adbd: make a PR_CAPBSET_DROP error fatal. Back in 080427e4e2b1b72718b660e16b6cf38b3a3c4e3f, we said: If the kernel doesn't support file capabilities, we ignore a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could become a fatal error. Make it a fatal error. With SELinux support, all devices are required to support file capabilities. Change-Id: I0ce0c4cb9387c42e325cbf1a63c5d82e6aab530c

commit: 8068fce73ec9c8e25f899a6d1e49f63a21db6468 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Tue Dec 15 16:51:49 2015 -0800
committer: Nick Kralevich <nnk@google.com> Tue Dec 15 16:54:53 2015 -0800
tree: 71c8cdfd6b842ca06db85e7ff743b71cea468e5e
parent: b85a693c1d88942017440c0325a35eb13bcdd9dc [diff]
diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index feea7a3..218c1d0 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp

@@ -54,11 +54,7 @@
         }
 
         int err = prctl(PR_CAPBSET_DROP, i, 0, 0, 0);
-
-        // Some kernels don't have file capabilities compiled in, and
-        // prctl(PR_CAPBSET_DROP) returns EINVAL. Don't automatically
-        // die when we see such misconfigured kernels.
-        if ((err < 0) && (errno != EINVAL)) {
+        if (err < 0) {
             PLOG(FATAL) << "Could not drop capabilities";
         }
     }
commit	8068fce73ec9c8e25f899a6d1e49f63a21db6468	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Tue Dec 15 16:51:49 2015 -0800
committer	Nick Kralevich <nnk@google.com>	Tue Dec 15 16:54:53 2015 -0800
tree	71c8cdfd6b842ca06db85e7ff743b71cea468e5e
parent	b85a693c1d88942017440c0325a35eb13bcdd9dc [diff]