commit 7ecbd0d91a6c2e47ecde81d61d18bf9dda7faa5f
author Luis Hector Chavez <lhchavez@google.com> Tue Jan 09 06:43:15 2018 +0000
committer android-build-merger <android-build-merger@google.com> Tue Jan 09 06:43:15 2018 +0000
tree dae2cf5774933550c2ccd65a53143a227448c4f9
parent 3a0e987601f87dcbba66a096fb364625b99c121b
parent 60df41c91ce3b4fbf556ae8efb2948987beba17d

Merge "debuggerd_handler: set PR_SET_PTRACER before running crash_dump." am: be10cae468 am: 66fa613dbb
am: 8b4cbf4a91

Change-Id: I5a6f242e96681be678a337d802b178ef92231dba

debuggerd/handler/debuggerd_handler.cpp

diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp
index 96f3c7c..05e6efa 100644
--- a/debuggerd/handler/debuggerd_handler.cpp
+++ b/debuggerd/handler/debuggerd_handler.cpp
@@ -500,6 +500,17 @@
     fatal_errno("failed to set dumpable");
   }
 
+  // On kernels with yama_ptrace enabled, also allow any process to attach.
+  bool restore_orig_ptracer = true;
+  if (prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY) != 0) {
+    if (errno == EINVAL) {
+      // This kernel does not support PR_SET_PTRACER_ANY, or Yama is not enabled.
+      restore_orig_ptracer = false;
+    } else {
+      fatal_errno("failed to set traceable");
+    }
+  }
+
   // Essentially pthread_create without CLONE_FILES, so we still work during file descriptor
   // exhaustion.
   pid_t child_pid =
@@ -521,6 +532,11 @@
     fatal_errno("failed to restore dumpable");
   }
 
+  // Restore PR_SET_PTRACER to its original value.
+  if (restore_orig_ptracer && prctl(PR_SET_PTRACER, 0) != 0) {
+    fatal_errno("failed to restore traceable");
+  }
+
   if (info->si_signo == DEBUGGER_SIGNAL) {
     // If the signal is fatal, don't unlock the mutex to prevent other crashing threads from
     // starting to dump right before our death.