Merge "Check setegid() return values" am: 0d24c8f852 am: fb13dab611 Change-Id: I67b0dfc4049f337631e12ab29330984db9edd04c

commit: e58d2dc64d558eddf8ae7a0a27da42a700961d56 [log] [tgz]
author: Tom Cherry <tomcherry@google.com> Fri Feb 24 01:02:19 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Fri Feb 24 01:02:19 2017 +0000
tree: 9c4a9511e80dd7593bda8be512e72f5e78ddddea
parent: 52cce9eb5dbb943a57466336e6fccccca3cc327f [diff]
parent: 235663b56a055ce8472d6d08a799de90630739c2 [diff]
diff --git a/init/devices.cpp b/init/devices.cpp
index 5f54ff8..bd11f5f 100644
--- a/init/devices.cpp
+++ b/init/devices.cpp

@@ -251,7 +251,10 @@
      * some device nodes, so the uid has to be set with chown() and is still
      * racy. Fixing the gid race at least fixed the issue with system_server
      * opening dynamic input devices under the AID_INPUT gid. */
-    setegid(gid);
+    if (setegid(gid)) {
+        PLOG(ERROR) << "setegid(" << gid << ") for " << path << " device failed";
+        goto out;
+    }
     /* If the node already exists update its SELinux label to handle cases when
      * it was created with the wrong context during coldboot procedure. */
     if (mknod(path, mode, dev) && (errno == EEXIST) && secontext) {
@@ -273,7 +276,9 @@
 
 out:
     chown(path, uid, -1);
-    setegid(AID_ROOT);
+    if (setegid(AID_ROOT)) {
+        PLOG(FATAL) << "setegid(AID_ROOT) failed";
+    }
 
     if (secontext) {
         freecon(secontext);
commit	e58d2dc64d558eddf8ae7a0a27da42a700961d56	[log] [tgz]
author	Tom Cherry <tomcherry@google.com>	Fri Feb 24 01:02:19 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Fri Feb 24 01:02:19 2017 +0000
tree	9c4a9511e80dd7593bda8be512e72f5e78ddddea
parent	52cce9eb5dbb943a57466336e6fccccca3cc327f [diff]
parent	235663b56a055ce8472d6d08a799de90630739c2 [diff]