* arg) { 
    close(pipefds[0]);

    close(pipefds[0]);

    close(pipefds[1]);

    close(pipefds[1]);





    // Set all of the ambient capability bits we can, so that crash_dump can ptrace us.

    for (unsigned long i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0); ++i) {

      prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, i, 0, 0);

    }



    char buf[10];

    char buf[10];

    snprintf(buf, sizeof(buf), "%d", thread_info->crashing_tid);

    snprintf(buf, sizeof(buf), "%d", thread_info->crashing_tid);

    execl(CRASH_DUMP_PATH, CRASH_DUMP_NAME, buf, nullptr);

    execl(CRASH_DUMP_PATH, CRASH_DUMP_NAME, buf, nullptr);