debuggerd_handler: raise ambient capset before execing. am: 7ae426c731 am: 0adfda8468 Change-Id: I0143810fbf967c21882f5a6004735b7dea216f35

commit: f58bf5b5a33d9a05bd3b8e89582d53dbec2d2923 [log] [tgz]
author: Josh Gao <jmgao@google.com> Mon Feb 06 18:52:39 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Mon Feb 06 18:52:39 2017 +0000
tree: bc3964ff82990aff06893f4c06380732e033fd1a
parent: 8f58fae0015d689192e5b20bd184faf8c3b08129 [diff]
parent: df6edb6b6dd9d83ca72791f556a257a7809ec359 [diff]
diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp
index 9469bbd..73257b9 100644
--- a/debuggerd/handler/debuggerd_handler.cpp
+++ b/debuggerd/handler/debuggerd_handler.cpp

@@ -39,6 +39,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <sys/capability.h>
 #include <sys/mman.h>
 #include <sys/prctl.h>
 #include <sys/socket.h>
@@ -216,6 +217,11 @@
     close(pipefds[0]);
     close(pipefds[1]);
 
+    // Set all of the ambient capability bits we can, so that crash_dump can ptrace us.
+    for (unsigned long i = 0; prctl(PR_CAPBSET_READ, i, 0, 0, 0); ++i) {
+      prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, i, 0, 0);
+    }
+
     char buf[10];
     snprintf(buf, sizeof(buf), "%d", thread_info->crashing_tid);
     execl(CRASH_DUMP_PATH, CRASH_DUMP_NAME, buf, nullptr);
commit	f58bf5b5a33d9a05bd3b8e89582d53dbec2d2923	[log] [tgz]
author	Josh Gao <jmgao@google.com>	Mon Feb 06 18:52:39 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Mon Feb 06 18:52:39 2017 +0000
tree	bc3964ff82990aff06893f4c06380732e033fd1a
parent	8f58fae0015d689192e5b20bd184faf8c3b08129 [diff]
parent	df6edb6b6dd9d83ca72791f556a257a7809ec359 [diff]