Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c21169c5 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

give zygote AID_READPROC 

In zygote wrapping mode, ZygoteConnection does a check to see if the pid
reported by the wrapped process is either child process that was
forked, or a decendent of it. This requires read access to other
processes /proc files. Grant zygote AID_READPROC to allow this access.

Bug: 32610632
Test: manual inspection of /proc files to verify group.
Test: manual inspection of zygote's children to make sure they do not
      inherit AID_READPROC

Change-Id: I3619a9ae33c8077e068e8024f7c7d44cfca6fb76
parent c54c533c

rootdir/init.zygote32.rc

+2 −0
Original line number Diff line number Diff line 
service zygote /system/bin/app_process -Xzygote /system/bin --zygote --start-system-server

    class main

    priority -20

    user root

    group root readproc

    socket zygote stream 660 root system

    onrestart write /sys/android_power/request_state wake

    onrestart write /sys/power/state on

rootdir/init.zygote32_64.rc

+4 −0
Original line number Diff line number Diff line 
service zygote /system/bin/app_process32 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygote

    class main

    priority -20

    user root

    group root readproc

    socket zygote stream 660 root system

    onrestart write /sys/android_power/request_state wake

    onrestart write /sys/power/state on
@@ -13,6 +15,8 @@ service zygote /system/bin/app_process32 -Xzygote /system/bin --zygote --start-s 
service zygote_secondary /system/bin/app_process64 -Xzygote /system/bin --zygote --socket-name=zygote_secondary

    class main

    priority -20

    user root

    group root readproc

    socket zygote_secondary stream 660 root system

    onrestart restart zygote

    writepid /dev/cpuset/foreground/tasks /dev/stune/foreground/tasks

rootdir/init.zygote64.rc

+2 −0
Original line number Diff line number Diff line 
service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server

    class main

    priority -20

    user root

    group root readproc

    socket zygote stream 660 root system

    onrestart write /sys/android_power/request_state wake

    onrestart write /sys/power/state on

rootdir/init.zygote64_32.rc

+4 −0
Original line number Diff line number Diff line 
service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-system-server --socket-name=zygote

    class main

    priority -20

    user root

    group root readproc

    socket zygote stream 660 root system

    onrestart write /sys/android_power/request_state wake

    onrestart write /sys/power/state on
@@ -13,6 +15,8 @@ service zygote /system/bin/app_process64 -Xzygote /system/bin --zygote --start-s 
service zygote_secondary /system/bin/app_process32 -Xzygote /system/bin --zygote --socket-name=zygote_secondary

    class main

    priority -20

    user root

    group root readproc

    socket zygote_secondary stream 660 root system

    onrestart restart zygote

    writepid /dev/cpuset/foreground/tasks /dev/stune/foreground/tasks