Commit add9a253 authored Jul 07, 2021 by Suren Baghdasaryan

libprocessgroup: Remove unnecessary permissions change in uid/pid hierarchy



When a new process is launched it ensures that all files under its uid/
and uid/pid hierarchy are accessible by the user/group of that process.
If the directory already exists that means the access permissions have
been already set before, therefore we do not need to reset them again.
This also avoids a race between two processes in the same uid with one
process being launched and walking the uid/ directory while the other
process is being killed and changing the content of that directory. In
such a race the process walking uid/ might find the uid/pid directory of
the process being killed but by the time it tries to set its permissions
the directory might be removed because the process got killed. The
change eliminates the possibility of this race.

Bug: 192421915
Bug: 192512069
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I182298c36f6b0b4580ab59e440bd3aea16f5fbfe

parent 9c62cdf3

libprocessgroup/processgroup.cpp

+5 −1

Original line number	Diff line number	Diff line
		@@ -224,7 +224,11 @@ void removeAllProcessGroups() {
		* transferred for the user/group passed as uid/gid before system_server can properly access them.
		*/
		static bool MkdirAndChown(const std::string& path, mode_t mode, uid_t uid, gid_t gid) {
		if (mkdir(path.c_str(), mode) == -1 && errno != EEXIST) {
		if (mkdir(path.c_str(), mode) == -1) {
		if (errno == EEXIST) {
		// Directory already exists and permissions have been set at the time it was created
		return true;
		}
		return false;
		}